Confuzzed's Content - Malwarebytes Forums

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

I saw that, but after running the bat file, I do not think I need to do any more, do I?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

For the MVPS, just run the *bat file?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Got it. Two questions, one on Open DNS. I read the site, but am still not 100% sure what or how it works. Can you give me a laymans explanation? Two, MVPS Hosts, by doing this, does it not create other potential (harmful) issues? Thanks

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Had to rename ComboFix to get it to uninstall, It popped a message regarding Security Essentials, said it might have probelms uninstalling, then it uninstalled. Did it uninstall? Also, when it was done, something triggered Security Essentials to clean, but it do not log anything. Is something back?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Alot to digest. I am sure something will pop up. First question, I have been directed to use combofix in the past, but did not use it this go around. Should I still uninstall? Let me know.

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

17:19:18.0679 5844 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 17:19:19.0117 5844 ============================================================ 17:19:19.0117 5844 Current date / time: 2012/09/21 17:19:19.0117 17:19:19.0117 5844 SystemInfo: 17:19:19.0117 5844 17:19:19.0117 5844 OS Version: 6.1.7601 ServicePack: 1.0 17:19:19.0117 5844 Product type: Workstation 17:19:19.0117 5844 ComputerName: VEGAS 17:19:19.0117 5844 UserName: SL 17:19:19.0117 5844 Windows directory: C:\Windows 17:19:19.0117 5844 System windows directory: C:\Windows 17:19:19.0117 5844 Running under WOW64 17:19:19.0117 5844 Processor architecture: Intel x64 17:19:19.0117 5844 Number of processors: 6 17:19:19.0117 5844 Page size: 0x1000 17:19:19.0117 5844 Boot type: Normal boot 17:19:19.0117 5844 ============================================================ 17:19:19.0544 5844 Drive \Device\Harddisk3\DR3 - Size: 0x19254C0000 (100.58 Gb), SectorSize: 0x200, Cylinders: 0x334A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:19:19.0551 5844 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 17:19:19.0564 5844 Drive \Device\Harddisk1\DR1 - Size: 0x1BF08EB000 (111.76 Gb), SectorSize: 0x200, Cylinders: 0x38FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 17:19:19.0564 5844 Drive \Device\Harddisk2\DR2 - Size: 0x1BF08EB000 (111.76 Gb), SectorSize: 0x200, Cylinders: 0x38FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 17:19:19.0568 5844 ============================================================ 17:19:19.0568 5844 \Device\Harddisk3\DR3: 17:19:19.0568 5844 MBR partitions: 17:19:19.0568 5844 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:19:19.0568 5844 \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC8F7000 17:19:19.0568 5844 \Device\Harddisk0\DR0: 17:19:19.0576 5844 MBR partitions: 17:19:19.0576 5844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000 17:19:19.0576 5844 \Device\Harddisk1\DR1: 17:19:19.0576 5844 MBR partitions: 17:19:19.0576 5844 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF82000 17:19:19.0576 5844 \Device\Harddisk2\DR2: 17:19:19.0577 5844 MBR partitions: 17:19:19.0577 5844 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF83000 17:19:19.0577 5844 ============================================================ 17:19:19.0578 5844 C: <-> \Device\Harddisk3\DR3\Partition2 17:19:19.0606 5844 S: <-> \Device\Harddisk2\DR2\Partition1 17:19:19.0625 5844 D: <-> \Device\Harddisk0\DR0\Partition1 17:19:19.0647 5844 E: <-> \Device\Harddisk1\DR1\Partition1 17:19:19.0647 5844 ============================================================ 17:19:19.0647 5844 Initialize success 17:19:19.0647 5844 ============================================================ 17:19:21.0252 5948 ============================================================ 17:19:21.0252 5948 Scan started 17:19:21.0252 5948 Mode: Manual; 17:19:21.0252 5948 ============================================================ 17:19:21.0388 5948 ================ Scan system memory ======================== 17:19:21.0388 5948 System memory - ok 17:19:21.0388 5948 ================ Scan services ============================= 17:19:21.0427 5948 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 17:19:21.0430 5948 1394ohci - ok 17:19:21.0434 5948 [ 5677F1633EA1FA5DB3482080A506EA24 ] AceecaUSBDx64 C:\Windows\system32\DRIVERS\AceecaUSBDx64.sys 17:19:21.0446 5948 AceecaUSBDx64 - ok 17:19:21.0453 5948 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 17:19:21.0457 5948 ACPI - ok 17:19:21.0460 5948 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 17:19:21.0461 5948 AcpiPmi - ok 17:19:21.0468 5948 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 17:19:21.0469 5948 AdobeActiveFileMonitor7.0 - ok 17:19:21.0474 5948 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:19:21.0474 5948 AdobeARMservice - ok 17:19:21.0497 5948 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:19:21.0499 5948 AdobeFlashPlayerUpdateSvc - ok 17:19:21.0507 5948 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 17:19:21.0512 5948 adp94xx - ok 17:19:21.0519 5948 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 17:19:21.0523 5948 adpahci - ok 17:19:21.0527 5948 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 17:19:21.0529 5948 adpu320 - ok 17:19:21.0534 5948 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:19:21.0535 5948 AeLookupSvc - ok 17:19:21.0543 5948 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 17:19:21.0548 5948 AFD - ok 17:19:21.0552 5948 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:19:21.0553 5948 agp440 - ok 17:19:21.0559 5948 [ 367BB1682A128DDF23182B370769771E ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys 17:19:21.0560 5948 ahcix64s - ok 17:19:21.0564 5948 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 17:19:21.0566 5948 ALG - ok 17:19:21.0569 5948 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 17:19:21.0569 5948 aliide - ok 17:19:21.0575 5948 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 17:19:21.0578 5948 AMD External Events Utility - ok 17:19:21.0581 5948 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 17:19:21.0582 5948 amdide - ok 17:19:21.0585 5948 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 17:19:21.0586 5948 AmdK8 - ok 17:19:21.0714 5948 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 17:19:21.0838 5948 amdkmdag - ok 17:19:21.0847 5948 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 17:19:21.0849 5948 amdkmdap - ok 17:19:21.0853 5948 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 17:19:21.0853 5948 AmdPPM - ok 17:19:21.0857 5948 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 17:19:21.0859 5948 amdsata - ok 17:19:21.0864 5948 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 17:19:21.0866 5948 amdsbs - ok 17:19:21.0870 5948 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 17:19:21.0871 5948 amdxata - ok 17:19:21.0874 5948 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 17:19:21.0877 5948 AppID - ok 17:19:21.0880 5948 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 17:19:21.0881 5948 AppIDSvc - ok 17:19:21.0884 5948 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 17:19:21.0885 5948 Appinfo - ok 17:19:21.0890 5948 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:19:21.0891 5948 Apple Mobile