One_iota Posted June 21, 2013 ID:693854 Share Posted June 21, 2013 This sounds like quite a bargain, but not so sure about how to sign up for moneypad. Can anyone help? I get this on my XP pc and my W7 laptop. Actually, instead can you tell me where I can download the FRST or Farbar. I decide to fight and not fall victim to their extortion techniques. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 21, 2013 ID:693876 Share Posted June 21, 2013 Just to clarify- you have two PC's affected with this virus? Link to post Share on other sites More sharing options...
One_iota Posted June 23, 2013 Author ID:694672 Share Posted June 23, 2013 Yes, Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 23, 2013 ID:694674 Share Posted June 23, 2013 Okay, here's what I'd like you to do. Go ahead and make a separate thread for the XP one and post it the link to it here- I'll attempt to help you out on both of them. We'll leave this one for the Windows 7 machine. ---------------This is for the Windows 7 machine... For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.Plug the flashdrive into the infected PC.Enter System Recovery Options.To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Select English as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.To enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Select English as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand PromptSelect Command PromptIn the command window type in notepad and press Enter.The notepad opens. Under File menu select Open.Select "Computer" and find your flash drive letter and close the notepad.In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press EnterNote: Replace letter e with the drive letter of your flash drive.The tool will start to run.When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.Let me know how things go. If you at any point have trouble using FRST, please stop and post back here to let me know.-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Note:Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly" -------> Your topic will be closed if you haven't replied within 3 days! <--------(If I don't respond within 24 hours, please send me a PM)-DFB Link to post Share on other sites More sharing options...
One_iota Posted June 23, 2013 Author ID:694677 Share Posted June 23, 2013 Is there another way besides paypal to make a donation?I should also like to purchase the pro version of Malwarebytes for those two units when clean. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 23, 2013 ID:694679 Share Posted June 23, 2013 Is there another way besides paypal to make a donation?I'm afraid not unfortunately, but I appreciate your generosity Post the link to the XP machine's thread when you get the chance Link to post Share on other sites More sharing options...
One_iota Posted June 23, 2013 Author ID:694687 Share Posted June 23, 2013 Thank you for your time and attention.I have a problem which compounds the difficulty here. The only malware-free device I have is an iPad.So, I'm going to my neighbors to beg him to look up this thread. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 23, 2013 ID:694688 Share Posted June 23, 2013 If you've posted it I can just find it from your profile.EDIT: nevermind, I understand what you're getting at Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 23, 2013 ID:694689 Share Posted June 23, 2013 I'm subscribed to the Malware Removal Help forum, so when you post it, I'll automatically get an email... just go ahead and post it and we'll take it from there. Link to post Share on other sites More sharing options...
One_iota Posted June 23, 2013 Author ID:694720 Share Posted June 23, 2013 Neighbors are running Vista. Wouldn't properly recognize my flash drive though it installed it and could see the device. Opening the folder said Empty, but right click properties said zero free space. Didn't want to format in Vista.So decided to try anyway. Found this thread, clicked the link and their Norton 360 says that FRST is a dangerous file and only five people in the Norton community ever tried to download it, so they shouldn't mess with it. And neighbors just finished telling me they just got this Norton and how it stopped this and removed that. Now I'm telling them that their Norton sucks because it won't let me download my file. After they calmed down I explained that it was probably their Norton was just too secure.I'll try another neighbor mañana. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 23, 2013 ID:694828 Share Posted June 23, 2013 Stupid Norton. Well, keep me posted. If there's any way you can borrow somebody's laptop for a few hours, definitely try that. Link to post Share on other sites More sharing options...
One_iota Posted June 25, 2013 Author ID:695346 Share Posted June 25, 2013 Here's the scan log. Thanks again for helping. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 Ran by SYSTEM on 24-06-2013 13:44:28 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\570\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.) HKLM-x32\...\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot [1233856 2010-11-24] (Simply Super Software) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.) HKLM-x32\...\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE [1823160 2012-06-06] (Bandoo Media, inc) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.) HKU\Kaori\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.) HKU\Kaori\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-01] (Google Inc.) HKU\Owner\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-08] (SUPERAntiSpyware.com) HKU\Owner\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x] HKU\Owner\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-01] (Google Inc.) HKU\Spike.Owner-PC\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.) HKU\Spike.Owner-PC\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-01] (Google Inc.) HKU\Spike.Owner-PC\...\Winlogon: [shell] explorer.exe,C:\Users\Spike.Owner-PC\AppData\Roaming\skype.dat [83456 2011-11-16] () <==== ATTENTION AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll [1528760 2012-06-06] (Bandoo Media, inc) AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll [1185208 2012-06-06] (Bandoo Media, inc) Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®) Startup: C:\Users\Kaori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®) Startup: C:\Users\Spike.Owner-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®) ==================== Services (Whitelisted) ================= S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-09-08] (SUPERAntiSpyware.com) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432 2012-09-29] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [676936 2012-09-29] (Malwarebytes Corporation) S4 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [237008 2011-06-17] (McAfee, Inc.) S4 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S4 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S4 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S4 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S4 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [509416 2010-10-07] (McAfee, Inc.) S4 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S4 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc.) S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [245352 2010-10-13] (McAfee, Inc.) S2 mfevtp; C:\windows\system32\mfevtps.exe [149032 2010-10-13] (McAfee, Inc.) S4 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] () S2 Toolbar Updater Service; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [x] ==================== Drivers (Whitelisted) ==================== S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62800 2010-10-13] (McAfee, Inc.) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc.) S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc.) S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc.) S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc.) S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75032 2010-10-13] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc.) S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc.) S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation ) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-08-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-08-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-08-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-24 13:43 - 2013-06-24 13:43 - 00000000 ____D C:\FRST ==================== One Month Modified Files and Folders ======= 2013-06-24 13:43 - 2013-06-24 13:43 - 00000000 ____D C:\FRST Files to move or delete: ==================== C:\Users\Owner\GoToAssistDownloadHelper.exe C:\Users\Spike.Owner-PC\AppData\Roaming\skype.dat C:\Users\Spike.Owner-PC\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-12-02 21:14:01 Restore point made on: 2012-12-04 19:14:17 Restore point made on: 2012-12-09 20:14:43 Restore point made on: 2012-12-11 19:26:00 Restore point made on: 2012-12-12 12:06:27 Restore point made on: 2012-12-16 20:10:51 ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 3894.79 MB Available physical RAM: 3318.1 MB Total Pagefile: 3892.93 MB Available Pagefile: 3309.92 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (TI105512W0E) (Fixed) (Total:456.78 GB) (Free:328.89 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)] Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Drive f: () (Removable) (Total:0.12 GB) (Free:0.1 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: BCDDC75C) Partition 1: (Active) - (Size=1 GB) - (Type=27) Partition 2: (Not Active) - (Size=457 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=8 GB) - (Type=17) ======================================================== Disk: 1 (Size: 124 MB) (Disk ID: 6F20736B) Partition 1: (Not Active) - (Size=544 GB) - (Type=72) Partition 2: (Not Active) - (Size=923 GB) - (Type=65) Partition 3: (Not Active) - (Size=923 GB) - (Type=79) Partition 4: (Not Active) - (Size=-336763289600) - (Type=0D) LastRegBack: 2012-12-15 00:10 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 25, 2013 ID:695435 Share Posted June 25, 2013 This should get us going. Please do the following:Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.Right-click in the open notepad and select Paste).Save it on the flashdrive as fixlist.txtQuoteHKU\Spike.Owner-PC\...\Winlogon: [shell] explorer.exe,C:\Users\Spike.Owner-PC\AppData\Roaming\skype.dat [83456 2011-11-16] () <==== ATTENTIONAppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll [1528760 2012-06-06] (Bandoo Media, inc)AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll [1185208 2012-06-06] (Bandoo Media, inc)C:\Users\Owner\GoToAssistDownloadHelper.exeC:\Users\Spike.Owner-PC\AppData\Roaming\skype.datC:\Users\Spike.Owner-PC\AppData\Roaming\skype.iniS2 Toolbar Updater Service; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [x]NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemNow please enter System Recovery Options.Run FRST and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply. After that- are you able to boot into normal mode? Let me know when you can as we have more malware to remove. Link to post Share on other sites More sharing options...
