Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes says clean but still infected?


  • Please log in to reply
19 replies to this topic

#1 shell01

shell01

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 07:47 AM

I have Malwarebytes and Norton installed.  Yesterday my son downloaded a bunch of stuff for gaming which brought in a boatload of garbage.  I removed what looked like everything through both programs, but was still getting popups.  I did a system restore to a few days earlier; I deleted and reinstalled Google Chrome; I reset IE.  I ran another full malwarebytes scan this morning and it came back clean, but then I went online and the popups are still there.   Just spent a bunch of money for this pc last week and now I'm afraid it may have to go into the shop and I will have to drop yet more bucks.  I'm not the most tech savvy. Very frustrated at this point.  Can someone help/advise?    Thanks.



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 04 August 2013 - 08:02 AM

:welcome:

 

Note: You may skip step1, but just post the MBAM log in your next reply.

 

:step1:  Install and run MBAM

:step2:    Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 12:48 PM

OK - doing this piecemeal.  Here is the malwarebytes scan - as usual, no objects detected.  On to the next step.
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.03.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Computer :: COMPUTER-PC [administrator]
 
8/4/2013 10:26:03 AM
mbam-log-2013-08-04 (10-26-03).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 326061
Time elapsed: 17 minute(s), 16 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#4 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 12:59 PM

 So this didn't pick up anything either.  Onto step 3.  

 