Device - ok 17:19:21.0895 5948 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 17:19:21.0897 5948 AppMgmt - ok 17:19:21.0901 5948 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 17:19:21.0903 5948 arc - ok 17:19:21.0906 5948 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 17:19:21.0907 5948 arcsas - ok 17:19:21.0918 5948 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 17:19:21.0919 5948 aspnet_state - ok 17:19:21.0922 5948 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:19:21.0923 5948 AsyncMac - ok 17:19:21.0926 5948 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 17:19:21.0926 5948 atapi - ok 17:19:21.0931 5948 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 17:19:21.0932 5948 AtiPcie - ok 17:19:21.0943 5948 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:19:21.0950 5948 AudioEndpointBuilder - ok 17:19:21.0960 5948 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 17:19:21.0963 5948 AudioSrv - ok 17:19:21.0968 5948 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 17:19:21.0970 5948 AxInstSV - ok 17:19:21.0977 5948 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 17:19:21.0981 5948 b06bdrv - ok 17:19:21.0986 5948 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 17:19:21.0989 5948 b57nd60a - ok 17:19:21.0994 5948 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 17:19:21.0995 5948 BDESVC - ok 17:19:21.0999 5948 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 17:19:21.0999 5948 Beep - ok 17:19:22.0009 5948 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 17:19:22.0017 5948 BFE - ok 17:19:22.0029 5948 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 17:19:22.0040 5948 BITS - ok 17:19:22.0043 5948 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 17:19:22.0045 5948 blbdrive - ok 17:19:22.0053 5948 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:19:22.0058 5948 Bonjour Service - ok 17:19:22.0062 5948 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:19:22.0063 5948 bowser - ok 17:19:22.0067 5948 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 17:19:22.0068 5948 BrFiltLo - ok 17:19:22.0070 5948 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 17:19:22.0071 5948 BrFiltUp - ok 17:19:22.0075 5948 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 17:19:22.0077 5948 BridgeMP - ok 17:19:22.0081 5948 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 17:19:22.0082 5948 Browser - ok 17:19:22.0087 5948 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 17:19:22.0090 5948 Brserid - ok 17:19:22.0093 5948 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 17:19:22.0094 5948 BrSerWdm - ok 17:19:22.0097 5948 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 17:19:22.0098 5948 BrUsbMdm - ok 17:19:22.0101 5948 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 17:19:22.0102 5948 BrUsbSer - ok 17:19:22.0105 5948 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 17:19:22.0106 5948 BTHMODEM - ok 17:19:22.0111 5948 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 17:19:22.0112 5948 bthserv - ok 17:19:22.0116 5948 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:19:22.0118 5948 cdfs - ok 17:19:22.0122 5948 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 17:19:22.0124 5948 cdrom - ok 17:19:22.0129 5948 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 17:19:22.0130 5948 CertPropSvc - ok 17:19:22.0134 5948 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 17:19:22.0134 5948 circlass - ok 17:19:22.0141 5948 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 17:19:22.0145 5948 CLFS - ok 17:19:22.0150 5948 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:19:22.0152 5948 clr_optimization_v2.0.50727_32 - ok 17:19:22.0157 5948 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:19:22.0158 5948 clr_optimization_v2.0.50727_64 - ok 17:19:22.0166 5948 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:19:22.0168 5948 clr_optimization_v4.0.30319_32 - ok 17:19:22.0172 5948 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:19:22.0174 5948 clr_optimization_v4.0.30319_64 - ok 17:19:22.0177 5948 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:19:22.0178 5948 CmBatt - ok 17:19:22.0181 5948 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:19:22.0182 5948 cmdide - ok 17:19:22.0190 5948 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 17:19:22.0195 5948 CNG - ok 17:19:22.0199 5948 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:19:22.0200 5948 Compbatt - ok 17:19:22.0203 5948 [ 403433D758C2D8908937265C1FB34F34 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys 17:19:22.0203 5948 CompFilter64 - ok 17:19:22.0207 5948 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 17:19:22.0208 5948 CompositeBus - ok 17:19:22.0211 5948 COMSysApp - ok 17:19:22.0214 5948 cpuz134 - ok 17:19:22.0219 5948 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 17:19:22.0220 5948 crcdisk - ok 17:19:22.0227 5948 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:19:22.0229 5948 CryptSvc - ok 17:19:22.0239 5948 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 17:19:22.0244 5948 CSC - ok 17:19:22.0254 5948 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 17:19:22.0261 5948 CscService - ok 17:19:22.0271 5948 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:19:22.0277 5948 DcomLaunch - ok 17:19:22.0282 5948 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 17:19:22.0285 5948 defragsvc - ok 17:19:22.0289 5948 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:19:22.0290 5948 DfsC - ok 17:19:22.0296 5948 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 17:19:22.0299 5948 Dhcp - ok 17:19:22.0303 5948 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 17:19:22.0304 5948 discache - ok 17:19:22.0307 5948 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 17:19:22.0308 5948 Disk - ok 17:19:22.0313 5948 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:19:22.0315 5948 Dnscache - ok 17:19:22.0321 5948 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 17:19:22.0325 5948 dot3svc - ok 17:19:22.0329 5948 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 17:19:22.0331 5948 DPS - ok 17:19:22.0334 5948 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:19:22.0335 5948 drmkaud - ok 17:19:22.0348 5948 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:19:22.0352 5948 DXGKrnl - ok 17:19:22.0357 5948 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 17:19:22.0359 5948 EapHost - ok 17:19:22.0386 5948 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 17:19:22.0410 5948 ebdrv - ok 17:19:22.0415 5948 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 17:19:22.0416 5948 EFS - ok 17:19:22.0425 5948 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:19:22.0430 5948 ehRecvr - ok 17:19:22.0434 5948 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 17:19:22.0436 5948 ehSched - ok 17:19:22.0445 5948 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 17:19:22.0450 5948 elxstor - ok 17:19:22.0454 5948 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:19:22.0455 5948 ErrDev - ok 17:19:22.0466 5948 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 17:19:22.0470 5948 EventSystem - ok 17:19:22.0476 5948 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 17:19:22.0478 5948 exfat - ok 17:19:22.0483 5948 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:19:22.0486 5948 fastfat - ok 17:19:22.0495 5948 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 17:19:22.0501 5948 Fax - ok 17:19:22.0504 5948 