PDA

View Full Version : All sorts of problems: Trojans, Smitfraud, etc.



ronnies
2012-08-24, 05:55
I'm not even sure when this all began. I will guess around the beginning of August. I noticed my computer was loading slower but I figured it was due to add-ons. Then I noticed an additional IE window that I did not open. That's when I downloaded Spybot and discovered the intruders.

Here's my DDS:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Scriven at 22:07:42 on 2012-08-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2230 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\dlcqcoms.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe
C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingApp.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingBar.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingSurrogate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingSurrogate.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120213144224.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [FaxCenterServer] "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Scriven\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
TCP: DhcpNameServer = 192.168.200.1
TCP: Interfaces\{B35F3F63-C6B9-40D5-8065-255D8F8DB51D} : DhcpNameServer = 192.168.200.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120213144224.dll
BHO-X64: scriptproxy - No File
BHO-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO-X64: Swag Bucks - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [FaxCenterServer] "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-7-9 98208]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-8-2 173056]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-22 655944]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-7-9 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-7-9 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-7-9 1692480]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-9 2656280]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-8-10 1153368]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250056]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-7-9 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-24 00:30:22 20480 ----a-w- C:\Windows\svchost.exe
2012-08-23 02:53:52 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-23 02:53:32 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-23 02:29:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-22 00:15:24 -------- d-sh--w- C:\found.000
2012-08-20 15:50:04 -------- d-----w- C:\Users\Scriven\AppData\Roaming\Malwarebytes
2012-08-20 15:49:55 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-20 15:49:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-20 02:16:10 -------- d-----w- C:\Users\Scriven\AppData\Local\AskToolbar
2012-08-20 02:16:05 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-08-20 02:02:30 -------- d-----w- C:\Users\Scriven\AppData\Roaming\Avira
2012-08-20 01:55:53 -------- d-----w- C:\ProgramData\Avira
2012-08-20 01:55:53 -------- d-----w- C:\Program Files (x86)\Avira
2012-08-12 03:55:53 -------- d-----w- C:\Users\Scriven\AppData\Local\Apple Computer
2012-08-12 03:54:14 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-12 03:54:14 -------- d-----w- C:\Program Files\iPod
2012-08-12 03:54:14 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-12 03:53:04 -------- d-----w- C:\Users\Scriven\AppData\Local\Apple
2012-08-12 03:52:15 -------- d-----w- C:\Program Files\Bonjour
2012-08-12 03:52:15 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-08-10 23:51:26 -------- d-----w- C:\Users\Scriven\AppData\Local\ElevatedDiagnostics
2012-08-07 23:41:31 -------- d-----w- C:\Users\Scriven\AppData\Local\The Weather Channel
2012-08-07 14:39:13 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-08-06 19:50:31 -------- d-----w- C:\Users\Scriven\AppData\Local\Swag_Bucks
2012-08-06 01:05:29 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2012-08-02 03:10:45 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-02 03:10:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-08-02 00:53:07 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-07-30 18:09:53 -------- d-----w- C:\ProgramData\Symantec
2012-07-30 18:09:33 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307020.005
2012-07-30 18:09:33 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2012-07-30 18:09:33 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2012-07-30 18:09:20 -------- d-----w- C:\ProgramData\Norton
2012-07-30 18:09:18 -------- d-----w- C:\ProgramData\NortonInstaller
2012-07-30 18:09:18 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-07-28 17:16:11 -------- d-----w- C:\Users\Scriven\AppData\Roaming\ooVoo Details
.
==================== Find3M ====================
.
2012-08-22 22:15:21 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-22 22:15:21 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 22:09:13.15 ===============

aswMBR Log:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-23 22:34:11
-----------------------------
22:34:11.366 OS Version: Windows x64 6.1.7601 Service Pack 1
22:34:11.366 Number of processors: 2 586 0x2A07
22:34:11.366 ComputerName: SCRIVEN-PC UserName: Scriven
22:34:14.050 Initialize success
22:35:39.309 AVAST engine defs: 12082400
22:36:42.021 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:36:42.021 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
22:36:42.037 Device \Driver\iaStor -> MajorFunction fffffa80069545e8
22:36:42.037 Disk 0 MBR read successfully
22:36:42.037 Disk 0 MBR scan
22:36:42.052 Disk 0 Windows VISTA default MBR code
22:36:42.052 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
22:36:42.068 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
22:36:42.083 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 285140 MB offset 41172992
22:36:42.115 Disk 0 scanning C:\Windows\system32\drivers
22:36:53.269 Service scanning
22:37:17.636 Modules scanning
22:37:17.651 Disk 0 trace - called modules:
22:37:17.667 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80069545e8]<<
22:37:17.667 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006521060]
22:37:17.667 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046b3050]
22:37:17.683 \Driver\iaStor[0xfffffa80069366a0] -> IRP_MJ_CREATE -> 0xfffffa80069545e8
22:37:19.055 AVAST engine scan C:\Windows
22:37:21.427 AVAST engine scan C:\Windows\system32
22:39:10.507 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:39:13.159 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:40:38.694 AVAST engine scan C:\Windows\system32\drivers
22:40:59.801 AVAST engine scan C:\Users\Scriven
22:51:48.024 Disk 0 MBR has been saved successfully to "C:\Users\Scriven\Desktop\MBR.dat"
22:51:48.024 The log file has been saved successfully to "C:\Users\Scriven\Desktop\aswMBR.txt"


I hope I did everything right. I've never done this before. Thank you so much!

oldman960
2012-08-25, 09:17
Hi ronnies, welcome to the forum.

To make cleaning this machine easier
Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs.
Please do not run any scans other than those requested
Please follow all instructions in the order posted
All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
Do not attach any logs/reports, etc.. unless specifically requested to do so.
If you have problems with or do not understand the instructions, Please ask before continuing.
Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.


Download the latest version of TDSSKiller from here (http://support.kaspersky.com/downloads/utils/tdsskiller.exe) and save it to your Desktop.



Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_1.jpg

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_2.jpg

Click the Start Scan button.

http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_3.jpg

If a suspicious object is detected, the default action will be Skip, click on Continue.

http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_4.jpg

If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

http://i466.photobucket.com/albums/rr21/JSntgRvr/tdss_5.jpg

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

ronnies
2012-08-27, 04:12
20:50:11.0385 6172 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:50:11.0853 6172 ============================================================
20:50:11.0853 6172 Current date / time: 2012/08/26 20:50:11.0853
20:50:11.0853 6172 SystemInfo:
20:50:11.0853 6172
20:50:11.0853 6172 OS Version: 6.1.7601 ServicePack: 1.0
20:50:11.0853 6172 Product type: Workstation
20:50:11.0853 6172 ComputerName: SCRIVEN-PC
20:50:11.0853 6172 UserName: Scriven
20:50:11.0853 6172 Windows directory: C:\Windows
20:50:11.0853 6172 System windows directory: C:\Windows
20:50:11.0853 6172 Running under WOW64
20:50:11.0853 6172 Processor architecture: Intel x64
20:50:11.0853 6172 Number of processors: 2
20:50:11.0853 6172 Page size: 0x1000
20:50:11.0853 6172 Boot type: Normal boot
20:50:11.0853 6172 ============================================================
20:50:13.0179 6172 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:13.0195 6172 ============================================================
20:50:13.0195 6172 \Device\Harddisk0\DR0:
20:50:13.0195 6172 MBR partitions:
20:50:13.0195 6172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
20:50:13.0195 6172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x22CEA2B0
20:50:13.0195 6172 ============================================================
20:50:13.0211 6172 C: <-> \Device\Harddisk0\DR0\Partition2
20:50:13.0211 6172 ============================================================
20:50:13.0211 6172 Initialize success
20:50:13.0211 6172 ============================================================
20:53:49.0608 2160 ============================================================
20:53:49.0608 2160 Scan started
20:53:49.0608 2160 Mode: Manual; SigCheck; TDLFS;
20:53:49.0608 2160 ============================================================
20:53:50.0481 2160 ================ Scan system memory ========================
20:53:50.0481 2160 System memory - ok
20:53:50.0481 2160 ================ Scan services =============================
20:53:51.0246 2160 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:53:51.0417 2160 1394ohci - ok
20:53:51.0464 2160 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:53:51.0495 2160 ACPI - ok
20:53:51.0542 2160 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:53:51.0667 2160 AcpiPmi - ok
20:53:51.0823 2160 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:53:51.0854 2160 AdobeARMservice - ok
20:53:52.0057 2160 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:53:52.0088 2160 AdobeFlashPlayerUpdateSvc - ok
20:53:52.0182 2160 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:53:52.0213 2160 adp94xx - ok
20:53:52.0260 2160 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:53:52.0307 2160 adpahci - ok
20:53:52.0353 2160 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:53:52.0385 2160 adpu320 - ok
20:53:52.0431 2160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:53:52.0650 2160 AeLookupSvc - ok
20:53:52.0728 2160 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:53:52.0759 2160 AERTFilters - ok
20:53:52.0853 2160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:53:52.0946 2160 AFD - ok
20:53:53.0009 2160 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:53:53.0040 2160 agp440 - ok
20:53:53.0118 2160 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:53:53.0196 2160 ALG - ok
20:53:53.0258 2160 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:53:53.0289 2160 aliide - ok
20:53:53.0321 2160 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:53:53.0352 2160 amdide - ok
20:53:53.0367 2160 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:53:53.0414 2160 AmdK8 - ok
20:53:53.0430 2160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:53:53.0461 2160 AmdPPM - ok
20:53:53.0508 2160 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:53:53.0555 2160 amdsata - ok
20:53:53.0586 2160 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:53:53.0601 2160 amdsbs - ok
20:53:53.0601 2160 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:53:53.0617 2160 amdxata - ok
20:53:53.0648 2160 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:53:53.0882 2160 AppID - ok
20:53:53.0898 2160 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:53:53.0976 2160 AppIDSvc - ok
20:53:53.0991 2160 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:53:54.0054 2160 Appinfo - ok
20:53:54.0179 2160 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:53:54.0210 2160 Apple Mobile Device - ok
20:53:54.0241 2160 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:53:54.0272 2160 arc - ok
20:53:54.0303 2160 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:53:54.0303 2160 arcsas - ok
20:53:54.0428 2160 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:53:54.0475 2160 aspnet_state - ok
20:53:54.0491 2160 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:53:54.0569 2160 AsyncMac - ok
20:53:54.0615 2160 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:53:54.0615 2160 atapi - ok
20:53:54.0662 2160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:53:54.0740 2160 AudioEndpointBuilder - ok
20:53:54.0756 2160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:53:54.0803 2160 AudioSrv - ok
20:53:54.0834 2160 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:53:54.0943 2160 AxInstSV - ok
20:53:54.0990 2160 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:53:55.0052 2160 b06bdrv - ok
20:53:55.0115 2160 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:53:55.0224 2160 b57nd60a - ok
20:53:55.0349 2160 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
20:53:55.0380 2160 BBSvc - ok
20:53:55.0411 2160 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
20:53:55.0427 2160 BBUpdate - ok
20:53:55.0458 2160 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
20:53:55.0489 2160 BCM42RLY - ok
20:53:55.0598 2160 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:53:55.0692 2160 BCM43XX - ok
20:53:55.0754 2160 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:53:55.0817 2160 BDESVC - ok
20:53:55.0848 2160 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:53:55.0973 2160 Beep - ok
20:53:56.0004 2160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:53:56.0051 2160 blbdrive - ok
20:53:56.0097 2160 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:53:56.0144 2160 Bonjour Service - ok
20:53:56.0175 2160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:53:56.0222 2160 bowser - ok
20:53:56.0238 2160 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:53:56.0300 2160 BrFiltLo - ok
20:53:56.0316 2160 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:53:56.0331 2160 BrFiltUp - ok
20:53:56.0363 2160 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
20:53:56.0456 2160 Browser - ok
20:53:56.0487 2160 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:53:56.0565 2160 Brserid - ok
20:53:56.0581 2160 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:53:56.0628 2160 BrSerWdm - ok
20:53:56.0643 2160 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:53:56.0690 2160 BrUsbMdm - ok
20:53:56.0706 2160 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:53:56.0737 2160 BrUsbSer - ok
20:53:56.0784 2160 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:53:56.0862 2160 BthEnum - ok
20:53:56.0893 2160 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:53:56.0940 2160 BTHMODEM - ok
20:53:56.0987 2160 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:53:57.0049 2160 BthPan - ok
20:53:57.0096 2160 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:53:57.0143 2160 BTHPORT - ok
20:53:57.0205 2160 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:53:57.0267 2160 bthserv - ok
20:53:57.0299 2160 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:53:57.0345 2160 BTHUSB - ok
20:53:57.0408 2160 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
20:53:57.0439 2160 BTWAMPFL - ok
20:53:57.0470 2160 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:53:57.0501 2160 btwaudio - ok
20:53:57.0517 2160 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
20:53:57.0533 2160 btwavdt - ok
20:53:57.0595 2160 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:53:57.0642 2160 btwdins - ok
20:53:57.0657 2160 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:53:57.0673 2160 btwl2cap - ok
20:53:57.0689 2160 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:53:57.0689 2160 btwrchid - ok
20:53:57.0735 2160 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:53:57.0813 2160 cdfs - ok
20:53:57.0845 2160 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:53:57.0891 2160 cdrom - ok
20:53:57.0938 2160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:53:58.0016 2160 CertPropSvc - ok
