Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91600 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Notebook Problems [Solved]


  • This topic is locked This topic is locked
22 replies to this topic

#1 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 27 October 2013 - 09:07 PM

Ran dds.scr in safe mode. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 8/8/2011 8:52:48 AM System Uptime: 10/27/2013 7:33:14 PM (0 hours ago) . Motherboard: Hewlett-Packard | | 161C Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU 1 | 2294/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 278 GiB total, 28.745 GiB free. D: is FIXED (NTFS) - 15 GiB total, 5.374 GiB free. E: is FIXED (NTFS) - 15 GiB total, 2.233 GiB free. F: is FIXED (FAT32) - 5 GiB total, 2.12 GiB free. G: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco Systems VPN Adapter for 64-bit Windows Device ID: ROOT\NET\0001 Manufacturer: Cisco Systems Name: Cisco Systems VPN Adapter for 64-bit Windows PNP Device ID: ROOT\NET\0001 Service: CVirtA . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 Device ID: ROOT\NET\0002 Manufacturer: Cisco Systems Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 PNP Device ID: ROOT\NET\0002 Service: vpnva . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: McAfee Inc. mfehidk Device ID: ROOT\LEGACY_MFEHIDK\0000 Manufacturer: Name: McAfee Inc. mfehidk PNP Device ID: ROOT\LEGACY_MFEHIDK\0000 Service: mfehidk . ==== System Restore Points =================== . RP300: 10/11/2013 3:47:11 PM - Installed LogMeIn Ignition RP301: 10/12/2013 7:09:56 AM - Installed LogMeIn Ignition RP302: 10/19/2013 7:55:17 AM - Scheduled Checkpoint RP303: 10/24/2013 3:26:28 PM - HPSF Applying updates RP304: 10/24/2013 3:26:28 PM - HPSF Applying updates RP305: 10/25/2013 4:50:29 PM - Removed Visual AppBuilder RP306: 10/25/2013 6:46:46 PM - Installed Visual AppBuilder . ==== Installed Programs ====================== . . AbiWord v2.8.6 Adept ACE Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.8) Advantage Data Architect v9.0 Advantage ODBC Driver v11.10 Advantage ODBC Driver v9.10 Alcor Micro Smart Card Reader Driver Amazon MP3 Downloader 1.0.17 Apple Application Support Apple Software Update ArcSoft Webcam Sharing Manager Audacity 2.0.3 Baselib Runtime BRAdmin Professional 3 Brother DCP-8085DN Brother MFL-Pro Suite DCP-8085DN Brother MFL-Pro Suite MFC-7820N Cisco AnyConnect VPN Client Cisco WebEx Meetings Citrix Online Launcher CortexTools CreateInstall Free Crystal Reports for Visual Studio DirectX 9 Runtime Dotfuscator Software Services - Community Edition eBUS Drivers eBUS GEV Protocol Driver Object eBUS Runtime eBUS Universal Pro Energy Star Digital Logo File Sanitizer For HP ProtectTools FileMaker Pro 11 FileMaker Pro 8 FileZilla Client 3.7.0.1 Google Chrome Google Drive Google Toolbar for Internet Explorer Google Update Helper GoToMeeting 5.7.0.1172 Hewlett-Packard ACLM.NET v1.2.1.1 HexSight 4.2 HL-4150CDN Honeywell SDK for Windows Embedded (7800, 99EX) Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182) Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182) Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) HP Client Automation Agent Preload HP Customer Experience Enhancements HP Documentation HP ESU for Microsoft Windows 7 HP Hotkey Support HP QuickWeb HP Setup HP SoftPaq Download Manager HP Software Framework HP Software Setup HP Support Assistant HP System Default Settings HP Update HP Wallpaper HP Webcam HP Webcam Driver hppLaserJetService hppP1100P1560P1600SeriesLaserJetService hppusgP1100P1560P1600Series HPSSupply HxD Hex Editor version 1.7.7.0 IDT Audio Intel® Control Center Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Java 7 Update 25 Java Auto Updater JMicron 1394 Filter Driver JMicron Flash Media Controller Driver LAME v3.99.3 (for Windows) LG United Mobile Drivers LG Verizon United Driver LightScribe System Software LogMeIn Ignition LogMeIn Rescue Technician Console MarketResearch McAfee SecurityCenter Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Office 2010 Microsoft Report Viewer 2012 Runtime Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Policies Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Data Tools – Database Projects – Web installer entry point Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft Sync Framework SDK v1.0 SP1 Microsoft System CLR Types for SQL Server 2012 Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Professional - ENU Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Shell (Isolated) - ENU Microsoft Visual Studio Macro Tools Microsoft Visual Studio Tools for Applications Design-Time 3.0 Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Musicnotes Player V1.32.2 and Viewer V1.19.0 NiceLabel 5 Online Backup OPC Core Components Redistributable (x86) 101.0 PDFlite 0.5 Pleora GenICam Package Pleora Protocol Functional Device Object for eBUS PNY Movie Player Prerequisites for SSDT PureGEV GEV Protocol eBUS Streaming Runtime PureGEV Runtime (GenICam dependent layers) QuickBooks QuickBooks Pro 2013 Quicken WillMaker Plus 2011 QuickTime RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer RealUpgrade 1.1 Renesas Electronics USB 3.0 Host Controller Driver Roxio Activation Module Roxio CinePlayer Decoder Pack Roxio Express Labeler 3 Roxio MyDVD Business 2010 Roxio Secure Burn SDK Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Sentinel Protection Installer 7.6.5 Skype Click to Call Skype™ 6.6 SmartVision EX Utility Client Snagit 11 Spotify SQL Server Browser for SQL Server 2012 TeamViewer 8 Theft Recovery for HP ProtectTools TurboTax 2010 TurboTax 2010 wcaiper TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 wcaiper TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper TurboTax 2012 TurboTax 2012 wcaiper TurboTax 2012 WinPerFedFormset TurboTax 2012 WinPerReleaseEngine TurboTax 2012 WinPerTaxSupport TurboTax 2012 wrapper Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514) Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) VIP Access SDK (1.0.1.4) Visual AppBuilder Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU WCF RIA Services V1.0 SP1 WD Discovery Software WD Link WinCE CAB Manager 3.0 Windows Grep 2.3 YouTube Downloader 3.5 . ==== Event Viewer Messages From Past Week ======== . 10/27/2013 8:06:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McProxy service. 10/27/2013 7:43:54 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:43:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 10/27/2013 7:43:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 10/27/2013 7:43:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 10/27/2013 7:43:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 10/27/2013 7:43:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 10/27/2013 7:43:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 10/27/2013 7:43:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/27/2013 7:43:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 10/27/2013 7:38:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 10/27/2013 7:36:47 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache FAMv4 mfehidk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx VBoxDrv VBoxUSBMon vpcnfltr vpcvmm vwififlt Wanarpv6 WfpLwf 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The Netlogon service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/27/2013 7:34:46 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/27/2013 4:46:32 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain SC due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. 10/27/2013 2:16:31 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{C6FC8173-CB97-4A65-91CC-459829A383B0} because another computer on the network has the same name. The server could not start. 10/27/2013 2:16:31 PM, Error: NetBT [4321] - The name "SRELAB-HP :20" could not be registered on the interface with IP address 192.168.150.107. The computer with the IP address 192.168.150.108 did not allow the name to be claimed by this computer. 10/27/2013 2:16:24 PM, Error: NetBT [4321] - The name "SRELAB-HP :0" could not be registered on the interface with IP address 192.168.150.107. The computer with the IP address 192.168.150.108 did not allow the name to be claimed by this computer. 10/27/2013 2:16:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect. 10/27/2013 2:16:05 PM, Error: Service Control Manager [7000] - The McAfee McShield service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/27/2013 12:34:11 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller). 10/27/2013 12:33:28 PM, Error: Service Control Manager [7000] - The DpHost service failed to start due to the following error: The system cannot find the file specified. 10/27/2013 12:30:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service. 10/27/2013 12:30:48 PM, Error: Service Control Manager [7043] - The McAfee McShield service did not shut down properly after receiving a preshutdown control. 10/27/2013 12:27:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service. 10/27/2013 12:26:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcmscsvc service. 10/27/2013 12:26:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service. 10/27/2013 12:25:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNASvc service. 10/26/2013 9:52:45 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. 10/25/2013 10:40:00 AM, Error: NETLOGON [3210] - This computer could not authenticate with \\wdscdc01.sc.wdc.com, a Windows domain controller for domain SC, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator. 10/25/2013 10:26:27 AM, Error: NETLOGON [3210] - This computer could not authenticate with \\wdscdc07.sc.wdc.com, a Windows domain controller for domain SC, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator. 10/23/2013 10:45:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 10/23/2013 1:50:24 PM, Error: Schannel [36887] - The following fatal alert was received: 49. 10/22/2013 10:20:56 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 10/22/2013 10:17:00 AM, Error: Virtual Disk Service [10] - VDS fails to write boot code on a disk during clean operation. Error code: 80070005@02070008 . ==== End Of File =========================== . DDS (Ver_11-03-05.01) - NTFS_AMD64 MINIMAL Run by SRE Lab at 19:44:45.28 on Sun 10/27/2013 Internet Explorer: 9.10.9200.16686 BrowserJavaVersion: 10.25.2 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.12198.11160 [GMT -7:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\windows\system32\DllHost.exe C:\Users\SRE Lab\Desktop\dds\dds.scr C:\windows\system32\conhost.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = <local> uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mWinlogon: Userinit=userinit.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll BHO: File Sanitizer for HP ProtectTools: {3134413b-49b4-425c-98a5-893c1f195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120627061147.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {e76fd755-c1ba-4dcb-9f13-99bd91223ade} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [<NO NAME>] mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files\CrashPlan\CrashPlanTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KineticD.lnk - C:\Program Files (x86)\Data Deposit Box\starter.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Trusted Zone: sausd.us Trusted Zone: sausd.us\vpn DPF: {254AA86E-5655-4518-AA87-185D7CC41801} - hxxps://secure.logmeinrescue.com/TechConsole/x86/RescueControl.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} - hxxps://secure.logmein.com/activex/RACtrl.cab DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://usc2.wdc.com/CACHE/stc/1/binaries/vpnweb.cab DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP31-13320/event/ieatgpc1.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Notify: DeviceNP - DeviceNP.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL LSA: Notification Packages = EpePcNp64 scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627061147.dll BHO-X64: scriptproxy - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe mRun-x64: [IgfxTray] C:\windows\system32\igfxtray.exe mRun-x64: [HotKeysCmds] C:\windows\system32\hkcmd.exe mRun-x64: [Persistence] C:\windows\system32\igfxpers.exe mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 MfeEpePc;MfeEpePc;C:\Windows\System32\drivers\MfeEpePc.sys [2011-5-24 158280] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-10-5 340216] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-5 55856] R1 PersonalSecureDrive;PersonalSecureDrive;C:\Windows\System32\drivers\psd.sys [2010-1-25 44576] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-19 56344] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248] R3 pln1394bus;pln1394bus;C:\Windows\System32\drivers\pln1394bus_x64.sys [2011-2-9 197720] S0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 771536] S1 FAMv4;FAMv4;C:\Windows\System32\drivers\FAMv4.sys [2013-4-4 165096] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-5-10 65640] S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-1-10 89600] S2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2011-9-10 65024] S2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-8-9 2252504] S2 BRA_Scheduler;Brother BRAdminPro Scheduler;C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [2011-11-21 65536] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2013-4-8 222720] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-26 136176] S2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920] S2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-3-14 152992] S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] S2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-3-23 133688] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-9-6 197536] S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-5-9 320512] S2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-9-12 523680] S2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2012-1-10 127800] S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-10 13336] S2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] S2 LabelServices;Label Services;C:\Program Files (x86)\Common Files\EuroPlus Shared\LblServices.exe [2010-10-19 1590952] S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-5-24 1318912] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2013-1-3 201304] S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2013-1-3 201304] S2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2013-1-3 201304] S2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2013-1-3 201304] S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-10-5 241456] S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-10-5 218760] S2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-10-5 182752] S2 MsDtsServer110;SQL Server Integration Services 11.0;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [2012-12-29 218600] S2 MSOLAP$SRELAB;SQL Server Analysis Services (SRELAB);C:\Program Files\Microsoft SQL Server\MSAS11.SRELAB\OLAP\bin\msmdsrv.exe [2012-10-20 72497640] S2 MSSQL$SRELAB;SQL Server (SRELAB);C:\Program Files\Microsoft SQL Server\MSSQL11.SRELAB\MSSQL\Binn\sqlservr.exe [2012-12-29 192000] S2 Online Backup Control;Online Backup Control;C:\Program Files (x86)\KineticCloud Backup for PCs\svcmgr.exe -n"Online Backup Control" -e"control" --> C:\Program Files (x86)\KineticCloud Backup for PCs\svcmgr.exe -nOnline Backup Control [?] S2 Online Backup RDP Service;Online Backup RDP Service;C:\Program Files (x86)\KineticCloud Backup for PCs\svcmgr.exe -n"Online Backup RDP Service" -e"rdpsrv" --> C:\Program Files (x86)\KineticCloud Backup for PCs\svcmgr.exe -nOnline Backup RDP Service [?] S2 PYNWAGNT;PYNWAGNT;C:\Windows\System32\drivers\pynwagnt.sys [2013-10-1 56408] S2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-8-18 1248256] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056] S2 Rfservice;Rfservice;C:\Program Files (x86)\Retriever Software\rfservice.exe [2013-10-10 122880] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-4 5087584] S2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2013-1-17 498352] S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-10 2656536] S2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2012-2-15 2602576] S2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2013-1-17 399032] S3 AceServer;AceServer;C:\Program Files (x86)\Adept Technology\Adept ACE\bin\AceService.exe [2013-8-23 18432] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-9-20 257416] S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\Windows\System32\drivers\ArcSoftVCapture.sys [2011-7-10 42816] S3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-9 163368] S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-1-4 245760] S3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-8-9 594472] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-10-10 39976] S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-10-5 70112] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2013-7-25 277488] S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv64.sys [2011-5-9 64312] S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\System32\drivers\e1c62x64.sys [2013-2-21 495888] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2011-5-9 464440] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-26 136176] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-1-3 196440] S3 HPFXBULKLEDM;HPFXBULKLEDM;C:\Windows\System32\drivers\hppdbulkio.sys [2013-4-9 22040] S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-7-25 169752] S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-4-18 342528] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2013-1-10 175928] S3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2013-1-10 26208] S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-10-5 309840] S3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-10-5 515968] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-10-5 106552] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-3-9 50921648] S3 MSSQLFDLauncher$SRELAB;SQL Full-text Filter Daemon Launcher (SRELAB);C:\Program Files\Microsoft SQL Server\MSSQL11.SRELAB\MSSQL\Binn\fdlauncher.exe [2012-2-11 49752] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-14 19456] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-1-15 1116656] S3 ser2at;ATEN USB to Serial port driver;C:\Windows\System32\drivers\ser2at64.sys [2009-10-15 96256] S3 SQLAgent$SRELAB;SQL Server Agent (SRELAB);C:\Program Files\Microsoft SQL Server\MSSQL11.SRELAB\MSSQL\Binn\SQLAGENT.EXE [2012-12-29 612864] S3 SRS_AE_Service;SRS Audio Essentials;C:\Windows\System32\drivers\SRS_AE_amd64.sys [2011-8-1 513824] S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-14 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-24 1255736] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-3-5 117552] S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144] S4 RsFx0201;RsFx0201 Driver;C:\Windows\System32\drivers\RsFx0201.sys [2012-10-20 336880] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464] . =============== Created Last 30 ================ . 2013-10-12 14:10:50 -------- d-----w- C:\Users\SRELAB~1\AppData\Roaming\LogMeInIgnition 2013-10-12 02:19:46 111616 ----a-w- C:\windows\SysWow64\cserverdll.dll 2013-10-11 18:05:07 -------- d-----w- C:\Users\SRELAB~1\AppData\Local\Broadcom 2013-10-11 05:25:06 12800 ----a-w- C:\windows\SysWow64\RptSetup.exe 2013-10-11 05:25:02 27136 ----a-w- C:\windows\SysWow64\RptPrint.exe 2013-10-11 05:23:26 28160 ----a-w- C:\windows\SysWow64\RSISAPIServerDLL.dll 2013-10-11 05:23:00 137728 ----a-w- C:\windows\SysWow64\abrc.dll 2013-10-11 05:22:54 206336 ----a-w- C:\windows\SysWow64\rfserverdll.dll 2013-10-11 05:22:44 987648 ----a-w- C:\windows\SysWow64\workstationdll.dll 2013-10-11 05:22:08 62464 ----a-w- C:\windows\SysWow64\ValidateSN.dll 2013-10-11 05:22:00 35328 ----a-w- C:\windows\SysWow64\printcrpe.dll 2013-10-11 05:21:58 19968 ----a-w- C:\windows\SysWow64\RSRFID.dll 2013-10-11 05:21:50 283648 ----a-w- C:\windows\SysWow64\rsmisc.dll 2013-10-11 05:21:40 195072 ----a-w- C:\windows\SysWow64\RODBC.DLL 2013-10-11 05:21:36 16384 ----a-w- C:\windows\SysWow64\rsrapi.dll 2013-10-11 05:21:34 16896 ----a-w- C:\windows\SysWow64\SqlLog.dll 2013-10-11 05:21:30 87040 ----a-w- C:\windows\SysWow64\RSCrypto.dll 2013-10-10 20:55:45 39976 ----a-w- C:\windows\System32\drivers\btwl2cap.sys 2013-10-10 20:55:45 21544 ----a-w- C:\windows\System32\drivers\btwrchid.sys 2013-10-10 20:55:45 210984 ----a-w- C:\windows\System32\drivers\btwavdt.sys 2013-10-10 20:55:45 184872 ----a-w- C:\windows\System32\drivers\btwaudio.sys 2013-10-10 20:36:58 495856 ----a-w- C:\windows\System32\drivers\SynTP.sys 2013-10-10 20:36:58 264432 ----a-w- C:\windows\System32\SynTPAPI.dll 2013-10-10 20:36:58 192240 ----a-w- C:\windows\System32\SynTPCo18.dll 2013-10-10 20:36:58 151280 ----a-w- C:\windows\SysWow64\SynTPCom.dll 2013-10-10 20:36:56 544496 ----a-w- C:\windows\SysWow64\SynCom.dll 2013-10-10 20:36:56 1060080 ----a-w- C:\windows\System32\SynCOM.dll 2013-10-04 20:01:13 -------- d-----w- C:\Users\SRELAB~1\AppData\Roaming\TeamViewer 2013-10-04 19:59:31 -------- d-----w- C:\Program Files (x86)\TeamViewer 2013-10-01 18:31:07 -------- d-----w- C:\PROGRA~3\Adept Technology 2013-10-01 18:31:06 -------- d-----w- C:\Users\SRELAB~1\AppData\Roaming\Adept Technology 2013-10-01 18:29:19 -------- d-----w- C:\Program Files (x86)\Common Files\Adept Technology 2013-10-01 18:26:44 -------- d-----w- C:\Program Files (x86)\OPC Foundation 2013-10-01 18:26:44 -------- d-----w- C:\Program Files (x86)\Common Files\OPC Foundation 2013-10-01 18:24:44 -------- d-----w- C:\Program Files (x86)\Adept Technology 2013-10-01 18:23:59 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Sentinel 2013-10-01 17:52:18 -------- d-----w- C:\Program Files\Common Files\Pleora 2013-10-01 17:51:29 -------- d-----w- C:\Program Files (x86)\Common Files\Pleora 2013-10-01 17:51:12 -------- d-----w- C:\Program Files (x86)\HexSight 4.2 2013-10-01 17:50:05 56408 ----a-w- C:\windows\System32\drivers\pynwagnt.sys 2013-10-01 17:49:54 -------- d-----w- C:\Program Files\Basler 2013-10-01 17:49:54 -------- d-----w- C:\PROGRA~3\genicam . ==================== Find3M ==================== . 2013-10-10 20:52:27 594472 ----a-w- C:\windows\System32\drivers\btwampfl.sys 2013-10-10 20:52:25 163368 ----a-w- C:\windows\System32\drivers\bcbtums.sys 2013-10-09 16:11:54 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-09 16:11:54 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-09-06 21:27:12 238352 ----a-w- C:\windows\System32\drivers\VBoxDrv.sys 2013-09-06 21:25:40 146704 ----a-w- C:\windows\System32\drivers\VBoxNetFlt.sys 2013-09-06 21:25:40 131856 ----a-w- C:\windows\System32\drivers\VBoxNetAdp.sys 2013-09-06 21:25:40 119056 ----a-w- C:\windows\System32\drivers\VBoxUSBMon.sys 2013-09-06 21:25:38 204048 ----a-w- C:\windows\System32\VBoxNetFltNobj.dll 2013-08-10 05:22:18 2241024 ----a-w- C:\windows\System32\wininet.dll 2013-08-10 05:20:59 3959296 ----a-w- C:\windows\System32\jscript9.dll 2013-08-10 05:20:55 67072 ----a-w- C:\windows\System32\iesetup.dll 2013-08-10 05:20:55 136704 ----a-w- C:\windows\System32\iesysprep.dll 2013-08-10 03:59:10 1767936 ----a-w- C:\windows\SysWow64\wininet.dll 2013-08-10 03:58:09 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-08-10 03:58:06 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2013-08-10 03:58:06 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2013-08-10 03:17:38 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2013-08-10 03:07:50 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-08-10 03:02:14 66264 ----a-w- C:\windows\System32\btwdi.dll 2013-08-10 03:02:14 2232024 ----a-w- C:\windows\System32\BcmBtRSupport.dll 2013-08-10 03:02:12 2252504 ----a-w- C:\windows\System32\BtwRSupportService.exe 2013-08-10 02:27:59 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2013-08-10 02:17:19 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2013-08-08 01:20:43 3155456 ----a-w- C:\windows\System32\win32k.sys 2013-08-05 02:25:45 155584 ----a-w- C:\windows\System32\drivers\ataport.sys 2013-08-02 02:23:53 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-08-02 02:15:44 1732032 ----a-w- C:\windows\System32\ntdll.dll 2013-08-02 02:15:03 362496 ----a-w- C:\windows\System32\wow64win.dll 2013-08-02 02:15:03 243712 ----a-w- C:\windows\System32\wow64.dll 2013-08-02 02:15:03 13312 ----a-w- C:\windows\System32\wow64cpu.dll 2013-08-02 02:14:57 215040 ----a-w- C:\windows\System32\winsrv.dll 2013-08-02 02:14:11 16384 ----a-w- C:\windows\System32\ntvdm64.dll 2013-08-02 02:13:34 424448 ----a-w- C:\windows\System32\KernelBase.dll 2013-08-02 01:59:30 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-08-02 01:59:30 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-08-02 01:51:23 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll 2013-08-02 01:50:42 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2013-08-02 01:50:42 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\windows\System32\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\windows\System32\smss.exe 2013-08-02 00:45:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2013-08-02 00:45:36 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2013-08-02 00:45:35 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2013-08-02 00:45:34 2048 ----a-w- C:\windows\SysWow64\user.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll . ============= FINISH: 19:47:18.27 ===============

    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 28 October 2013 - 09:04 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.
  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Proud Member of UNITE & TB
 

#3 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 28 October 2013 - 10:12 AM

Can I run this under Safe Mode? Not sure under a regular boot if I can successfully get to the USB stick.

