Smitfraud-C.generic--Help w/ removal!
This virus refuses to leave my computer. I run spybot and the program claims the virus is fixed, but I can literally scan it a minute later and the Smitfraud-C.generic is back. Please help me remove this trojan from my pc permanently.
I have Windows 7, 64 on a Dell Inspiron
I also have Mcaffe, if that matters.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Shelby at 18:29:50 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2186 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
-netsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\Users\Shelby\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{23ABA2C2-32B0-4CD4-A2A1-593D5A68FE43} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-9 257224]
.
=============== Created Last 30 ================
.
2012-06-13 21:14:55 -------- d-----w- C:\Users\Shelby\AppData\Local\Adobe
2012-06-11 21:56:51 20480 ----a-w- C:\Windows\svchost.exe
2012-06-11 19:29:29 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-06-11 19:29:28 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-06-11 19:29:28 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-06-11 19:29:28 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-06-11 19:29:27 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-06-11 19:29:27 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-06-11 19:29:27 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-06-11 19:25:26 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-06-11 19:25:25 2566144 ----a-w- C:\Windows\System32\esent.dll
2012-06-11 19:25:25 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-06-11 19:25:25 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-06-11 19:25:25 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-06-11 19:25:24 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-06-11 19:25:24 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-06-11 19:25:24 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2012-06-11 19:25:23 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-06-11 19:25:23 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-06-11 19:25:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-06-11 18:55:04 -------- d-----w- C:\Windows\SysWow64\Wat
2012-06-11 18:55:04 -------- d-----w- C:\Windows\System32\Wat
2012-06-10 20:36:57 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-06-10 20:36:57 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-06-10 20:12:12 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-06-10 20:12:12 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-06-10 19:52:54 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-06-10 19:52:54 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-06-10 19:52:54 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-06-10 19:52:54 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-06-10 19:52:54 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-06-10 19:52:54 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-06-10 19:52:54 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-06-10 19:52:54 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-06-10 19:52:54 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-06-10 19:52:54 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-06-10 19:27:45 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-06-10 19:27:45 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-06-10 19:27:45 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-06-10 19:27:45 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-06-10 19:27:45 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-06-10 18:55:20 -------- d-----w- C:\Windows\PCHEALTH
2012-06-10 18:52:02 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Help
2012-06-10 17:48:56 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-06-10 17:46:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-06-10 17:46:44 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-06-10 17:46:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-10 17:46:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-10 17:46:31 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-06-10 17:46:31 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-06-10 17:46:26 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 2085376 ----a-w- C:\Windows\System32\ole32.dll
2012-06-10 17:46:24 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-06-10 17:46:00 2228224 ----a-w- C:\Windows\System32\mssrch.dll
2012-06-10 17:44:39 422912 ----a-w- C:\Windows\System32\secproc_isv.dll
2012-06-10 17:43:54 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-06-10 17:42:57 52224 ----a-w- C:\Windows\System32\rtutils.dll
2012-06-10 17:41:44 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-06-10 17:40:14 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-06-10 17:40:11 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-06-10 17:40:09 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2012-06-10 17:40:08 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2012-06-10 17:40:06 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2012-06-10 17:40:01 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2012-06-10 17:40:01 288256 ----a-w- C:\Windows\System32\MSNP.ax
2012-06-10 17:40:00 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-06-10 17:40:00 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2012-06-10 17:38:59 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-10 17:37:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2012-06-10 17:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2012-06-10 17:37:54 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2012-06-10 17:37:53 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-06-10 17:37:53 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2012-06-10 17:37:44 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-06-10 17:25:41 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-06-10 17:25:40 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-06-10 17:25:37 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2012-06-10 17:25:36 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-06-10 17:25:33 112000 ----a-w- C:\Windows\System32\consent.exe
2012-06-10 17:25:30 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2012-06-10 17:25:24 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2012-06-10 17:25:24 331776 ----a-w- C:\Windows\System32\oleacc.dll
2012-06-10 17:25:23 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2012-06-10 17:25:23 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2012-06-10 17:25:16 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-06-10 17:25:15 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-06-10 17:24:13 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-06-10 17:24:05 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-06-10 17:24:05 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-06-10 17:24:03 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-06-10 17:23:57 720896 ----a-w- C:\Windows\System32\odbc32.dll
2012-06-10 17:23:56 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2012-06-10 17:23:56 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-06-10 17:23:55 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-06-10 17:23:55 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:55 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:54 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-06-10 17:23:53 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-06-10 17:23:53 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:53 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:34 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-06-10 17:23:33 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-06-10 17:19:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-06-10 17:19:55 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-06-10 13:05:44 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2012-06-10 13:05:44 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2012-06-10 07:15:54 -------- d-----w- C:\Windows\Panther
2012-06-10 07:15:25 -------- d-----w- C:\Windows\System32\oem
2012-06-10 06:49:54 -------- d-----w- C:\Windows.old
2012-06-10 03:12:00 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Games
2012-06-10 02:33:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-10 02:33:09 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-10 01:29:43 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-10 01:29:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-10 01:17:50 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-06-10 01:17:38 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-06-10 01:17:38 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-06-10 01:16:44 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-06-10 01:16:44 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-06-10 01:16:44 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-06-10 01:16:44 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-06-10 01:16:44 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-06-10 01:16:44 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee.com
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-06-10 01:16:29 -------- d-----w- C:\Program Files (x86)\McAfee
2012-06-10 01:07:34 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-06-10 00:35:54 -------- d-----w- C:\Users\Shelby\AppData\Local\Diagnostics
2012-06-10 00:27:50 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7250C547-3BEC-4613-AECF-28596846A027}\mpengine.dll
2012-06-10 00:27:49 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-06-10 00:04:13 45056 ----a-r- C:\Users\Shelby\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2012-06-10 00:04:12 -------- d-----w- C:\Windows\SysWow64\vmm32
2012-06-10 00:04:12 -------- d-----w- C:\Program Files (x86)\Dell
2012-06-10 00:03:44 -------- d-sh--w- C:\Windows\Installer
2012-06-09 23:58:08 89088 ----a-w- C:\Windows\SysWow64\atl71.dll
2012-06-09 23:58:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-06-09 23:58:08 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-09 23:58:08 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll
2012-06-09 23:58:08 1047552 ----a-w- C:\Windows\SysWow64\MFC71u.dll
2012-06-09 23:56:07 139264 ----a-w- C:\Windows\System32\cabview.dll
2012-06-09 23:56:07 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2012-06-09 23:56:06 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-09 23:56:06 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-09 23:56:06 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-09 23:56:05 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-06-09 23:56:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-06-09 23:56:05 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-09 23:56:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-06-09 23:52:56 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-04-02 05:34:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-02 04:46:44 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-02 04:46:44 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-02 03:01:19 3143680 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 18:32:10.84 ===============
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Shelby at 18:29:50 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2186 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
-netsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\Users\Shelby\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{23ABA2C2-32B0-4CD4-A2A1-593D5A68FE43} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120611170811.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-9 249936]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-9 257224]
.