20:53:58.0063 2160 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
20:53:58.0094 2160 cfwids - ok
20:53:58.0141 2160 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:53:58.0188 2160 circlass - ok
20:53:58.0203 2160 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:53:58.0219 2160 CLFS - ok
20:53:58.0281 2160 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:53:58.0313 2160 clr_optimization_v2.0.50727_32 - ok
20:53:58.0344 2160 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:53:58.0375 2160 clr_optimization_v2.0.50727_64 - ok
20:53:58.0422 2160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:53:58.0500 2160 clr_optimization_v4.0.30319_32 - ok
20:53:58.0531 2160 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:53:58.0578 2160 clr_optimization_v4.0.30319_64 - ok
20:53:58.0593 2160 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:53:58.0625 2160 CmBatt - ok
20:53:58.0656 2160 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:53:58.0671 2160 cmdide - ok
20:53:58.0718 2160 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:53:58.0765 2160 CNG - ok
20:53:58.0796 2160 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:53:58.0812 2160 Compbatt - ok
20:53:58.0827 2160 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:53:58.0890 2160 CompositeBus - ok
20:53:58.0905 2160 COMSysApp - ok
20:53:58.0921 2160 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:53:58.0968 2160 crcdisk - ok
20:53:58.0999 2160 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:53:59.0061 2160 CryptSvc - ok
20:53:59.0108 2160 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:53:59.0171 2160 CtClsFlt - ok
20:53:59.0217 2160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:53:59.0295 2160 DcomLaunch - ok
20:53:59.0342 2160 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:53:59.0451 2160 defragsvc - ok
20:53:59.0514 2160 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
20:53:59.0545 2160 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
20:53:59.0545 2160 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
20:53:59.0592 2160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:53:59.0670 2160 DfsC - ok
20:53:59.0701 2160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:53:59.0763 2160 Dhcp - ok
20:53:59.0779 2160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:53:59.0857 2160 discache - ok
20:53:59.0888 2160 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:53:59.0919 2160 Disk - ok
20:53:59.0935 2160 dlcq_device - ok
20:53:59.0966 2160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:54:00.0029 2160 Dnscache - ok
20:54:00.0044 2160 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:54:00.0122 2160 dot3svc - ok
20:54:00.0153 2160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:54:00.0216 2160 DPS - ok
20:54:00.0247 2160 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:54:00.0310 2160 drmkaud - ok
20:54:00.0356 2160 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:54:00.0403 2160 DXGKrnl - ok
20:54:00.0434 2160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:54:00.0512 2160 EapHost - ok
20:54:00.0606 2160 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:54:00.0731 2160 ebdrv - ok
20:54:00.0746 2160 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:54:00.0824 2160 EFS - ok
20:54:00.0887 2160 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:54:00.0996 2160 ehRecvr - ok
20:54:01.0012 2160 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:54:01.0027 2160 ehSched - ok
20:54:01.0074 2160 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:54:01.0121 2160 elxstor - ok
20:54:01.0136 2160 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:54:01.0183 2160 ErrDev - ok
20:54:01.0230 2160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:54:01.0308 2160 EventSystem - ok
20:54:01.0339 2160 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:54:01.0386 2160 exfat - ok
20:54:01.0417 2160 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:54:01.0495 2160 fastfat - ok
20:54:01.0542 2160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:54:01.0636 2160 Fax - ok
20:54:01.0667 2160 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:54:01.0714 2160 fdc - ok
20:54:01.0745 2160 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:54:01.0792 2160 fdPHost - ok
20:54:01.0792 2160 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:54:01.0854 2160 FDResPub - ok
20:54:01.0870 2160 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:54:01.0885 2160 FileInfo - ok
20:54:01.0901 2160 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:54:01.0994 2160 Filetrace - ok
20:54:02.0010 2160 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:54:02.0026 2160 flpydisk - ok
20:54:02.0041 2160 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:54:02.0057 2160 FltMgr - ok
20:54:02.0104 2160 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:54:02.0197 2160 FontCache - ok
20:54:02.0260 2160 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:54:02.0275 2160 FontCache3.0.0.0 - ok
20:54:02.0291 2160 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:54:02.0306 2160 FsDepends - ok
20:54:02.0353 2160 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:54:02.0384 2160 fssfltr - ok
20:54:02.0462 2160 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:54:02.0540 2160 fsssvc - ok
20:54:02.0587 2160 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:54:02.0603 2160 Fs_Rec - ok
20:54:02.0650 2160 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:54:02.0681 2160 fvevol - ok
20:54:02.0696 2160 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:54:02.0712 2160 gagp30kx - ok
20:54:02.0743 2160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:54:02.0821 2160 gpsvc - ok
20:54:02.0837 2160 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:54:02.0899 2160 hcw85cir - ok
20:54:02.0930 2160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:54:02.0993 2160 HDAudBus - ok
20:54:03.0024 2160 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:54:03.0055 2160 HidBatt - ok
20:54:03.0086 2160 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:54:03.0149 2160 HidBth - ok
20:54:03.0164 2160 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:54:03.0196 2160 HidIr - ok
20:54:03.0211 2160 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:54:03.0274 2160 hidserv - ok
20:54:03.0336 2160 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:54:03.0367 2160 HidUsb - ok
20:54:03.0430 2160 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:54:03.0539 2160 hkmsvc - ok
20:54:03.0554 2160 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:54:03.0617 2160 HomeGroupListener - ok
20:54:03.0632 2160 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:54:03.0695 2160 HomeGroupProvider - ok
20:54:03.0726 2160 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:54:03.0757 2160 HpSAMD - ok
20:54:03.0788 2160 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:54:03.0851 2160 HTCAND64 - ok
20:54:03.0913 2160 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:54:03.0929 2160 htcnprot - ok
20:54:03.0960 2160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:54:04.0054 2160 HTTP - ok
20:54:04.0085 2160 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:54:04.0085 2160 hwpolicy - ok
20:54:04.0132 2160 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:54:04.0163 2160 i8042prt - ok
20:54:04.0210 2160 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:54:04.0241 2160 iaStor - ok
20:54:04.0272 2160 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:54:04.0303 2160 iaStorV - ok
20:54:04.0366 2160 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:54:04.0412 2160 idsvc - ok
20:54:04.0678 2160 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:54:05.0052 2160 igfx - ok
20:54:05.0083 2160 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:54:05.0099 2160 iirsp - ok
20:54:05.0161 2160 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:54:05.0286 2160 IKEEXT - ok
20:54:05.0333 2160 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
20:54:05.0395 2160 Impcd - ok
20:54:05.0489 2160 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:54:05.0551 2160 IntcAzAudAddService - ok
20:54:05.0598 2160 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:54:05.0645 2160 IntcDAud - ok
20:54:05.0660 2160 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:54:05.0692 2160 intelide - ok
20:54:05.0723 2160 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:54:05.0754 2160 intelppm - ok
20:54:05.0801 2160 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:54:05.0863 2160 IPBusEnum - ok
20:54:05.0879 2160 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:54:05.0910 2160 IpFilterDriver - ok
20:54:05.0926 2160 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:54:05.0972 2160 IPMIDRV - ok
20:54:06.0019 2160 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:54:06.0113 2160 IPNAT - ok
20:54:06.0144 2160 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:54:06.0160 2160 IRENUM - ok
20:54:06.0175 2160 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:54:06.0191 2160 isapnp - ok
20:54:06.0206 2160 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:54:06.0222 2160 iScsiPrt - ok