#4 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 28 October 2013 - 10:49 AM

Just tried running GMER under a regular boot; after running for a bit, it caused Windows to blue-screen. Should I try it under Safe Mode?

#5 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 28 October 2013 - 01:45 PM

Try it again. If it fails the second time, skip that and do the following:


Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).




Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.
Proud Member of UNITE & TB
 

#6 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 28 October 2013 - 05:13 PM

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-10-28 16:09:47
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.EC2O 298.09GB
Running: o9wydidp.exe; Driver: C:\Users\SRELAB~1\AppData\Local\Temp\uwdcrpod.sys


---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\cc52af8caf99
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\cc52af8caf99@b089910ad174 0x52 0x47 0x1B 0x1A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@ReadyBootPlanAge 4
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\cc52af8caf99 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\cc52af8caf99@b089910ad174 0x52 0x47 0x1B 0x1A ...

---- EOF - GMER 2.1 ----

#7 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 29 October 2013 - 02:05 AM

What is the problem with this notebook?
Proud Member of UNITE & TB
 

#8 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 29 October 2013 - 07:52 AM

It appears that something is running that shouldn't be. I couldn't run McAfee's virus scan; its progress bar stayed at 0%. I couldn't open Windows Explorer. I couldn't run Windows Update; it would identify items to download but wouldn't progress past 0%.

#9 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 29 October 2013 - 07:57 AM

Please run the tools I described here http://forums.whatth...h...st&p=835349 and post up the logs, please.
Proud Member of UNITE & TB
 