One_iota Posted June 25, 2013 Author ID:695682 Share Posted June 25, 2013 Hey, I was able to boot as normal. I might need to put the XP on hold until the W7 is finished. I tried, but I can't copy anything except text here at work. Heres the text for fixlog. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2013 Ran by SYSTEM at 2013-06-25 13:24:40 Run:1 Running from F:\ Boot Mode: Recovery ============================================== HKU\Spike.Owner-PC\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully. C:\Users\Spike.Owner-PC\AppData\Roaming\skype.dat => Moved successfully. C:\Users\Spike.Owner-PC\AppData\Roaming\skype.ini => Moved successfully. Toolbar Updater Service => Service deleted successfully. ==== End of Fixlog ==== Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 25, 2013 ID:695684 Share Posted June 25, 2013 Hey, I was able to boot as normal. I might need to put the XP on hold until the W7 is finished.Glad to hear you can boot. And yeah, it might be a better idea to first get this one all cleaned up, then move on to the XP one. Let's start getting rid of the rest of it:----------Step 1----------------Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Double-click on TDSSKiller.exe to run the tool for known TDSS variants.Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.----------Step 2----------------Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt----------Step 3----------------Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix***IMPORTANT: save ComboFix to your Desktop**** Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Please go here to see a list of programs that should be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall** Please include the C:\ComboFix.txt in your next reply for further review.NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.----------Step 4----------------Please download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.----------Step 5----------------In your next reply, please include the following:TDSSKiller's logfileMBAR mbar-log.txt and system-log.txtComboFix's report (C:\ComboFix.txt)Security Check checkup.txtAfter that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. Link to post Share on other sites More sharing options...
One_iota Posted June 25, 2013 Author ID:695686 Share Posted June 25, 2013 Hey, I have a question. Near the end of the FRST scanlog it says Disk: 1 (Size: 124 MB) (Disk ID: 6F20736B) Partition 1: (Not Active) - (Size=544 GB) - (Type=72) Partition 2: (Not Active) - (Size=923 GB) - (Type=65) Partition 3: (Not Active) - (Size=923 GB) - (Type=79) Partition 4: (Not Active) - (Size=-336763289600) - (Type=0D) Seems like it says I have a couple TB in non active partitions on a 128M flashdrive. ?? Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 25, 2013 ID:695688 Share Posted June 25, 2013 I wouldn't worry about it. It looks like FRST just incorrectly read the partition structure. It shouldn't be a big deal. Link to post Share on other sites More sharing options...
One_iota Posted June 26, 2013 Author ID:695896 Share Posted June 26, 2013 Good Morning DFB. I got stuck in step 3. I downloaded Combofix and wanted to see that list of all the stuff that should be disabled. The link no worky. So I was just gonna disable McAfee, MBAM, and SuperAntiSpyware, but couldn't figure out how to disable them, not being in the system tray. Course it was 4:30am and I think I was just pushing buttons in my sleep. But I must be a cognitive genius, because I fixed everything AND solved world hunger. Except I can't remember how. I did happen to notice that TDSSKiller missed it, but Mbar caught a Winlock on first pass. And the guys at bleepingcomputer called MBAM light-weight. Tougher than kaspersky. Kaspersky = Russian ghost? Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 26, 2013 ID:695901 Share Posted June 26, 2013 If you can't disable those protection programs, go ahead and try running ComboFix in Safe Mode. Instructions on how to get into Safe Mode are here. Link to post Share on other sites More sharing options...
One_iota Posted June 26, 2013 Author ID:695985 Share Posted June 26, 2013 Hey, that would be a lot easier than disabling a bunch of programs. Will it work just as good in safe mode? I did read somewhere that its kinda not as reliable in a 64 bit environment. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 26, 2013 ID:695986 Share Posted June 26, 2013 It will work just fine. And wherever you read that is wrong- ComboFix has been 64-bit compatible for quite some time now. Link to post Share on other sites More sharing options...
One_iota Posted June 28, 2013 Author ID:696386 Share Posted June 28, 2013 So I put all the log files into one big text document using Word and posted it this morning. Thinking maybe it errored because of Word, I made the big log file again this afternoon using notepad. Still nothing posted. So, I'm gonna try posting them one at a time now. Link to post Share on other sites More sharing options...
One_iota Posted June 28, 2013 Author ID:696388 Share Posted June 28, 2013 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TDSSKiller log file !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 00:37:37.0419 3836 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19 00:37:38.0231 3836 ============================================================ 00:37:38.0231 3836 Current date / time: 2013/06/26 00:37:38.0231 00:37:38.0231 3836 SystemInfo: 00:37:38.0231 3836 00:37:38.0231 3836 OS Version: 6.1.7601 ServicePack: 1.0 00:37:38.0231 3836 Product type: Workstation 00:37:38.0231 3836 ComputerName: OWNER-PC 00:37:38.0231 3836 UserName: Owner 00:37:38.0231 3836 Windows directory: C:\windows 00:37:38.0231 3836 System windows directory: C:\windows 00:37:38.0231 3836 Running under WOW64 00:37:38.0231 3836 Processor architecture: Intel x64 00:37:38.0231 3836 Number of processors: 4 00:37:38.0231 3836 Page size: 0x1000 00:37:38.0231 3836 Boot type: Normal boot 00:37:38.0231 3836 ============================================================ 00:37:40.0274 3836 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 00:37:40.0290 3836 ============================================================ 00:37:40.0290 3836 \Device\Harddisk0\DR0: 00:37:40.0290 3836 MBR partitions: 00:37:40.0290 3836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3918D000 00:37:40.0290 3836 ============================================================ 00:37:40.0524 3836 C: <-> \Device\Harddisk0\DR0\Partition1 00:37:40.0524 3836 ============================================================ 00:37:40.0524 3836 Initialize success 00:37:40.0524 3836 ============================================================ 00:38:00.0663 3212 ============================================================ 00:38:00.0663 3212 Scan started 00:38:00.0663 3212 Mode: Manual; 00:38:00.0663 3212 ============================================================ 00:38:03.0518 3212 ================ Scan system memory ======================== 00:38:03.0518 3212 System memory - ok 00:38:03.0518 3212 ================ Scan services ============================= 00:38:03.0627 3212 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 00:38:03.0627 3212 !SASCORE - ok 00:38:03.0861 3212 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 00:38:03.0861 3212 1394ohci - ok 00:38:03.0939 3212 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 00:38:03.0939 3212 ACPI - ok 00:38:03.0986 3212 [ 12C5274CD87449A2A37A607CDB321922 ] acpials C:\windows\system32\DRIVERS\acpials.sys 00:38:03.0986 3212 acpials - ok 00:38:04.0033 3212 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 00:38:04.0033 3212 AcpiPmi - ok 00:38:04.0142 3212 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash \FlashPlayerUpdateService.exe 00:38:04.0158 3212 AdobeFlashPlayerUpdateSvc - ok 00:38:04.0205 3212 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys 00:38:04.0205 3212 adp94xx - ok 00:38:04.0251 3212 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys 00:38:04.0251 3212 adpahci - ok 00:38:04.0283 3212 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys 00:38:04.0283 3212 adpu320 - ok 00:38:04.0345 3212 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 00:38:04.0361 3212 AeLookupSvc - ok 00:38:04.0501 3212 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 