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:19:22.0505 5948 fdc - ok 17:19:22.0508 5948 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 17:19:22.0509 5948 fdPHost - ok 17:19:22.0512 5948 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 17:19:22.0513 5948 FDResPub - ok 17:19:22.0518 5948 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:19:22.0519 5948 FileInfo - ok 17:19:22.0522 5948 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:19:22.0523 5948 Filetrace - ok 17:19:22.0532 5948 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 17:19:22.0607 5948 FLEXnet Licensing Service - ok 17:19:22.0611 5948 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:19:22.0612 5948 flpydisk - ok 17:19:22.0618 5948 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:19:22.0621 5948 FltMgr - ok 17:19:22.0636 5948 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 17:19:22.0647 5948 FontCache - ok 17:19:22.0652 5948 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:19:22.0652 5948 FontCache3.0.0.0 - ok 17:19:22.0656 5948 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 17:19:22.0657 5948 FsDepends - ok 17:19:22.0660 5948 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:19:22.0661 5948 Fs_Rec - ok 17:19:22.0666 5948 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 17:19:22.0668 5948 fvevol - ok 17:19:22.0672 5948 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 17:19:22.0673 5948 gagp30kx - ok 17:19:22.0675 5948 gdrv - ok 17:19:22.0680 5948 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:19:22.0681 5948 GEARAspiWDM - ok 17:19:22.0692 5948 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 17:19:22.0700 5948 gpsvc - ok 17:19:22.0706 5948 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:19:22.0707 5948 gupdate - ok 17:19:22.0711 5948 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:19:22.0712 5948 gupdatem - ok 17:19:22.0715 5948 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 17:19:22.0716 5948 hcw85cir - ok 17:19:22.0722 5948 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:19:22.0725 5948 HdAudAddService - ok 17:19:22.0730 5948 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 17:19:22.0732 5948 HDAudBus - ok 17:19:22.0735 5948 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 17:19:22.0736 5948 HidBatt - ok 17:19:22.0740 5948 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 17:19:22.0741 5948 HidBth - ok 17:19:22.0744 5948 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 17:19:22.0745 5948 HidIr - ok 17:19:22.0750 5948 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 17:19:22.0751 5948 hidserv - ok 17:19:22.0754 5948 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:19:22.0755 5948 HidUsb - ok 17:19:22.0759 5948 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:19:22.0760 5948 hkmsvc - ok 17:19:22.0766 5948 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 17:19:22.0769 5948 HomeGroupListener - ok 17:19:22.0774 5948 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 17:19:22.0776 5948 HomeGroupProvider - ok 17:19:22.0781 5948 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 17:19:22.0782 5948 HpSAMD - ok 17:19:22.0793 5948 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:19:22.0802 5948 HTTP - ok 17:19:22.0806 5948 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 17:19:22.0806 5948 hwpolicy - ok 17:19:22.0810 5948 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 17:19:22.0811 5948 i8042prt - ok 17:19:22.0819 5948 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 17:19:22.0824 5948 iaStorV - ok 17:19:22.0830 5948 [ 2A63036283B36B3B68CDC6F85A7D53ED ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys 17:19:22.0831 5948 IDMWFP - ok 17:19:22.0835 5948 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 17:19:22.0836 5948 IDriverT - ok 17:19:22.0848 5948 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:19:22.0858 5948 idsvc - ok 17:19:22.0861 5948 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 17:19:22.0862 5948 iirsp - ok 17:19:22.0875 5948 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 17:19:22.0884 5948 IKEEXT - ok 17:19:22.0915 5948 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 17:19:22.0925 5948 IntcAzAudAddService - ok 17:19:22.0929 5948 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 17:19:22.0930 5948 intelide - ok 17:19:22.0933 5948 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:19:22.0934 5948 intelppm - ok 17:19:22.0938 5948 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:19:22.0940 5948 IPBusEnum - ok 17:19:22.0944 5948 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:19:22.0945 5948 IpFilterDriver - ok 17:19:22.0954 5948 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:19:22.0960 5948 iphlpsvc - ok 17:19:22.0964 5948 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 17:19:22.0966 5948 IPMIDRV - ok 17:19:22.0970 5948 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 17:19:22.0971 5948 IPNAT - ok 17:19:22.0983 5948 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:19:22.0993 5948 iPod Service - ok 17:19:22.0996 5948 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:19:22.0997 5948 IRENUM - ok 17:19:23.0000 5948 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:19:23.0002 5948 isapnp - ok 17:19:23.0007 5948 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 17:19:23.0009 5948 iScsiPrt - ok 17:19:23.0030 5948 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe 17:19:23.0032 5948 JMB36X - ok 17:19:23.0036 5948 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys 17:19:23.0037 5948 JRAID - ok 17:19:23.0041 5948 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:19:23.0041 5948 kbdclass - ok 17:19:23.0045 5948 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:19:23.0045 5948 kbdhid - ok 17:19:23.0049 5948 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 17:19:23.0050 5948 KeyIso - ok 17:19:23.0054 5948 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:19:23.0055 5948 KSecDD - ok 17:19:23.0060 5948 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 17:19:23.0062 5948 KSecPkg - ok 17:19:23.0065 5948 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 17:19:23.0066 5948 ksthunk - ok 17:19:23.0072 5948 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 17:19:23.0075 5948 KtmRm - ok 17:19:23.0081 5948 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 17:19:23.0084 5948 LanmanServer - ok 17:19:23.0088 5948 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:19:23.0091 5948 LanmanWorkstation - ok 17:19:23.0141 5948 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe 17:19:23.0168 5948 LeapFrog Connect Device Service - ok 17:19:23.0173 5948 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:19:23.0174 5948 lltdio - ok 17:19:23.0181 5948 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:19:23.0185 5948 lltdsvc - ok 17:19:23.0188 5948 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:19:23.0189 5948 lmhosts - ok 17:19:23.0195 5948 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 17:19:23.0196 5948 LSI_FC - ok 17:19:23.0200 5948 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 17:19:23.0202 5948 LSI_SAS - ok 17:19:23.0205 5948 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 17:19:23.0207 5948 LSI_SAS2 - ok 17:19:23.0210 5948 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 17:19:23.0212 5948 LSI_SCSI - ok 17:19:23.0215 5948 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 17:19:23.0216 5948 luafv - ok 17:19:23.0220 5948 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys 17:19:23.0220 5948 LVPr2M64 - ok 17:19:23.0223 5948 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys 17:19:23.0223 5948 LVPr2Mon - ok 17:19:23.0229 5948 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 17:19:23.0231 5948 LVRS64 - ok 17:19:23.0282 5948 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 17:19:23.0303 5948 LVUVC64 - ok 17:19:23.0309 5948 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:19:23.0311 5948 Mcx2Svc - ok 17:19:23.0314 5948 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 17:19:23.0315 5948 megasas - ok 17:19:23.0321 5948 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 17:19:23.0325 5948 MegaSR - ok 17:19:23.0331 5948 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 17:19:23.0332 5948 Microsoft Office Groove Audit Service - ok 17:19:23.0336 5948 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 17:19:23.0338 5948 MMCSS - ok 17:19:23.0341 5948 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 17:19:23.0342 5948 Modem - ok 17:19:23.0345 5948 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:19:23.0345 5948 monitor - ok 17:19:23.0349 5948 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:19:23.0350 5948 mouclass - ok 17:19:23.0353 5948 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:19:23.0354 5948 mouhid - ok 17:19:23.0358 5948 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 17:19:23.0359 5948 mountmgr - ok 17:19:23.0364 5948 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys 17:19:23.0366 5948 MpFilter - ok 17:19:23.0371 5948 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 17:19:23.0372 5948 mpio - ok 17:19:23.0376 5948 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:19:23.0377 5948 mpsdrv - ok 17:19:23.0389 5948 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 17:19:23.0398 5948 MpsSvc - ok 17:19:23.0404 5948 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:19:23.0406 5948 MRxDAV - ok 17:19:23.0411 5948 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:19:23.0413 5948 mrxsmb - ok 17:19:23.0419 5948 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:19:23.0423 5948 mrxsmb10 - ok 17:19:23.0427 5948 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:19:23.0429 5948 mrxsmb20 - ok 17:19:23.0432 5948 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 17:19:23.0433 5948 msahci - ok 17:19:23.0438 5948 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:19:23.0440 5948 msdsm - ok 17:19:23.0444 5948 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 17:19:23.0446 5948 MSDTC - ok 17:19:23.0453 5948 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:19:23.0454 5948 Msfs - ok 17:19:23.0456 5948 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 17:19:23.0457 5948 mshidkmdf - ok 17:19:23.0460 5948 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:19:23.0461 5948 msisadrv - ok 17:19:23.0466 5948 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:19:23.0469 5948 MSiSCSI - ok 17:19:23.0472 5948 msiserver - ok 17:19:23.0475 5948 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:19:23.0476 5948 MSKSSRV - ok 17:19:23.0480 5948 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe 17:19:23.0480 5948 MsMpSvc - ok 17:19:23.0483 5948 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:19:23.0484 5948 MSPCLOCK - ok 17:19:23.0487 5948 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:19:23.0487 5948 MSPQM - ok 17:19:23.0495 5948 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:19:23.0500 5948 MsRPC - ok 17:19:23.0505 5948 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 17:19:23.0505 5948 mssmbios - ok 17:19:23.0508 5948 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:19:23.0509 5948 MSTEE - ok 17:19:23.0512 5948 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 17:19:23.0513 5948 MTConfig - ok 17:19:23.0516 5948 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 17:19:23.0517 5948 Mup - ok 17:19:23.0524 5948 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 17:19:23.0529 5948 napagent - ok 17:19:23.0534 5948 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:19:23.0537 5948 NativeWifiP - ok 17:19:23.0548 5948 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:19:23.0555 5948 NDIS - ok 17:19:23.0558 5948 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 17:19:23.0559 5948 NdisCap - ok 17:19:23.0562 5948 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:19:23.0563 5948 NdisTapi - ok 17:19:23.0566 5948 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:19:23.0567 5948 Ndisuio - ok 17:19:23.0572 5948 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:19:23.0575 5948 NdisWan - ok 17:19:23.0578 5948 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:19:23.0579 5948 NDProxy - ok 17:19:23.0583 5948 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:19:23.0584 5948 NetBIOS - ok 17:19:23.0588 5948 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 17:19:23.0591 5948 NetBT - ok 17:19:23.0594 5948 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 17:19:23.0595 5948 Netlogon - ok 17:19:23.0602 5948 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 17:19:23.0607 5948 Netman - ok 17:19:23.0615 5948 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:19:23.0617 5948 NetMsmqActivator - ok 17:19:23.0621 5948 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:19:23.0621 5948 NetPipeActivator - ok 17:19:23.0630 5948 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 17:19:23.0635 5948 netprofm - ok 17:19:23.0639 5948 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:19:23.0640 5948 NetTcpActivator - ok 17:19:23.0644 5948 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:19:23.0644 5948 NetTcpPortSharing - ok 17:19:23.0650 5948 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 17:19:23.0651 5948 nfrd960 - ok 17:19:23.0655 5948 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys 17:19:23.0656 5948 NisDrv - ok 17:19:23.0662 5948 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe 17:19:23.0666 5948 NisSrv - ok 17:19:23.0672 5948 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:19:23.0675 5948 NlaSvc - ok 17:19:23.0679 5948 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:19:23.0680 5948 Npfs - ok 17:19:23.0683 5948 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 17:19:23.0684 5948 nsi - ok 17:19:23.0688 5948 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:19:23.0688 5948 nsiproxy - ok 17:19:23.0712 5948 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:19:23.0731 5948 Ntfs - ok 17:19:23.0735 5948 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 17:19:23.0735 5948 Null - ok 17:19:23.0739 5948 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 17:19:23.0740 5948 nusb3hub - ok 17:19:23.0745 5948 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 17:19:23.0748 5948 nusb3xhc - ok 17:19:23.0752 5948 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:19:23.0754 5948 nvraid - ok 17:19:23.0759 5948 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:19:23.0761 5948 nvstor - ok 17:19:23.0765 5948 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:19:23.0767 5948 nv_agp - ok 17:19:23.0776 5948 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:19:23.0781 5948 odserv - ok 17:19:23.0785 5948 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 17:19:23.0786 5948 ohci1394 - ok 17:19:23.0789 5948 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:19:23.0791 5948 ose - ok 