20:54:06.0238 2160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:54:06.0253 2160 kbdclass - ok
20:54:06.0269 2160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:54:06.0331 2160 kbdhid - ok
20:54:06.0347 2160 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:54:06.0378 2160 KeyIso - ok
20:54:06.0409 2160 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:54:06.0440 2160 KSecDD - ok
20:54:06.0472 2160 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:54:06.0503 2160 KSecPkg - ok
20:54:06.0503 2160 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:54:06.0565 2160 ksthunk - ok
20:54:06.0612 2160 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:54:06.0706 2160 KtmRm - ok
20:54:06.0768 2160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:54:06.0830 2160 LanmanServer - ok
20:54:06.0877 2160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:54:06.0955 2160 LanmanWorkstation - ok
20:54:06.0986 2160 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:54:07.0049 2160 lltdio - ok
20:54:07.0096 2160 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:54:07.0174 2160 lltdsvc - ok
20:54:07.0189 2160 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:54:07.0236 2160 lmhosts - ok
20:54:07.0314 2160 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:54:07.0345 2160 LMS - ok
20:54:07.0376 2160 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:54:07.0408 2160 LSI_FC - ok
20:54:07.0470 2160 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:54:07.0501 2160 LSI_SAS - ok
20:54:07.0532 2160 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:54:07.0548 2160 LSI_SAS2 - ok
20:54:07.0564 2160 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:54:07.0579 2160 LSI_SCSI - ok
20:54:07.0595 2160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:54:07.0688 2160 luafv - ok
20:54:07.0735 2160 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:54:07.0766 2160 MBAMProtector - ok
20:54:07.0829 2160 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:54:07.0876 2160 MBAMService - ok
20:54:08.0032 2160 [ F69B3AD25321B672A417C24FE6688B6F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
20:54:08.0078 2160 McAWFwk ( UnsignedFile.Multi.Generic ) - warning
20:54:08.0078 2160 McAWFwk - detected UnsignedFile.Multi.Generic (1)
20:54:08.0156 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:54:08.0188 2160 McMPFSvc - ok
20:54:08.0203 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0219 2160 mcmscsvc - ok
20:54:08.0266 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0297 2160 McNaiAnn - ok
20:54:08.0312 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0328 2160 McNASvc - ok
20:54:08.0406 2160 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
20:54:08.0453 2160 McODS - ok
20:54:08.0453 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0468 2160 McOobeSv - ok
20:54:08.0468 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0484 2160 McProxy - ok
20:54:08.0531 2160 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:54:08.0562 2160 McShield - ok
20:54:08.0593 2160 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:54:08.0609 2160 Mcx2Svc - ok
20:54:08.0640 2160 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:54:08.0656 2160 megasas - ok
20:54:08.0702 2160 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:54:08.0718 2160 MegaSR - ok
20:54:08.0765 2160 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:54:08.0796 2160 MEIx64 - ok
20:54:08.0827 2160 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:54:08.0843 2160 mfeapfk - ok
20:54:08.0874 2160 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:54:08.0905 2160 mfeavfk - ok
20:54:08.0921 2160 mfeavfk01 - ok
20:54:08.0952 2160 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:54:08.0983 2160 mfefire - ok
20:54:08.0999 2160 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:54:09.0014 2160 mfefirek - ok
20:54:09.0046 2160 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:54:09.0077 2160 mfehidk - ok
20:54:09.0108 2160 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
20:54:09.0139 2160 mfenlfk - ok
20:54:09.0170 2160 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
20:54:09.0202 2160 mferkdet - ok
20:54:09.0233 2160 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
20:54:09.0280 2160 mfevtp - ok
20:54:09.0295 2160 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:54:09.0311 2160 mfewfpk - ok
20:54:09.0326 2160 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:54:09.0420 2160 MMCSS - ok
20:54:09.0436 2160 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:54:09.0514 2160 Modem - ok
20:54:09.0529 2160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:54:09.0592 2160 monitor - ok
20:54:09.0607 2160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:54:09.0623 2160 mouclass - ok
20:54:09.0654 2160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
20:54:09.0701 2160 mouhid - ok
20:54:09.0732 2160 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:54:09.0748 2160 mountmgr - ok
20:54:09.0779 2160 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:54:09.0794 2160 mpio - ok
20:54:09.0810 2160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:54:09.0841 2160 mpsdrv - ok
20:54:09.0872 2160 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:54:09.0919 2160 MRxDAV - ok
20:54:09.0950 2160 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:54:09.0982 2160 mrxsmb - ok
20:54:09.0997 2160 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:54:10.0028 2160 mrxsmb10 - ok
20:54:10.0044 2160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:54:10.0060 2160 mrxsmb20 - ok
20:54:10.0091 2160 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:54:10.0106 2160 msahci - ok
20:54:10.0122 2160 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:54:10.0138 2160 msdsm - ok
20:54:10.0169 2160 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:54:10.0216 2160 MSDTC - ok
20:54:10.0231 2160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:54:10.0294 2160 Msfs - ok
20:54:10.0325 2160 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:54:10.0403 2160 mshidkmdf - ok
20:54:10.0418 2160 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:54:10.0434 2160 msisadrv - ok
20:54:10.0465 2160 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:54:10.0559 2160 MSiSCSI - ok
20:54:10.0574 2160 msiserver - ok
20:54:10.0590 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:54:10.0606 2160 MSK80Service - ok
20:54:10.0621 2160 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:54:10.0715 2160 MSKSSRV - ok
20:54:10.0715 2160 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:54:10.0762 2160 MSPCLOCK - ok
20:54:10.0793 2160 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:54:10.0871 2160 MSPQM - ok
20:54:10.0902 2160 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:54:10.0918 2160 MsRPC - ok
20:54:10.0933 2160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:54:10.0949 2160 mssmbios - ok
20:54:10.0949 2160 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:54:10.0996 2160 MSTEE - ok
20:54:11.0027 2160 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:54:11.0042 2160 MTConfig - ok
20:54:11.0042 2160 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:54:11.0058 2160 Mup - ok
20:54:11.0089 2160 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:54:11.0152 2160 napagent - ok
20:54:11.0183 2160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:54:11.0230 2160 NativeWifiP - ok
20:54:11.0292 2160 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:54:11.0354 2160 NDIS - ok
20:54:11.0386 2160 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:54:11.0432 2160 NdisCap - ok
20:54:11.0448 2160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:54:11.0495 2160 NdisTapi - ok
20:54:11.0526 2160 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:54:11.0604 2160 Ndisuio - ok
20:54:11.0635 2160 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:54:11.0698 2160 NdisWan - ok
20:54:11.0713 2160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:54:11.0760 2160 NDProxy - ok
20:54:11.0776 2160 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:54:11.0838 2160 NetBIOS - ok
20:54:11.0869 2160 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:54:11.0916 2160 NetBT - ok
20:54:11.0932 2160 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:54:11.0947 2160 Netlogon - ok
20:54:11.0994 2160 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:54:12.0088 2160 Netman - ok
20:54:12.0119 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0166 2160 NetMsmqActivator - ok
20:54:12.0166 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0181 2160 NetPipeActivator - ok
20:54:12.0197 2160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:54:12.0290 2160 netprofm - ok
20:54:12.0306 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0322 2160 NetTcpActivator - ok
20:54:12.0322 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0337 2160 NetTcpPortSharing - ok
20:54:12.0353 2160 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:54:12.0368 2160 nfrd960 - ok
20:54:12.0384 2160 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:54:12.0446 2160 NlaSvc - ok