00:38:04.0501 3212 AFD - ok 00:38:04.0579 3212 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 00:38:04.0579 3212 agp440 - ok 00:38:04.0610 3212 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 00:38:04.0610 3212 ALG - ok 00:38:04.0657 3212 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 00:38:04.0657 3212 aliide - ok 00:38:04.0688 3212 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 00:38:04.0704 3212 amdide - ok 00:38:04.0735 3212 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 00:38:04.0735 3212 AmdK8 - ok 00:38:04.0751 3212 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 00:38:04.0751 3212 AmdPPM - ok 00:38:04.0782 3212 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 00:38:04.0782 3212 amdsata - ok 00:38:04.0829 3212 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys 00:38:04.0829 3212 amdsbs - ok 00:38:04.0875 3212 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 00:38:04.0875 3212 amdxata - ok 00:38:04.0907 3212 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 00:38:04.0907 3212 AppID - ok 00:38:04.0938 3212 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 00:38:04.0938 3212 AppIDSvc - ok 00:38:04.0985 3212 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 00:38:05.0000 3212 Appinfo - ok 00:38:05.0203 3212 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 00:38:05.0203 3212 Apple Mobile Device - ok 00:38:05.0234 3212 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys 00:38:05.0234 3212 arc - ok 00:38:05.0250 3212 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys 00:38:05.0250 3212 arcsas - ok 00:38:05.0312 3212 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 00:38:05.0312 3212 AsyncMac - ok 00:38:05.0390 3212 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 00:38:05.0390 3212 atapi - ok 00:38:05.0437 3212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 00:38:05.0453 3212 AudioEndpointBuilder - ok 00:38:05.0468 3212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 00:38:05.0468 3212 AudioSrv - ok 00:38:05.0499 3212 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 00:38:05.0515 3212 AxInstSV - ok 00:38:05.0562 3212 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys 00:38:05.0577 3212 b06bdrv - ok 00:38:05.0609 3212 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 00:38:05.0609 3212 b57nd60a - ok 00:38:05.0687 3212 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 00:38:05.0687 3212 BDESVC - ok 00:38:05.0733 3212 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 00:38:05.0733 3212 Beep - ok 00:38:05.0811 3212 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 00:38:05.0811 3212 BFE - ok 00:38:05.0905 3212 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll 00:38:05.0921 3212 BITS - ok 00:38:05.0983 3212 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 00:38:05.0983 3212 blbdrive - ok 00:38:06.0077 3212 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 00:38:06.0092 3212 Bonjour Service - ok 00:38:06.0186 3212 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 00:38:06.0186 3212 bowser - ok 00:38:06.0217 3212 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys 00:38:06.0217 3212 BrFiltLo - ok 00:38:06.0233 3212 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys 00:38:06.0233 3212 BrFiltUp - ok 00:38:06.0264 3212 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 00:38:06.0264 3212 Browser - ok 00:38:06.0311 3212 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 00:38:06.0311 3212 Brserid - ok 00:38:06.0326 3212 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 00:38:06.0326 3212 BrSerWdm - ok 00:38:06.0342 3212 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 00:38:06.0342 3212 BrUsbMdm - ok 00:38:06.0373 3212 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 00:38:06.0373 3212 BrUsbSer - ok 00:38:06.0389 3212 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys 00:38:06.0389 3212 BTHMODEM - ok 00:38:06.0435 3212 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 00:38:06.0435 3212 bthserv - ok 00:38:06.0482 3212 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 00:38:06.0482 3212 cdfs - ok 00:38:06.0529 3212 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys 00:38:06.0529 3212 cdrom - ok 00:38:06.0576 3212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 00:38:06.0576 3212 CertPropSvc - ok 00:38:06.0638 3212 [ E02C9CDB15F13DE4EB2FF67660E62317 ] cfwids C:\windows\system32\drivers\cfwids.sys 00:38:06.0638 3212 cfwids - ok 00:38:06.0716 3212 [ ADBDC69A0C25361870A1AC009D29F960 ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree \CFIWmxSvcs64.exe 00:38:06.0732 3212 cfWiMAXService - ok 00:38:06.0763 3212 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys 00:38:06.0763 3212 circlass - ok 00:38:06.0825 3212 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 00:38:06.0825 3212 CLFS - ok 00:38:06.0888 3212 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework \v2.0.50727\mscorsvw.exe 00:38:06.0903 3212 clr_optimization_v2.0.50727_32 - ok 00:38:06.0966 3212 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET \Framework64\v2.0.50727\mscorsvw.exe 00:38:06.0966 3212 clr_optimization_v2.0.50727_64 - ok 00:38:07.0044 3212 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework \v4.0.30319\mscorsvw.exe 00:38:07.0044 3212 clr_optimization_v4.0.30319_32 - ok 00:38:07.0122 3212 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe 00:38:07.0122 3212 clr_optimization_v4.0.30319_64 - ok 00:38:07.0153 3212 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 00:38:07.0153 3212 CmBatt - ok 00:38:07.0200 3212 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 00:38:07.0200 3212 cmdide - ok 00:38:07.0262 3212 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys 00:38:07.0262 3212 CNG - ok 00:38:07.0293 3212 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 00:38:07.0293 3212 Compbatt - ok 00:38:07.0325 3212 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 00:38:07.0325 3212 CompositeBus - ok 00:38:07.0340 3212 COMSysApp - ok 00:38:07.0387 3212 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 00:38:07.0387 3212 ConfigFree Service - ok 00:38:07.0418 3212 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys 00:38:07.0418 3212 crcdisk - ok 00:38:07.0465 3212 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll 00:38:07.0465 3212 CryptSvc - ok 00:38:07.0512 3212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 00:38:07.0527 3212 DcomLaunch - ok 00:38:07.0559 3212 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 00:38:07.0559 3212 defragsvc - ok 00:38:07.0621 3212 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 00:38:07.0637 3212 DfsC - ok 00:38:07.0683 3212 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 00:38:07.0683 3212 Dhcp - ok 00:38:07.0730 3212 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 00:38:07.0730 3212 discache - ok 00:38:07.0761 3212 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys 00:38:07.0761 3212 Disk - ok 00:38:07.0793 3212 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 00:38:07.0793 3212 Dnscache - ok 00:38:07.0839 3212 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 00:38:07.0839 3212 dot3svc - ok 00:38:07.0871 3212 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 00:38:07.0871 3212 DPS - ok 00:38:07.0917 3212 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 00:38:07.0917 3212 drmkaud - ok 00:38:07.0980 3212 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 00:38:07.0995 3212 DXGKrnl - ok 00:38:08.0027 3212 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 00:38:08.0027 3212 EapHost - ok 00:38:08.0120 3212 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys 00:38:08.0198 3212 ebdrv - ok 00:38:08.0245 3212 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 00:38:08.0245 3212 EFS - ok 00:38:08.0323 3212 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 00:38:08.0339 3212 ehRecvr - ok 00:38:08.0370 3212 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 00:38:08.0370 3212 ehSched - ok 00:38:08.0401 3212 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys 00:38:08.0417 3212 elxstor - ok 00:38:08.0448 3212 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 00:38:08.0448 3212 ErrDev - ok 00:38:08.0510 3212 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 00:38:08.0510 3212 EventSystem - ok 00:38:08.0619 3212 [ BDFCB7E8C108D042B213957D2B044E7E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 00:38:08.0635 3212 EvtEng - ok 00:38:08.0697 3212 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 00:38:08.0697 3212 exfat - ok 00:38:08.0791 3212 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 00:38:08.0791 3212 fastfat - ok 00:38:08.0853 3212 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 00:38:08.0869 3212 Fax - ok 00:38:08.0900 3212 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys 00:38:08.0900 3212 fdc - ok 00:38:08.0931 3212 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 00:38:08.0931 3212 fdPHost - ok 00:38:08.0947 3212 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 00:38:08.0947 3212 FDResPub - ok 00:38:08.0978 3212 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 00:38:08.0978 3212 FileInfo - ok 00:38:09.0041 3212 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 00:38:09.0041 3212 Filetrace - ok 00:38:09.0072 3212 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 00:38:09.0072 3212 flpydisk - ok 00:38:09.0119 3212 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 00:38:09.0119 3212 FltMgr - ok 00:38:09.0181 3212 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 00:38:09.0197 3212 FontCache - ok 00:38:09.0290 3212 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF \PresentationFontCache.exe 00:38:09.0290 3212 FontCache3.0.0.0 - ok 00:38:09.0306 3212 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 00:38:09.0306 3212 FsDepends - ok 00:38:09.0353 3212 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys 00:38:09.0353 3212 fssfltr - ok 00:38:09.0431 3212 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety \fsssvc.exe 00:38:09.0446 3212 fsssvc - ok 00:38:09.0524 3212 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 00:38:09.0524 3212 Fs_Rec - ok 00:38:09.0555 3212 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 00:38:09.0571 3212 fvevol - ok 00:38:09.0618 3212 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys 00:38:09.0618 3212 FwLnk - ok 00:38:09.0649 3212 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys 00:38:09.0649 3212 gagp30kx - ok 00:38:09.0696 3212 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 00:38:09.0696 3212 GEARAspiWDM - ok 00:38:09.0789 3212 [ 5CC2B1D06AC1962AF5FBBCF88D781DD8 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist \570\g2aservice.exe 00:38:09.0789 3212 GoToAssist - ok 00:38:09.0836 3212 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 00:38:09.0852 3212 gpsvc - ok 00:38:09.0945 3212 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 00:38:09.0945 3212 gupdate - ok 00:38:09.0977 3212 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 00:38:09.0977 3212 gupdatem - ok 00:38:10.0039 3212 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater \GoogleUpdaterService.exe 00:38:10.0039 3212 gusvc - ok 00:38:10.0070 3212 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 00:38:10.0070 3212 hcw85cir - ok 00:38:10.0117 3212 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 00:38:10.0133 3212 HdAudAddService - ok 00:38:10.0148 3212 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 00:38:10.0148 3212 HDAudBus - ok 00:38:10.0179 3212 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys 00:38:10.0179 3212 HECIx64 - ok 00:38:10.0211 3212 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys 00:38:10.0211 3212 HidBatt - ok 00:38:10.0226 3212 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys 00:38:10.0226 3212 HidBth - ok 00:38:10.0226 3212 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys 00:38:10.0226 3212 HidIr - ok 00:38:10.0257 3212 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll 00:38:10.0273 3212 hidserv - ok 00:38:10.0304 3212 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys 00:38:10.0304 3212 HidUsb - ok 00:38:10.0335 3212 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 00:38:10.0351 3212 hkmsvc - ok 00:38:10.0382 3212 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 00:38:10.0382 3212 HomeGroupListener - ok 00:38:10.0429 3212 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 00:38:10.0429 3212 HomeGroupProvider - ok 00:38:10.0476 3212 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 00:38:10.0476 3212 HpSAMD - ok 00:38:10.0523 3212 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 00:38:10.0538 3212 HTTP - ok 00:38:10.0585 3212 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 00:38:10.0585 3212 hwpolicy - ok 00:38:10.0632 3212 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys 00:38:10.0632 3212 i8042prt - ok 00:38:10.0663 3212 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 00:38:10.0679 3212 iaStor - ok 00:38:10.0741 3212 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 00:38:10.0741 3212 IAStorDataMgrSvc - ok 00:38:10.0803 3212 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 00:38:10.0819 3212 iaStorV - ok 00:38:10.0881 3212 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 00:38:10.0897 3212 idsvc - ok 00:38:11.0225 3212 [ 0372C154226F7074CD150F475A4870A6 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys 00:38:11.0505 3212 igfx - ok 00:38:11.0552 3212 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys 00:38:11.0552 3212 iirsp - ok 00:38:11.0615 3212 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 00:38:11.0630 3212 IKEEXT - ok 00:38:11.0708 3212 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys 00:38:11.0708 3212 Impcd - ok 00:38:11.0802 3212 [ 450BEC18B45BCCFDC923E11F856DBDA7 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys 00:38:11.0833 3212 IntcAzAudAddService - ok 00:38:11.0880 3212 [ 408B401CD7CDB075C7470B0FF7BA8D0B ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys 00:38:11.0880 3212 IntcDAud - ok 00:38:11.0895 3212 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 00:38:11.0895 3212 intelide - ok 00:38:11.0958 3212 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 00:38:11.0958 3212 intelppm - ok 00:38:12.0051 3212 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe 00:38:12.0051 3212 IntuitUpdateService - ok 00:38:12.0129 3212 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe 00:38:12.0129 3212 IntuitUpdateServiceV4 - ok 00:38:12.0161 3212 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 00:38:12.0161 3212 IPBusEnum - ok 00:38:12.0207 3212 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 00:38:12.0207 3212 IpFilterDriver - ok 00:38:12.0254 3212 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 00:38:12.0270 3212 iphlpsvc - ok 00:38:12.0301 3212 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 00:38:12.0301 3212 IPMIDRV - ok 00:38:12.0332 3212 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 00:38:12.0332 3212 IPNAT - ok 00:38:12.0441 3212 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 00:38:12.0441 3212 iPod Service - ok 00:38:12.0473 3212 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 00:38:12.0473 3212 IRENUM - ok 00:38:12.0488 3212 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 00:38:12.0504 3212 isapnp - ok 00:38:12.0535 3212 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 00:38:12.0551 3212 iScsiPrt - ok 00:38:12.0582 3212 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys 00:38:12.0582 3212 kbdclass - ok 00:38:12.0597 3212 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys 00:38:12.0597 3212 kbdhid - ok 00:38:12.0629 3212 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 00:38:12.0629 3212 KeyIso - ok 00:38:12.0675 3212 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 00:38:12.0675 3212 KSecDD - ok 00:38:12.0722 3212 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 00:38:12.0722 3212 KSecPkg - ok 00:38:12.0785 3212 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 00:38:12.0785 3212 ksthunk - ok 00:38:12.0816 3212 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 00:38:12.0831 3212 KtmRm - ok 00:38:12.0878 3212 [ FF60E112FC03F6D0EB74B3BFD7D6B7C9 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys 00:38:12.0878 3212 L1C - ok 00:38:12.0925 3212 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll 00:38:12.0925 3212 LanmanServer - ok 00:38:12.0972 3212 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 00:38:12.0972 3212 LanmanWorkstation - ok 00:38:13.0019 3212 