17:19:23.0799 5948 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 17:19:23.0804 5948 p2pimsvc - ok 17:19:23.0811 5948 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 17:19:23.0816 5948 p2psvc - ok 17:19:23.0820 5948 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 17:19:23.0822 5948 Parport - ok 17:19:23.0825 5948 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:19:23.0826 5948 partmgr - ok 17:19:23.0830 5948 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 17:19:23.0833 5948 PcaSvc - ok 17:19:23.0838 5948 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 17:19:23.0840 5948 pci - ok 17:19:23.0844 5948 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 17:19:23.0844 5948 pciide - ok 17:19:23.0849 5948 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 17:19:23.0852 5948 pcmcia - ok 17:19:23.0856 5948 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 17:19:23.0857 5948 pcw - ok 17:19:23.0866 5948 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:19:23.0874 5948 PEAUTH - ok 17:19:23.0890 5948 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 17:19:23.0904 5948 PeerDistSvc - ok 17:19:23.0910 5948 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 17:19:23.0911 5948 PerfHost - ok 17:19:23.0931 5948 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 17:19:23.0943 5948 pla - ok 17:19:23.0951 5948 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:19:23.0957 5948 PlugPlay - ok 17:19:23.0960 5948 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 17:19:23.0962 5948 PNRPAutoReg - ok 17:19:23.0968 5948 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 17:19:23.0970 5948 PNRPsvc - ok 17:19:23.0978 5948 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:19:23.0985 5948 PolicyAgent - ok 17:19:23.0991 5948 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 17:19:23.0995 5948 Power - ok 17:19:23.0999 5948 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:19:24.0001 5948 PptpMiniport - ok 17:19:24.0004 5948 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 17:19:24.0005 5948 Processor - ok 17:19:24.0010 5948 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 17:19:24.0013 5948 ProfSvc - ok 17:19:24.0016 5948 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 17:19:24.0017 5948 ProtectedStorage - ok 17:19:24.0021 5948 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 17:19:24.0023 5948 Psched - ok 17:19:24.0027 5948 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 17:19:24.0028 5948 PxHlpa64 - ok 17:19:24.0047 5948 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 17:19:24.0064 5948 ql2300 - ok 17:19:24.0069 5948 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 17:19:24.0071 5948 ql40xx - ok 17:19:24.0076 5948 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 17:19:24.0080 5948 QWAVE - ok 17:19:24.0083 5948 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:19:24.0084 5948 QWAVEdrv - ok 17:19:24.0087 5948 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:19:24.0087 5948 RasAcd - ok 17:19:24.0091 5948 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 17:19:24.0092 5948 RasAgileVpn - ok 17:19:24.0096 5948 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 17:19:24.0098 5948 RasAuto - ok 17:19:24.0102 5948 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:19:24.0103 5948 Rasl2tp - ok 17:19:24.0110 5948 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 17:19:24.0115 5948 RasMan - ok 17:19:24.0119 5948 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:19:24.0121 5948 RasPppoe - ok 17:19:24.0124 5948 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:19:24.0126 5948 RasSstp - ok 17:19:24.0133 5948 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:19:24.0137 5948 rdbss - ok 17:19:24.0140 5948 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 17:19:24.0141 5948 rdpbus - ok 17:19:24.0144 5948 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:19:24.0145 5948 RDPCDD - ok 17:19:24.0149 5948 [ BDF2DB2F19945AFAF102A2C03062EFB1 ] RDPDISPM C:\Windows\system32\DRIVERS\rdpdispm.sys 17:19:24.0150 5948 RDPDISPM - ok 17:19:24.0155 5948 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 17:19:24.0157 5948 RDPDR - ok 17:19:24.0160 5948 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:19:24.0161 5948 RDPENCDD - ok 17:19:24.0166 5948 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 17:19:24.0166 5948 RDPREFMP - ok 17:19:24.0171 5948 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:19:24.0173 5948 RDPWD - ok 17:19:24.0179 5948 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 17:19:24.0181 5948 rdyboost - ok 17:19:24.0185 5948 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:19:24.0186 5948 RemoteAccess - ok 17:19:24.0191 5948 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:19:24.0193 5948 RemoteRegistry - ok 17:19:24.0196 5948 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 17:19:24.0198 5948 RpcEptMapper - ok 17:19:24.0202 5948 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 17:19:24.0203 5948 RpcLocator - ok 17:19:24.0211 5948 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 17:19:24.0214 5948 RpcSs - ok 17:19:24.0218 5948 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:19:24.0219 5948 rspndr - ok 17:19:24.0228 5948 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 17:19:24.0231 5948 RSUSBSTOR - ok 17:19:24.0236 5948 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys 17:19:24.0253 5948 RTHDMIAzAudService - ok 17:19:24.0259 5948 [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 17:19:24.0261 5948 RTL8167 - ok 17:19:24.0264 5948 RtsUIR - ok 17:19:24.0268 5948 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 17:19:24.0268 5948 s3cap - ok 17:19:24.0272 5948 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 17:19:24.0273 5948 SamSs - ok 17:19:24.0276 5948 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:19:24.0278 5948 sbp2port - ok 17:19:24.0282 5948 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:19:24.0285 5948 SCardSvr - ok 17:19:24.0288 5948 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 17:19:24.0289 5948 scfilter - ok 17:19:24.0303 5948 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 17:19:24.0314 5948 Schedule - ok 17:19:24.0318 5948 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 17:19:24.0319 5948 SCPolicySvc - ok 17:19:24.0324 5948 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:19:24.0327 5948 SDRSVC - ok 17:19:24.0330 5948 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:19:24.0331 5948 secdrv - ok 17:19:24.0334 5948 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 17:19:24.0336 5948 seclogon - ok 17:19:24.0339 5948 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 17:19:24.0341 5948 SENS - ok 17:19:24.0344 5948 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 17:19:24.0346 5948 SensrSvc - ok 17:19:24.0349 5948 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 17:19:24.0350 5948 Serenum - ok 17:19:24.0353 5948 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 17:19:24.0354 5948 Serial - ok 17:19:24.0357 5948 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 17:19:24.0358 5948 sermouse - ok 17:19:24.0368 5948 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 17:19:24.0370 5948 SessionEnv - ok 17:19:24.0374 5948 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:19:24.0374 5948 sffdisk - ok 17:19:24.0377 5948 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:19:24.0378 5948 sffp_mmc - ok 17:19:24.0381 5948 