=============== Created Last 30 ================
.
2012-06-13 21:14:55 -------- d-----w- C:\Users\Shelby\AppData\Local\Adobe
2012-06-11 21:56:51 20480 ----a-w- C:\Windows\svchost.exe
2012-06-11 19:29:29 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-06-11 19:29:28 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-06-11 19:29:28 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-06-11 19:29:28 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-06-11 19:29:27 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-06-11 19:29:27 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-06-11 19:29:27 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-06-11 19:25:26 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-06-11 19:25:25 2566144 ----a-w- C:\Windows\System32\esent.dll
2012-06-11 19:25:25 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-06-11 19:25:25 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-06-11 19:25:25 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-06-11 19:25:24 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-06-11 19:25:24 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-06-11 19:25:24 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2012-06-11 19:25:23 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-06-11 19:25:23 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-06-11 19:25:22 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-06-11 18:55:04 -------- d-----w- C:\Windows\SysWow64\Wat
2012-06-11 18:55:04 -------- d-----w- C:\Windows\System32\Wat
2012-06-10 20:36:57 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-06-10 20:36:57 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-06-10 20:12:12 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-06-10 20:12:12 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-06-10 19:52:54 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-06-10 19:52:54 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-06-10 19:52:54 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-06-10 19:52:54 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-06-10 19:52:54 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-06-10 19:52:54 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-06-10 19:52:54 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-06-10 19:52:54 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-06-10 19:52:54 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-06-10 19:52:54 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-06-10 19:27:45 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-06-10 19:27:45 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-06-10 19:27:45 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-06-10 19:27:45 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-06-10 19:27:45 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-06-10 19:27:45 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-06-10 18:55:20 -------- d-----w- C:\Windows\PCHEALTH
2012-06-10 18:52:02 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Help
2012-06-10 17:48:56 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-06-10 17:46:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-06-10 17:46:44 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-06-10 17:46:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-10 17:46:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-10 17:46:31 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-06-10 17:46:31 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-06-10 17:46:26 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2012-06-10 17:46:25 2085376 ----a-w- C:\Windows\System32\ole32.dll
2012-06-10 17:46:24 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2012-06-10 17:46:00 2228224 ----a-w- C:\Windows\System32\mssrch.dll
2012-06-10 17:44:39 422912 ----a-w- C:\Windows\System32\secproc_isv.dll
2012-06-10 17:43:54 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-06-10 17:42:57 52224 ----a-w- C:\Windows\System32\rtutils.dll
2012-06-10 17:41:44 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-06-10 17:40:14 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-06-10 17:40:11 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-06-10 17:40:09 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2012-06-10 17:40:08 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2012-06-10 17:40:06 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2012-06-10 17:40:06 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2012-06-10 17:40:01 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2012-06-10 17:40:01 288256 ----a-w- C:\Windows\System32\MSNP.ax
2012-06-10 17:40:00 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-06-10 17:40:00 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2012-06-10 17:38:59 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-06-10 17:37:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2012-06-10 17:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2012-06-10 17:37:54 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2012-06-10 17:37:53 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-06-10 17:37:53 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2012-06-10 17:37:44 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-06-10 17:25:41 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2012-06-10 17:25:40 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2012-06-10 17:25:37 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2012-06-10 17:25:36 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-06-10 17:25:33 112000 ----a-w- C:\Windows\System32\consent.exe
2012-06-10 17:25:30 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2012-06-10 17:25:24 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2012-06-10 17:25:24 331776 ----a-w- C:\Windows\System32\oleacc.dll
2012-06-10 17:25:23 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2012-06-10 17:25:23 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2012-06-10 17:25:16 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-06-10 17:25:15 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-06-10 17:24:55 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-06-10 17:24:13 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-06-10 17:24:05 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-06-10 17:24:05 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-10 17:24:04 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-06-10 17:24:03 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-06-10 17:23:57 720896 ----a-w- C:\Windows\System32\odbc32.dll
2012-06-10 17:23:56 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2012-06-10 17:23:56 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-06-10 17:23:55 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-06-10 17:23:55 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:55 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:54 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-06-10 17:23:53 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-06-10 17:23:53 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-06-10 17:23:53 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-06-10 17:23:34 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-06-10 17:23:33 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-06-10 17:19:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-06-10 17:19:55 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-06-10 13:05:44 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2012-06-10 13:05:44 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2012-06-10 07:15:54 -------- d-----w- C:\Windows\Panther
2012-06-10 07:15:25 -------- d-----w- C:\Windows\System32\oem
2012-06-10 06:49:54 -------- d-----w- C:\Windows.old
2012-06-10 03:12:00 -------- d-----w- C:\Users\Shelby\AppData\Local\Microsoft Games
2012-06-10 02:33:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-10 02:33:09 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-10 01:29:43 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-10 01:29:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-10 01:17:50 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-06-10 01:17:38 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-06-10 01:17:38 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-06-10 01:16:44 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-06-10 01:16:44 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-06-10 01:16:44 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-06-10 01:16:44 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-06-10 01:16:44 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-06-10 01:16:44 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee.com
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\McAfee
2012-06-10 01:16:32 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-06-10 01:16:29 -------- d-----w- C:\Program Files (x86)\McAfee
2012-06-10 01:07:34 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-06-10 00:35:54 -------- d-----w- C:\Users\Shelby\AppData\Local\Diagnostics
2012-06-10 00:27:50 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7250C547-3BEC-4613-AECF-28596846A027}\mpengine.dll
2012-06-10 00:27:49 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-06-10 00:04:13 45056 ----a-r- C:\Users\Shelby\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2012-06-10 00:04:12 -------- d-----w- C:\Windows\SysWow64\vmm32
2012-06-10 00:04:12 -------- d-----w- C:\Program Files (x86)\Dell
2012-06-10 00:03:44 -------- d-sh--w- C:\Windows\Installer
2012-06-09 23:58:08 89088 ----a-w- C:\Windows\SysWow64\atl71.dll
2012-06-09 23:58:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-06-09 23:58:08 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-06-09 23:58:08 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll
2012-06-09 23:58:08 1047552 ----a-w- C:\Windows\SysWow64\MFC71u.dll
2012-06-09 23:56:07 139264 ----a-w- C:\Windows\System32\cabview.dll
2012-06-09 23:56:07 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2012-06-09 23:56:06 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-09 23:56:06 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-09 23:56:06 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-09 23:56:05 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-06-09 23:56:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-06-09 23:56:05 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-09 23:56:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-06-09 23:52:56 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-04-02 05:34:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-02 04:46:44 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-02 04:46:44 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-02 03:01:19 3143680 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 18:32:10.84 ===============
I have the other DDS log also; if it is needed.