10:51:54.0698 0544  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:51:55.0910 0544  ============================================================
10:51:55.0911 0544  Current date / time: 2013/08/04 10:51:55.0910
10:51:55.0911 0544  SystemInfo:
10:51:55.0911 0544  
10:51:55.0911 0544  OS Version: 6.1.7601 ServicePack: 1.0
10:51:55.0911 0544  Product type: Workstation
10:51:55.0911 0544  ComputerName: COMPUTER-PC
10:51:55.0911 0544  UserName: Computer
10:51:55.0911 0544  Windows directory: C:\Windows
10:51:55.0911 0544  System windows directory: C:\Windows
10:51:55.0911 0544  Running under WOW64
10:51:55.0911 0544  Processor architecture: Intel x64
10:51:55.0911 0544  Number of processors: 4
10:51:55.0911 0544  Page size: 0x1000
10:51:55.0911 0544  Boot type: Normal boot
10:51:55.0911 0544  ============================================================
10:51:57.0828 0544  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:51:57.0834 0544  ============================================================
10:51:57.0835 0544  \Device\Harddisk0\DR0:
10:51:57.0835 0544  MBR partitions:
10:51:57.0835 0544  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:51:57.0835 0544  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
10:51:57.0835 0544  ============================================================
10:51:57.0868 0544  C: <-> \Device\Harddisk0\DR0\Partition2
10:51:57.0868 0544  ============================================================
10:51:57.0868 0544  Initialize success
10:51:57.0868 0544  ============================================================
10:52:40.0606 5708  ============================================================
10:52:40.0606 5708  Scan started
10:52:40.0606 5708  Mode: Manual; TDLFS; 
10:52:40.0606 5708  ============================================================
10:52:41.0109 5708  ================ Scan system memory ========================
10:52:41.0109 5708  System memory - ok
10:52:41.0109 5708  ================ Scan services =============================
10:52:41.0233 5708  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:52:41.0237 5708  1394ohci - ok
10:52:41.0271 5708  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:52:41.0276 5708  ACPI - ok
10:52:41.0283 5708  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:52:41.0284 5708  AcpiPmi - ok
10:52:41.0372 5708  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:52:41.0376 5708  AdobeFlashPlayerUpdateSvc - ok
10:52:41.0431 5708  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:52:41.0440 5708  adp94xx - ok
10:52:41.0484 5708  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:52:41.0490 5708  adpahci - ok
10:52:41.0503 5708  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:52:41.0507 5708  adpu320 - ok
10:52:41.0538 5708  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:52:41.0539 5708  AeLookupSvc - ok
10:52:41.0588 5708  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:52:41.0595 5708  AFD - ok
10:52:41.0636 5708  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:52:41.0638 5708  agp440 - ok
10:52:41.0656 5708  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:52:41.0658 5708  ALG - ok
10:52:41.0689 5708  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:52:41.0691 5708  aliide - ok
10:52:41.0729 5708  [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:52:41.0734 5708  AMD External Events Utility - ok
10:52:41.0750 5708  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:52:41.0751 5708  amdide - ok
10:52:41.0776 5708  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:52:41.0779 5708  AmdK8 - ok
10:52:41.0965 5708  [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:52:42.0105 5708  amdkmdag - ok
10:52:42.0125 5708  [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:52:42.0128 5708  amdkmdap - ok
10:52:42.0171 5708  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:52:42.0173 5708  AmdPPM - ok
10:52:42.0201 5708  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:52:42.0225 5708  amdsata - ok
10:52:42.0239 5708  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:52:42.0244 5708  amdsbs - ok
10:52:42.0252 5708  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:52:42.0253 5708  amdxata - ok
10:52:42.0274 5708  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:52:42.0277 5708  AppID - ok
10:52:42.0303 5708  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:52:42.0304 5708  AppIDSvc - ok
10:52:42.0331 5708  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
10:52:42.0332 5708  Appinfo - ok
10:52:42.0345 5708  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
10:52:42.0347 5708  arc - ok
10:52:42.0373 5708  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:52:42.0376 5708  arcsas - ok
10:52:42.0462 5708  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:52:42.0463 5708  aspnet_state - ok
10:52:42.0494 5708  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:52:42.0495 5708  AsyncMac - ok
10:52:42.0508 5708  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:52:42.0509 5708  atapi - ok
10:52:42.0549 5708  [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:52:42.0552 5708  AtiHDAudioService - ok
10:52:42.0594 5708  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:52:42.0606 5708  AudioEndpointBuilder - ok
10:52:42.0620 5708  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:52:42.0624 5708  AudioSrv - ok
10:52:42.0654 5708  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:52:42.0656 5708  AxInstSV - ok
10:52:42.0684 5708  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:52:42.0693 5708  b06bdrv - ok
10:52:42.0727 5708  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:52:42.0731 5708  b57nd60a - ok
10:52:42.0746 5708  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:52:42.0747 5708  BDESVC - ok
10:52:42.0778 5708  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:52:42.0779 5708  Beep - ok
10:52:42.0833 5708  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:52:42.0844 5708  BFE - ok
10:52:42.0997 5708  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
10:52:43.0014 5708  BHDrvx64 - ok
10:52:43.0037 5708  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
10:52:43.0097 5708  BITS - ok
10:52:43.0132 5708  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:52:43.0134 5708  blbdrive - ok
10:52:43.0176 5708  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:52:43.0179 5708  bowser - ok
10:52:43.0209 5708  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:52:43.0211 5708  BrFiltLo - ok
10:52:43.0231 5708  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:52:43.0232 5708  BrFiltUp - ok
10:52:43.0262 5708  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
10:52:43.0265 5708  Browser - ok
10:52:43.0273 5708  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:52:43.0278 5708  Brserid - ok
10:52:43.0283 5708  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:52:43.0285 5708  BrSerWdm - ok
10:52:43.0290 5708  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:52:43.0291 5708  BrUsbMdm - ok
10:52:43.0296 5708  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:52:43.0297 5708  BrUsbSer - ok
10:52:43.0302 5708  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:52:43.0304 5708  BTHMODEM - ok
10:52:43.0327 5708  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:52:43.0328 5708  bthserv - ok
10:52:43.0393 5708  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
10:52:43.0397 5708  ccSet_NIS - ok
10:52:43.0414 5708  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:52:43.0417 5708  cdfs - ok
10:52:43.0463 5708  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:52:43.0467 5708  cdrom - ok
10:52:43.0493 5708  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:52:43.0495 5708  CertPropSvc - ok
10:52:43.0511 5708  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
10:52:43.0513 5708  circlass - ok
10:52:43.0553 5708  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:52:43.0560 5708  CLFS - ok