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:19:24.0382 5948 sffp_sd - ok 17:19:24.0385 5948 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 17:19:24.0385 5948 sfloppy - ok 17:19:24.0392 5948 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:19:24.0397 5948 SharedAccess - ok 17:19:24.0404 5948 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:19:24.0409 5948 ShellHWDetection - ok 17:19:24.0413 5948 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 17:19:24.0414 5948 SiSRaid2 - ok 17:19:24.0417 5948 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 17:19:24.0418 5948 SiSRaid4 - ok 17:19:24.0422 5948 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 17:19:24.0424 5948 SkypeUpdate - ok 17:19:24.0428 5948 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:19:24.0429 5948 Smb - ok 17:19:24.0435 5948 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:19:24.0437 5948 SNMPTRAP - ok 17:19:24.0440 5948 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 17:19:24.0441 5948 spldr - ok 17:19:24.0448 5948 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 17:19:24.0453 5948 Spooler - ok 17:19:24.0520 5948 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 17:19:24.0586 5948 sppsvc - ok 17:19:24.0591 5948 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 17:19:24.0593 5948 sppuinotify - ok 17:19:24.0603 5948 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 17:19:24.0609 5948 srv - ok 17:19:24.0618 5948 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:19:24.0623 5948 srv2 - ok 17:19:24.0628 5948 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:19:24.0630 5948 srvnet - ok 17:19:24.0635 5948 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:19:24.0639 5948 SSDPSRV - ok 17:19:24.0642 5948 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:19:24.0644 5948 SstpSvc - ok 17:19:24.0647 5948 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 17:19:24.0648 5948 stexstor - ok 17:19:24.0660 5948 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 17:19:24.0667 5948 stisvc - ok 17:19:24.0671 5948 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 17:19:24.0672 5948 storflt - ok 17:19:24.0675 5948 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 17:19:24.0677 5948 StorSvc - ok 17:19:24.0680 5948 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 17:19:24.0681 5948 storvsc - ok 17:19:24.0684 5948 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 17:19:24.0685 5948 swenum - ok 17:19:24.0693 5948 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 17:19:24.0700 5948 swprv - ok 17:19:24.0719 5948 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 17:19:24.0736 5948 SysMain - ok 17:19:24.0741 5948 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:19:24.0743 5948 TabletInputService - ok 17:19:24.0750 5948 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 17:19:24.0755 5948 TapiSrv - ok 17:19:24.0759 5948 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 17:19:24.0761 5948 TBS - ok 17:19:24.0778 5948 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:19:24.0792 5948 Tcpip - ok 17:19:24.0810 5948 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 17:19:24.0818 5948 TCPIP6 - ok 17:19:24.0824 5948 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:19:24.0825 5948 tcpipreg - ok 17:19:24.0830 5948 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:19:24.0830 5948 TDPIPE - ok 17:19:24.0833 5948 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:19:24.0834 5948 TDTCP - ok 17:19:24.0838 5948 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:19:24.0840 5948 tdx - ok 17:19:24.0843 5948 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 17:19:24.0844 5948 TermDD - ok 17:19:24.0854 5948 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 17:19:24.0858 5948 TermService - ok 17:19:24.0862 5948 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 17:19:24.0863 5948 Themes - ok 17:19:24.0867 5948 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 17:19:24.0868 5948 THREADORDER - ok 17:19:24.0872 5948 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 17:19:24.0874 5948 TrkWks - ok 17:19:24.0879 5948 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:19:24.0881 5948 TrustedInstaller - ok 17:19:24.0886 5948 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:19:24.0887 5948 tssecsrv - ok 17:19:24.0890 5948 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 17:19:24.0891 5948 TsUsbFlt - ok 17:19:24.0896 5948 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:19:24.0897 5948 tunnel - ok 17:19:24.0900 5948 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 17:19:24.0901 5948 uagp35 - ok 17:19:24.0908 5948 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:19:24.0912 5948 udfs - ok 17:19:24.0918 5948 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:19:24.0920 5948 UI0Detect - ok 17:19:24.0924 5948 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:19:24.0925 5948 uliagpkx - ok 17:19:24.0928 5948 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:19:24.0929 5948 umbus - ok 17:19:24.0933 5948 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 17:19:24.0933 5948 UmPass - ok 17:19:24.0939 5948 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 17:19:24.0942 5948 UmRdpService - ok 17:19:24.0951 5948 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 17:19:24.0953 5948 UMVPFSrv - ok 17:19:24.0960 5948 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 17:19:24.0964 5948 upnphost - ok 17:19:24.0968 5948 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 17:19:24.0969 5948 USBAAPL64 - ok 17:19:24.0974 5948 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 17:19:24.0975 5948 usbaudio - ok 17:19:24.0979 5948 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:19:24.0980 5948 usbccgp - ok 17:19:24.0983 5948 USBCCID - ok 17:19:24.0988 5948 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:19:24.0990 5948 usbcir - ok 17:19:24.0993 5948 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:19:24.0994 5948 usbehci - ok 17:19:24.0998 5948 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 17:19:24.0999 5948 usbfilter - ok 17:19:25.0004 5948 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:19:25.0007 5948 usbhub - ok 17:19:25.0010 5948 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 17:19:25.0011 5948 usbohci - ok 17:19:25.0014 5948 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 17:19:25.0015 5948 usbprint - ok 17:19:25.0018 5948 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 17:19:25.0019 5948 usbscan - ok 17:19:25.0023 5948 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:19:25.0025 5948 USBSTOR - ok 17:19:25.0029 5948 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:19:25.0030 5948 usbuhci - ok 17:19:25.0035 5948 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 17:19:25.0038 5948 usbvideo - ok 17:19:25.0041 5948 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 17:19:25.0043 5948 UxSms - ok 17:19:25.0046 5948 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 17:19:25.0047 5948 VaultSvc - ok 17:19:25.0050 5948 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 17:19:25.0051 5948 vdrvroot - ok 17:19:25.0059 5948 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 17:19:25.0066 5948 vds - ok 17:19:25.0069 5948 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:19:25.0070 5948 vga - ok 17:19:25.0073 5948 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 17:19:25.0074 5948 VgaSave - ok 17:19:25.0079 