Thanks for your help in advance!
I think this is the log...
11:21:47.0396 3476 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
11:21:48.0511 3476 ============================================================
11:21:48.0511 3476 Current date / time: 2012/06/21 11:21:48.0511
11:21:48.0511 3476 SystemInfo:
11:21:48.0511 3476
11:21:48.0511 3476 OS Version: 6.1.7600 ServicePack: 0.0
11:21:48.0511 3476 Product type: Workstation
11:21:48.0511 3476 ComputerName: SHELBY-PC
11:21:48.0511 3476 UserName: Shelby
11:21:48.0511 3476 Windows directory: C:\Windows
11:21:48.0511 3476 System windows directory: C:\Windows
11:21:48.0511 3476 Running under WOW64
11:21:48.0511 3476 Processor architecture: Intel x64
11:21:48.0511 3476 Number of processors: 2
11:21:48.0511 3476 Page size: 0x1000
11:21:48.0511 3476 Boot type: Normal boot
11:21:48.0512 3476 ============================================================
11:21:51.0030 3476 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:21:51.0050 3476 ============================================================
11:21:51.0050 3476 \Device\Harddisk0\DR0:
11:21:51.0050 3476 MBR partitions:
11:21:51.0050 3476 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
11:21:51.0050 3476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
11:21:51.0050 3476 ============================================================
11:21:51.0410 3476 C: <-> \Device\Harddisk0\DR0\Partition1
11:21:51.0410 3476 ============================================================
11:21:51.0410 3476 Initialize success
11:21:51.0410 3476 ============================================================
11:21:53.0814 3668 ============================================================
11:21:53.0814 3668 Scan started
11:21:53.0814 3668 Mode: Manual;
11:21:53.0814 3668 ============================================================
11:21:58.0240 3668 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:21:58.0240 3668 1394ohci - ok
11:21:58.0300 3668 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:21:58.0300 3668 ACPI - ok
11:21:58.0360 3668 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:21:58.0370 3668 AcpiPmi - ok
11:21:58.0690 3668 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:21:58.0757 3668 AdobeFlashPlayerUpdateSvc - ok
11:21:58.0832 3668 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:21:58.0842 3668 adp94xx - ok
11:21:58.0902 3668 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:21:58.0922 3668 adpahci - ok
11:21:58.0960 3668 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:21:58.0969 3668 adpu320 - ok
11:21:59.0034 3668 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:21:59.0034 3668 AeLookupSvc - ok
11:21:59.0134 3668 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:21:59.0144 3668 AFD - ok
11:21:59.0204 3668 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:21:59.0204 3668 agp440 - ok
11:21:59.0244 3668 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:21:59.0244 3668 ALG - ok
11:21:59.0274 3668 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:21:59.0274 3668 aliide - ok
11:21:59.0284 3668 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:21:59.0294 3668 amdide - ok
11:21:59.0334 3668 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:21:59.0344 3668 AmdK8 - ok
11:21:59.0344 3668 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:21:59.0354 3668 AmdPPM - ok
11:21:59.0426 3668 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:21:59.0488 3668 amdsata - ok
11:21:59.0501 3668 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:21:59.0508 3668 amdsbs - ok
11:21:59.0588 3668 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:21:59.0644 3668 amdxata - ok
11:21:59.0700 3668 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:21:59.0700 3668 AppID - ok
11:21:59.0740 3668 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:21:59.0740 3668 AppIDSvc - ok
11:21:59.0750 3668 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:21:59.0760 3668 Appinfo - ok
11:21:59.0780 3668 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:21:59.0790 3668 arc - ok
11:21:59.0800 3668 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:21:59.0810 3668 arcsas - ok
11:21:59.0820 3668 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:21:59.0830 3668 AsyncMac - ok
11:21:59.0830 3668 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:21:59.0830 3668 atapi - ok
11:21:59.0892 3668 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:21:59.0912 3668 AudioEndpointBuilder - ok
11:21:59.0922 3668 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:21:59.0932 3668 AudioSrv - ok
11:22:00.0004 3668 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:22:00.0014 3668 AxInstSV - ok
11:22:00.0084 3668 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:22:00.0104 3668 b06bdrv - ok
11:22:00.0166 3668 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:22:00.0176 3668 b57nd60a - ok
11:22:00.0318 3668 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:22:00.0328 3668 BCM43XX - ok
11:22:00.0380 3668 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:22:00.0390 3668 BDESVC - ok
11:22:00.0600 3668 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:22:00.0610 3668 Beep - ok
11:22:00.0712 3668 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:22:00.0722 3668 BFE - ok
11:22:00.0832 3668 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
11:22:00.0851 3668 BITS - ok
11:22:01.0024 3668 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:22:01.0034 3668 blbdrive - ok
11:22:01.0114 3668 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:22:01.0168 3668 bowser - ok
11:22:01.0175 3668 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:22:01.0183 3668 BrFiltLo - ok
11:22:01.0197 3668 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:22:01.0204 3668 BrFiltUp - ok
11:22:01.0235 3668 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:22:01.0242 3668 BridgeMP - ok
11:22:01.0276 3668 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:22:01.0292 3668 Browser - ok
11:22:01.0314 3668 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:22:01.0325 3668 Brserid - ok
11:22:01.0368 3668 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:22:01.0378 3668 BrSerWdm - ok
11:22:01.0398 3668 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:22:01.0398 3668 BrUsbMdm - ok
11:22:01.0408 3668 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:22:01.0408 3668 BrUsbSer - ok
11:22:01.0418 3668 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:22:01.0418 3668 BTHMODEM - ok
11:22:01.0520 3668 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:22:01.0520 3668 bthserv - ok
11:22:01.0712 3668 catchme - ok
11:22:01.0782 3668 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:22:01.0782 3668 cdfs - ok
11:22:01.0822 3668 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:22:01.0832 3668 cdrom - ok
11:22:01.0912 3668 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:22:01.0922 3668 CertPropSvc - ok
11:22:01.0972 3668 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
11:22:02.0022 3668 cfwids - ok
11:22:02.0074 3668 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:22:02.0084 3668 circlass - ok