#10 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 29 October 2013 - 10:09 AM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-10-29 07:51:35 ----------------------------- 07:51:35.655 OS Version: Windows x64 6.1.7601 Service Pack 1 07:51:35.655 Number of processors: 4 586 0x2A07 07:51:35.655 ComputerName: SRELAB-HP UserName: SRE Lab 07:51:39.337 Initialize success 07:52:03.407 AVAST engine defs: 13102900 07:52:09.601 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 07:52:09.601 Disk 0 Vendor: Hitachi_ EC2O Size: 305245MB BusType: 3 07:52:09.725 Disk 0 MBR read successfully 07:52:09.725 Disk 0 MBR scan 07:52:09.741 Disk 0 Windows 7 default MBR code 07:52:09.741 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048 07:52:09.757 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 284528 MB offset 616448 07:52:09.803 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15293 MB offset 583329792 07:52:09.850 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 614649856 07:52:10.069 Disk 0 scanning C:\windows\system32\drivers 07:52:57.767 Service scanning 07:53:49.809 Modules scanning 07:53:49.809 Disk 0 trace - called modules: 07:53:50.339 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll 07:53:50.339 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800c7c9060] 07:53:50.339 3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> [0xfffffa800c7bd2b0] 07:53:50.339 5 hpdskflt.sys[fffff880015ee379] -> nt!IofCallDriver -> [0xfffffa800abd7a40] 07:53:50.355 7 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800abeb050] 07:53:52.710 AVAST engine scan C:\windows 07:53:57.109 AVAST engine scan C:\windows\system32 08:09:27.313 AVAST engine scan C:\windows\system32\drivers 08:10:17.579 AVAST engine scan C:\Users\SRE Lab 08:53:27.543 AVAST engine scan C:\ProgramData 09:00:53.911 Scan finished successfully 09:03:35.184 Disk 0 MBR has been saved successfully to "C:\Users\SRE Lab\Desktop\MBR.dat" 09:03:35.184 The log file has been saved successfully to "C:\Users\SRE Lab\Desktop\aswMBR.txt" 09:04:21.0803 8240 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 09:04:21.0819 8240 ============================================================ 09:04:21.0819 8240 Current date / time: 2013/10/29 09:04:21.0819 09:04:21.0819 8240 SystemInfo: 09:04:21.0819 8240 09:04:21.0819 8240 OS Version: 6.1.7601 ServicePack: 1.0 09:04:21.0819 8240 Product type: Workstation 09:04:21.0819 8240 ComputerName: SRELAB-HP 09:04:21.0819 8240 UserName: SRE Lab 09:04:21.0819 8240 Windows directory: C:\windows 09:04:21.0819 8240 System windows directory: C:\windows 09:04:21.0819 8240 Running under WOW64 09:04:21.0819 8240 Processor architecture: Intel x64 09:04:21.0819 8240 Number of processors: 4 09:04:21.0819 8240 Page size: 0x1000 09:04:21.0819 8240 Boot type: Normal boot 09:04:21.0819 8240 ============================================================ 09:04:23.0207 8240 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 09:04:23.0238 8240 Drive \Device\Harddisk1\DR1 - Size: 0x3BA816000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 09:04:23.0238 8240 ============================================================ 09:04:23.0238 8240 \Device\Harddisk0\DR0: 09:04:23.0254 8240 MBR partitions: 09:04:23.0254 8240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000 09:04:23.0254 8240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x22BB8000 09:04:23.0254 8240 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22C4E800, BlocksNum 0x1DDE800 09:04:23.0254 8240 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24A2D000, BlocksNum 0x9FD800 09:04:23.0254 8240 \Device\Harddisk1\DR1: 09:04:23.0254 8240 MBR partitions: 09:04:23.0254 8240 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1DD17E0 09:04:23.0254 8240 ============================================================ 09:04:23.0301 8240 C: <-> \Device\Harddisk0\DR0\Partition2 09:04:23.0332 8240 E: <-> \Device\Harddisk0\DR0\Partition3 09:04:23.0348 8240 F: <-> \Device\Harddisk0\DR0\Partition4 09:04:23.0363 8240 D: <-> \Device\Harddisk1\DR1\Partition1 09:04:23.0363 8240 ============================================================ 09:04:23.0363 8240 Initialize success 09:04:23.0363 8240 ============================================================ 09:04:34.0954 7984 ============================================================ 09:04:34.0954 7984 Scan started 09:04:34.0954 7984 Mode: Manual; 09:04:34.0954 7984 ============================================================ 09:04:36.0140 7984 ================ Scan system memory ======================== 09:04:36.0140 7984 System memory - ok 09:04:36.0140 7984 ================ Scan services ============================= 09:04:36.0280 7984 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys 09:04:36.0280 7984 1394ohci - ok 09:04:36.0327 7984 [ 899B7E724BF19F17978B6A37B864A277 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys 09:04:36.0327 7984 Accelerometer - ok 09:04:36.0420 7984 [ 2B77FE214D7B83276969DD11596FF0BB ] AceServer C:\Program Files (x86)\Adept Technology\Adept ACE\bin\AceService.exe 09:04:36.0498 7984 AceServer - ok 09:04:36.0530 7984 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 09:04:36.0530 7984 ACPI - ok 09:04:36.0561 7984 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 09:04:36.0561 7984 AcpiPmi - ok 09:04:36.0639 7984 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 09:04:36.0701 7984 AdobeARMservice - ok 09:04:36.0810 7984 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 09:04:36.0826 7984 AdobeFlashPlayerUpdateSvc - ok 09:04:36.0873 7984 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys 09:04:36.0873 7984 adp94xx - ok 09:04:36.0904 7984 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys 09:04:36.0920 7984 adpahci - ok 09:04:36.0935 7984 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys 09:04:36.0935 7984 adpu320 - ok 09:04:36.0966 7984 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 09:04:36.0966 7984 AeLookupSvc - ok 09:04:37.0076 7984 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe 09:04:37.0138 7984 AESTFilters - ok 09:04:37.0216 7984 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 09:04:37.0216 7984 AFD - ok 09:04:37.0403 7984 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys 09:04:37.0434 7984 AgereSoftModem - ok 09:04:37.0481 7984 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 09:04:37.0481 7984 agp440 - ok 09:04:37.0528 7984 [ BC569A6C209D94F6643EE35710AEC1F6 ] aksdf C:\windows\system32\DRIVERS\aksdf.sys 09:04:37.0528 7984 aksdf - ok 09:04:37.0559 7984 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 09:04:37.0575 7984 ALG - ok 09:04:37.0606 7984 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 09:04:37.0606 7984 aliide - ok 09:04:37.0653 7984 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 09:04:37.0653 7984 amdide - ok 09:04:37.0684 7984 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 09:04:37.0684 7984 AmdK8 - ok 09:04:37.0715 7984 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 09:04:37.0715 7984 AmdPPM - ok 09:04:37.0746 7984 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 09:04:37.0746 7984 amdsata - ok 09:04:37.0793 7984 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys 09:04:37.0793 7984 amdsbs - ok 09:04:37.0809 7984 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 09:04:37.0809 7984 amdxata - ok 09:04:37.0871 7984 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 09:04:37.0871 7984 AppID - ok 09:04:37.0887 7984 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 09:04:37.0887 7984 AppIDSvc - ok 09:04:37.0934 7984 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll 09:04:37.0949 7984 Appinfo - ok 09:04:38.0012 7984 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:04:38.0074 7984 Apple Mobile Device - ok 09:04:38.0105 7984 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll 09:04:38.0105 7984 AppMgmt - ok 09:04:38.0136 7984 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys 09:04:38.0136 7984 arc - ok 09:04:38.0152 7984 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys 09:04:38.0152 7984 arcsas - ok 09:04:38.0214 7984 [ DA63270378BAA19446F6DA23FEEB75D6 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys 09:04:38.0214 7984 ARCVCAM - ok 09:04:38.0308 7984 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 09:04:38.0370 7984 aspnet_state - ok 09:04:38.0402 7984 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 09:04:38.0402 7984 AsyncMac - ok 09:04:38.0433 7984 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 09:04:38.0433 7984 atapi - ok 09:04:38.0495 7984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 09:04:38.0511 7984 AudioEndpointBuilder - ok 09:04:38.0526 7984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 09:04:38.0526 7984 AudioSrv - ok 09:04:38.0589 7984 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 09:04:38.0589 7984 AxInstSV - ok 09:04:38.0620 7984 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys 09:04:38.0636 7984 b06bdrv - ok 09:04:38.0667 7984 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 09:04:38.0667 7984 b57nd60a - ok 09:04:38.0760 7984 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\windows\system32\drivers\bcbtums.sys 09:04:38.0760 7984 bcbtums - ok 09:04:38.0838 7984 [ 0C0579FD5D0F15D211415C2D14D3E83B ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys 09:04:38.0838 7984 BCM42RLY - ok 09:04:38.0979 7984 [ DDAA62D4BDC6C23D06EAB2A475BB9BFB ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys 09:04:39.0026 7984 BCM43XX - ok 09:04:39.0119 7984 [ 18B186BCC56EC611DE519CBA7D4F65B0 ] BcmBtRSupport C:\windows\system32\BtwRSupportService.exe 09:04:39.0119 7984 BcmBtRSupport - ok 09:04:39.0166 7984 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 09:04:39.0166 7984 BDESVC - ok 09:04:39.0197 7984 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 09:04:39.0197 7984 Beep - ok 09:04:39.0275 7984 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 09:04:39.0291 7984 BFE - ok 09:04:39.0353 7984 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll 09:04:39.0369 7984 BITS - ok 09:04:39.0400 7984 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 09:04:39.0400 7984 blbdrive - ok 09:04:39.0447 7984 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 09:04:39.0509 7984 Bonjour Service - ok 09:04:39.0572 7984 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 09:04:39.0587 7984 bowser - ok 09:04:39.0650 7984 [ 05C9416889B03877781712EBB41CAFEE ] BRA_Scheduler C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe 09:04:39.0712 7984 BRA_Scheduler - ok 09:04:39.0759 7984 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys 09:04:39.0759 7984 BrFiltLo - ok 09:04:39.0774 7984 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys 09:04:39.0774 7984 BrFiltUp - ok 09:04:39.0821 7984 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 09:04:39.0821 7984 Browser - ok 09:04:39.0852 7984 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 09:04:39.0868 7984 Brserid - ok 09:04:39.0884 7984 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 09:04:39.0884 7984 BrSerWdm - ok 09:04:39.0899 7984 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 09:04:39.0899 7984 BrUsbMdm - ok 09:04:39.0930 7984 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 09:04:39.0930 7984 BrUsbSer - ok 09:04:39.0993 7984 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 09:04:40.0071 7984 BrYNSvc - ok 09:04:40.0133 7984 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys 09:04:40.0133 7984 BthEnum - ok 09:04:40.0164 7984 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys 09:04:40.0164 7984 BTHMODEM - ok 09:04:40.0196 7984 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys 09:04:40.0196 7984 BthPan - ok 09:04:40.0227 7984 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys 09:04:40.0242 7984 BTHPORT - ok 09:04:40.0274 7984 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 09:04:40.0274 7984 bthserv - ok 09:04:40.0320 7984 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys 09:04:40.0320 7984 BTHUSB - ok 09:04:40.0383 7984 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\windows\system32\drivers\btwampfl.sys 09:04:40.0383 7984 btwampfl - ok 09:04:40.0445 7984 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\windows\system32\drivers\btwaudio.sys 09:04:40.0445 7984 btwaudio - ok 09:04:40.0445 7984 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys 09:04:40.0445 7984 btwavdt - ok 09:04:40.0570 7984 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 09:04:40.0617 7984 btwdins - ok 09:04:40.0664 7984 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys 09:04:40.0664 7984 btwl2cap - ok 09:04:40.0710 7984 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys 09:04:40.0710 7984 btwrchid - ok 09:04:40.0726 7984 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 09:04:40.0726 7984 cdfs - ok 09:04:40.0757 7984 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 09:04:40.0757 7984 cdrom - ok 09:04:40.0866 7984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 09:04:40.0866 7984 CertPropSvc - ok 09:04:40.0960 7984 [ D2B3252AD4EB499C935A56467997AA3C ] cfwids C:\windows\system32\drivers\cfwids.sys 09:04:40.0960 7984 cfwids - ok 09:04:41.0007 7984 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys 09:04:41.0007 7984 circlass - ok 09:04:41.0054 7984 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 09:04:41.0054 7984 CLFS - ok 09:04:41.0100 7984 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:04:41.0116 7984 clr_optimization_v2.0.50727_32 - ok 09:04:41.0147 7984 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 09:04:41.0163 7984 clr_optimization_v2.0.50727_64 - ok 09:04:41.0225 7984 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:04:41.0381 7984 clr_optimization_v4.0.30319_32 - ok 