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 00:38:13.0019 3212 lltdio - ok 00:38:13.0065 3212 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 00:38:13.0065 3212 lltdsvc - ok 00:38:13.0097 3212 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 00:38:13.0112 3212 lmhosts - ok 00:38:13.0190 3212 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 00:38:13.0190 3212 LMS - ok 00:38:13.0221 3212 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys 00:38:13.0221 3212 LSI_FC - ok 00:38:13.0237 3212 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys 00:38:13.0237 3212 LSI_SAS - ok 00:38:13.0253 3212 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys 00:38:13.0253 3212 LSI_SAS2 - ok 00:38:13.0268 3212 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys 00:38:13.0268 3212 LSI_SCSI - ok 00:38:13.0299 3212 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 00:38:13.0315 3212 luafv - ok 00:38:13.0362 3212 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys 00:38:13.0362 3212 MBAMProtector - ok 00:38:13.0471 3212 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware \mbamscheduler.exe 00:38:13.0471 3212 MBAMScheduler - ok 00:38:13.0533 3212 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware \mbamservice.exe 00:38:13.0533 3212 MBAMService - ok 00:38:13.0674 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee \McSvcHost\McSvHost.exe 00:38:13.0689 3212 McAfee SiteAdvisor Service - ok 00:38:13.0767 3212 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan \3.0.207\McCHSvc.exe 00:38:13.0783 3212 McComponentHostService - ok 00:38:13.0830 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:13.0830 3212 McMPFSvc - ok 00:38:13.0861 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:13.0861 3212 mcmscsvc - ok 00:38:13.0861 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:13.0877 3212 McNaiAnn - ok 00:38:13.0877 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:13.0892 3212 McNASvc - ok 00:38:14.0001 3212 [ 3809B77EB1734CD5FB317425F188ABC1 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe 00:38:14.0001 3212 McODS - ok 00:38:14.0079 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] McOobeSv C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:14.0079 3212 McOobeSv - ok 00:38:14.0111 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:14.0111 3212 McProxy - ok 00:38:14.0173 3212 [ 461EABB62F1827B965F508092160EDDC ] McShield C:\Program Files\Common Files\McAfee\SystemCore\ \mcshield.exe 00:38:14.0173 3212 McShield - ok 00:38:14.0220 3212 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 00:38:14.0220 3212 Mcx2Svc - ok 00:38:14.0235 3212 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys 00:38:14.0235 3212 megasas - ok 00:38:14.0282 3212 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys 00:38:14.0282 3212 MegaSR - ok 00:38:14.0329 3212 [ C1556CA9695FCD6BBD23D75D402FD43D ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys 00:38:14.0329 3212 mfeapfk - ok 00:38:14.0360 3212 [ 8857EE8B49F3338FC1FAD476BFCCA146 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys 00:38:14.0376 3212 mfeavfk - ok 00:38:14.0407 3212 mfeavfk01 - ok 00:38:14.0438 3212 [ DD92E94E265864306377F091B100D0D0 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\ \mfefire.exe 00:38:14.0454 3212 mfefire - ok 00:38:14.0501 3212 [ 19C44295F6BF085C83352D48397F7870 ] mfefirek C:\windows\system32\drivers\mfefirek.sys 00:38:14.0516 3212 mfefirek - ok 00:38:14.0563 3212 [ 5F915E20AB56121C41C6BF9A91A83BDA ] mfehidk C:\windows\system32\drivers\mfehidk.sys 00:38:14.0563 3212 mfehidk - ok 00:38:14.0641 3212 [ 23AE332E32FF615CA5E5224C8D91AF11 ] mfenlfk C:\windows\system32\DRIVERS\mfenlfk.sys 00:38:14.0641 3212 mfenlfk - ok 00:38:14.0688 3212 [ 9C7A9273E345F8D653394B5C542BF86A ] mferkdet C:\windows\system32\drivers\mferkdet.sys 00:38:14.0688 3212 mferkdet - ok 00:38:14.0735 3212 [ AECD0C9ABDFDC61BE31163B624C4170F ] mfevtp C:\windows\system32\mfevtps.exe 00:38:14.0735 3212 mfevtp - ok 00:38:14.0813 3212 [ 3140B2C56D7119BA314F68FC785683F0 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys 00:38:14.0828 3212 mfewfpk - ok 00:38:14.0922 3212 Microsoft SharePoint Workspace Audit Service - ok 00:38:14.0953 3212 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 00:38:14.0953 3212 MMCSS - ok 00:38:14.0969 3212 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 00:38:14.0969 3212 Modem - ok 00:38:15.0031 3212 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 00:38:15.0031 3212 monitor - ok 00:38:15.0062 3212 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys 00:38:15.0062 3212 mouclass - ok 00:38:15.0093 3212 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 00:38:15.0093 3212 mouhid - ok 00:38:15.0140 3212 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 00:38:15.0140 3212 mountmgr - ok 00:38:15.0156 3212 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 00:38:15.0171 3212 mpio - ok 00:38:15.0203 3212 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 00:38:15.0203 3212 mpsdrv - ok 00:38:15.0249 3212 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 00:38:15.0265 3212 MpsSvc - ok 00:38:15.0327 3212 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 00:38:15.0327 3212 MRxDAV - ok 00:38:15.0405 3212 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 00:38:15.0405 3212 mrxsmb - ok 00:38:15.0452 3212 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 00:38:15.0468 3212 mrxsmb10 - ok 00:38:15.0546 3212 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 00:38:15.0546 3212 mrxsmb20 - ok 00:38:15.0593 3212 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys 00:38:15.0593 3212 msahci - ok 00:38:15.0624 3212 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 00:38:15.0624 3212 msdsm - ok 00:38:15.0639 3212 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 00:38:15.0639 3212 MSDTC - ok 00:38:15.0717 3212 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 00:38:15.0717 3212 Msfs - ok 00:38:15.0749 3212 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 00:38:15.0749 3212 mshidkmdf - ok 00:38:15.0780 3212 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 00:38:15.0780 3212 msisadrv - ok 00:38:15.0811 3212 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 00:38:15.0811 3212 MSiSCSI - ok 00:38:15.0827 3212 msiserver - ok 00:38:15.0873 3212 [ 458A013DF72EAAB91877FA03533E2C8B ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe 00:38:15.0873 3212 MSK80Service - ok 00:38:15.0889 3212 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 00:38:15.0889 3212 MSKSSRV - ok 00:38:15.0905 3212 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 00:38:15.0905 3212 MSPCLOCK - ok 00:38:15.0905 3212 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 00:38:15.0905 3212 MSPQM - ok 00:38:15.0951 3212 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 00:38:15.0951 3212 MsRPC - ok 00:38:15.0998 3212 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 00:38:15.0998 3212 mssmbios - ok 00:38:16.0029 3212 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 00:38:16.0029 3212 MSTEE - ok 00:38:16.0045 3212 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys 00:38:16.0045 3212 MTConfig - ok 00:38:16.0092 3212 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 00:38:16.0092 3212 Mup - ok 00:38:16.0139 3212 [ 93CD1C4ECB8658A35E5E6EBA02D43E4F ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 00:38:16.0139 3212 MyWiFiDHCPDNS - ok 00:38:16.0185 3212 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 00:38:16.0201 3212 napagent - ok 00:38:16.0248 3212 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 00:38:16.0248 3212 NativeWifiP - ok 00:38:16.0310 3212 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys 00:38:16.0326 3212 NDIS - ok 00:38:16.0341 3212 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 00:38:16.0341 3212 NdisCap - ok 00:38:16.0373 3212 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 00:38:16.0373 3212 NdisTapi - ok 00:38:16.0435 3212 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 00:38:16.0435 3212 Ndisuio - ok 00:38:16.0497 3212 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 00:38:16.0497 3212 NdisWan - ok 00:38:16.0529 3212 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 00:38:16.0529 3212 NDProxy - ok 00:38:16.0575 3212 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 00:38:16.0575 