10:52:43.0612 5708  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:52:43.0614 5708  clr_optimization_v2.0.50727_32 - ok
10:52:43.0631 5708  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:52:43.0632 5708  clr_optimization_v2.0.50727_64 - ok
10:52:43.0692 5708  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:52:43.0695 5708  clr_optimization_v4.0.30319_32 - ok
10:52:43.0710 5708  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:52:43.0713 5708  clr_optimization_v4.0.30319_64 - ok
10:52:43.0750 5708  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:52:43.0752 5708  CmBatt - ok
10:52:43.0764 5708  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:52:43.0765 5708  cmdide - ok
10:52:43.0814 5708  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
10:52:43.0820 5708  CNG - ok
10:52:43.0839 5708  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:52:43.0841 5708  Compbatt - ok
10:52:43.0877 5708  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:52:43.0879 5708  CompositeBus - ok
10:52:43.0885 5708  COMSysApp - ok
10:52:43.0933 5708  cpuz134 - ok
10:52:43.0976 5708  cpuz136 - ok
10:52:43.0998 5708  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:52:44.0000 5708  crcdisk - ok
10:52:44.0055 5708  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:52:44.0060 5708  CryptSvc - ok
10:52:44.0115 5708  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:52:44.0126 5708  DcomLaunch - ok
10:52:44.0151 5708  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:52:44.0158 5708  defragsvc - ok
10:52:44.0171 5708  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:52:44.0174 5708  DfsC - ok
10:52:44.0209 5708  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:52:44.0216 5708  Dhcp - ok
10:52:44.0245 5708  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:52:44.0246 5708  discache - ok
10:52:44.0291 5708  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
10:52:44.0294 5708  Disk - ok
10:52:44.0322 5708  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:52:44.0326 5708  Dnscache - ok
10:52:44.0354 5708  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:52:44.0360 5708  dot3svc - ok
10:52:44.0376 5708  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:52:44.0380 5708  DPS - ok
10:52:44.0414 5708  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:52:44.0415 5708  drmkaud - ok
10:52:44.0462 5708  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:52:44.0475 5708  DXGKrnl - ok
10:52:44.0512 5708  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:52:44.0515 5708  EapHost - ok
10:52:44.0592 5708  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:52:44.0617 5708  ebdrv - ok
10:52:44.0671 5708  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:52:44.0680 5708  eeCtrl - ok
10:52:44.0717 5708  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:52:44.0720 5708  EFS - ok
10:52:44.0771 5708  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:52:44.0781 5708  ehRecvr - ok
10:52:44.0795 5708  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:52:44.0797 5708  ehSched - ok
10:52:44.0847 5708  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:52:44.0857 5708  elxstor - ok
10:52:44.0885 5708  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:52:44.0889 5708  EraserUtilRebootDrv - ok
10:52:44.0905 5708  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:52:44.0907 5708  ErrDev - ok
10:52:44.0954 5708  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:52:44.0960 5708  EventSystem - ok
10:52:44.0978 5708  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:52:44.0982 5708  exfat - ok
10:52:45.0003 5708  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:52:45.0007 5708  fastfat - ok
10:52:45.0042 5708  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:52:45.0053 5708  Fax - ok
10:52:45.0076 5708  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
10:52:45.0077 5708  fdc - ok
10:52:45.0094 5708  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:52:45.0096 5708  fdPHost - ok
10:52:45.0108 5708  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:52:45.0110 5708  FDResPub - ok
10:52:45.0134 5708  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:52:45.0136 5708  FileInfo - ok
10:52:45.0146 5708  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:52:45.0148 5708  Filetrace - ok
10:52:45.0152 5708  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:52:45.0154 5708  flpydisk - ok
10:52:45.0167 5708  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:52:45.0171 5708  FltMgr - ok
10:52:45.0212 5708  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
10:52:45.0233 5708  FontCache - ok
10:52:45.0263 5708  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:52:45.0264 5708  FontCache3.0.0.0 - ok
10:52:45.0271 5708  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:52:45.0272 5708  FsDepends - ok
10:52:45.0294 5708  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:52:45.0295 5708  Fs_Rec - ok
10:52:45.0341 5708  [ 290EBA98AD0CE0D1B880B5D71194B069 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
10:52:45.0343 5708  Futuremark SystemInfo Service - ok
10:52:45.0384 5708  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:52:45.0388 5708  fvevol - ok
10:52:45.0423 5708  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:52:45.0425 5708  gagp30kx - ok
10:52:45.0463 5708  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:52:45.0475 5708  gpsvc - ok
10:52:45.0539 5708  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:52:45.0541 5708  gupdate - ok
10:52:45.0547 5708  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:52:45.0549 5708  gupdatem - ok
10:52:45.0569 5708  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:52:45.0571 5708  hcw85cir - ok
10:52:45.0612 5708  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:52:45.0619 5708  HdAudAddService - ok
10:52:45.0653 5708  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:52:45.0656 5708  HDAudBus - ok
10:52:45.0661 5708  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:52:45.0662 5708  HidBatt - ok
10:52:45.0673 5708  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:52:45.0676 5708  HidBth - ok
10:52:45.0701 5708  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:52:45.0702 5708  HidIr - ok
10:52:45.0720 5708  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
10:52:45.0722 5708  hidserv - ok
10:52:45.0734 5708  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:52:45.0735 5708  HidUsb - ok
10:52:45.0754 5708  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:52:45.0755 5708  hkmsvc - ok
10:52:45.0772 5708  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:52:45.0776 5708  HomeGroupListener - ok
10:52:45.0798 5708  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:52:45.0801 5708  HomeGroupProvider - ok
10:52:45.0827 5708  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:52:45.0829 5708  HpSAMD - ok
10:52:45.0844 5708  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:52:45.0852 5708  HTTP - ok
10:52:45.0869 5708  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:52:45.0870 5708  hwpolicy - ok
10:52:45.0899 5708  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:52:45.0902 5708  i8042prt - ok
10:52:45.0936 5708  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:52:45.0944 5708  iaStorV - ok
10:52:45.0994 5708  [ D9A9FFC89F61CAD4AD9EF31FBB17E634 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
10:52:45.0997 5708  ICCS - ok
10:52:46.0035 5708  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:52:46.0049 5708  idsvc - ok
10:52:46.0165 5708  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130802.001_6d8\IDSvia64.sys
10:52:46.0174 5708  IDSVia64 - ok
10:52:46.0214 5708  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:52:46.0217 5708  iirsp - ok
10:52:46.0257 5708  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:52:46.0270 5708  IKEEXT - ok