09:04:41.0397 7984 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 09:04:41.0428 7984 clr_optimization_v4.0.30319_64 - ok 09:04:41.0459 7984 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 09:04:41.0459 7984 CmBatt - ok 09:04:41.0522 7984 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 09:04:41.0537 7984 cmdide - ok 09:04:41.0600 7984 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys 09:04:41.0615 7984 CNG - ok 09:04:41.0631 7984 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 09:04:41.0646 7984 Compbatt - ok 09:04:41.0662 7984 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 09:04:41.0678 7984 CompositeBus - ok 09:04:41.0678 7984 COMSysApp - ok 09:04:41.0787 7984 [ 135162E5A8AF0C4BCEA4E559F5F49C07 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe 09:04:41.0865 7984 cphs - ok 09:04:42.0005 7984 [ 2C0197886BB851E6589087434D890926 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe 09:04:42.0068 7984 CrashPlanService - ok 09:04:42.0083 7984 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys 09:04:42.0083 7984 crcdisk - ok 09:04:42.0146 7984 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\windows\system32\cryptsvc.dll 09:04:42.0146 7984 CryptSvc - ok 09:04:42.0208 7984 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys 09:04:42.0224 7984 CSC - ok 09:04:42.0255 7984 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll 09:04:42.0255 7984 CscService - ok 09:04:42.0302 7984 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\windows\system32\DRIVERS\CVirtA64.sys 09:04:42.0302 7984 CVirtA - ok 09:04:42.0411 7984 [ 98C413E1A2FB6E5A4C101C25B3D0B275 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe 09:04:42.0489 7984 CVPND - ok 09:04:42.0520 7984 [ 79AF0E203D089AF442A3F70ED00A37FB ] CVPNDRVA C:\windows\system32\Drivers\CVPNDRVA.sys 09:04:42.0520 7984 CVPNDRVA - ok 09:04:42.0551 7984 [ B9AAC23BCC9326E5E50D937FECB7DCB5 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys 09:04:42.0567 7984 DAMDrv - ok 09:04:42.0614 7984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 09:04:42.0629 7984 DcomLaunch - ok 09:04:42.0660 7984 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 09:04:42.0660 7984 defragsvc - ok 09:04:42.0723 7984 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 09:04:42.0723 7984 DfsC - ok 09:04:42.0785 7984 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 09:04:42.0785 7984 Dhcp - ok 09:04:42.0816 7984 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 09:04:42.0816 7984 discache - ok 09:04:42.0863 7984 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys 09:04:42.0863 7984 Disk - ok 09:04:42.0926 7984 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\windows\system32\DRIVERS\dne64x.sys 09:04:42.0926 7984 DNE - ok 09:04:42.0972 7984 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 09:04:42.0972 7984 Dnscache - ok 09:04:43.0035 7984 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 09:04:43.0035 7984 dot3svc - ok 09:04:43.0066 7984 DpHost - ok 09:04:43.0113 7984 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 09:04:43.0113 7984 DPS - ok 09:04:43.0144 7984 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 09:04:43.0144 7984 drmkaud - ok 09:04:43.0222 7984 [ 1A986E433B8EB2375F55961D993746B3 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 09:04:43.0222 7984 DXGKrnl - ok 09:04:43.0269 7984 [ BA01A130D2B850CA87483CE6AC1A2BBA ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys 09:04:43.0284 7984 e1cexpress - ok 09:04:43.0300 7984 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 09:04:43.0300 7984 EapHost - ok 09:04:43.0394 7984 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys 09:04:43.0409 7984 ebdrv - ok 09:04:43.0456 7984 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 09:04:43.0472 7984 EFS - ok 09:04:43.0534 7984 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 09:04:43.0612 7984 ehRecvr - ok 09:04:43.0643 7984 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 09:04:43.0643 7984 ehSched - ok 09:04:43.0674 7984 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys 09:04:43.0674 7984 elxstor - ok 09:04:43.0690 7984 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 09:04:43.0690 7984 ErrDev - ok 09:04:43.0737 7984 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 09:04:43.0737 7984 EventSystem - ok 09:04:43.0768 7984 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 09:04:43.0768 7984 exfat - ok 09:04:43.0846 7984 [ E93136D64E303FBF4D6366E86C6E20D2 ] FAMv4 C:\windows\system32\DRIVERS\FAMv4.sys 09:04:43.0846 7984 FAMv4 - ok 09:04:43.0862 7984 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 09:04:43.0877 7984 fastfat - ok 09:04:43.0940 7984 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 09:04:43.0955 7984 Fax - ok 09:04:43.0971 7984 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys 09:04:43.0971 7984 fdc - ok 09:04:44.0018 7984 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 09:04:44.0018 7984 fdPHost - ok 09:04:44.0018 7984 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 09:04:44.0018 7984 FDResPub - ok 09:04:44.0049 7984 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 09:04:44.0064 7984 FileInfo - ok 09:04:44.0064 7984 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 09:04:44.0064 7984 Filetrace - ok 09:04:44.0111 7984 [ 551034D58AAAFE0EBB087CD4C7767EB8 ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe 09:04:44.0189 7984 FLCDLOCK - ok 09:04:44.0205 7984 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 09:04:44.0205 7984 flpydisk - ok 09:04:44.0252 7984 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 09:04:44.0252 7984 FltMgr - ok 09:04:44.0330 7984 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll 09:04:44.0361 7984 FontCache - ok 09:04:44.0423 7984 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 09:04:44.0501 7984 FontCache3.0.0.0 - ok 09:04:44.0517 7984 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 09:04:44.0517 7984 FsDepends - ok 09:04:44.0548 7984 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 09:04:44.0548 7984 Fs_Rec - ok 09:04:44.0610 7984 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 09:04:44.0610 7984 fvevol - ok 09:04:44.0642 7984 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys 09:04:44.0657 7984 gagp30kx - ok 09:04:44.0688 7984 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 09:04:44.0688 7984 GEARAspiWDM - ok 09:04:44.0751 7984 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 09:04:44.0751 7984 gpsvc - ok 09:04:44.0813 7984 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:04:44.0813 7984 gupdate - ok 09:04:44.0844 7984 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 09:04:44.0844 7984 gupdatem - ok 09:04:44.0876 7984 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 09:04:44.0938 7984 gusvc - ok 09:04:44.0969 7984 [ D8BF3C594BD17A37960362E6C6739B90 ] Hardlock C:\windows\system32\drivers\hardlock.sys 09:04:44.0985 7984 Hardlock - ok 09:04:45.0000 7984 HawkingUDSMBus - ok 09:04:45.0032 7984 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 09:04:45.0032 7984 hcw85cir - ok 09:04:45.0078 7984 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 09:04:45.0094 7984 HdAudAddService - ok 09:04:45.0125 7984 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 09:04:45.0125 7984 HDAudBus - ok 09:04:45.0156 7984 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys 09:04:45.0156 7984 HidBatt - ok 09:04:45.0172 7984 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys 09:04:45.0172 7984 HidBth - ok 09:04:45.0203 7984 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys 09:04:45.0203 7984 HidIr - ok 09:04:45.0234 7984 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll 09:04:45.0234 7984 hidserv - ok 09:04:45.0266 7984 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 09:04:45.0281 7984 HidUsb - ok 09:04:45.0359 7984 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\windows\system32\drivers\HipShieldK.sys 09:04:45.0359 7984 HipShieldK - ok 09:04:45.0406 7984 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 09:04:45.0406 7984 hkmsvc - ok 09:04:45.0468 7984 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 09:04:45.0484 7984 HomeGroupListener - ok 09:04:45.0531 7984 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 09:04:45.0531 7984 HomeGroupProvider - ok 09:04:45.0609 7984 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe 09:04:45.0687 7984 HP LaserJet Service - ok 09:04:45.0734 7984 [ 44AD1D87919994161131D5FB16C5B551 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe 09:04:45.0796 7984 HP Power Assistant Service - ok 09:04:45.0858 7984 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 09:04:45.0936 7984 HP Support Assistant Service - ok 09:04:45.0999 7984 [ B4670AC88C5EAC55528709E26F9E38D6 ] HPDayStarterService C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe 09:04:46.0061 7984 HPDayStarterService - ok 09:04:46.0139 7984 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 09:04:46.0217 7984 HPDrvMntSvc.exe - ok 09:04:46.0233 7984 [ D104FF402FC3DDB686E6DEF00334DB26 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys 09:04:46.0233 7984 hpdskflt - ok 09:04:46.0280 7984 [ F521A4D9F0D1618B9119EABC7E580370 ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe 09:04:46.0389 7984 HPFSService - ok 09:04:46.0436 7984 [ E325F85012E793CEE74B73C4F22AE311 ] HPFXBULKLEDM C:\windows\system32\drivers\hppdbulkio.sys 09:04:46.0436 7984 HPFXBULKLEDM - ok 09:04:46.0529 7984 [ 3F26E373A2B7456764FBE7F449E0858B ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe 09:04:46.0607 7984 hpHotkeyMonitor - ok 09:04:46.0638 7984 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys 09:04:46.0638 7984 HpqKbFiltr - ok 09:04:46.0716 7984 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 09:04:46.0810 7984 hpqwmiex - ok 09:04:46.0841 7984 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 09:04:46.0841 7984 HpSAMD - ok 09:04:46.0872 7984 [ 9B002CDCC0F60B3C46D98358C2F476F5 ] HPSIService C:\windows\system32\HPSIsvc.exe 09:04:46.0872 7984 HPSIService - ok 09:04:46.0888 7984 [ 55FFCBB036D7BE4BCA6FA1421203A27F ] hpsrv C:\windows\system32\Hpservice.exe 09:04:46.0904 7984 hpsrv - ok 09:04:46.0966 7984 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 09:04:46.0982 7984 HTTP - ok 09:04:47.0013 7984 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 09:04:47.0013 7984 hwpolicy - ok 09:04:47.0060 7984 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 09:04:47.0060 7984 i8042prt - ok 09:04:47.0106 7984 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 09:04:47.0122 7984 iaStor - ok 09:04:47.0200 7984 [ 117FF657E0D9BBD61B5C3E71E63D3919 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 09:04:47.0262 7984 IAStorDataMgrSvc - ok 09:04:47.0309 7984 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 09:04:47.0325 7984 iaStorV - ok 09:04:47.0403 7984 [ 83FF82FE209E7997067B375DAD6CF23D ] ICCS C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe 09:04:47.0465 7984 ICCS - ok 09:04:47.0559 7984 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 09:04:47.0574 7984 IDriverT - ok 09:04:47.0652 7984 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 09:04:47.0730 7984 idsvc - ok 09:04:47.0793 7984 [ D59429259F82924E4D3B90C0F0FF7144 ] IFXSpMgtSrv c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe 09:04:47.0871 7984 IFXSpMgtSrv - ok 09:04:47.0886 7984 [ 0D1BFD3318674D0D6E9465936D7CC17F ] IFXTCS c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe 09:04:47.0949 7984 IFXTCS - ok 09:04:48.0105 7984 [ 0245CD3AE14CACF6E2503C42019431D7 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys 09:04:48.0152 7984 igfx - ok 09:04:48.0167 7984 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys 09:04:48.0167 7984 iirsp - ok 09:04:48.0230 7984 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 09:04:48.0245 7984 IKEEXT - ok 09:04:48.0308 7984 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys 09:04:48.0308 7984 IntcDAud - ok 09:04:48.0354 7984 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 09:04:48.0354 7984 intelide - ok 09:04:48.0401 7984 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 09:04:48.0401 7984 intelppm - ok 09:04:48.0479 7984 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe 09:04:48.0542 7984 IntuitUpdateService - ok 09:04:48.0620 7984 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe 09:04:48.0698 7984 IntuitUpdateServiceV4 - ok 09:04:48.0713 7984 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 09:04:48.0713 7984 IPBusEnum - ok 09:04:48.0760 7984 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 09:04:48.0760 7984 IpFilterDriver - ok 09:04:48.0838 7984 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 09:04:48.0838 7984 iphlpsvc - ok 09:04:48.0869 7984 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 09:04:48.0869 7984 IPMIDRV - ok 09:04:48.0900 7984 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 09:04:48.0900 7984 IPNAT - ok 09:04:49.0010 7984 [ 78486992AC657AE5065C4A2135838570 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:04:49.0072 7984 iPod Service - ok 09:04:49.0088 7984 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 09:04:49.0088 7984 IRENUM - ok 09:04:49.0119 7984 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 09:04:49.0119 7984 isapnp - ok 09:04:49.0134 7984 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 09:04:49.0134 7984 iScsiPrt - ok 09:04:49.0181 7984 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 09:04:49.0275 7984 jhi_service - ok 09:04:49.0306 7984 [ 3FE43C2F5B5C08657A1B547AFBE2118E ] JMCR C:\windows\system32\DRIVERS\jmcr.sys 09:04:49.0306 7984 JMCR - ok 09:04:49.0322 7984 [ 1542F0B31DD7193EF8C0606C018E19AF ] johci C:\windows\system32\DRIVERS\johci.sys 09:04:49.0322 7984 johci - ok 09:04:49.0353 7984 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys 09:04:49.0353 7984 kbdclass - ok 09:04:49.0368 7984 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys 09:04:49.0368 7984 kbdhid - ok 09:04:49.0431 7984 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 09:04:49.0431 7984 KeyIso - ok 09:04:49.0493 7984 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 09:04:49.0493 7984 KSecDD - ok 09:04:49.0540 7984 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 09:04:49.0556 7984 KSecPkg - ok 09:04:49.0587 7984 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 09:04:49.0587 7984 ksthunk - ok 09:04:49.0602 7984 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 09:04:49.0618 7984 KtmRm - ok 09:04:49.0712 7984 [ FC0CAA4A63FAD1934FE1FCA28798DF40 ] LabelServices C:\Program Files (x86)\Common Files\EuroPlus Shared\LblServices.exe 09:04:49.0790 7984 LabelServices - ok 09:04:49.0868 7984 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll 09:04:49.0868 7984 LanmanServer - ok 09:04:49.0914 7984 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 09:04:49.0930 7984 LanmanWorkstation - ok 09:04:49.0992 7984 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 09:04:50.0055 7984 LightScribeService - ok 09:04:50.0086 7984 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 09:04:50.0086 7984 lltdio - ok 09:04:50.0117 7984 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 09:04:50.0117 7984 lltdsvc - ok 09:04:50.0133 7984 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 09:04:50.0148 7984 lmhosts - ok 09:04:50.0211 7984 [ 519D66259DF1672AABCE9D2E0ACC5552 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 09:04:50.0304 7984 LMS - ok 09:04:50.0336 7984 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys 09:04:50.0336 7984 LSI_FC - ok 09:04:50.0367 7984 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys 09:04:50.0367 7984 LSI_SAS - ok 09:04:50.0382 7984 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys 09:04:50.0382 7984 LSI_SAS2 - ok 09:04:50.0398 7984 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys 09:04:50.0398 7984 LSI_SCSI - ok 09:04:50.0429 7984 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 09:04:50.0429 7984 luafv - ok 09:04:50.0523 7984 [ 4557DD306DC008C4B74101540AEFDA2A ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe 09:04:50.0601 7984 McAfee Endpoint Encryption Agent - ok 09:04:50.0663 7984 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 09:04:50.0679 7984 McAfee SiteAdvisor Service - ok 09:04:50.0679 7984 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 09:04:50.0694 7984 McMPFSvc - ok 09:04:50.0694 7984 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 09:04:50.0710 7984 mcmscsvc - ok 09:04:50.0710 7984 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 09:04:50.0710 7984 McNaiAnn - ok 09:04:50.0726 7984 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 09:04:50.0726 7984 McNASvc - ok 09:04:50.0772 7984 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe 09:04:50.0772 7984 McODS - ok 09:04:50.0788 7984 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 09:04:50.0788 7984 McProxy - ok 09:04:50.0850 7984 [ 21F81090A00932C5E96700EDF2977582 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 09:04:50.0897 7984 McShield - ok 09:04:50.0944 7984 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 09:04:50.0944 7984 Mcx2Svc - ok 09:04:50.0975 7984 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys 09:04:50.0975 7984 megasas - ok 09:04:50.0991 7984 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys 09:04:50.0991 7984 MegaSR - ok 09:04:51.0022 7984 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys 09:04:51.0038 7984 MEIx64 - ok 09:04:51.0084 7984 [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys 09:04:51.0084 7984 mfeapfk - ok 09:04:51.0100 7984 [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys 09:04:51.0100 7984 mfeavfk - ok 09:04:51.0131 7984 mfeavfk01 - ok 09:04:51.0162 7984 [ 937D9D334D51780E575C8B70D63B99CE ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys 09:04:51.0162 7984 MfeEpePc - ok 09:04:51.0225 7984 [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 09:04:51.0303 7984 mfefire - ok 09:04:51.0334 7984 [ CECC9841D036EE008091825272D91331 ] mfefirek C:\windows\system32\drivers\mfefirek.sys 09:04:51.0334 7984 mfefirek - ok 09:04:51.0381 7984 [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk C:\windows\system32\drivers\mfehidk.sys 09:04:51.0396 7984 mfehidk - ok 09:04:51.0412 7984 [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet C:\windows\system32\drivers\mferkdet.sys 09:04:51.0412 7984 mferkdet - ok 09:04:51.0459 7984 [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp C:\windows\system32\mfevtps.exe 09:04:51.0459 7984 mfevtp - ok 09:04:51.0490 7984 [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys 09:04:51.0506 7984 mfewfpk - ok 09:04:51.0552 7984 Microsoft SharePoint Workspace Audit Service - ok 09:04:51.0599 7984 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 09:04:51.0599 7984 MMCSS - ok 09:04:51.0615 7984 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 09:04:51.0630 7984 Modem - ok 09:04:51.0646 7984 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 09:04:51.0646 7984 monitor - ok 09:04:51.0677 7984 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 09:04:51.0677 7984 mouclass - ok 09:04:51.0693 7984 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 09:04:51.0693 7984 mouhid - ok 09:04:51.0740 7984 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 09:04:51.0755 7984 mountmgr - ok 09:04:51.0786 7984 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 09:04:51.0786 7984 mpio - ok 09:04:51.0818 7984 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 09:04:51.0818 7984 mpsdrv - ok 09:04:51.0880 7984 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 09:04:51.0896 7984 MpsSvc - ok 09:04:51.0927 7984 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 09:04:51.0927 7984 MRxDAV - ok 09:04:51.0958 7984 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 09:04:51.0974 7984 mrxsmb - ok 09:04:51.0974 7984 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 09:04:51.0989 7984 mrxsmb10 - ok 09:04:51.0989 7984 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 09:04:51.0989 7984 mrxsmb20 - ok 09:04:52.0036 7984 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys 09:04:52.0036 7984 msahci - ok 09:04:52.0067 7984 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 09:04:52.0083 7984 msdsm - ok 09:04:52.0098 7984 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 09:04:52.0098 7984 MSDTC - ok 09:04:52.0270 7984 [ 0B92A1DB829A5E4DAD7334F3D0AEE6E9 ] MsDtsServer110 C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe 09:04:52.0348 7984 MsDtsServer110 - ok 09:04:52.0379 7984 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 09:04:52.0379 7984 Msfs - ok 09:04:52.0395 7984 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 09:04:52.0395 7984 mshidkmdf - ok 09:04:52.0410 7984 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 09:04:52.0410 7984 msisadrv - ok 09:04:52.0426 7984 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 09:04:52.0442 7984 MSiSCSI - ok 09:04:52.0442 7984 msiserver - ok 09:04:52.0457 7984 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 09:04:52.0473 7984 MSKSSRV - ok 09:04:52.0520 7984 [ 103B3BBE23AB774B009D182276EC6786 ] msloop C:\windows\system32\DRIVERS\loop.sys 09:04:52.0520 7984 msloop - ok 09:04:52.0629 7984 MSOLAP$SRELAB - ok 09:04:52.0676 7984 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 09:04:52.0676 7984 MSPCLOCK - ok 09:04:52.0691 7984 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 09:04:52.0707 7984 MSPQM - ok 09:04:52.0754 7984 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 09:04:52.0754 7984 MsRPC - ok 09:04:52.0800 7984 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 09:04:52.0800 7984 mssmbios - ok 09:04:52.0847 7984 MSSQL$SQLEXPRESS - ok 09:04:52.0972 7984 [ CEDC22719DE1B1316BDC556FED989335 ] MSSQL$SRELAB C:\Program Files\Microsoft SQL Server\MSSQL11.SRELAB\MSSQL\Binn\sqlservr.exe 09:04:53.0050 7984 MSSQL$SRELAB - ok 09:04:53.0097 7984 [ F4991C8C070C86082E6F0597F73E02D0 ] MSSQLFDLauncher$SRELAB C:\Program Files\Microsoft SQL Server\MSSQL11.SRELAB\MSSQL\Binn\fdlauncher.exe 09:04:53.0175 7984 MSSQLFDLauncher$SRELAB - ok 09:04:53.0268 7984 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 09:04:53.0315 7984 MSSQLServerADHelper100 - ok 09:04:53.0362 7984 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 09:04:53.0362 7984 MSTEE - ok 09:04:53.0362 7984 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys 09:04:53.0362 7984 MTConfig - ok 09:04:53.0393 7984 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 09:04:53.0393 7984 Mup - ok 09:04:53.0456 7984 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 09:04:53.0456 7984 napagent - ok 09:04:53.0518 7984 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 09:04:53.0518 7984 NativeWifiP - ok 09:04:53.0580 7984 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys 09:04:53.0596 7984 NDIS - ok 09:04:53.0627 7984 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 09:04:53.0627 7984 NdisCap - ok 09:04:53.0658 7984 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 09:04:53.0658 7984 NdisTapi - ok 09:04:53.0705 7984 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 09:04:53.0705 7984 Ndisuio - ok 09:04:53.0752 7984 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 09:04:53.0768 7984 NdisWan - ok 09:04:53.0814 7984 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 09:04:53.0814 7984 NDProxy - ok 09:04:53.0908 7984 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 09:04:53.0908 7984 Net Driver HPZ12 - ok 09:04:53.0939 7984 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 09:04:53.0939 7984 NetBIOS - ok 09:04:53.0986 7984 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 09:04:53.0986 7984 NetBT - ok 09:04:54.0017 7984 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 09:04:54.0017 7984 Netlogon - ok 09:04:54.0048 7984 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 09:04:54.0048 7984 Netman - ok 09:04:54.0111 7984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:04:54.0220 7984 NetMsmqActivator - ok 09:04:54.0220 7984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:04:54.0220 7984 NetPipeActivator - ok 09:04:54.0236 7984 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 09:04:54.0236 7984 netprofm - ok 09:04:54.0236 7984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:04:54.0236 7984 NetTcpActivator - ok 09:04:54.0236 7984 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:04:54.0251 7984 NetTcpPortSharing - ok 09:04:54.0282 7984 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys 09:04:54.0282 7984 nfrd960 - ok 09:04:54.0345 7984 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll 09:04:54.0345 7984 NlaSvc - ok 09:04:54.0376 7984 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 09:04:54.0376 7984 Npfs - ok 09:04:54.0392 7984 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 09:04:54.0392 7984 nsi - ok 09:04:54.0407 7984 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 09:04:54.0407 7984 nsiproxy - ok 09:04:54.0501 7984 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 09:04:54.0516 7984 Ntfs - ok 09:04:54.0532 7984 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 09:04:54.0532 7984 Null - ok 09:04:54.0548 7984 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys 09:04:54.0563 7984 nusb3hub - ok 09:04:54.0563 7984 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys 09:04:54.0579 7984 nusb3xhc - ok 09:04:54.0594 7984 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 09:04:54.0610 7984 nvraid - ok 09:04:54.0610 7984 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 09:04:54.0610 7984 nvstor - ok 09:04:54.0626 7984 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 09:04:54.0626 7984 nv_agp - ok 09:04:54.0657 7984 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 09:04:54.0657 7984 ohci1394 - ok 09:04:54.0688 7984 Online Backup Control - ok 09:04:54.0704 7984 Online Backup RDP Service - ok 09:04:54.0766 7984 [ 47ED4057E02F8930590F4AB9ED43BE5B ] Online Backup Service C:\Program Files (x86)\KineticCloud Backup for PCs\nts.exe 09:04:54.0860 7984 Online Backup Service - ok 09:04:54.0922 7984 [ BB7B0F4BE49BF461CED8103B000D20D5 ] OpcEnum C:\windows\SysWOW64\OpcEnum.exe 09:04:54.0969 7984 OpcEnum - ok 09:04:55.0031 7984 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:04:55.0109 7984 ose64 - ok 09:04:55.0234 7984 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 09:04:55.0452 7984 osppsvc - ok 09:04:55.0468 7984 OXUDIDRV - ok 09:04:55.0515 7984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 09:04:55.0515 7984 p2pimsvc - ok 09:04:55.0546 7984 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 09:04:55.0546 7984 p2psvc - ok 09:04:55.0624 7984 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys 09:04:55.0624 7984 Parport - ok 09:04:55.0702 7984 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 09:04:55.0702 7984 partmgr - ok 09:04:55.0733 7984 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 09:04:55.0749 7984 PcaSvc - ok 09:04:55.0796 7984 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 09:04:55.0796 7984 pci - ok 09:04:55.0874 7984 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys 09:04:55.0874 7984 pciide - ok 09:04:55.0936 7984 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 09:04:55.0936 7984 pcmcia - ok 09:04:55.0967 7984 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 09:04:55.0967 7984 pcw - ok 09:04:56.0061 7984 [ BAF3216DDAA12E66EBBB31760E02BC14 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe 09:04:56.0108 7984 PdiService - ok 09:04:56.0123 7984 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 09:04:56.0139 