3212 NetBIOS - ok 00:38:16.0638 3212 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 00:38:16.0638 3212 NetBT - ok 00:38:16.0638 3212 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 00:38:16.0653 3212 Netlogon - ok 00:38:16.0685 3212 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 00:38:16.0685 3212 Netman - ok 00:38:16.0716 3212 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 00:38:16.0731 3212 netprofm - ok 00:38:16.0763 3212 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 00:38:16.0763 3212 NetTcpPortSharing - ok 00:38:16.0981 3212 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys 00:38:17.0043 3212 NETw5s64 - ok 00:38:17.0293 3212 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys 00:38:17.0355 3212 NETwNs64 - ok 00:38:17.0402 3212 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys 00:38:17.0418 3212 nfrd960 - ok 00:38:17.0433 3212 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll 00:38:17.0449 3212 NlaSvc - ok 00:38:17.0496 3212 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 00:38:17.0496 3212 Npfs - ok 00:38:17.0543 3212 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 00:38:17.0543 3212 nsi - ok 00:38:17.0574 3212 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 00:38:17.0574 3212 nsiproxy - ok 00:38:17.0667 3212 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 00:38:17.0683 3212 Ntfs - ok 00:38:17.0714 3212 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 00:38:17.0714 3212 Null - ok 00:38:17.0761 3212 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 00:38:17.0761 3212 nvraid - ok 00:38:17.0792 3212 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 00:38:17.0792 3212 nvstor - ok 00:38:17.0839 3212 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 00:38:17.0839 3212 nv_agp - ok 00:38:17.0886 3212 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 00:38:17.0901 3212 ohci1394 - ok 00:38:17.0964 3212 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared \Source Engine\OSE.EXE 00:38:17.0964 3212 ose - ok 00:38:18.0151 3212 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared \OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 00:38:18.0182 3212 osppsvc - ok 00:38:18.0229 3212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 00:38:18.0245 3212 p2pimsvc - ok 00:38:18.0276 3212 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 00:38:18.0276 3212 p2psvc - ok 00:38:18.0307 3212 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys 00:38:18.0323 3212 Parport - ok 00:38:18.0354 3212 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 00:38:18.0354 3212 partmgr - ok 00:38:18.0385 3212 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 00:38:18.0385 3212 PcaSvc - ok 00:38:18.0447 3212 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 00:38:18.0447 3212 pci - ok 00:38:18.0463 3212 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys 00:38:18.0479 3212 pciide - ok 00:38:18.0494 3212 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 00:38:18.0494 3212 pcmcia - ok 00:38:18.0541 3212 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 00:38:18.0557 3212 pcw - ok 00:38:18.0588 3212 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 00:38:18.0588 3212 PEAUTH - ok 00:38:18.0759 3212 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 00:38:18.0759 3212 PerfHost - ok 00:38:18.0853 3212 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys 00:38:18.0853 3212 PGEffect - ok 00:38:18.0931 3212 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 00:38:18.0978 3212 pla - ok 00:38:19.0040 3212 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 00:38:19.0040 3212 PlugPlay - ok 00:38:19.0071 3212 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 00:38:19.0071 3212 PNRPAutoReg - ok 00:38:19.0118 3212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 00:38:19.0118 3212 PNRPsvc - ok 00:38:19.0165 3212 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 00:38:19.0165 3212 PolicyAgent - ok 00:38:19.0212 3212 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 00:38:19.0212 3212 Power - ok 00:38:19.0259 3212 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 00:38:19.0274 3212 PptpMiniport - ok 00:38:19.0290 3212 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys 00:38:19.0290 3212 Processor - ok 00:38:19.0337 3212 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 00:38:19.0352 3212 ProfSvc - ok 00:38:19.0368 3212 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 00:38:19.0368 3212 ProtectedStorage - ok 00:38:19.0415 3212 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 00:38:19.0415 3212 Psched - ok 00:38:19.0461 3212 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys 00:38:19.0461 3212 PxHlpa64 - ok 00:38:19.0524 3212 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys 00:38:19.0539 3212 ql2300 - ok 00:38:19.0571 3212 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys 00:38:19.0571 3212 ql40xx - ok 00:38:19.0617 3212 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 00:38:19.0617 3212 QWAVE - ok 00:38:19.0633 3212 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 00:38:19.0633 3212 QWAVEdrv - ok 00:38:19.0649 3212 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 00:38:19.0649 3212 RasAcd - ok 00:38:19.0695 3212 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 00:38:19.0695 3212 RasAgileVpn - ok 00:38:19.0742 3212 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 00:38:19.0742 3212 RasAuto - ok 00:38:19.0789 3212 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 00:38:19.0805 3212 Rasl2tp - ok 00:38:19.0851 3212 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 00:38:19.0851 3212 RasMan - ok 00:38:19.0898 3212 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 00:38:19.0898 3212 RasPppoe - ok 00:38:19.0945 3212 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 00:38:19.0945 3212 RasSstp - ok 00:38:20.0023 3212 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 00:38:20.0023 3212 rdbss - ok 00:38:20.0054 3212 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys 00:38:20.0054 3212 rdpbus - ok 00:38:20.0054 3212 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 00:38:20.0070 3212 RDPCDD - ok 00:38:20.0070 3212 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 00:38:20.0070 3212 RDPENCDD - ok 00:38:20.0085 3212 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 00:38:20.0085 3212 RDPREFMP - ok 00:38:20.0132 3212 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 00:38:20.0148 3212 RDPWD - ok 00:38:20.0179 3212 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 00:38:20.0179 3212 rdyboost - ok 00:38:20.0257 3212 [ A6BAEA839CC888D4961AB5FE16BB8C4A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon \RegSrvc.exe 00:38:20.0273 3212 RegSrvc - ok 00:38:20.0304 3212 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 00:38:20.0319 3212 RemoteAccess - ok 00:38:20.0351 3212 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 00:38:20.0351 3212 RemoteRegistry - ok 00:38:20.0366 3212 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 00:38:20.0366 3212 RpcEptMapper - ok 00:38:20.0397 3212 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 00:38:20.0397 3212 RpcLocator - ok 00:38:20.0444 3212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 00:38:20.0460 3212 RpcSs - ok 00:38:20.0507 3212 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 00:38:20.0507 3212 rspndr - ok 00:38:20.0569 3212 [ A48F861547FDD1D68201C9216ACFE6DC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys 00:38:20.0569 3212 RSUSBSTOR - ok 00:38:20.0616 3212 [ 3EC7911ED886DC5D8A9F70129254679C ] RTL8187Se C:\windows\system32\DRIVERS\RTL8187Se.sys 00:38:20.0616 3212 RTL8187Se - ok 00:38:20.0631 3212 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 00:38:20.0631 3212 SamSs - ok 00:38:20.0741 3212 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 00:38:20.0741 3212 SASDIFSV - ok 00:38:20.0803 3212 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 00:38:20.0803 3212 SASKUTIL - ok 00:38:20.0850 3212 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 00:38:20.0850 3212 sbp2port - ok 00:38:20.0897 3212 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 00:38:20.0897 3212 SCardSvr - ok 00:38:20.0928 3212 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 00:38:20.0928 3212 scfilter - ok 00:38:21.0006 