11:22:02.0124 3668 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:22:02.0124 3668 CLFS - ok
11:22:02.0364 3668 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:22:02.0364 3668 clr_optimization_v2.0.50727_32 - ok
11:22:02.0584 3668 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:22:02.0594 3668 clr_optimization_v2.0.50727_64 - ok
11:22:02.0986 3668 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:22:03.0049 3668 clr_optimization_v4.0.30319_32 - ok
11:22:03.0188 3668 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:22:03.0257 3668 clr_optimization_v4.0.30319_64 - ok
11:22:03.0325 3668 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:22:03.0335 3668 CmBatt - ok
11:22:03.0335 3668 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:22:03.0345 3668 cmdide - ok
11:22:03.0415 3668 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
11:22:03.0465 3668 CNG - ok
11:22:03.0547 3668 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:22:03.0557 3668 Compbatt - ok
11:22:03.0597 3668 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:22:03.0597 3668 CompositeBus - ok
11:22:03.0607 3668 COMSysApp - ok
11:22:03.0617 3668 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:22:03.0627 3668 crcdisk - ok
11:22:03.0689 3668 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
11:22:03.0729 3668 CryptSvc - ok
11:22:03.0811 3668 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:22:03.0811 3668 DcomLaunch - ok
11:22:03.0891 3668 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:22:03.0901 3668 defragsvc - ok
11:22:03.0981 3668 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:22:04.0043 3668 DfsC - ok
11:22:04.0153 3668 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:22:04.0163 3668 Dhcp - ok
11:22:04.0223 3668 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:22:04.0223 3668 discache - ok
11:22:04.0313 3668 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:22:04.0323 3668 Disk - ok
11:22:04.0373 3668 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:22:04.0425 3668 Dnscache - ok
11:22:04.0503 3668 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:22:04.0533 3668 dot3svc - ok
11:22:04.0553 3668 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:22:04.0570 3668 DPS - ok
11:22:04.0645 3668 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:22:04.0645 3668 drmkaud - ok
11:22:04.0745 3668 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:22:04.0828 3668 DXGKrnl - ok
11:22:04.0867 3668 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:22:04.0877 3668 EapHost - ok
11:22:05.0927 3668 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:22:06.0097 3668 ebdrv - ok
11:22:06.0497 3668 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:22:06.0561 3668 EFS - ok
11:22:06.0749 3668 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:22:06.0816 3668 ehRecvr - ok
11:22:06.0851 3668 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:22:06.0851 3668 ehSched - ok
11:22:07.0041 3668 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:22:07.0051 3668 elxstor - ok
11:22:07.0051 3668 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:22:07.0071 3668 ErrDev - ok
11:22:07.0133 3668 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:22:07.0143 3668 EventSystem - ok
11:22:07.0183 3668 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:22:07.0193 3668 exfat - ok
11:22:07.0203 3668 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:22:07.0213 3668 fastfat - ok
11:22:07.0283 3668 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:22:07.0303 3668 Fax - ok
11:22:07.0303 3668 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:22:07.0313 3668 fdc - ok
11:22:07.0343 3668 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:22:07.0353 3668 fdPHost - ok
11:22:07.0353 3668 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:22:07.0363 3668 FDResPub - ok
11:22:07.0373 3668 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:22:07.0373 3668 FileInfo - ok
11:22:07.0413 3668 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:22:07.0423 3668 Filetrace - ok
11:22:07.0433 3668 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:22:07.0443 3668 flpydisk - ok
11:22:07.0473 3668 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:22:07.0483 3668 FltMgr - ok
11:22:07.0630 3668 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
11:22:07.0740 3668 FontCache - ok
11:22:07.0863 3668 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:22:07.0873 3668 FontCache3.0.0.0 - ok
11:22:08.0023 3668 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:22:08.0033 3668 FsDepends - ok
11:22:08.0183 3668 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
11:22:08.0274 3668 Fs_Rec - ok
11:22:08.0445 3668 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:22:08.0445 3668 fvevol - ok
11:22:08.0475 3668 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:22:08.0485 3668 gagp30kx - ok
11:22:08.0575 3668 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:22:08.0585 3668 gpsvc - ok
11:22:08.0645 3668 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:22:08.0645 3668 hcw85cir - ok
11:22:08.0725 3668 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
11:22:08.0735 3668 HdAudAddService - ok
11:22:08.0765 3668 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:22:08.0765 3668 HDAudBus - ok
11:22:08.0775 3668 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:22:08.0785 3668 HidBatt - ok
11:22:08.0795 3668 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:22:08.0805 3668 HidBth - ok
11:22:08.0855 3668 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:22:08.0855 3668 HidIr - ok
11:22:08.0905 3668 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:22:08.0905 3668 hidserv - ok
11:22:08.0935 3668 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:22:08.0935 3668 HidUsb - ok
11:22:08.0955 3668 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:22:08.0965 3668 hkmsvc - ok
11:22:08.0995 3668 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:22:09.0005 3668 HomeGroupListener - ok
11:22:09.0075 3668 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:22:09.0075 3668 HomeGroupProvider - ok
11:22:09.0115 3668 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:22:09.0125 3668 HpSAMD - ok
11:22:09.0185 3668 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:22:09.0195 3668 HTTP - ok
11:22:09.0205 3668 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:22:09.0205 3668 hwpolicy - ok
11:22:09.0305 3668 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:22:09.0315 3668 i8042prt - ok
11:22:09.0385 3668 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:22:09.0450 3668 iaStorV - ok
11:22:09.0727 3668 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:22:09.0747 3668 idsvc - ok
11:22:10.0127 3668 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:22:10.0269 3668 igfx - ok
11:22:10.0841 3668 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:22:10.0841 3668 iirsp - ok
11:22:10.0933 3668 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:22:10.0953 3668 IKEEXT - ok
11:22:11.0013 3668 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:22:11.0013 3668 intelide - ok
11:22:11.0053 3668 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:22:11.0053 3668 intelppm - ok