10:52:46.0365 5708  [ CCEDD47ABD068C58C8513DEB785093BB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:52:46.0390 5708  IntcAzAudAddService - ok
10:52:46.0475 5708  [ DDA8E5AD97231AB50B81FED04C28F64C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:52:46.0485 5708  Intel® Capability Licensing Service Interface - ok
10:52:46.0538 5708  [ 86FE509640D77FB0998FC8B1FF5523C6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
10:52:46.0549 5708  Intel® Capability Licensing Service TCP IP Interface - ok
10:52:46.0577 5708  [ EE65488B7294FBCB113EAC9FD492345C ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
10:52:46.0579 5708  Intel® ME Service - ok
10:52:46.0604 5708  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:52:46.0606 5708  intelide - ok
10:52:46.0637 5708  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:52:46.0639 5708  intelppm - ok
10:52:46.0663 5708  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:52:46.0665 5708  IPBusEnum - ok
10:52:46.0679 5708  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:52:46.0680 5708  IpFilterDriver - ok
10:52:46.0723 5708  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:52:46.0731 5708  iphlpsvc - ok
10:52:46.0736 5708  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:52:46.0738 5708  IPMIDRV - ok
10:52:46.0742 5708  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:52:46.0744 5708  IPNAT - ok
10:52:46.0760 5708  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:52:46.0761 5708  IRENUM - ok
10:52:46.0794 5708  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:52:46.0796 5708  isapnp - ok
10:52:46.0808 5708  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:52:46.0812 5708  iScsiPrt - ok
10:52:46.0845 5708  [ A26955DC2350415849C05496D5563E5A ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:52:46.0846 5708  iusb3hcs - ok
10:52:46.0865 5708  [ 67DE0E5CA733D0086326D242F74C72C0 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
10:52:46.0872 5708  iusb3hub - ok
10:52:46.0888 5708  [ 91B6B48710A35E9F308BC97F29716427 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:52:46.0897 5708  iusb3xhc - ok
10:52:46.0928 5708  [ BF5D3A2624177C413680DEF19A465AF8 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
10:52:46.0930 5708  jhi_service - ok
10:52:46.0941 5708  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:52:46.0943 5708  kbdclass - ok
10:52:46.0958 5708  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:52:46.0959 5708  kbdhid - ok
10:52:46.0984 5708  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:52:46.0986 5708  KeyIso - ok
10:52:47.0021 5708  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:52:47.0023 5708  KSecDD - ok
10:52:47.0037 5708  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:52:47.0040 5708  KSecPkg - ok
10:52:47.0050 5708  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:52:47.0052 5708  ksthunk - ok
10:52:47.0145 5708  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:52:47.0203 5708  KtmRm - ok
10:52:47.0499 5708  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:52:47.0501 5708  LanmanServer - ok
10:52:47.0561 5708  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:52:47.0607 5708  LanmanWorkstation - ok
10:52:47.0782 5708  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:52:47.0783 5708  lltdio - ok
10:52:47.0929 5708  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:52:47.0935 5708  lltdsvc - ok
10:52:48.0127 5708  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:52:48.0130 5708  lmhosts - ok
10:52:48.0327 5708  [ 3EA307C51069BC72DD74A4964F2A30A9 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:52:48.0386 5708  LMS - ok
10:52:48.0521 5708  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:52:48.0681 5708  LSI_FC - ok
10:52:48.0706 5708  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:52:48.0714 5708  LSI_SAS - ok
10:52:48.0746 5708  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:52:48.0754 5708  LSI_SAS2 - ok
10:52:48.0803 5708  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:52:48.0813 5708  LSI_SCSI - ok
10:52:48.0872 5708  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:52:48.0874 5708  luafv - ok
10:52:48.0953 5708  [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
10:52:48.0955 5708  MBfilt - ok
10:52:48.0982 5708  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:52:48.0984 5708  Mcx2Svc - ok
10:52:49.0002 5708  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:52:49.0003 5708  megasas - ok
10:52:49.0088 5708  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:52:49.0093 5708  MegaSR - ok
10:52:49.0132 5708  [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:52:49.0134 5708  MEIx64 - ok
10:52:49.0156 5708  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:52:49.0159 5708  MMCSS - ok
10:52:49.0182 5708  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:52:49.0182 5708  Modem - ok
10:52:49.0211 5708  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:52:49.0213 5708  monitor - ok
10:52:49.0238 5708  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:52:49.0240 5708  mouclass - ok
10:52:49.0250 5708  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:52:49.0252 5708  mouhid - ok
10:52:49.0282 5708  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:52:49.0283 5708  mountmgr - ok
10:52:49.0343 5708  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:52:49.0346 5708  MozillaMaintenance - ok
10:52:49.0378 5708  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:52:49.0382 5708  mpio - ok
10:52:49.0398 5708  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:52:49.0399 5708  mpsdrv - ok
10:52:49.0421 5708  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:52:49.0430 5708  MpsSvc - ok
10:52:49.0438 5708  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:52:49.0439 5708  MRxDAV - ok
10:52:49.0463 5708  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:52:49.0465 5708  mrxsmb - ok
10:52:49.0476 5708  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:52:49.0478 5708  mrxsmb10 - ok
10:52:49.0485 5708  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:52:49.0487 5708  mrxsmb20 - ok
10:52:49.0501 5708  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:52:49.0502 5708  msahci - ok
10:52:49.0509 5708  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:52:49.0511 5708  msdsm - ok
10:52:49.0522 5708  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:52:49.0524 5708  MSDTC - ok
10:52:49.0540 5708  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:52:49.0540 5708  Msfs - ok
10:52:49.0552 5708  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:52:49.0553 5708  mshidkmdf - ok
10:52:49.0568 5708  MSICDSetup - ok
10:52:49.0587 5708  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:52:49.0588 5708  msisadrv - ok
10:52:49.0633 5708  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:52:49.0638 5708  MSiSCSI - ok
10:52:49.0644 5708  msiserver - ok
10:52:49.0677 5708  [ F99CA7FB85D348DAE762A23B1C9967FB ] MSI_Trigger_Service C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
10:52:49.0679 5708  MSI_Trigger_Service - ok
10:52:49.0710 5708  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:52:49.0711 5708  MSKSSRV - ok
10:52:49.0724 5708  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:52:49.0725 5708  MSPCLOCK - ok
10:52:49.0733 5708  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:52:49.0733 5708  MSPQM - ok
10:52:49.0751 5708  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:52:49.0754 5708  MsRPC - ok
10:52:49.0770 5708  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:52:49.0771 5708  mssmbios - ok
10:52:49.0774 5708  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:52:49.0775 5708  MSTEE - ok
10:52:49.0786 5708  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:52:49.0787 5708  MTConfig - ok
10:52:49.0797 5708  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:52:49.0798 5708  Mup - ok