5948 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 17:19:25.0081 5948 vhdmp - ok 17:19:25.0084 5948 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 17:19:25.0085 5948 viaide - ok 17:19:25.0090 5948 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 17:19:25.0093 5948 vmbus - ok 17:19:25.0096 5948 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 17:19:25.0097 5948 VMBusHID - ok 17:19:25.0102 5948 [ 21C96AA588D3993191761A08DBAABB15 ] vmm C:\Windows\system32\Drivers\vmm.sys 17:19:25.0104 5948 vmm - ok 17:19:25.0108 5948 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:19:25.0109 5948 volmgr - ok 17:19:25.0116 5948 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:19:25.0120 5948 volmgrx - ok 17:19:25.0125 5948 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:19:25.0126 5948 volsnap - ok 17:19:25.0131 5948 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 17:19:25.0133 5948 vsmraid - ok 17:19:25.0152 5948 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 17:19:25.0169 5948 VSS - ok 17:19:25.0173 5948 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 17:19:25.0174 5948 vwifibus - ok 17:19:25.0180 5948 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 17:19:25.0185 5948 W32Time - ok 17:19:25.0190 5948 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 17:19:25.0191 5948 WacomPen - ok 17:19:25.0195 5948 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 17:19:25.0196 5948 WANARP - ok 17:19:25.0199 5948 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:19:25.0200 5948 Wanarpv6 - ok 17:19:25.0216 5948 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 17:19:25.0229 5948 WatAdminSvc - ok 17:19:25.0247 5948 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 17:19:25.0262 5948 wbengine - ok 17:19:25.0267 5948 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 17:19:25.0270 5948 WbioSrvc - ok 17:19:25.0277 5948 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:19:25.0282 5948 wcncsvc - ok 17:19:25.0286 5948 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:19:25.0288 5948 WcsPlugInService - ok 17:19:25.0291 5948 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 17:19:25.0291 5948 Wd - ok 17:19:25.0301 5948 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:19:25.0308 5948 Wdf01000 - ok 17:19:25.0313 5948 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:19:25.0315 5948 WdiServiceHost - ok 17:19:25.0318 5948 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:19:25.0319 5948 WdiSystemHost - ok 17:19:25.0325 5948 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 17:19:25.0330 5948 WebClient - ok 17:19:25.0335 5948 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:19:25.0338 5948 Wecsvc - ok 17:19:25.0341 5948 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:19:25.0343 5948 wercplsupport - ok 17:19:25.0347 5948 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 17:19:25.0349 5948 WerSvc - ok 17:19:25.0352 5948 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 17:19:25.0352 5948 WfpLwf - ok 17:19:25.0356 5948 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 17:19:25.0357 5948 WIMMount - ok 17:19:25.0359 5948 WinDefend - ok 17:19:25.0365 5948 WinHttpAutoProxySvc - ok 17:19:25.0375 5948 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:19:25.0378 5948 Winmgmt - ok 17:19:25.0401 5948 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 17:19:25.0420 5948 WinRM - ok 17:19:25.0428 5948 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 17:19:25.0429 5948 WinUsb - ok 17:19:25.0439 5948 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 17:19:25.0448 5948 Wlansvc - ok 17:19:25.0452 5948 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 17:19:25.0453 5948 wlcrasvc - ok 17:19:25.0482 5948 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:19:25.0507 5948 wlidsvc - ok 17:19:25.0511 5948 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 17:19:25.0512 5948 WmiAcpi - ok 17:19:25.0518 5948 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:19:25.0521 5948 wmiApSrv - ok 17:19:25.0523 5948 WMPNetworkSvc - ok 17:19:25.0533 5948 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe 17:19:25.0537 5948 WMZuneComm - ok 17:19:25.0540 5948 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:19:25.0542 5948 WPCSvc - ok 17:19:25.0546 5948 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:19:25.0549 5948 WPDBusEnum - ok 17:19:25.0552 5948 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:19:25.0553 5948 ws2ifsl - ok 17:19:25.0556 5948 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 17:19:25.0559 5948 wscsvc - ok 17:19:25.0561 5948 WSearch - ok 17:19:25.0594 5948 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 17:19:25.0621 5948 wuauserv - ok 17:19:25.0626 5948 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 17:19:25.0628 5948 WudfPf - ok 17:19:25.0633 5948 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:19:25.0635 5948 WUDFRd - ok 17:19:25.0639 5948 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:19:25.0641 5948 wudfsvc - ok 17:19:25.0646 5948 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 17:19:25.0649 5948 WwanSvc - ok 17:19:25.0774 5948 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe 17:19:25.0897 5948 ZuneNetworkSvc - ok 17:19:25.0908 5948 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe 17:19:25.0914 5948 ZuneWlanCfgSvc - ok 17:19:25.0916 5948 ================ Scan global =============================== 17:19:25.0919 5948 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 17:19:25.0926 5948 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 17:19:25.0931 5948 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 17:19:25.0935 5948 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 17:19:25.0941 5948 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 17:19:25.0944 5948 [Global] - ok 17:19:25.0944 5948 ================ Scan MBR ================================== 17:19:25.0946 5948 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3 17:19:26.0061 5948 \Device\Harddisk3\DR3 - ok 17:19:26.0074 5948 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 17:19:26.0078 5948 \Device\Harddisk0\DR0 - ok 17:19:26.0082 5948 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 17:19:26.0086 5948 \Device\Harddisk1\DR1 - ok 17:19:26.0091 5948 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 17:19:26.0095 5948 \Device\Harddisk2\DR2 - ok 17:19:26.0095 5948 ================ Scan VBR ================================== 17:19:26.0098 5948 [ 37C7F0971007CBF136AC52A0D211D083 ] \Device\Harddisk3\DR3\Partition1 17:19:26.0100 5948 \Device\Harddisk3\DR3\Partition1 - ok 17:19:26.0104 5948 [ 6C1FC5EEF85479B74D28F28B1EC1B4F1 ] \Device\Harddisk3\DR3\Partition2 17:19:26.0105 5948 \Device\Harddisk3\DR3\Partition2 - ok 17:19:26.0110 5948 [ 1C81BA0A65F91A2E9319A42A45714861 ] \Device\Harddisk0\DR0\Partition1 17:19:26.0111 5948 \Device\Harddisk0\DR0\Partition1 - ok 17:19:26.0114 5948 [ CB8F5E8964E1EEED9DE3DD63504A7704 ] \Device\Harddisk1\DR1\Partition1 17:19:26.0115 5948 \Device\Harddisk1\DR1\Partition1 - ok 17:19:26.0117 5948 [ EDE2F40ABB8B401821EC0ACF8137CE4B ] \Device\Harddisk2\DR2\Partition1 17:19:26.0118 5948 \Device\Harddisk2\DR2\Partition1 - ok 17:19:26.0119 5948 ============================================================ 17:19:26.0119 5948 Scan finished 17:19:26.0119 5948 ============================================================ 17:19:26.0125 2184 Detected object count: 0 17:19:26.0125 2184 Actual detected object count: 0