11:22:11.0113 3668 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:22:11.0123 3668 IPBusEnum - ok
11:22:11.0133 3668 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:22:11.0143 3668 IpFilterDriver - ok
11:22:11.0193 3668 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:22:11.0213 3668 iphlpsvc - ok
11:22:11.0223 3668 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:22:11.0233 3668 IPMIDRV - ok
11:22:11.0303 3668 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:22:11.0313 3668 IPNAT - ok
11:22:11.0353 3668 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:22:11.0363 3668 IRENUM - ok
11:22:11.0373 3668 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:22:11.0373 3668 isapnp - ok
11:22:11.0403 3668 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:22:11.0413 3668 iScsiPrt - ok
11:22:11.0443 3668 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:22:11.0453 3668 kbdclass - ok
11:22:11.0463 3668 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:22:11.0463 3668 kbdhid - ok
11:22:11.0513 3668 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:22:11.0513 3668 KeyIso - ok
11:22:11.0563 3668 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
11:22:11.0603 3668 KSecDD - ok
11:22:11.0646 3668 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
11:22:11.0704 3668 KSecPkg - ok
11:22:11.0757 3668 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:22:11.0767 3668 ksthunk - ok
11:22:11.0847 3668 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:22:11.0857 3668 KtmRm - ok
11:22:11.0927 3668 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
11:22:11.0977 3668 LanmanServer - ok
11:22:12.0009 3668 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:22:12.0019 3668 LanmanWorkstation - ok
11:22:12.0089 3668 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:22:12.0089 3668 lltdio - ok
11:22:12.0189 3668 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:22:12.0199 3668 lltdsvc - ok
11:22:12.0219 3668 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:22:12.0219 3668 lmhosts - ok
11:22:12.0269 3668 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:22:12.0279 3668 LSI_FC - ok
11:22:12.0289 3668 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:22:12.0289 3668 LSI_SAS - ok
11:22:12.0309 3668 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:22:12.0309 3668 LSI_SAS2 - ok
11:22:12.0329 3668 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:22:12.0339 3668 LSI_SCSI - ok
11:22:12.0349 3668 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:22:12.0359 3668 luafv - ok
11:22:12.0529 3668 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:12.0529 3668 McAfee SiteAdvisor Service - ok
11:22:12.0539 3668 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:12.0549 3668 McMPFSvc - ok
11:22:12.0579 3668 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:12.0579 3668 mcmscsvc - ok
11:22:12.0599 3668 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:12.0599 3668 McNaiAnn - ok
11:22:12.0609 3668 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:12.0619 3668 McNASvc - ok
11:22:12.0811 3668 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
11:22:12.0882 3668 McODS - ok
11:22:12.0888 3668 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:12.0891 3668 McProxy - ok
11:22:12.0983 3668 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:22:13.0037 3668 McShield - ok
11:22:13.0075 3668 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:22:13.0075 3668 Mcx2Svc - ok
11:22:13.0115 3668 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:22:13.0121 3668 megasas - ok
11:22:13.0137 3668 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:22:13.0147 3668 MegaSR - ok
11:22:13.0207 3668 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
11:22:13.0262 3668 mfeapfk - ok
11:22:13.0359 3668 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
11:22:13.0415 3668 mfeavfk - ok
11:22:13.0531 3668 mfeavfk01 - ok
11:22:13.0581 3668 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:22:13.0645 3668 mfefire - ok
11:22:13.0743 3668 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
11:22:13.0810 3668 mfefirek - ok
11:22:13.0895 3668 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
11:22:13.0969 3668 mfehidk - ok
11:22:13.0997 3668 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
11:22:14.0054 3668 mfenlfk - ok
11:22:14.0109 3668 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
11:22:14.0166 3668 mferkdet - ok
11:22:14.0211 3668 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
11:22:14.0273 3668 mfevtp - ok
11:22:14.0323 3668 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
11:22:14.0391 3668 mfewfpk - ok
11:22:14.0435 3668 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:22:14.0435 3668 MMCSS - ok
11:22:14.0495 3668 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:22:14.0495 3668 Modem - ok
11:22:14.0535 3668 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:22:14.0535 3668 monitor - ok
11:22:14.0555 3668 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:22:14.0565 3668 mouclass - ok
11:22:14.0575 3668 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:22:14.0585 3668 mouhid - ok
11:22:14.0585 3668 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:22:14.0595 3668 mountmgr - ok
11:22:14.0636 3668 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:22:14.0642 3668 mpio - ok
11:22:14.0647 3668 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:22:14.0657 3668 mpsdrv - ok
11:22:14.0727 3668 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:22:14.0747 3668 MpsSvc - ok
11:22:14.0777 3668 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:22:14.0787 3668 MRxDAV - ok
11:22:14.0827 3668 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:22:14.0884 3668 mrxsmb - ok
11:22:14.0939 3668 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:22:14.0997 3668 mrxsmb10 - ok
11:22:15.0041 3668 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:22:15.0096 3668 mrxsmb20 - ok
11:22:15.0133 3668 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:22:15.0133 3668 msahci - ok
11:22:15.0143 3668 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:22:15.0153 3668 msdsm - ok
11:22:15.0213 3668 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:22:15.0213 3668 MSDTC - ok
11:22:15.0243 3668 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:22:15.0243 3668 Msfs - ok
11:22:15.0263 3668 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:22:15.0263 3668 mshidkmdf - ok
11:22:15.0273 3668 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:22:15.0273 3668 msisadrv - ok
11:22:15.0323 3668 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:22:15.0333 3668 MSiSCSI - ok
11:22:15.0333 3668 msiserver - ok
11:22:15.0485 3668 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:22:15.0485 3668 MSK80Service - ok
11:22:15.0545 3668 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:22:15.0545 3668 MSKSSRV - ok
11:22:15.0565 3668 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:22:15.0575 3668 MSPCLOCK - ok
11:22:15.0585 3668 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:22:15.0585 3668 MSPQM - ok
11:22:15.0635 3668 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:22:15.0645 3668 MsRPC - ok