ronnies
2012-08-27, 04:12
20:54:12.0618 2160 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
20:54:12.0712 2160 NOBU - ok
20:54:12.0727 2160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:54:12.0774 2160 Npfs - ok
20:54:12.0805 2160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:54:12.0868 2160 nsi - ok
20:54:12.0899 2160 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:54:12.0977 2160 nsiproxy - ok
20:54:13.0055 2160 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:54:13.0148 2160 Ntfs - ok
20:54:13.0148 2160 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:54:13.0195 2160 Null - ok
20:54:13.0226 2160 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:54:13.0273 2160 nusb3hub - ok
20:54:13.0304 2160 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:54:13.0367 2160 nusb3xhc - ok
20:54:13.0414 2160 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:54:13.0445 2160 nvraid - ok
20:54:13.0476 2160 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:54:13.0523 2160 nvstor - ok
20:54:13.0554 2160 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:54:13.0601 2160 nv_agp - ok
20:54:13.0616 2160 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:54:13.0648 2160 ohci1394 - ok
20:54:13.0726 2160 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:54:13.0757 2160 ose - ok
20:54:13.0913 2160 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:54:14.0084 2160 osppsvc - ok
20:54:14.0131 2160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:54:14.0194 2160 p2pimsvc - ok
20:54:14.0225 2160 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:54:14.0272 2160 p2psvc - ok
20:54:14.0287 2160 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:54:14.0318 2160 Parport - ok
20:54:14.0350 2160 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:54:14.0381 2160 partmgr - ok
20:54:14.0428 2160 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:54:14.0443 2160 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:54:14.0443 2160 PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:54:14.0474 2160 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:54:14.0537 2160 PcaSvc - ok
20:54:14.0568 2160 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:54:14.0599 2160 pci - ok
20:54:14.0630 2160 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:54:14.0662 2160 pciide - ok
20:54:14.0693 2160 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:54:14.0740 2160 pcmcia - ok
20:54:14.0755 2160 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:54:14.0771 2160 pcw - ok
20:54:14.0786 2160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:54:14.0880 2160 PEAUTH - ok
20:54:14.0989 2160 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:54:15.0052 2160 PerfHost - ok
20:54:15.0114 2160 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:54:15.0192 2160 pla - ok
20:54:15.0254 2160 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:54:15.0301 2160 PlugPlay - ok
20:54:15.0332 2160 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:54:15.0379 2160 PNRPAutoReg - ok
20:54:15.0410 2160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:54:15.0426 2160 PNRPsvc - ok
20:54:15.0457 2160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:54:15.0551 2160 PolicyAgent - ok
20:54:15.0613 2160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:54:15.0691 2160 Power - ok
20:54:15.0722 2160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:54:15.0816 2160 PptpMiniport - ok
20:54:15.0832 2160 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:54:15.0863 2160 Processor - ok
20:54:15.0894 2160 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:54:15.0956 2160 ProfSvc - ok
20:54:15.0972 2160 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:54:16.0003 2160 ProtectedStorage - ok
20:54:16.0034 2160 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:54:16.0112 2160 Psched - ok
20:54:16.0144 2160 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:54:16.0144 2160 PxHlpa64 - ok
20:54:16.0222 2160 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:54:16.0300 2160 ql2300 - ok
20:54:16.0331 2160 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:54:16.0362 2160 ql40xx - ok
20:54:16.0393 2160 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:54:16.0424 2160 QWAVE - ok
20:54:16.0424 2160 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:54:16.0487 2160 QWAVEdrv - ok
20:54:16.0502 2160 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:54:16.0596 2160 RasAcd - ok
20:54:16.0627 2160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:54:16.0674 2160 RasAgileVpn - ok
20:54:16.0690 2160 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:54:16.0768 2160 RasAuto - ok
20:54:16.0799 2160 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:54:16.0892 2160 Rasl2tp - ok
20:54:16.0924 2160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:54:16.0986 2160 RasMan - ok
20:54:17.0002 2160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:54:17.0064 2160 RasPppoe - ok
20:54:17.0095 2160 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:54:17.0158 2160 RasSstp - ok
20:54:17.0189 2160 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:54:17.0236 2160 rdbss - ok
20:54:17.0236 2160 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:54:17.0298 2160 rdpbus - ok
20:54:17.0314 2160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:54:17.0376 2160 RDPCDD - ok
20:54:17.0423 2160 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:54:17.0485 2160 RDPENCDD - ok
20:54:17.0516 2160 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:54:17.0548 2160 RDPREFMP - ok
20:54:17.0610 2160 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:54:17.0657 2160 RDPWD - ok
20:54:17.0688 2160 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:54:17.0719 2160 rdyboost - ok
20:54:17.0750 2160 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:54:17.0844 2160 RemoteAccess - ok
20:54:17.0875 2160 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:54:17.0938 2160 RemoteRegistry - ok
20:54:17.0984 2160 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:54:18.0047 2160 RFCOMM - ok
20:54:18.0140 2160 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
20:54:18.0218 2160 RoxMediaDB12OEM - ok
20:54:18.0250 2160 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
20:54:18.0265 2160 RoxWatch12 - ok
20:54:18.0296 2160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:54:18.0374 2160 RpcEptMapper - ok
20:54:18.0406 2160 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:54:18.0421 2160 RpcLocator - ok
20:54:18.0437 2160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:54:18.0484 2160 RpcSs - ok
20:54:18.0530 2160 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:54:18.0608 2160 rspndr - ok
20:54:18.0655 2160 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:54:18.0686 2160 RSUSBSTOR - ok
20:54:18.0733 2160 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:54:18.0764 2160 RTL8167 - ok
20:54:18.0780 2160 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:54:18.0796 2160 SamSs - ok
20:54:18.0811 2160 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:54:18.0827 2160 sbp2port - ok
20:54:18.0905 2160 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
20:54:18.0936 2160 SBSDWSCService - ok
20:54:18.0967 2160 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:54:19.0014 2160 SCardSvr - ok
20:54:19.0030 2160 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:54:19.0108 2160 scfilter - ok
20:54:19.0139 2160 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:54:19.0217 2160 Schedule - ok
20:54:19.0248 2160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:54:19.0279 2160 SCPolicySvc - ok
20:54:19.0310 2160 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:54:19.0326 2160 SDRSVC - ok
20:54:19.0373 2160 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:54:19.0435 2160 secdrv - ok
20:54:19.0466 2160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:54:19.0498 2160 seclogon - ok
20:54:19.0529 2160 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:54:19.0591 2160 SENS - ok
20:54:19.0591 2160 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:54:19.0654 2160 SensrSvc - ok
20:54:19.0685 2160 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:54:19.0732 2160 Serenum - ok