7984 PEAUTH - ok 09:04:56.0186 7984 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll 09:04:56.0201 7984 PeerDistSvc - ok 09:04:56.0217 7984 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 09:04:56.0217 7984 PerfHost - ok 09:04:56.0248 7984 [ F20612DF7E12DE3A087D0F44CC545FB1 ] PersonalSecureDrive C:\windows\System32\drivers\psd.sys 09:04:56.0264 7984 PersonalSecureDrive - ok 09:04:56.0295 7984 [ F473D5D43FA7D5C657A3137C5171CB77 ] PersonalSecureDriveService c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe 09:04:56.0373 7984 PersonalSecureDriveService - ok 09:04:56.0420 7984 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 09:04:56.0435 7984 pla - ok 09:04:56.0466 7984 [ 3EA0773AEDAD9B134A7C9C6883C7069F ] pln1394bus C:\windows\system32\DRIVERS\pln1394bus_x64.sys 09:04:56.0482 7984 pln1394bus - ok 09:04:56.0529 7984 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 09:04:56.0529 7984 PlugPlay - ok 09:04:56.0591 7984 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 09:04:56.0591 7984 Pml Driver HPZ12 - ok 09:04:56.0622 7984 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 09:04:56.0638 7984 PNRPAutoReg - ok 09:04:56.0654 7984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 09:04:56.0654 7984 PNRPsvc - ok 09:04:56.0716 7984 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 09:04:56.0716 7984 PolicyAgent - ok 09:04:56.0732 7984 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll 09:04:56.0747 7984 Power - ok 09:04:56.0794 7984 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 09:04:56.0794 7984 PptpMiniport - ok 09:04:56.0825 7984 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys 09:04:56.0825 7984 Processor - ok 09:04:56.0872 7984 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 09:04:56.0872 7984 ProfSvc - ok 09:04:56.0903 7984 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 09:04:56.0903 7984 ProtectedStorage - ok 09:04:56.0966 7984 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 09:04:56.0966 7984 Psched - ok 09:04:56.0997 7984 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys 09:04:56.0997 7984 PxHlpa64 - ok 09:04:57.0059 7984 [ B41AD9BC21A80598DAD208439E3A28B3 ] PYNWAGNT C:\windows\System32\Drivers\pynwagnt.sys 09:04:57.0059 7984 PYNWAGNT - ok 09:04:57.0137 7984 [ FCC5997A6517E869146CB2F155AB8D2A ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 09:04:57.0184 7984 QBCFMonitorService - ok 09:04:57.0231 7984 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 09:04:57.0293 7984 QBFCService - ok 09:04:57.0324 7984 [ A0EC711150D3E41539FE0542F7954341 ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe 09:04:57.0387 7984 QBVSS - ok 09:04:57.0434 7984 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys 09:04:57.0434 7984 ql2300 - ok 09:04:57.0449 7984 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys 09:04:57.0449 7984 ql40xx - ok 09:04:57.0480 7984 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 09:04:57.0480 7984 QWAVE - ok 09:04:57.0512 7984 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 09:04:57.0527 7984 QWAVEdrv - ok 09:04:57.0574 7984 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\windows\WindowsMobile\rapimgr.dll 09:04:57.0621 7984 RapiMgr - ok 09:04:57.0621 7984 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 09:04:57.0621 7984 RasAcd - ok 09:04:57.0668 7984 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 09:04:57.0668 7984 RasAgileVpn - ok 09:04:57.0699 7984 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 09:04:57.0699 7984 RasAuto - ok 09:04:57.0746 7984 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 09:04:57.0746 7984 Rasl2tp - ok 09:04:57.0777 7984 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 09:04:57.0777 7984 RasMan - ok 09:04:57.0792 7984 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 09:04:57.0792 7984 RasPppoe - ok 09:04:57.0792 7984 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 09:04:57.0792 7984 RasSstp - ok 09:04:57.0839 7984 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 09:04:57.0855 7984 rdbss - ok 09:04:57.0886 7984 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys 09:04:57.0886 7984 rdpbus - ok 09:04:57.0902 7984 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 09:04:57.0902 7984 RDPCDD - ok 09:04:57.0964 7984 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys 09:04:57.0964 7984 RDPDR - ok 09:04:57.0980 7984 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 09:04:57.0995 7984 RDPENCDD - ok 09:04:58.0011 7984 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 09:04:58.0011 7984 RDPREFMP - ok 09:04:58.0058 7984 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys 09:04:58.0058 7984 RdpVideoMiniport - ok 09:04:58.0104 7984 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 09:04:58.0104 7984 RDPWD - ok 09:04:58.0151 7984 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 09:04:58.0167 7984 rdyboost - ok 09:04:58.0276 7984 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 09:04:58.0354 7984 RealNetworks Downloader Resolver Service - ok 09:04:58.0370 7984 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 09:04:58.0370 7984 RemoteAccess - ok 09:04:58.0385 7984 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 09:04:58.0401 7984 RemoteRegistry - ok 09:04:58.0432 7984 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys 09:04:58.0432 7984 RFCOMM - ok 09:04:58.0494 7984 [ C77CF0B12ADC00F7C41DB3D9CBFCC675 ] Rfservice C:\Program Files (x86)\Retriever Software\rfservice.exe 09:04:58.0588 7984 Rfservice - ok 09:04:58.0682 7984 [ 7566F7C551606D44479A5E22F3405B89 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 09:04:58.0775 7984 RoxMediaDB12OEM - ok 09:04:58.0806 7984 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 09:04:58.0806 7984 RpcEptMapper - ok 09:04:58.0838 7984 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 09:04:58.0838 7984 RpcLocator - ok 09:04:58.0884 7984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 09:04:58.0884 7984 RpcSs - ok 09:04:58.0931 7984 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\windows\system32\DRIVERS\RsFx0105.sys 09:04:58.0931 7984 RsFx0105 - ok 09:04:59.0025 7984 [ 964E8376B0B3FE1354B19907E1A4A692 ] RsFx0201 C:\windows\system32\DRIVERS\RsFx0201.sys 09:04:59.0025 7984 RsFx0201 - ok 09:04:59.0072 7984 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 09:04:59.0072 7984 rspndr - ok 09:04:59.0103 7984 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\windows\system32\drivers\vms3cap.sys 09:04:59.0103 7984 s3cap - ok 09:04:59.0118 7984 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 09:04:59.0118 7984 SamSs - ok 09:04:59.0150 7984 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 09:04:59.0150 7984 sbp2port - ok 09:04:59.0181 7984 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 09:04:59.0181 7984 SCardSvr - ok 09:04:59.0228 7984 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 09:04:59.0228 7984 scfilter - ok 09:04:59.0306 7984 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 09:04:59.0321 7984 Schedule - ok 09:04:59.0368 7984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 09:04:59.0368 7984 SCPolicySvc - ok 09:04:59.0399 7984 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys 09:04:59.0399 7984 sdbus - ok 09:04:59.0446 7984 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 09:04:59.0446 7984 SDRSVC - ok 09:04:59.0508 7984 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 09:04:59.0508 7984 secdrv - ok 09:04:59.0524 7984 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 09:04:59.0524 7984 seclogon - ok 09:04:59.0571 7984 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll 09:04:59.0571 7984 SENS - ok 09:04:59.0602 7984 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 09:04:59.0602 7984 SensrSvc - ok 09:04:59.0696 7984 [ 9B9B2F0A0432D938C726CCB25D66CB1B ] ser2at C:\windows\system32\DRIVERS\ser2at64.sys 09:04:59.0696 7984 ser2at - ok 09:04:59.0758 7984 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys 09:04:59.0758 7984 Serenum - ok 09:04:59.0836 7984 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys 09:04:59.0836 7984 Serial - ok 09:04:59.0867 7984 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys 09:04:59.0883 7984 sermouse - ok 09:04:59.0945 7984 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 09:04:59.0961 7984 SessionEnv - ok 09:04:59.0992 7984 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 09:04:59.0992 7984 sffdisk - ok 09:05:00.0008 7984 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 09:05:00.0008 7984 sffp_mmc - ok 09:05:00.0008 7984 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 09:05:00.0023 7984 sffp_sd - ok 09:05:00.0039 7984 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys 09:05:00.0039 7984 sfloppy - ok 09:05:00.0054 7984 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 09:05:00.0054 7984 SharedAccess - ok 09:05:00.0070 7984 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 09:05:00.0086 7984 ShellHWDetection - ok 09:05:00.0117 7984 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys 09:05:00.0117 7984 SiSRaid2 - ok 09:05:00.0132 7984 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys 09:05:00.0132 7984 SiSRaid4 - ok 09:05:00.0226 7984 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 09:05:04.0376 7984 SkypeUpdate - ok 09:05:04.0407 7984 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 09:05:04.0407 7984 Smb - ok 09:05:04.0438 7984 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 09:05:04.0438 7984 SNMPTRAP - ok 09:05:04.0547 7984 [ 80B683DF156771E30D33E01AF09ABE3C ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys 09:05:04.0594 7984 SNP2UVC - ok 09:05:04.0594 7984 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 09:05:04.0594 7984 spldr - ok 09:05:04.0656 7984 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe 09:05:04.0656 7984 Spooler - ok 09:05:04.0766 7984 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 09:05:04.0781 7984 sppsvc - ok 09:05:04.0797 7984 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 09:05:04.0797 7984 sppuinotify - ok 09:05:04.0968 7984 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 09:05:05.0046 7984 SQLAgent$SQLEXPRESS - ok 09:05:05.0171 7984 [ 8009FD3E6CC714005790606A80DE3CF6 ] SQLAgent$SRELAB C:\Program Files\Microsoft SQL Server\MSSQL11.SRELAB\MSSQL\Binn\SQLAGENT.EXE 09:05:05.0249 7984 SQLAgent$SRELAB - ok 09:05:05.0374 7984 [ E9254892A2D74E537BAD3092F0F8EE40 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 09:05:05.0468 7984 SQLBrowser - ok 09:05:05.0546 7984 [ 055B0DE7BCDB14FB18279F09DCA07954 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 09:05:05.0655 7984 SQLWriter - ok 09:05:05.0702 7984 [ 46BE3584FE0F72D3430E669225ACCB40 ] SRS_AE_Service C:\windows\system32\drivers\SRS_AE_amd64.sys 09:05:05.0717 7984 SRS_AE_Service - ok 09:05:05.0748 7984 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 09:05:05.0748 7984 srv - ok 09:05:05.0764 7984 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 09:05:05.0764 7984 srv2 - ok 09:05:05.0780 7984 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 09:05:05.0795 7984 srvnet - ok 09:05:05.0826 7984 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 09:05:05.0826 7984 SSDPSRV - ok 09:05:05.0842 7984 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 09:05:05.0842 7984 SstpSvc - ok 09:05:05.0936 7984 [ 917117ADC2934720A071AA3786C0CAB1 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 09:05:06.0014 7984 STacSV - ok 09:05:06.0029 7984 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys 09:05:06.0029 7984 stexstor - ok 09:05:06.0060 7984 [ 7E99C4640869E95CFBD185811E80079E ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys 09:05:06.0060 7984 STHDA - ok 09:05:06.0092 7984 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys 09:05:06.0092 7984 StillCam - ok 09:05:06.0138 7984 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 09:05:06.0154 7984 stisvc - ok 09:05:06.0185 7984 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 09:05:06.0294 7984 stllssvr - ok 09:05:06.0326 7984 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\windows\system32\drivers\vmstorfl.sys 09:05:06.0326 7984 storflt - ok 09:05:06.0357 7984 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll 09:05:06.0357 7984 StorSvc - ok 09:05:06.0372 7984 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\windows\system32\drivers\storvsc.sys 09:05:06.0372 7984 storvsc - ok 09:05:06.0388 7984 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 09:05:06.0388 7984 swenum - ok 09:05:06.0404 7984 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 09:05:06.0419 7984 swprv - ok 09:05:06.0450 7984 [ E6DBF82FE072B58CCB958B05DE1F87C3 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys 09:05:06.0450 7984 SynTP - ok 09:05:06.0544 7984 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 09:05:06.0575 7984 SysMain - ok 09:05:06.0606 7984 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 09:05:06.0622 7984 TabletInputService - ok 09:05:06.0638 7984 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 09:05:06.0638 7984 TapiSrv - ok 09:05:06.0653 7984 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 09:05:06.0669 7984 TBS - ok 09:05:06.0716 7984 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\windows\system32\drivers\tcpip.sys 09:05:06.0731 7984 Tcpip - ok 09:05:06.0762 7984 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 09:05:06.0778 7984 TCPIP6 - ok 09:05:06.0809 7984 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 09:05:06.0825 7984 tcpipreg - ok 09:05:06.0856 7984 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 09:05:06.0856 7984 TDPIPE - ok 09:05:06.0903 7984 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 09:05:06.0903 7984 TDTCP - ok 09:05:06.0950 7984 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 