11:22:15.0655 3668 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:22:15.0655 3668 mssmbios - ok
11:22:15.0655 3668 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:22:15.0665 3668 MSTEE - ok
11:22:15.0665 3668 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:22:15.0675 3668 MTConfig - ok
11:22:15.0712 3668 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:22:15.0717 3668 Mup - ok
11:22:15.0837 3668 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:22:15.0837 3668 napagent - ok
11:22:15.0927 3668 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:22:15.0937 3668 NativeWifiP - ok
11:22:16.0037 3668 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:22:16.0047 3668 NDIS - ok
11:22:16.0097 3668 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:22:16.0097 3668 NdisCap - ok
11:22:16.0117 3668 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:22:16.0127 3668 NdisTapi - ok
11:22:16.0147 3668 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:22:16.0147 3668 Ndisuio - ok
11:22:16.0167 3668 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:22:16.0167 3668 NdisWan - ok
11:22:16.0187 3668 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:22:16.0187 3668 NDProxy - ok
11:22:16.0197 3668 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:22:16.0207 3668 NetBIOS - ok
11:22:16.0217 3668 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:22:16.0217 3668 NetBT - ok
11:22:16.0267 3668 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:22:16.0267 3668 Netlogon - ok
11:22:16.0357 3668 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:22:16.0367 3668 Netman - ok
11:22:16.0397 3668 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:22:16.0407 3668 netprofm - ok
11:22:16.0587 3668 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:22:16.0597 3668 NetTcpPortSharing - ok
11:22:16.0637 3668 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:22:16.0647 3668 nfrd960 - ok
11:22:16.0727 3668 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:22:16.0727 3668 NlaSvc - ok
11:22:16.0737 3668 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:22:16.0747 3668 Npfs - ok
11:22:16.0767 3668 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:22:16.0777 3668 nsi - ok
11:22:16.0777 3668 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:22:16.0787 3668 nsiproxy - ok
11:22:16.0937 3668 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:22:17.0007 3668 Ntfs - ok
11:22:17.0537 3668 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:22:17.0547 3668 Null - ok
11:22:17.0627 3668 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:22:17.0677 3668 nvraid - ok
11:22:17.0737 3668 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:22:17.0787 3668 nvstor - ok
11:22:17.0849 3668 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:22:17.0859 3668 nv_agp - ok
11:22:18.0079 3668 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:22:18.0149 3668 odserv - ok
11:22:18.0181 3668 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:22:18.0191 3668 ohci1394 - ok
11:22:18.0321 3668 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:22:18.0383 3668 ose - ok
11:22:18.0454 3668 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:22:18.0464 3668 p2pimsvc - ok
11:22:18.0494 3668 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:22:18.0504 3668 p2psvc - ok
11:22:18.0784 3668 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:22:18.0794 3668 Parport - ok
11:22:18.0824 3668 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
11:22:18.0886 3668 partmgr - ok
11:22:18.0900 3668 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:22:18.0906 3668 PcaSvc - ok
11:22:18.0926 3668 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:22:18.0936 3668 pci - ok
11:22:18.0946 3668 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:22:18.0956 3668 pciide - ok
11:22:18.0976 3668 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:22:18.0976 3668 pcmcia - ok
11:22:18.0996 3668 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:22:18.0996 3668 pcw - ok
11:22:19.0036 3668 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:22:19.0046 3668 PEAUTH - ok
11:22:19.0336 3668 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:22:19.0346 3668 PerfHost - ok
11:22:19.0488 3668 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:22:19.0518 3668 pla - ok
11:22:19.0598 3668 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:22:19.0638 3668 PlugPlay - ok
11:22:19.0690 3668 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:22:19.0700 3668 PNRPAutoReg - ok
11:22:19.0720 3668 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:22:19.0720 3668 PNRPsvc - ok
11:22:19.0790 3668 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:22:19.0810 3668 PolicyAgent - ok
11:22:19.0880 3668 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:22:19.0890 3668 Power - ok
11:22:20.0060 3668 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:22:20.0070 3668 PptpMiniport - ok
11:22:20.0090 3668 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:22:20.0090 3668 Processor - ok
11:22:20.0130 3668 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
11:22:20.0170 3668 ProfSvc - ok
11:22:20.0210 3668 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:22:20.0210 3668 ProtectedStorage - ok
11:22:20.0290 3668 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:22:20.0290 3668 Psched - ok
11:22:20.0420 3668 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:22:20.0440 3668 ql2300 - ok
11:22:21.0030 3668 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:22:21.0040 3668 ql40xx - ok
11:22:21.0090 3668 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:22:21.0100 3668 QWAVE - ok
11:22:21.0110 3668 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:22:21.0110 3668 QWAVEdrv - ok
11:22:21.0120 3668 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:22:21.0130 3668 RasAcd - ok
11:22:21.0230 3668 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:22:21.0230 3668 RasAgileVpn - ok
11:22:21.0260 3668 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:22:21.0270 3668 RasAuto - ok
11:22:21.0300 3668 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:22:21.0310 3668 Rasl2tp - ok
11:22:21.0350 3668 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:22:21.0360 3668 RasMan - ok
11:22:21.0370 3668 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:22:21.0380 3668 RasPppoe - ok
11:22:21.0430 3668 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:22:21.0440 3668 RasSstp - ok
11:22:21.0480 3668 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:22:21.0490 3668 rdbss - ok
11:22:21.0500 3668 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:22:21.0500 3668 rdpbus - ok
11:22:21.0510 3668 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:22:21.0510 3668 RDPCDD - ok
11:22:21.0540 3668 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:22:21.0540 3668 RDPENCDD - ok
11:22:21.0550 3668 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:22:21.0550 3668 RDPREFMP - ok
11:22:21.0610 3668 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
11:22:21.0660 3668 RDPWD - ok