20:54:19.0778 2160 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:54:19.0825 2160 Serial - ok
20:54:19.0872 2160 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:54:19.0934 2160 sermouse - ok
20:54:19.0966 2160 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:54:20.0059 2160 SessionEnv - ok
20:54:20.0106 2160 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:54:20.0137 2160 sffdisk - ok
20:54:20.0153 2160 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:54:20.0184 2160 sffp_mmc - ok
20:54:20.0200 2160 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:54:20.0262 2160 sffp_sd - ok
20:54:20.0278 2160 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:54:20.0309 2160 sfloppy - ok
20:54:20.0434 2160 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:54:20.0496 2160 SftService - ok
20:54:20.0527 2160 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:54:20.0605 2160 ShellHWDetection - ok
20:54:20.0621 2160 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:54:20.0636 2160 SiSRaid2 - ok
20:54:20.0652 2160 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:54:20.0668 2160 SiSRaid4 - ok
20:54:20.0699 2160 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:54:20.0761 2160 Smb - ok
20:54:20.0792 2160 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:54:20.0839 2160 SNMPTRAP - ok
20:54:20.0870 2160 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:54:20.0902 2160 spldr - ok
20:54:20.0917 2160 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:54:20.0964 2160 Spooler - ok
20:54:21.0042 2160 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:54:21.0198 2160 sppsvc - ok
20:54:21.0229 2160 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:54:21.0260 2160 sppuinotify - ok
20:54:21.0292 2160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:54:21.0354 2160 srv - ok
20:54:21.0385 2160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:54:21.0432 2160 srv2 - ok
20:54:21.0463 2160 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:54:21.0494 2160 srvnet - ok
20:54:21.0526 2160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:54:21.0604 2160 SSDPSRV - ok
20:54:21.0619 2160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:54:21.0666 2160 SstpSvc - ok
20:54:21.0697 2160 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:54:21.0713 2160 stexstor - ok
20:54:21.0775 2160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:54:21.0822 2160 stisvc - ok
20:54:21.0869 2160 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:54:21.0869 2160 stllssvr - ok
20:54:21.0884 2160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:54:21.0900 2160 swenum - ok
20:54:21.0916 2160 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:54:21.0978 2160 swprv - ok
20:54:22.0056 2160 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:54:22.0103 2160 SynTP - ok
20:54:22.0150 2160 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:54:22.0274 2160 SysMain - ok
20:54:22.0290 2160 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:54:22.0337 2160 TabletInputService - ok
20:54:22.0352 2160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:54:22.0399 2160 TapiSrv - ok
20:54:22.0415 2160 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:54:22.0462 2160 TBS - ok
20:54:22.0555 2160 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:54:22.0649 2160 Tcpip - ok
20:54:22.0711 2160 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:54:22.0758 2160 TCPIP6 - ok
20:54:22.0789 2160 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:54:22.0898 2160 tcpipreg - ok
20:54:22.0914 2160 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:54:22.0976 2160 TDPIPE - ok
20:54:23.0008 2160 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:54:23.0054 2160 TDTCP - ok
20:54:23.0054 2160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:54:23.0101 2160 tdx - ok
20:54:23.0117 2160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:54:23.0117 2160 TermDD - ok
20:54:23.0164 2160 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:54:23.0242 2160 TermService - ok
20:54:23.0273 2160 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:54:23.0335 2160 Themes - ok
20:54:23.0366 2160 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:54:23.0429 2160 THREADORDER - ok
20:54:23.0429 2160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:54:23.0491 2160 TrkWks - ok
20:54:23.0554 2160 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:54:23.0632 2160 TrustedInstaller - ok
20:54:23.0647 2160 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:54:23.0725 2160 tssecsrv - ok
20:54:23.0756 2160 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:54:23.0803 2160 TsUsbFlt - ok
20:54:23.0834 2160 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:54:23.0866 2160 TsUsbGD - ok
20:54:23.0897 2160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:54:23.0975 2160 tunnel - ok
20:54:23.0990 2160 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:54:24.0006 2160 uagp35 - ok
20:54:24.0022 2160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:54:24.0084 2160 udfs - ok
20:54:24.0115 2160 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:54:24.0162 2160 UI0Detect - ok
20:54:24.0178 2160 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:54:24.0209 2160 uliagpkx - ok
20:54:24.0224 2160 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:54:24.0256 2160 umbus - ok
20:54:24.0287 2160 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:54:24.0349 2160 UmPass - ok
20:54:24.0458 2160 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:54:24.0505 2160 UNS - ok
20:54:24.0552 2160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:54:24.0630 2160 upnphost - ok
20:54:24.0661 2160 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:54:24.0724 2160 usbccgp - ok
20:54:24.0786 2160 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:54:24.0817 2160 usbcir - ok
20:54:24.0848 2160 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:54:24.0895 2160 usbehci - ok
20:54:24.0942 2160 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:54:25.0020 2160 usbhub - ok
20:54:25.0051 2160 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:54:25.0082 2160 usbohci - ok
20:54:25.0114 2160 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:54:25.0176 2160 usbprint - ok
20:54:25.0223 2160 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:54:25.0270 2160 usbscan - ok
20:54:25.0301 2160 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:54:25.0363 2160 USBSTOR - ok
20:54:25.0379 2160 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:54:25.0426 2160 usbuhci - ok
20:54:25.0488 2160 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:54:25.0535 2160 usbvideo - ok
20:54:25.0566 2160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:54:25.0628 2160 UxSms - ok
20:54:25.0660 2160 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:54:25.0660 2160 VaultSvc - ok
20:54:25.0691 2160 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:54:25.0691 2160 vdrvroot - ok
20:54:25.0722 2160 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:54:25.0784 2160 vds - ok
20:54:25.0816 2160 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:54:25.0847 2160 vga - ok
20:54:25.0862 2160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:54:25.0909 2160 VgaSave - ok
20:54:25.0940 2160 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:54:25.0956 2160 vhdmp - ok
20:54:25.0972 2160 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:54:25.0972 2160 viaide - ok
20:54:25.0987 2160 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:54:26.0003 2160 volmgr - ok
20:54:26.0018 2160 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:54:26.0050 2160 volmgrx - ok
20:54:26.0065 2160 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:54:26.0081 2160 volsnap - ok
20:54:26.0096 2160 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:54:26.0112 2160 vsmraid - ok
20:54:26.0174 2160 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:54:26.0268 2160 VSS - ok
20:54:26.0284 2160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:54:26.0315 2160 vwifibus - ok
20:54:26.0362 2160 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:54:26.0408 2160 vwififlt - ok