10:52:49.0830 5708  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:52:49.0835 5708  napagent - ok
10:52:49.0890 5708  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:52:49.0895 5708  NativeWifiP - ok
10:52:50.0003 5708  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130803.004_6be\ENG64.SYS
10:52:50.0005 5708  NAVENG - ok
10:52:50.0098 5708  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130803.004_6be\EX64.SYS
10:52:50.0118 5708  NAVEX15 - ok
10:52:50.0162 5708  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:52:50.0175 5708  NDIS - ok
10:52:50.0214 5708  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:52:50.0216 5708  NdisCap - ok
10:52:50.0338 5708  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:52:50.0340 5708  NdisTapi - ok
10:52:50.0406 5708  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:52:50.0407 5708  Ndisuio - ok
10:52:50.0437 5708  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:52:50.0440 5708  NdisWan - ok
10:52:50.0462 5708  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:52:50.0463 5708  NDProxy - ok
10:52:50.0508 5708  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:52:50.0509 5708  NetBIOS - ok
10:52:50.0574 5708  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:52:50.0578 5708  NetBT - ok
10:52:50.0608 5708  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:52:50.0611 5708  Netlogon - ok
10:52:50.0662 5708  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:52:50.0669 5708  Netman - ok
10:52:50.0695 5708  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:52:50.0698 5708  NetMsmqActivator - ok
10:52:50.0704 5708  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:52:50.0707 5708  NetPipeActivator - ok
10:52:50.0728 5708  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:52:50.0733 5708  netprofm - ok
10:52:50.0778 5708  [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:52:50.0787 5708  netr28x - ok
10:52:50.0793 5708  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:52:50.0795 5708  NetTcpActivator - ok
10:52:50.0800 5708  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:52:50.0802 5708  NetTcpPortSharing - ok
10:52:50.0833 5708  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:52:50.0835 5708  nfrd960 - ok
10:52:50.0891 5708  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
10:52:50.0894 5708  NIS - ok
10:52:50.0928 5708  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:52:50.0932 5708  NlaSvc - ok
10:52:50.0947 5708  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:52:50.0948 5708  Npfs - ok
10:52:50.0970 5708  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:52:50.0972 5708  nsi - ok
10:52:50.0980 5708  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:52:50.0981 5708  nsiproxy - ok
10:52:51.0043 5708  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:52:51.0055 5708  Ntfs - ok
10:52:51.0057 5708  NTIOLib_1_0_C - ok
10:52:51.0078 5708  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:52:51.0078 5708  Null - ok
10:52:51.0116 5708  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:52:51.0119 5708  nvraid - ok
10:52:51.0137 5708  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:52:51.0140 5708  nvstor - ok
10:52:51.0167 5708  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:52:51.0170 5708  nv_agp - ok
10:52:51.0176 5708  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:52:51.0179 5708  ohci1394 - ok
10:52:51.0212 5708  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:52:51.0219 5708  p2pimsvc - ok
10:52:51.0242 5708  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:52:51.0250 5708  p2psvc - ok
10:52:51.0270 5708  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:52:51.0272 5708  Parport - ok
10:52:51.0297 5708  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:52:51.0299 5708  partmgr - ok
10:52:51.0317 5708  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:52:51.0322 5708  PcaSvc - ok
10:52:51.0333 5708  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:52:51.0337 5708  pci - ok
10:52:51.0344 5708  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:52:51.0345 5708  pciide - ok
10:52:51.0363 5708  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:52:51.0366 5708  pcmcia - ok
10:52:51.0383 5708  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:52:51.0384 5708  pcw - ok
10:52:51.0401 5708  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:52:51.0409 5708  PEAUTH - ok
10:52:51.0472 5708  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:52:51.0474 5708  PerfHost - ok
10:52:51.0525 5708  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
10:52:51.0542 5708  pla - ok
10:52:51.0592 5708  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:52:51.0601 5708  PlugPlay - ok
10:52:51.0618 5708  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:52:51.0622 5708  PNRPAutoReg - ok
10:52:51.0637 5708  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:52:51.0644 5708  PNRPsvc - ok
10:52:51.0670 5708  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:52:51.0675 5708  PolicyAgent - ok
10:52:51.0703 5708  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
10:52:51.0706 5708  Power - ok
10:52:51.0749 5708  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:52:51.0751 5708  PptpMiniport - ok
10:52:51.0774 5708  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
10:52:51.0776 5708  Processor - ok
10:52:51.0810 5708  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:52:51.0814 5708  ProfSvc - ok
10:52:51.0825 5708  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:52:51.0827 5708  ProtectedStorage - ok
10:52:51.0857 5708  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:52:51.0859 5708  Psched - ok
10:52:51.0918 5708  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:52:51.0939 5708  ql2300 - ok
10:52:51.0982 5708  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:52:51.0986 5708  ql40xx - ok
10:52:52.0013 5708  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
10:52:52.0019 5708  QWAVE - ok
10:52:52.0034 5708  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:52:52.0035 5708  QWAVEdrv - ok
10:52:52.0040 5708  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:52:52.0041 5708  RasAcd - ok
10:52:52.0149 5708  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:52:52.0150 5708  RasAgileVpn - ok
10:52:52.0204 5708  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
10:52:52.0208 5708  RasAuto - ok
10:52:52.0294 5708  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:52:52.0296 5708  Rasl2tp - ok
10:52:52.0331 5708  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
10:52:52.0338 5708  RasMan - ok
10:52:52.0364 5708  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:52:52.0366 5708  RasPppoe - ok
10:52:52.0380 5708  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:52:52.0382 5708  RasSstp - ok
10:52:52.0407 5708  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:52:52.0411 5708  rdbss - ok
10:52:52.0425 5708  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
10:52:52.0427 5708  rdpbus - ok
10:52:52.0450 5708  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:52:52.0451 5708  RDPCDD - ok
10:52:52.0467 5708  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:52:52.0468 5708  RDPENCDD - ok
10:52:52.0503 5708  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:52:52.0504 5708  RDPREFMP - ok
10:52:52.0528 5708  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:52:52.0531 5708  RDPWD - ok
10:52:52.0565 5708  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:52:52.0569 5708  rdyboost - ok
10:52:52.0595 5708  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:52:52.0599 5708  RemoteAccess - ok
10:52:52.0620 5708  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:52:52.0625 5708  RemoteRegistry - ok
10:52:52.0639 5708  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:52:52.0643 5708  RpcEptMapper - ok