3212 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 00:38:21.0021 3212 Schedule - ok 00:38:21.0068 3212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 00:38:21.0068 3212 SCPolicySvc - ok 00:38:21.0084 3212 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 00:38:21.0099 3212 SDRSVC - ok 00:38:21.0146 3212 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 00:38:21.0146 3212 secdrv - ok 00:38:21.0162 3212 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 00:38:21.0177 3212 seclogon - ok 00:38:21.0209 3212 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll 00:38:21.0209 3212 SENS - ok 00:38:21.0224 3212 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 00:38:21.0224 3212 SensrSvc - ok 00:38:21.0240 3212 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys 00:38:21.0255 3212 Serenum - ok 00:38:21.0271 3212 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys 00:38:21.0271 3212 Serial - ok 00:38:21.0302 3212 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys 00:38:21.0302 3212 sermouse - ok 00:38:21.0365 3212 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 00:38:21.0365 3212 SessionEnv - ok 00:38:21.0396 3212 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 00:38:21.0396 3212 sffdisk - ok 00:38:21.0411 3212 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 00:38:21.0411 3212 sffp_mmc - ok 00:38:21.0411 3212 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 00:38:21.0411 3212 sffp_sd - ok 00:38:21.0443 3212 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys 00:38:21.0443 3212 sfloppy - ok 00:38:21.0489 3212 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 00:38:21.0489 3212 SharedAccess - ok 00:38:21.0552 3212 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 00:38:21.0567 3212 ShellHWDetection - ok 00:38:21.0583 3212 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys 00:38:21.0583 3212 SiSRaid2 - ok 00:38:21.0614 3212 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys 00:38:21.0614 3212 SiSRaid4 - ok 00:38:21.0614 3212 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 00:38:21.0630 3212 Smb - ok 00:38:21.0661 3212 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 00:38:21.0661 3212 SNMPTRAP - ok 00:38:21.0692 3212 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 00:38:21.0692 3212 spldr - ok 00:38:21.0755 3212 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe 00:38:21.0755 3212 Spooler - ok 00:38:21.0879 3212 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 00:38:21.0911 3212 sppsvc - ok 00:38:21.0957 3212 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 00:38:21.0957 3212 sppuinotify - ok 00:38:22.0035 3212 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 00:38:22.0035 3212 srv - ok 00:38:22.0098 3212 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 00:38:22.0113 3212 srv2 - ok 00:38:22.0160 3212 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 00:38:22.0176 3212 srvnet - ok 00:38:22.0207 3212 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 00:38:22.0207 3212 SSDPSRV - ok 00:38:22.0223 3212 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 00:38:22.0238 3212 SstpSvc - ok 00:38:22.0269 3212 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys 00:38:22.0269 3212 stexstor - ok 00:38:22.0332 3212 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 00:38:22.0347 3212 stisvc - ok 00:38:22.0410 3212 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared \stllssvr.exe 00:38:22.0410 3212 stllssvr - ok 00:38:22.0441 3212 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 00:38:22.0441 3212 swenum - ok 00:38:22.0472 3212 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 00:38:22.0488 3212 swprv - ok 00:38:22.0519 3212 [ E28CA52ECF8CB6EB04B34DE440BA260E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys 00:38:22.0535 3212 SynTP - ok 00:38:22.0628 3212 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 00:38:22.0659 3212 SysMain - ok 00:38:22.0691 3212 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 00:38:22.0691 3212 TabletInputService - ok 00:38:22.0722 3212 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 00:38:22.0722 3212 TapiSrv - ok 00:38:22.0753 3212 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 00:38:22.0753 3212 TBS - ok 00:38:22.0847 3212 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys 00:38:22.0878 3212 Tcpip - ok 00:38:22.0909 3212 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 00:38:22.0925 3212 TCPIP6 - ok 00:38:23.0018 3212 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 00:38:23.0018 3212 tcpipreg - ok 00:38:23.0081 3212 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys 00:38:23.0081 3212 tdcmdpst - ok 00:38:23.0112 3212 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 00:38:23.0112 3212 TDPIPE - ok 00:38:23.0143 3212 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 00:38:23.0143 3212 TDTCP - ok 00:38:23.0205 3212 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 00:38:23.0205 3212 tdx - ok 00:38:23.0252 3212 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 00:38:23.0252 3212 TermDD - ok 00:38:23.0283 3212 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 00:38:23.0299 3212 TermService - ok 00:38:23.0330 3212 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 00:38:23.0330 3212 Themes - ok 00:38:23.0361 3212 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys 00:38:23.0361 3212 Thpdrv - ok 00:38:23.0393 3212 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS 00:38:23.0393 3212 Thpevm - ok 00:38:23.0439 3212 [ F6927BBA3B09AFF26A53A9191F7378F9 ] Thpsrv C:\windows\system32\ThpSrv.exe 00:38:23.0455 3212 Thpsrv - ok 00:38:23.0455 3212 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 00:38:23.0471 3212 THREADORDER - ok 00:38:23.0533 3212 [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station \TMachInfo.exe 00:38:23.0533 3212 TMachInfo - ok 00:38:23.0564 3212 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe 00:38:23.0580 3212 TODDSrv - ok 00:38:23.0642 3212 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 00:38:23.0642 3212 TosCoSrv - ok 00:38:23.0689 3212 [ 2AB7A4697462EDB0C9DFAFC529746BA9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe 00:38:23.0689 3212 TOSHIBA eco Utility Service - ok 00:38:23.0751 3212 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 00:38:23.0751 3212 TOSHIBA HDD SSD Alert Service - ok 00:38:23.0814 3212 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys 00:38:23.0829 3212 tos_sps64 - ok 00:38:23.0876 3212 [ BDFEA7A014D8E4A29323EC6E32D30FCA ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 00:38:23.0892 3212 TPCHSrv - ok 00:38:23.0939 3212 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 00:38:23.0939 3212 TrkWks - ok 00:38:24.0048 3212 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 00:38:24.0063 3212 TrustedInstaller - ok 00:38:24.0095 3212 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 00:38:24.0095 3212 tssecsrv - ok 00:38:24.0173 3212 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 00:38:24.0173 3212 TsUsbFlt - ok 00:38:24.0235 3212 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 00:38:24.0235 3212 tunnel - ok 00:38:24.0297 3212 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS 00:38:24.0297 3212 TVALZ - ok 00:38:24.0344 3212 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys 00:38:24.0344 3212 TVALZFL - ok 00:38:24.0375 3212 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys 00:38:24.0375 3212 uagp35 - ok 00:38:24.0422 3212 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 00:38:24.0422 3212 udfs - ok 00:38:24.0469 3212 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 00:38:24.0485 3212 UI0Detect - ok 00:38:24.0500 3212 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 00:38:24.0500 3212 uliagpkx - ok 00:38:24.0563 3212 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys 00:38:24.0563 3212 umbus - ok 00:38:24.0578 3212 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys 00:38:24.0578 3212 UmPass - ok 00:38:24.0703 3212 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 00:38:24.0719 3212 UNS - ok 00:38:24.0765 3212 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 00:38:24.0781 3212 upnphost - ok 00:38:24.0828 3212 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 00:38:24.0828 3212 USBAAPL64 - ok 00:38:24.0859 3212 