20:54:26.0424 2160 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:54:26.0440 2160 vwifimp - ok
20:54:26.0471 2160 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:54:26.0518 2160 W32Time - ok
20:54:26.0533 2160 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:54:26.0596 2160 WacomPen - ok
20:54:26.0611 2160 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:54:26.0705 2160 WANARP - ok
20:54:26.0705 2160 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:54:26.0752 2160 Wanarpv6 - ok
20:54:26.0830 2160 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:54:26.0908 2160 WatAdminSvc - ok
20:54:26.0970 2160 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:54:27.0079 2160 wbengine - ok
20:54:27.0079 2160 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:54:27.0110 2160 WbioSrvc - ok
20:54:27.0126 2160 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:54:27.0188 2160 wcncsvc - ok
20:54:27.0204 2160 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:54:27.0235 2160 WcsPlugInService - ok
20:54:27.0266 2160 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:54:27.0282 2160 Wd - ok
20:54:27.0329 2160 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:54:27.0376 2160 Wdf01000 - ok
20:54:27.0391 2160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:54:27.0516 2160 WdiServiceHost - ok
20:54:27.0532 2160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:54:27.0547 2160 WdiSystemHost - ok
20:54:27.0563 2160 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:54:27.0641 2160 WebClient - ok
20:54:27.0656 2160 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:54:27.0750 2160 Wecsvc - ok
20:54:27.0766 2160 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:54:27.0828 2160 wercplsupport - ok
20:54:27.0859 2160 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:54:27.0890 2160 WerSvc - ok
20:54:27.0922 2160 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:54:27.0968 2160 WfpLwf - ok
20:54:28.0000 2160 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:54:28.0031 2160 WimFltr - ok
20:54:28.0046 2160 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:54:28.0062 2160 WIMMount - ok
20:54:28.0062 2160 WinHttpAutoProxySvc - ok
20:54:28.0140 2160 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:54:28.0202 2160 Winmgmt - ok
20:54:28.0280 2160 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:54:28.0390 2160 WinRM - ok
20:54:28.0452 2160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:54:28.0561 2160 Wlansvc - ok
20:54:28.0639 2160 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:54:28.0670 2160 wlcrasvc - ok
20:54:28.0780 2160 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:54:28.0873 2160 wlidsvc - ok
20:54:28.0936 2160 [ BCA22B2B27417FA7C8D824D5DE4DC03C ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
20:54:28.0967 2160 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
20:54:28.0967 2160 wltrysvc - detected UnsignedFile.Multi.Generic (1)
20:54:28.0982 2160 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:54:29.0045 2160 WmiAcpi - ok
20:54:29.0092 2160 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:54:29.0123 2160 wmiApSrv - ok
20:54:29.0154 2160 WMPNetworkSvc - ok
20:54:29.0185 2160 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:54:29.0232 2160 WPCSvc - ok
20:54:29.0248 2160 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:54:29.0294 2160 WPDBusEnum - ok
20:54:29.0341 2160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:54:29.0404 2160 ws2ifsl - ok
20:54:29.0404 2160 WSearch - ok
20:54:29.0419 2160 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:54:29.0497 2160 WudfPf - ok
20:54:29.0513 2160 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:54:29.0606 2160 WUDFRd - ok
20:54:29.0622 2160 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:54:29.0669 2160 wudfsvc - ok
20:54:29.0684 2160 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:54:29.0747 2160 WwanSvc - ok
20:54:29.0778 2160 ================ Scan global ===============================
20:54:29.0794 2160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:54:29.0825 2160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:54:29.0840 2160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:54:29.0872 2160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:54:29.0934 2160 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
20:54:29.0934 2160 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
20:54:29.0934 2160 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
20:54:29.0934 2160 ================ Scan MBR ==================================
20:54:29.0950 2160 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:54:29.0950 2160 Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:54:29.0996 2160 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
20:54:29.0996 2160 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
20:54:30.0090 2160 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:54:30.0106 2160 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:54:30.0106 2160 ================ Scan VBR ==================================
20:54:30.0106 2160 [ 119EC4FD4956138ED61A44A1279D8C5D ] \Device\Harddisk0\DR0\Partition1
20:54:30.0106 2160 \Device\Harddisk0\DR0\Partition1 - ok
20:54:30.0152 2160 [ 22BE3A84ED3753349F9ACEB9525DE59B ] \Device\Harddisk0\DR0\Partition2
20:54:30.0152 2160 \Device\Harddisk0\DR0\Partition2 - ok
20:54:30.0152 2160 ============================================================
20:54:30.0152 2160 Scan finished
20:54:30.0152 2160============================================================
20:54:30.0152 1868 Detected object count: 7
20:54:30.0152 1868 Actual detected object count: 7
20:55:27.0311 1868 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0311 1868 McAWFwk ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 McAWFwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0311 1868 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0311 1868 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0389 1868 C:\Windows\system32\services.exe - copied to quarantine
20:55:29.0089 1868 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
20:55:29.0089 1868 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
20:55:29.0136 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ - copied to quarantine
20:55:29.0136 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@ - copied to quarantine
20:55:29.0136 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\201d3dde - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000004.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000008.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\000000cb.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000032.@ - copied to quarantine
20:55:29.0167 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000064.@ - copied to quarantine
20:55:44.0831 1868 Backup copy found, using it..
20:55:44.0924 1868 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000004.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000008.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\000000cb.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000032.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000064.@ - will be deleted on reboot
20:55:44.0940 1868 C:\Windows\system32\services.exe - will be cured on reboot
20:55:44.0940 1868 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
20:55:45.0954 1868 \Device\Harddisk0\DR0\# - copied to quarantine
20:55:45.0954 1868 \Device\Harddisk0\DR0 - copied to quarantine
20:55:46.0016 1868 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:55:46.0016 1868 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:55:46.0032 1868 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
20:55:46.0047 1868 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
20:55:46.0063 1868 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:55:46.0141 1868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
20:55:46.0141 1868 \Device\Harddisk0\DR0 - ok
20:55:46.0188 1868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
20:55:46.0203 1868 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:55:46.0203 1868 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:56:38.0800 3420 Deinitialize success