10:52:52.0658 5708  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
10:52:52.0660 5708  RpcLocator - ok
10:52:52.0680 5708  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
10:52:52.0690 5708  RpcSs - ok
10:52:52.0730 5708  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:52:52.0731 5708  rspndr - ok
10:52:52.0768 5708  [ 61A04C0C084D560BBEF1D09604608262 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:52:52.0782 5708  RTL8167 - ok
10:52:52.0791 5708  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
10:52:52.0792 5708  SamSs - ok
10:52:52.0806 5708  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:52:52.0807 5708  sbp2port - ok
10:52:52.0834 5708  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:52:52.0836 5708  SCardSvr - ok
10:52:52.0849 5708  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:52:52.0850 5708  scfilter - ok
10:52:52.0880 5708  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
10:52:52.0895 5708  Schedule - ok
10:52:52.0916 5708  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:52:52.0917 5708  SCPolicySvc - ok
10:52:52.0927 5708  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:52:52.0930 5708  SDRSVC - ok
10:52:52.0973 5708  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:52:52.0975 5708  secdrv - ok
10:52:52.0997 5708  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
10:52:52.0999 5708  seclogon - ok
10:52:53.0014 5708  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
10:52:53.0016 5708  SENS - ok
10:52:53.0054 5708  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:52:53.0056 5708  SensrSvc - ok
10:52:53.0094 5708  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:52:53.0096 5708  Serenum - ok
10:52:53.0132 5708  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:52:53.0135 5708  Serial - ok
10:52:53.0169 5708  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:52:53.0171 5708  sermouse - ok
10:52:53.0193 5708  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:52:53.0197 5708  SessionEnv - ok
10:52:53.0213 5708  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:52:53.0214 5708  sffdisk - ok
10:52:53.0220 5708  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:52:53.0221 5708  sffp_mmc - ok
10:52:53.0227 5708  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:52:53.0229 5708  sffp_sd - ok
10:52:53.0234 5708  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:52:53.0236 5708  sfloppy - ok
10:52:53.0260 5708  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:52:53.0263 5708  SharedAccess - ok
10:52:53.0287 5708  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:52:53.0292 5708  ShellHWDetection - ok
10:52:53.0302 5708  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:52:53.0303 5708  SiSRaid2 - ok
10:52:53.0313 5708  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:52:53.0315 5708  SiSRaid4 - ok
10:52:53.0421 5708  [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:52:53.0444 5708  Skype C2C Service - ok
10:52:53.0494 5708  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:52:53.0497 5708  SkypeUpdate - ok
10:52:53.0540 5708  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:52:53.0542 5708  Smb - ok
10:52:53.0591 5708  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:52:53.0593 5708  SNMPTRAP - ok
10:52:53.0601 5708  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:52:53.0602 5708  spldr - ok
10:52:53.0646 5708  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
10:52:53.0653 5708  Spooler - ok
10:52:53.0730 5708  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
10:52:53.0752 5708  sppsvc - ok
10:52:53.0762 5708  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:52:53.0763 5708  sppuinotify - ok
10:52:53.0837 5708  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS
10:52:53.0844 5708  SRTSP - ok
10:52:53.0869 5708  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
10:52:53.0870 5708  SRTSPX - ok
10:52:53.0903 5708  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:52:53.0910 5708  srv - ok
10:52:53.0938 5708  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:52:53.0945 5708  srv2 - ok
10:52:53.0969 5708  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:52:53.0972 5708  srvnet - ok
10:52:54.0018 5708  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:52:54.0024 5708  SSDPSRV - ok
10:52:54.0038 5708  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:52:54.0043 5708  SstpSvc - ok
10:52:54.0109 5708  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:52:54.0117 5708  Steam Client Service - ok
10:52:54.0146 5708  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:52:54.0148 5708  stexstor - ok
10:52:54.0185 5708  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
10:52:54.0196 5708  stisvc - ok
10:52:54.0238 5708  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:52:54.0240 5708  swenum - ok
10:52:54.0274 5708  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
10:52:54.0282 5708  swprv - ok
10:52:54.0330 5708  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
10:52:54.0339 5708  SymDS - ok
10:52:54.0365 5708  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
10:52:54.0377 5708  SymEFA - ok
10:52:54.0389 5708  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:52:54.0401 5708  SymEvent - ok
10:52:54.0411 5708  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
10:52:54.0414 5708  SymIRON - ok
10:52:54.0446 5708  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS
10:52:54.0451 5708  SymNetS - ok
10:52:54.0496 5708  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
10:52:54.0511 5708  SysMain - ok
10:52:54.0523 5708  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:52:54.0526 5708  TabletInputService - ok
10:52:54.0541 5708  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:52:54.0543 5708  TapiSrv - ok
10:52:54.0552 5708  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
10:52:54.0554 5708  TBS - ok
10:52:54.0618 5708  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:52:54.0627 5708  Tcpip - ok
10:52:54.0661 5708  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:52:54.0670 5708  TCPIP6 - ok
10:52:54.0690 5708  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:52:54.0690 5708  tcpipreg - ok
10:52:54.0701 5708  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:52:54.0701 5708  TDPIPE - ok
10:52:54.0718 5708  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:52:54.0719 5708  TDTCP - ok
10:52:54.0731 5708  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:52:54.0733 5708  tdx - ok
10:52:54.0760 5708  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:52:54.0762 5708  TermDD - ok
10:52:54.0795 5708  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
10:52:54.0802 5708  TermService - ok
10:52:54.0811 5708  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
10:52:54.0814 5708  Themes - ok
10:52:54.0831 5708  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:52:54.0833 5708  THREADORDER - ok
10:52:54.0848 5708  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
10:52:54.0850 5708  TrkWks - ok
10:52:54.0920 5708  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:52:54.0923 5708  TrustedInstaller - ok
10:52:54.0945 5708  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:52:54.0946 5708  tssecsrv - ok
10:52:54.0988 5708  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:52:54.0989 5708  TsUsbFlt - ok
10:52:54.0997 5708  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:52:54.0998 5708  TsUsbGD - ok
10:52:55.0033 5708  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:52:55.0034 5708  tunnel - ok
10:52:55.0039 5708  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:52:55.0040 5708  uagp35 - ok
10:52:55.0052 5708  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:52:55.0055 5708  udfs - ok
10:52:55.0070 5708  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:52:55.0072 5708  UI0Detect - ok