09:05:06.0950 7984 tdx - ok 09:05:07.0106 7984 [ F67C21CC4195F6AFC447418FE163E156 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe 09:05:07.0199 7984 TeamViewer8 - ok 09:05:07.0215 7984 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 09:05:07.0215 7984 TermDD - ok 09:05:07.0277 7984 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 09:05:07.0277 7984 TermService - ok 09:05:07.0308 7984 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 09:05:07.0308 7984 Themes - ok 09:05:07.0324 7984 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 09:05:07.0324 7984 THREADORDER - ok 09:05:07.0355 7984 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys 09:05:07.0355 7984 TPM - ok 09:05:07.0371 7984 TRENDnetUdsMBus - ok 09:05:07.0386 7984 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 09:05:07.0386 7984 TrkWks - ok 09:05:07.0449 7984 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 09:05:07.0511 7984 TrustedInstaller - ok 09:05:07.0542 7984 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 09:05:07.0542 7984 tssecsrv - ok 09:05:07.0589 7984 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 09:05:07.0589 7984 TsUsbFlt - ok 09:05:07.0652 7984 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 09:05:07.0652 7984 tunnel - ok 09:05:07.0683 7984 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys 09:05:07.0698 7984 uagp35 - ok 09:05:07.0808 7984 [ 37129177C863B186F02EDA329078C4B8 ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe 09:05:07.0886 7984 uArcCapture - ok 09:05:07.0932 7984 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 09:05:07.0948 7984 udfs - ok 09:05:07.0979 7984 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 09:05:07.0979 7984 UI0Detect - ok 09:05:08.0010 7984 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 09:05:08.0010 7984 uliagpkx - ok 09:05:08.0042 7984 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys 09:05:08.0042 7984 umbus - ok 09:05:08.0057 7984 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys 09:05:08.0057 7984 UmPass - ok 09:05:08.0104 7984 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll 09:05:08.0104 7984 UmRdpService - ok 09:05:08.0229 7984 [ 1B71370AEC1115F80D9A4A209317C968 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 09:05:08.0322 7984 UNS - ok 09:05:08.0354 7984 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 09:05:08.0354 7984 upnphost - ok 09:05:08.0385 7984 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 09:05:08.0385 7984 USBAAPL64 - ok 09:05:08.0432 7984 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys 09:05:08.0432 7984 usbaudio - ok 09:05:08.0463 7984 [ C85B8247FADD432FA54FE11667C8D97D ] usbbus C:\windows\system32\DRIVERS\lgx64bus.sys 09:05:08.0463 7984 usbbus - ok 09:05:08.0510 7984 [ 2B26FCB7C634C49313FD72120FB9946E ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 09:05:08.0510 7984 usbccgp - ok 09:05:08.0541 7984 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 09:05:08.0556 7984 usbcir - ok 09:05:08.0588 7984 [ D8CDC12F5429878F23DDB3785A0FDF95 ] UsbDiag C:\windows\system32\DRIVERS\lgx64diag.sys 09:05:08.0588 7984 UsbDiag - ok 09:05:08.0619 7984 [ AA68C758B3F225618A5FD1ED40C383C4 ] usbehci C:\windows\system32\drivers\usbehci.sys 09:05:08.0619 7984 usbehci - ok 09:05:08.0650 7984 [ 66E1EF753543785D7E2C44719B2C5DAD ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 09:05:08.0650 7984 usbhub - ok 09:05:08.0681 7984 [ 79FA7A22B0F6F0082F640CBC82A00FCE ] USBModem C:\windows\system32\DRIVERS\lgx64modem.sys 09:05:08.0681 7984 USBModem - ok 09:05:08.0712 7984 [ B26ACA4784AD1295C25A7501FD4AB79E ] usbohci C:\windows\system32\drivers\usbohci.sys 09:05:08.0712 7984 usbohci - ok 09:05:08.0759 7984 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 09:05:08.0759 7984 usbprint - ok 09:05:08.0790 7984 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys 09:05:08.0790 7984 usbscan - ok 09:05:08.0806 7984 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 09:05:08.0806 7984 USBSTOR - ok 09:05:08.0837 7984 [ 35944CFF264134FFD2E7EED0F8B81A56 ] usbuhci C:\windows\system32\drivers\usbuhci.sys 09:05:08.0837 7984 usbuhci - ok 09:05:08.0868 7984 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys 09:05:08.0868 7984 usbvideo - ok 09:05:08.0915 7984 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\windows\system32\drivers\usb8023x.sys 09:05:08.0931 7984 usb_rndisx - ok 09:05:08.0946 7984 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 09:05:08.0946 7984 UxSms - ok 09:05:09.0009 7984 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 09:05:09.0009 7984 VaultSvc - ok 09:05:09.0071 7984 [ 2292941A3522B2AEB2C4138B8336027B ] VBoxDrv C:\windows\system32\DRIVERS\VBoxDrv.sys 09:05:09.0071 7984 VBoxDrv - ok 09:05:09.0118 7984 [ 7BA06676AC91AF2EEAB05BCC70F14003 ] VBoxNetAdp C:\windows\system32\DRIVERS\VBoxNetAdp.sys 09:05:09.0118 7984 VBoxNetAdp - ok 09:05:09.0165 7984 [ 4628619D91EB87183977158AA8386A7A ] VBoxNetFlt C:\windows\system32\DRIVERS\VBoxNetFlt.sys 09:05:09.0165 7984 VBoxNetFlt - ok 09:05:09.0212 7984 [ 93BDA0BF20F02E509354D1EBDE69E300 ] VBoxUSBMon C:\windows\system32\DRIVERS\VBoxUSBMon.sys 09:05:09.0212 7984 VBoxUSBMon - ok 09:05:09.0321 7984 [ 0AD1CFB05AE55ADEF7D05B91017ED6D1 ] vcsFPService C:\windows\system32\vcsFPService.exe 09:05:09.0336 7984 vcsFPService - ok 09:05:09.0368 7984 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 09:05:09.0368 7984 vdrvroot - ok 09:05:09.0414 7984 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 09:05:09.0430 7984 vds - ok 09:05:09.0446 7984 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 09:05:09.0446 7984 vga - ok 09:05:09.0461 7984 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 09:05:09.0461 7984 VgaSave - ok 09:05:09.0477 7984 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 09:05:09.0477 7984 vhdmp - ok 09:05:09.0539 7984 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 09:05:09.0539 7984 viaide - ok 09:05:09.0570 7984 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\windows\system32\drivers\vmbus.sys 09:05:09.0570 7984 vmbus - ok 09:05:09.0602 7984 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys 09:05:09.0602 7984 VMBusHID - ok 09:05:09.0617 7984 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 09:05:09.0617 7984 volmgr - ok 09:05:09.0680 7984 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 09:05:09.0695 7984 volmgrx - ok 09:05:09.0726 7984 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys 09:05:09.0726 7984 volsnap - ok 09:05:09.0773 7984 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys 09:05:09.0773 7984 vpcbus - ok 09:05:09.0820 7984 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys 09:05:09.0820 7984 vpcnfltr - ok 09:05:09.0851 7984 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys 09:05:09.0851 7984 vpcusb - ok 09:05:09.0929 7984 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys 09:05:09.0929 7984 vpcvmm - ok 09:05:10.0023 7984 [ AF726FB0A4C8832945F9A61194EDB4D5 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe 09:05:10.0101 7984 vpnagent - ok 09:05:10.0148 7984 [ E41BB521D4CF78DD3FD1C13088679943 ] vpnva C:\windows\system32\DRIVERS\vpnva64.sys 09:05:10.0148 7984 vpnva - ok 09:05:10.0194 7984 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys 09:05:10.0194 7984 vsmraid - ok 09:05:10.0288 7984 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 09:05:10.0319 7984 VSS - ok 09:05:10.0335 7984 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 09:05:10.0335 7984 vwifibus - ok 09:05:10.0350 7984 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 09:05:10.0350 7984 vwififlt - ok 09:05:10.0382 7984 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys 09:05:10.0382 7984 vwifimp - ok 09:05:10.0413 7984 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 09:05:10.0413 7984 W32Time - ok 09:05:10.0444 7984 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys 09:05:10.0444 7984 WacomPen - ok 09:05:10.0491 7984 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 09:05:10.0506 7984 WANARP - ok 09:05:10.0506 7984 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 09:05:10.0506 7984 Wanarpv6 - ok 09:05:10.0584 7984 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe 09:05:10.0678 7984 WatAdminSvc - ok 09:05:10.0740 7984 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 09:05:10.0772 7984 wbengine - ok 09:05:10.0787 7984 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 09:05:10.0803 7984 WbioSrvc - ok 09:05:10.0896 7984 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\windows\WindowsMobile\wcescomm.dll 09:05:10.0928 7984 WcesComm - ok 09:05:10.0959 7984 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 09:05:10.0959 7984 wcncsvc - ok 09:05:10.0990 7984 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 09:05:10.0990 7984 WcsPlugInService - ok 09:05:11.0006 7984 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys 09:05:11.0006 7984 Wd - ok 09:05:11.0037 7984 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 09:05:11.0052 7984 Wdf01000 - ok 09:05:11.0068 7984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 09:05:11.0068 7984 WdiServiceHost - ok 09:05:11.0068 7984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 09:05:11.0068 7984 WdiSystemHost - ok 09:05:11.0084 7984 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 09:05:11.0099 7984 WebClient - ok 09:05:11.0099 7984 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 09:05:11.0115 7984 Wecsvc - ok 09:05:11.0130 7984 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 09:05:11.0130 7984 wercplsupport - ok 09:05:11.0146 7984 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 09:05:11.0162 7984 WerSvc - ok 09:05:11.0177 7984 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 09:05:11.0177 7984 WfpLwf - ok 09:05:11.0193 7984 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 09:05:11.0193 7984 WIMMount - ok 09:05:11.0208 7984 WinDefend - ok 09:05:11.0224 7984 WinHttpAutoProxySvc - ok 09:05:11.0271 7984 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 09:05:11.0271 7984 Winmgmt - ok 09:05:11.0364 7984 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 09:05:11.0396 7984 WinRM - ok 09:05:11.0442 7984 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys 09:05:11.0442 7984 WinUSB - ok 09:05:11.0474 7984 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 09:05:11.0489 7984 Wlansvc - ok 09:05:11.0614 7984 [ C3A25A50D82061F986B2AB99E4B40C96 ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE 09:05:11.0661 7984 wltrysvc - ok 09:05:11.0692 7984 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 09:05:11.0692 7984 WmiAcpi - ok 09:05:11.0723 7984 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 09:05:11.0739 7984 wmiApSrv - ok 09:05:11.0770 7984 WMPNetworkSvc - ok 09:05:11.0786 7984 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 09:05:11.0786 7984 WPCSvc - ok 09:05:11.0832 7984 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 09:05:11.0848 7984 WPDBusEnum - ok 09:05:11.0879 7984 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 09:05:11.0879 7984 ws2ifsl - ok 09:05:11.0895 7984 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll 09:05:11.0910 7984 wscsvc - ok 09:05:11.0942 7984 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys 09:05:11.0942 7984 WSDPrintDevice - ok 09:05:11.0957 7984 WSearch - ok 09:05:12.0035 7984 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 09:05:12.0066 7984 wuauserv - ok 09:05:12.0113 7984 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys 09:05:12.0113 7984 WudfPf - ok 09:05:12.0176 7984 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 09:05:12.0176 7984 WUDFRd - ok 09:05:12.0238 7984 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll 09:05:12.0238 7984 wudfsvc - ok 09:05:12.0300 7984 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll 09:05:12.0300 7984 WwanSvc - ok 09:05:12.0410 7984 ================ Scan global =============================== 09:05:12.0425 7984 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 09:05:12.0488 7984 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll 09:05:12.0503 7984 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll 09:05:12.0534 7984 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 09:05:12.0550 7984 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 09:05:12.0550 7984 [Global] - ok 09:05:12.0550 7984 ================ Scan MBR ================================== 09:05:12.0566 7984 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 09:05:12.0846 7984 \Device\Harddisk0\DR0 - ok 09:05:12.0846 7984 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 09:05:12.0862 7984 \Device\Harddisk1\DR1 - ok 09:05:12.0862 7984 ================ Scan VBR ================================== 09:05:12.0862 7984 [ DCF565D68C2EF08A7A1265CD983E3FD9 ] \Device\Harddisk0\DR0\Partition1 09:05:12.0862 7984 \Device\Harddisk0\DR0\Partition1 - ok 09:05:12.0878 7984 [ 0D94672412FF74E1F6F2123BD16980A1 ] \Device\Harddisk0\DR0\Partition2 09:05:12.0878 7984 \Device\Harddisk0\DR0\Partition2 - ok 09:05:12.0909 7984 [ 2C241788E373472B7753ACFA50E1ED76 ] \Device\Harddisk0\DR0\Partition3 09:05:12.0909 7984 \Device\Harddisk0\DR0\Partition3 - ok 09:05:12.0924 7984 [ 49187432BF47C681170200DD1D8B3299 ] \Device\Harddisk0\DR0\Partition4 09:05:12.0924 7984 \Device\Harddisk0\DR0\Partition4 - ok 09:05:12.0940 7984 [ 5225D33B80CBB90ED85F7A0C891EDB1B ] \Device\Harddisk1\DR1\Partition1 09:05:12.0940 7984 \Device\Harddisk1\DR1\Partition1 - ok 09:05:12.0940 7984 ============================================================ 09:05:12.0940 7984 Scan finished 09:05:12.0940 7984 ============================================================ 09:05:12.0956 7596 Detected object count: 0 09:05:12.0956 7596 Actual detected object count: 0 09:05:26.0263 4972 Deinitialize success