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Thanks for that, do I need to do anything else? What can I do to prevent this from happening?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Also on that link above that I sent, it refers over to another page to do a TDSKiller followed by a combofix. Is this required?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 Java 6 Update 29 Java version out of Date! Adobe Flash Player 11.4.402.278 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 6% ````````````````````End of Log``````````````````````

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

It looks clean, but you tell me. Also a site popped up. http://tigzyrk.blogspot.com/2011/09/rootkit-zeroaccess-max.html The page mentions that ZeroAccess in its latest form is not a rootkit. How bad it is?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

RogueKiller V8.0.4 [09/19/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : SL [Admin rights] Mode : Scan -- Date : 09/21/2012 11:54:32 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3750640AS SCSI Disk Device +++++ --- User --- [MBR] ff3f8e519ffc408ad054aa6823a7a543 [bSP] 2c00398aaf2cf93baecedc53d6ccd912 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 715402 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive1: WDC WD1200JB-75CRA0 SCSI Disk Device +++++ --- User --- [MBR] 083d8737dfbdb4f17b83dc11f1283fef [bSP] 66dcc5ddc3b77bedeb2e5dc3b0419dbf : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114436 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: WDC WD1200JB-75CRA0 SCSI Disk Device +++++ --- User --- [MBR] 27928e93b86ff9713eb521e0c1a98410 [bSP] e77dd0ff0701dd075fc1c06f4577f2d3 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114438 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive3: AMD 2+0 Stripe/RAID0 SCSI Disk Device +++++ --- User --- [MBR] 21ea02bf083ad5b8f57ce0616b128182 [bSP] c17fb1ff859a3721316f941e437a8281 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102894 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[9].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt ; RKreport[9].txt

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

I do not know why the first RougeKiller log posted in small font. Where do we go from here?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

RogueKiller V8.0.4 [09/19/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : SL [Admin rights] Mode : Scan -- Date : 09/21/2012 10:59:31 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\SL\AppData\Local\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\n.) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FOLDER] U : C:\Windows\Installer\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Windows\Installer\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\L --> FOUND [ZeroAccess][FOLDER] U : C:\Users\SL\AppData\Local\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Users\SL\AppData\Local\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\L --> FOUND ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3750640AS SCSI Disk Device +++++ --- User --- [MBR] ff3f8e519ffc408ad054aa6823a7a543 [bSP] 2c00398aaf2cf93baecedc53d6ccd912 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 715402 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive1: WDC WD1200JB-75CRA0 SCSI Disk Device +++++ --- User --- [MBR] 083d8737dfbdb4f17b83dc11f1283fef [bSP] 66dcc5ddc3b77bedeb2e5dc3b0419dbf : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114436 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: WDC WD1200JB-75CRA0 SCSI Disk Device +++++ --- User --- [MBR] 27928e93b86ff9713eb521e0c1a98410 [bSP] e77dd0ff0701dd075fc1c06f4577f2d3 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114438 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive3: AMD 2+0 Stripe/RAID0 SCSI Disk Device +++++ --- User --- [MBR] 21ea02bf083ad5b8f57ce0616b128182 [bSP] c17fb1ff859a3721316f941e437a8281 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102894 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

RogueKiller V8.0.4 [09/19/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : SL [Admin rights] Mode : Scan -- Date : 09/21/2012 10:59:31 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\SL\AppData\Local\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\n.) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FOLDER] U : C:\Windows\Installer\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Windows\Installer\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\L --> FOUND [ZeroAccess][FOLDER] U : C:\Users\SL\AppData\Local\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Users\SL\AppData\Local\{cf7cef73-eea1-bce5-54b2-d49ae7aeebca}\L --> FOUND ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3750640AS SCSI Disk Device +++++ --- User --- [MBR] ff3f8e519ffc408ad054aa6823a7a543 [bSP] 2c00398aaf2cf93baecedc53d6ccd912 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 715402 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive1: WDC WD1200JB-75CRA0 SCSI Disk Device +++++ --- User --- [MBR] 083d8737dfbdb4f17b83dc11f1283fef [bSP] 66dcc5ddc3b77bedeb2e5dc3b0419dbf : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114436 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: WDC WD1200JB-75CRA0 SCSI Disk Device +++++ --- User --- [MBR] 27928e93b86ff9713eb521e0c1a98410 [bSP] e77dd0ff0701dd075fc1c06f4577f2d3 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114438 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive3: AMD 2+0 Stripe/RAID0 SCSI Disk Device +++++ --- User --- [MBR] 21ea02bf083ad5b8f57ce0616b128182 [bSP] c17fb1ff859a3721316f941e437a8281 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102894 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.09.21.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 SL :: VEGAS [administrator] 9/21/2012 10:56:26 AM mbam-log-2012-09-21 (10-56-26).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 235580 Time elapsed: 1 minute(s), 37 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Win7pro Update. Things did not go as planned. I did not know what where (or did I have) the raid drivers. So in restarting the system trying yo catch what they were, i discovered that Windows thinks it has successfully restored to an earlier point. I am into Windows. Malwarebytes was corrupted and needed an update. It downloaded and ran. Malwarebytes did find two items, one being the Ransomware and I am sure the other was related. They were removed. So... do I still have corrupted files? What's next?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

My operating system is not listed. I have a raid setup. Do I have to load drivers?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

I followed those steps, although entering explorer did nothing that I could see. Restore gave an error that windows failed to start. The boot section failed because a required device is inaccessible. should I "repair your computer" with the installation disc?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

VIPRER found one threat. Removed it, I rebooted and the Ransomeware is still there. BTW it is asking for $200.

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Ok. I managed to get to a safe mode with command prompt. I ran rkill but was insure what to do next. So I ran VIPRER. Now what?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

How do I run it if I can not get into the computer?

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Maybe I am not clear. I can not get past the infection screen. No safe mode, nada. Running under a different user I can get in, but no malware is found.

New MoneyPak Ransomeware?

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

The probelm is I can not start in Safe mode. It goes directly to the ransom page.

New MoneyPak Ransomeware?

Confuzzed posted a topic in Resolved Malware Removal Logs

Help. I got nipped again. I have ended up with a MoneyPak Ransomware. I have been infected with this before, and Malwarebytes has been able to remove it, however this time it is different. Even starting in Safe Mode, the infected screen pops up. I can use the computer under a different user, and even tried cleaning the computer from that user, but everything shows up clean. Where do I start?

Unwanted popups in lower right part of screen...

Confuzzed replied to Confuzzed's topic in Resolved Malware Removal Logs

Attached are the files. The older one did find a problem, the newer one did not (even though my problem persisted). Particularly troubling, could you elaborate? mbam-log-2012-05-22 (18-50-04).txt mbam-log-2012-05-22 (18-55-43).txt

Events

Profiles

Forums

Everything posted by Confuzzed

Important Information