10:52:55.0103 5708  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:52:55.0105 5708  uliagpkx - ok
10:52:55.0137 5708  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:52:55.0140 5708  umbus - ok
10:52:55.0161 5708  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:52:55.0163 5708  UmPass - ok
10:52:55.0186 5708  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
10:52:55.0194 5708  upnphost - ok
10:52:55.0237 5708  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:52:55.0240 5708  usbaudio - ok
10:52:55.0286 5708  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:52:55.0289 5708  usbccgp - ok
10:52:55.0306 5708  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:52:55.0309 5708  usbcir - ok
10:52:55.0323 5708  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:52:55.0325 5708  usbehci - ok
10:52:55.0337 5708  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:52:55.0342 5708  usbhub - ok
10:52:55.0354 5708  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:52:55.0356 5708  usbohci - ok
10:52:55.0380 5708  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:52:55.0382 5708  usbprint - ok
10:52:55.0402 5708  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
10:52:55.0404 5708  USBSTOR - ok
10:52:55.0427 5708  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:52:55.0429 5708  usbuhci - ok
10:52:55.0460 5708  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
10:52:55.0463 5708  UxSms - ok
10:52:55.0475 5708  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
10:52:55.0477 5708  VaultSvc - ok
10:52:55.0506 5708  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:52:55.0508 5708  vdrvroot - ok
10:52:55.0526 5708  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
10:52:55.0534 5708  vds - ok
10:52:55.0539 5708  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:52:55.0540 5708  vga - ok
10:52:55.0549 5708  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:52:55.0550 5708  VgaSave - ok
10:52:55.0554 5708  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:52:55.0557 5708  vhdmp - ok
10:52:55.0564 5708  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:52:55.0565 5708  viaide - ok
10:52:55.0598 5708  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:52:55.0599 5708  volmgr - ok
10:52:55.0612 5708  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:52:55.0619 5708  volmgrx - ok
10:52:55.0639 5708  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:52:55.0643 5708  volsnap - ok
10:52:55.0684 5708  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:52:55.0686 5708  vsmraid - ok
10:52:55.0730 5708  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
10:52:55.0747 5708  VSS - ok
10:52:55.0766 5708  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:52:55.0767 5708  vwifibus - ok
10:52:55.0804 5708  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:52:55.0806 5708  vwififlt - ok
10:52:55.0847 5708  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
10:52:55.0853 5708  W32Time - ok
10:52:55.0906 5708  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:52:55.0911 5708  WacomPen - ok
10:52:55.0943 5708  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:52:55.0945 5708  WANARP - ok
10:52:55.0963 5708  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:52:55.0965 5708  Wanarpv6 - ok
10:52:56.0026 5708  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:52:56.0044 5708  WatAdminSvc - ok
10:52:56.0085 5708  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
10:52:56.0102 5708  wbengine - ok
10:52:56.0120 5708  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:52:56.0123 5708  WbioSrvc - ok
10:52:56.0140 5708  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:52:56.0144 5708  wcncsvc - ok
10:52:56.0157 5708  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:52:56.0160 5708  WcsPlugInService - ok
10:52:56.0176 5708  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
10:52:56.0177 5708  Wd - ok
10:52:56.0219 5708  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:52:56.0231 5708  Wdf01000 - ok
10:52:56.0251 5708  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:52:56.0254 5708  WdiServiceHost - ok
10:52:56.0256 5708  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:52:56.0258 5708  WdiSystemHost - ok
10:52:56.0263 5708  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
10:52:56.0266 5708  WebClient - ok
10:52:56.0282 5708  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:52:56.0304 5708  Wecsvc - ok
10:52:56.0346 5708  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:52:56.0365 5708  wercplsupport - ok
10:52:56.0435 5708  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:52:56.0440 5708  WerSvc - ok
10:52:56.0482 5708  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:52:56.0483 5708  WfpLwf - ok
10:52:56.0495 5708  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:52:56.0496 5708  WIMMount - ok
10:52:56.0518 5708  WinDefend - ok
10:52:56.0528 5708  WinHttpAutoProxySvc - ok
10:52:56.0576 5708  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:52:56.0581 5708  Winmgmt - ok
10:52:56.0644 5708  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:52:56.0671 5708  WinRM - ok
10:52:56.0740 5708  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:52:56.0752 5708  Wlansvc - ok
10:52:56.0896 5708  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:52:56.0913 5708  wlidsvc - ok
10:52:56.0952 5708  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:52:56.0952 5708  WmiAcpi - ok
10:52:56.0974 5708  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:52:56.0975 5708  wmiApSrv - ok
10:52:57.0034 5708  WMPNetworkSvc - ok
10:52:57.0061 5708  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:52:57.0065 5708  WPCSvc - ok
10:52:57.0077 5708  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:52:57.0080 5708  WPDBusEnum - ok
10:52:57.0087 5708  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:52:57.0087 5708  ws2ifsl - ok
10:52:57.0101 5708  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
10:52:57.0103 5708  wscsvc - ok
10:52:57.0105 5708  WSearch - ok
10:52:57.0159 5708  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:52:57.0172 5708  wuauserv - ok
10:52:57.0190 5708  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:52:57.0191 5708  WudfPf - ok
10:52:57.0225 5708  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:52:57.0227 5708  WUDFRd - ok
10:52:57.0256 5708  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:52:57.0261 5708  wudfsvc - ok
10:52:57.0288 5708  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:52:57.0333 5708  WwanSvc - ok
10:52:57.0406 5708  ================ Scan global ===============================
10:52:57.0585 5708  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:52:57.0700 5708  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:52:57.0780 5708  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:52:57.0867 5708  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:52:57.0951 5708  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:52:57.0959 5708  [Global] - ok
10:52:57.0959 5708  ================ Scan MBR ==================================
10:52:58.0008 5708  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:52:59.0081 5708  \Device\Harddisk0\DR0 - ok
10:52:59.0081 5708  ================ Scan VBR ==================================
10:52:59.0112 5708  [ 9DF840155FF8EC4C2AE36255D898DDB8 ] \Device\Harddisk0\DR0\Partition1
10:52:59.0114 5708  \Device\Harddisk0\DR0\Partition1 - ok
10:52:59.0127 5708  [ 1F13066DFEE1976A16C7DBC9A7D08AE3 ] \Device\Harddisk0\DR0\Partition2
10:52:59.0129 5708  \Device\Harddisk0\DR0\Partition2 - ok
10:52:59.0129 5708  ============================================================
10:52:59.0129 5708  Scan finished
10:52:59.0129 5708  ============================================================
10:52:59.0140 4792  Detected object count: 0
10:52:59.0140 4792  Actual detected object count: 0