    Advertisements

Register to Remove


#11 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 29 October 2013 - 01:44 PM

System File Check

For Windows XP:

  • Press the Windows- and the R-key simultanously.
  • Within the text box that jus opened, write cmd and hit Enter.

For Windows Vista/7:

  • Press the Windows key to open the start menu.
  • Don´t highlight anything, just write cmd.
  • The start menu will offer you an entry named cmd.
  • Right click it and select "run as administrator"


Within the opening window, write the following:

sfc /scannow
(See the blank within).


  • Hit enter. Your system will be checked for damaged system files.
  • Tell me the result of that scan in here (as the tool produces no log).

Proud Member of UNITE & TB
 

#12 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 29 October 2013 - 03:15 PM

Windows Resource Protection did not find any integrity violations.

#13 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 29 October 2013 - 05:16 PM

Are you not seeing any problems in the logs generated? I've been running my notebook with wireless turned off. Should I turn it on again? Could the malware only be active when there's a working Internet connection?

#14 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 30 October 2013 - 02:29 AM

Nothing to see here...


Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.




Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

Proud Member of UNITE & TB
 

#15 EricWoods

EricWoods

    Authentic Member

  • Authentic Member
  • PipPip
  • 147 posts

Posted 30 October 2013 - 12:59 PM

Will run ESet next. Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.30.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 SRE Lab :: SRELAB-HP [administrator] Protection: Enabled 10/30/2013 5:56:22 AM mbam-log-2013-10-30 (05-56-22).txt Scan type: Full scan (C:\|E:\|F:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 632493 Time elapsed: 3 hour(s), 13 minute(s), 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 3 C:\Users\SRE Lab\AppData\Local\Temp\CSMA868.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully. C:\Users\SRE Lab\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. C:\Users\SRE Lab\Desktop\Downloads\wzcourier35.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. (end)

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users