11:22:21.0712 3668 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:22:21.0722 3668 rdyboost - ok
11:22:21.0792 3668 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:22:21.0802 3668 RemoteAccess - ok
11:22:21.0862 3668 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:22:21.0862 3668 RemoteRegistry - ok
11:22:21.0922 3668 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:22:21.0932 3668 RpcEptMapper - ok
11:22:21.0982 3668 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:22:21.0992 3668 RpcLocator - ok
11:22:22.0032 3668 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:22:22.0032 3668 RpcSs - ok
11:22:22.0072 3668 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:22:22.0082 3668 rspndr - ok
11:22:22.0112 3668 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:22:22.0112 3668 SamSs - ok
11:22:22.0122 3668 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:22:22.0132 3668 sbp2port - ok
11:22:22.0312 3668 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:22:22.0412 3668 SBSDWSCService - ok
11:22:22.0462 3668 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:22:22.0472 3668 SCardSvr - ok
11:22:22.0622 3668 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:22:22.0622 3668 scfilter - ok
11:22:22.0722 3668 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:22:22.0783 3668 Schedule - ok
11:22:22.0824 3668 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:22:22.0824 3668 SCPolicySvc - ok
11:22:22.0884 3668 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:22:22.0893 3668 SDRSVC - ok
11:22:23.0096 3668 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:22:23.0096 3668 secdrv - ok
11:22:23.0126 3668 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:22:23.0136 3668 seclogon - ok
11:22:23.0186 3668 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:22:23.0186 3668 SENS - ok
11:22:23.0216 3668 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:22:23.0226 3668 SensrSvc - ok
11:22:23.0236 3668 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:22:23.0236 3668 Serenum - ok
11:22:23.0286 3668 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:22:23.0296 3668 Serial - ok
11:22:23.0296 3668 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:22:23.0306 3668 sermouse - ok
11:22:23.0352 3668 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:22:23.0358 3668 SessionEnv - ok
11:22:23.0358 3668 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:22:23.0368 3668 sffdisk - ok
11:22:23.0378 3668 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:22:23.0378 3668 sffp_mmc - ok
11:22:23.0388 3668 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:22:23.0398 3668 sffp_sd - ok
11:22:23.0398 3668 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:22:23.0408 3668 sfloppy - ok
11:22:23.0508 3668 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:22:23.0518 3668 SharedAccess - ok
11:22:23.0558 3668 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:22:23.0568 3668 ShellHWDetection - ok
11:22:23.0598 3668 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:22:23.0608 3668 SiSRaid2 - ok
11:22:23.0618 3668 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:22:23.0618 3668 SiSRaid4 - ok
11:22:23.0628 3668 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:22:23.0638 3668 Smb - ok
11:22:23.0708 3668 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:22:23.0718 3668 SNMPTRAP - ok
11:22:23.0718 3668 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:22:23.0728 3668 spldr - ok
11:22:24.0008 3668 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:22:24.0072 3668 Spooler - ok
11:22:24.0280 3668 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:22:24.0300 3668 sppsvc - ok
11:22:24.0723 3668 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:22:24.0733 3668 sppuinotify - ok
11:22:24.0903 3668 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:22:24.0961 3668 srv - ok
11:22:24.0995 3668 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:22:25.0057 3668 srv2 - ok
11:22:25.0097 3668 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:22:25.0147 3668 srvnet - ok
11:22:25.0217 3668 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:22:25.0227 3668 SSDPSRV - ok
11:22:25.0247 3668 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:22:25.0247 3668 SstpSvc - ok
11:22:25.0297 3668 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:22:25.0297 3668 stexstor - ok
11:22:25.0367 3668 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:22:25.0387 3668 stisvc - ok
11:22:25.0407 3668 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:22:25.0417 3668 swenum - ok
11:22:25.0487 3668 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:22:25.0487 3668 swprv - ok
11:22:25.0617 3668 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:22:25.0627 3668 SysMain - ok
11:22:26.0119 3668 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:22:26.0119 3668 TabletInputService - ok
11:22:26.0149 3668 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:22:26.0159 3668 TapiSrv - ok
11:22:26.0189 3668 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:22:26.0189 3668 TBS - ok
11:22:26.0469 3668 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
11:22:26.0549 3668 Tcpip - ok
11:22:27.0249 3668 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
11:22:27.0259 3668 TCPIP6 - ok
11:22:27.0825 3668 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:22:27.0835 3668 tcpipreg - ok
11:22:27.0865 3668 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:22:27.0875 3668 TDPIPE - ok
11:22:27.0925 3668 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:22:27.0982 3668 TDTCP - ok
11:22:28.0007 3668 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:22:28.0017 3668 tdx - ok
11:22:28.0017 3668 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:22:28.0027 3668 TermDD - ok
11:22:28.0107 3668 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:22:28.0127 3668 TermService - ok
11:22:28.0157 3668 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:22:28.0167 3668 Themes - ok
11:22:28.0207 3668 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:22:28.0207 3668 THREADORDER - ok
11:22:28.0237 3668 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:22:28.0247 3668 TrkWks - ok
11:22:28.0327 3668 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:22:28.0327 3668 TrustedInstaller - ok
11:22:28.0367 3668 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:22:28.0367 3668 tssecsrv - ok
11:22:28.0407 3668 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:22:28.0407 3668 tunnel - ok
11:22:28.0417 3668 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:22:28.0427 3668 uagp35 - ok
11:22:28.0477 3668 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:22:28.0487 3668 udfs - ok
11:22:28.0547 3668 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:22:28.0557 3668 UI0Detect - ok
11:22:28.0567 3668 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:22:28.0567 3668 uliagpkx - ok
11:22:28.0577 3668 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:22:28.0587 3668 umbus - ok
11:22:28.0587 3668 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:22:28.0587 3668 UmPass - ok
11:22:28.0639 3668 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:22:28.0649 3668 upnphost - ok