#5 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 01:36 PM

OK - this one found threats.  What next? thanks.
 
C:\Program Files (x86)\Safe Saver\utils.exe a variant of Win32/Packed.VMDetector.A application
C:\Users\Computer\AppData\Local\Temp\ICReinstall_java-64-bit.exe a variant of Win32/InstallCore.CA.gen application
C:\Users\Computer\AppData\Local\Temp\is266438442\PCFixSpeedSetup.exe multiple threats
C:\Users\Computer\AppData\Local\Temp\is266438442\safe-saver.exe a variant of Win32/Packed.VMDetector.A application
C:\Users\Computer\AppData\Local\Temp\nsy6B64.tmp\InstallerUtils.dll a variant of Win32/Packed.VMDetector.A application
C:\Users\Computer\AppData\Local\Temp\nsy6B64.tmp\Vkokbxtzkz.exe a variant of Win32/Packed.VMDetector.A application
C:\Users\Computer\AppData\Local\Temp\nsy8412.tmp\InstallerUtils.dll a variant of Win32/Packed.VMDetector.A application
C:\Users\Computer\Downloads\java-64-bit.exe a variant of Win32/InstallCore.CA.gen application
C:\Windows\Temp\Optimizer_Pro.exe multiple threats


#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 04 August 2013 - 01:39 PM

:step1:  Do you recognize "Safe Saver" if not remove it (Control panel > Add/remove programs)
 

:step2:  Download TFC from the download link above and save the file on your desktop.

 
Note 1: Depending on how much data is currently stored in the Temp folders, this process can take quite a while to remove all of the files, so please be patient.
 
Note 2: This program will not delete your Cookies or Browser History.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program starts, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press OK to reboot your computer and finish the cleanup.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 01:50 PM

OK, I removed the Safe Saver (which I did not recognize) and ran TFC, and I rebooted.  What is my next step?  Thank you again!!!



#8 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 02:20 PM

Should I run another scan at this point?  Or is there more clean up first?  Thx.    



#9 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 04 August 2013 - 03:07 PM

Are there signs of any infection? 


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#10 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 03:33 PM

Hi,

I don't see any pop ups at this point .... but I ran another ESET scan and it came back with 1 remaining threat:

 

C:\Users\Computer\Downloads\java-64-bit.exe a variant of Win32/InstallCore.CA.gen application
 
So I am still concerned.  What is this and how can I remove it to be sure all is clean?  Thanks.


#11 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 04 August 2013 - 05:33 PM

Is it just a simple matter of removing that one threat through ESET?  Or is there more I should do?  (thanks, you have been extremely helpful)



#12 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 05 August 2013 - 02:53 AM

If it's just one threat, delete it and then clean recycle bin.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#13 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 05 August 2013 - 09:56 PM

Thank you, thank you, thank you!  It seems to be working fine now.  Should I uninstall TDSSKiller, ESET, and TFC?  Not sure if these programs will conflict with my current antiviruses (Norton Internet Security and Malwarebytes free).   Along these lines, would you recommend I replace Norton with another antivirus, and if so what do you recommend?  Having a teenager who downloads programs/files for games puts us at much greater risk, and I want the best virus protection possible even if I have to pay a bit more. 



#14 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 06 August 2013 - 03:25 AM

Just delete TDSSKiller and TFC.

 

I would choice for a free AV: Avast Free or for a payed one: Bitdefender.

What you can do is, teach your teenager about security or let him/her follow a workshop of something in this field.  

 

===

 

 

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


Edited by GodfatherKing, 06 August 2013 - 03:26 AM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#15 shell01

shell01
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:28 AM

Posted 06 August 2013 - 08:35 AM

Thanks again!  Just curious: Is there any particular reason why you don't recommend keeping TFC installed?  Seems like a handy little tool for cleaning out temp files (not that it couldn't be reinstalled at a later date I suppose - just wondering.)   






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users