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 00:38:24.0859 3212 usbccgp - ok 00:38:24.0906 3212 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 00:38:24.0906 3212 usbcir - ok 00:38:24.0953 3212 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys 00:38:24.0953 3212 usbehci - ok 00:38:25.0046 3212 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 00:38:25.0046 3212 usbhub - ok 00:38:25.0077 3212 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys 00:38:25.0077 3212 usbohci - ok 00:38:25.0109 3212 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 00:38:25.0109 3212 usbprint - ok 00:38:25.0171 3212 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 00:38:25.0171 3212 USBSTOR - ok 00:38:25.0202 3212 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 00:38:25.0202 3212 usbuhci - ok 00:38:25.0265 3212 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys 00:38:25.0265 3212 usbvideo - ok 00:38:25.0280 3212 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 00:38:25.0296 3212 UxSms - ok 00:38:25.0327 3212 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 00:38:25.0343 3212 VaultSvc - ok 00:38:25.0374 3212 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 00:38:25.0374 3212 vdrvroot - ok 00:38:25.0483 3212 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 00:38:25.0499 3212 vds - ok 00:38:25.0530 3212 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 00:38:25.0530 3212 vga - ok 00:38:25.0561 3212 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 00:38:25.0561 3212 VgaSave - ok 00:38:25.0608 3212 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 00:38:25.0608 3212 vhdmp - ok 00:38:25.0655 3212 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 00:38:25.0655 3212 viaide - ok 00:38:25.0670 3212 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 00:38:25.0670 3212 volmgr - ok 00:38:25.0717 3212 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 00:38:25.0717 3212 volmgrx - ok 00:38:25.0748 3212 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys 00:38:25.0748 3212 volsnap - ok 00:38:25.0779 3212 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys 00:38:25.0779 3212 vsmraid - ok 00:38:25.0857 3212 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 00:38:25.0873 3212 VSS - ok 00:38:25.0904 3212 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 00:38:25.0920 3212 vwifibus - ok 00:38:25.0935 3212 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 00:38:25.0935 3212 vwififlt - ok 00:38:25.0967 3212 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys 00:38:25.0967 3212 vwifimp - ok 00:38:25.0998 3212 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 00:38:26.0013 3212 W32Time - ok 00:38:26.0045 3212 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys 00:38:26.0045 3212 WacomPen - ok 00:38:26.0091 3212 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 00:38:26.0091 3212 WANARP - ok 00:38:26.0107 3212 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 00:38:26.0107 3212 Wanarpv6 - ok 00:38:26.0185 3212 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe 00:38:26.0201 3212 WatAdminSvc - ok 00:38:26.0279 3212 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 00:38:26.0294 3212 wbengine - ok 00:38:26.0325 3212 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 00:38:26.0341 3212 WbioSrvc - ok 00:38:26.0372 3212 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 00:38:26.0388 3212 wcncsvc - ok 00:38:26.0403 3212 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 00:38:26.0403 3212 WcsPlugInService - ok 00:38:26.0435 3212 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys 00:38:26.0435 3212 Wd - ok 00:38:26.0497 3212 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 00:38:26.0513 3212 Wdf01000 - ok 00:38:26.0528 3212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 00:38:26.0528 3212 WdiServiceHost - ok 00:38:26.0544 3212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 00:38:26.0544 3212 WdiSystemHost - ok 00:38:26.0591 3212 [ ADCB28896D433D68103A1670FA3D5EE5 ] wdkmd C:\windows\system32\DRIVERS\WDKMD.sys 00:38:26.0591 3212 wdkmd - ok 00:38:26.0637 3212 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 00:38:26.0653 3212 WebClient - ok 00:38:26.0684 3212 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 00:38:26.0700 3212 Wecsvc - ok 00:38:26.0715 3212 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 00:38:26.0715 3212 wercplsupport - ok 00:38:26.0747 3212 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 00:38:26.0747 3212 WerSvc - ok 00:38:26.0778 3212 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 00:38:26.0778 3212 WfpLwf - ok 00:38:26.0793 3212 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 00:38:26.0793 3212 WIMMount - ok 00:38:26.0825 3212 WinDefend - ok 00:38:26.0840 3212 WinHttpAutoProxySvc - ok 00:38:26.0903 3212 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 00:38:26.0903 3212 Winmgmt - ok 00:38:27.0043 3212 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 00:38:27.0074 3212 WinRM - ok 00:38:27.0168 3212 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys 00:38:27.0168 3212 WinUsb - ok 00:38:27.0215 3212 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 00:38:27.0230 3212 Wlansvc - ok 00:38:27.0308 3212 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 00:38:27.0308 3212 wlcrasvc - ok 00:38:27.0402 3212 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 00:38:27.0417 3212 wlidsvc - ok 00:38:27.0449 3212 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 00:38:27.0449 3212 WmiAcpi - ok 00:38:27.0495 3212 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 00:38:27.0495 3212 wmiApSrv - ok 00:38:27.0527 3212 WMPNetworkSvc - ok 00:38:27.0558 3212 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 00:38:27.0558 3212 WPCSvc - ok 00:38:27.0605 3212 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 00:38:27.0605 3212 WPDBusEnum - ok 00:38:27.0636 3212 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 00:38:27.0636 3212 ws2ifsl - ok 00:38:27.0651 3212 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll 00:38:27.0667 3212 wscsvc - ok 00:38:27.0667 3212 WSearch - ok 00:38:27.0776 3212 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 00:38:27.0807 3212 wuauserv - ok 00:38:27.0870 3212 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys 00:38:27.0870 3212 WudfPf - ok 00:38:27.0885 3212 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 00:38:27.0885 3212 WUDFRd - ok 00:38:27.0917 3212 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll 00:38:27.0917 3212 wudfsvc - ok 00:38:27.0948 3212 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 00:38:27.0963 3212 WwanSvc - ok 00:38:27.0995 3212 ================ Scan global =============================== 00:38:28.0026 3212 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 00:38:28.0073 3212 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll 00:38:28.0088 3212 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll 00:38:28.0135 3212 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 00:38:28.0166 3212 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 00:38:28.0182 3212 [Global] - ok 00:38:28.0182 3212 ================ Scan MBR ================================== 00:38:28.0197 3212 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0 00:38:28.0431 3212 \Device\Harddisk0\DR0 - ok 00:38:28.0431 3212 ================ Scan VBR ================================== 00:38:28.0447 3212 [ 751F34793284E9DC5F0B0C68C7597741 ] \Device\Harddisk0\DR0\Partition1 00:38:28.0447 3212 \Device\Harddisk0\DR0\Partition1 - ok 00:38:28.0447 3212 ============================================================ 00:38:28.0447 3212 Scan finished 00:38:28.0447 3212 ============================================================ 00:38:28.0463 3568 Detected object count: 0 00:38:28.0463 3568 Actual detected object count: 0 00:43:51.0208 1788 Deinitialize success Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 28, 2013 ID:696390 Share Posted June 28, 2013 Yikes- that log got formatted really weird. Could you just attach the log instead? Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 28, 2013 ID:696391 Share Posted June 28, 2013 Also, I wouldn't recommend MS Word for that.. use Notepad instead. Link to post Share on other sites More sharing options...
Recommended Posts