11:22:28.0679 3668 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
11:22:28.0736 3668 usbccgp - ok
11:22:28.0781 3668 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:22:28.0781 3668 usbcir - ok
11:22:28.0801 3668 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
11:22:28.0858 3668 usbehci - ok
11:22:28.0933 3668 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
11:22:28.0989 3668 usbhub - ok
11:22:29.0005 3668 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
11:22:29.0064 3668 usbohci - ok
11:22:29.0297 3668 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:22:29.0297 3668 usbprint - ok
11:22:29.0337 3668 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:22:29.0397 3668 USBSTOR - ok
11:22:29.0429 3668 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:22:29.0485 3668 usbuhci - ok
11:22:29.0541 3668 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
11:22:29.0601 3668 usbvideo - ok
11:22:29.0631 3668 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:22:29.0631 3668 UxSms - ok
11:22:29.0661 3668 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:22:29.0661 3668 VaultSvc - ok
11:22:29.0701 3668 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:22:29.0711 3668 vdrvroot - ok
11:22:29.0761 3668 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:22:29.0771 3668 vds - ok
11:22:29.0801 3668 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:22:29.0801 3668 vga - ok
11:22:29.0811 3668 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:22:29.0821 3668 VgaSave - ok
11:22:29.0831 3668 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:22:29.0846 3668 vhdmp - ok
11:22:29.0853 3668 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:22:29.0859 3668 viaide - ok
11:22:29.0883 3668 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:22:29.0883 3668 volmgr - ok
11:22:29.0913 3668 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:22:29.0913 3668 volmgrx - ok
11:22:29.0963 3668 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:22:29.0973 3668 volsnap - ok
11:22:29.0993 3668 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:22:29.0993 3668 vsmraid - ok
11:22:30.0153 3668 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:22:30.0163 3668 VSS - ok
11:22:30.0685 3668 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:22:30.0695 3668 vwifibus - ok
11:22:30.0725 3668 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:22:30.0725 3668 vwififlt - ok
11:22:30.0785 3668 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:22:30.0795 3668 W32Time - ok
11:22:30.0805 3668 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:22:30.0815 3668 WacomPen - ok
11:22:30.0845 3668 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:22:30.0845 3668 WANARP - ok
11:22:30.0855 3668 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:22:30.0855 3668 Wanarpv6 - ok
11:22:30.0985 3668 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:22:31.0095 3668 WatAdminSvc - ok
11:22:31.0205 3668 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:22:31.0235 3668 wbengine - ok
11:22:31.0657 3668 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:22:31.0667 3668 WbioSrvc - ok
11:22:31.0737 3668 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:22:31.0777 3668 wcncsvc - ok
11:22:31.0817 3668 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:22:31.0817 3668 WcsPlugInService - ok
11:22:31.0977 3668 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:22:31.0977 3668 Wd - ok
11:22:32.0027 3668 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:22:32.0037 3668 Wdf01000 - ok
11:22:32.0087 3668 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:22:32.0097 3668 WdiServiceHost - ok
11:22:32.0107 3668 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:22:32.0107 3668 WdiSystemHost - ok
11:22:32.0199 3668 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:22:32.0239 3668 WebClient - ok
11:22:32.0301 3668 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:22:32.0311 3668 Wecsvc - ok
11:22:32.0331 3668 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:22:32.0341 3668 wercplsupport - ok
11:22:32.0381 3668 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:22:32.0391 3668 WerSvc - ok
11:22:32.0623 3668 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:22:32.0623 3668 WfpLwf - ok
11:22:32.0633 3668 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:22:32.0637 3668 WIMMount - ok
11:22:32.0715 3668 WinDefend - ok
11:22:32.0725 3668 WinHttpAutoProxySvc - ok
11:22:32.0927 3668 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:22:32.0927 3668 Winmgmt - ok
11:22:33.0207 3668 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:22:33.0237 3668 WinRM - ok
11:22:33.0799 3668 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:22:33.0819 3668 Wlansvc - ok
11:22:34.0029 3668 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:22:34.0029 3668 WmiAcpi - ok
11:22:34.0231 3668 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:22:34.0241 3668 wmiApSrv - ok
11:22:34.0661 3668 WMPNetworkSvc - ok
11:22:34.0761 3668 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:22:34.0801 3668 WPCSvc - ok
11:22:34.0961 3668 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:22:34.0961 3668 WPDBusEnum - ok
11:22:35.0071 3668 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:22:35.0071 3668 ws2ifsl - ok
11:22:35.0191 3668 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
11:22:35.0231 3668 wscsvc - ok
11:22:35.0244 3668 WSearch - ok
11:22:35.0443 3668 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:22:35.0463 3668 wuauserv - ok
11:22:36.0057 3668 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:22:36.0067 3668 WudfPf - ok
11:22:36.0117 3668 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:22:36.0127 3668 WUDFRd - ok
11:22:36.0229 3668 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:22:36.0238 3668 wudfsvc - ok
11:22:36.0309 3668 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:22:36.0329 3668 WwanSvc - ok
11:22:36.0409 3668 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
11:22:36.0409 3668 yukonw7 - ok
11:22:36.0473 3668 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:22:36.0511 3668 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:22:36.0511 3668 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:22:36.0551 3668 Boot (0x1200) (e9898696208d9272da9533ade414211f) \Device\Harddisk0\DR0\Partition0
11:22:36.0551 3668 \Device\Harddisk0\DR0\Partition0 - ok
11:22:36.0601 3668 Boot (0x1200) (3f759e083daa0bfc53855744e15a6d5a) \Device\Harddisk0\DR0\Partition1
11:22:36.0611 3668 \Device\Harddisk0\DR0\Partition1 - ok
11:22:36.0621 3668 ============================================================
11:22:36.0621 3668 Scan finished
11:22:36.0621 3668 ============================================================
11:22:36.0631 4936 Detected object count: 1
11:22:36.0631 4936 Actual detected object count: 1
11:22:53.0959 4936 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
11:22:53.0959 4936 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
The scan itself lasted for less than a minute, so I am not sure if it captured everything you need. Let me know, if you need something else.
Thanks!