oldman960
2012-08-27, 06:39
Hi ronnies,

Download ComboFix from one of these locations:

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)


* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs (http://forums.whatthetech.com/How_to_Disable_your_Security_Programs_t96260.html)

Right click on ComboFix.exe, click Run as Administrator & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Please post back with the combofix log.

Thanks

ronnies
2012-08-27, 18:42
ComboFix 12-08-25.04 - Scriven 08/27/2012 11:12:33.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2450 [GMT -4:00]
Running from: c:\users\Scriven\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))))
.
.
2012-08-27 15:20 . 2012-08-27 15:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-27 00:55 . 2012-08-27 00:55 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-24 02:21 . 2012-08-24 02:21 -------- d-----w- c:\programdata\PC-Doctor for Windows
2012-08-24 02:05 . 2012-08-24 02:06 -------- d-----w- c:\program files (x86)\ERUNT
2012-08-23 02:54 . 2012-08-23 02:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-23 02:53 . 2012-08-23 02:53 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-23 02:53 . 2012-08-23 02:53 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-23 02:29 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-22 00:15 . 2012-08-22 00:15 -------- d-----w- C:\found.000
2012-08-20 15:50 . 2012-08-20 15:50 -------- d-----w- c:\users\Scriven\AppData\Roaming\Malwarebytes
2012-08-20 15:49 . 2012-08-20 15:49 -------- d-----w- c:\programdata\Malwarebytes
2012-08-20 15:49 . 2012-08-24 00:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-20 02:16 . 2012-08-20 02:16 -------- d-----w- c:\users\Scriven\AppData\Local\AskToolbar
2012-08-20 02:16 . 2012-08-22 22:44 -------- d-----w- c:\program files (x86)\Ask.com
2012-08-20 02:02 . 2012-08-20 02:02 -------- d-----w- c:\users\Scriven\AppData\Roaming\Avira
2012-08-20 01:55 . 2012-08-20 02:16 -------- d-----w- c:\programdata\Avira
2012-08-20 01:55 . 2012-08-20 01:55 -------- d-----w- c:\program files (x86)\Avira
2012-08-12 03:55 . 2012-08-13 04:56 -------- d-----w- c:\users\Scriven\AppData\Roaming\Apple Computer
2012-08-12 03:55 . 2012-08-12 03:55 -------- d-----w- c:\users\Scriven\AppData\Local\Apple Computer
2012-08-12 03:54 . 2012-08-22 22:44 -------- d-----w- c:\program files (x86)\iTunes
2012-08-12 03:54 . 2012-08-22 22:44 -------- d-----w- c:\programdata\Apple Computer
2012-08-12 03:54 . 2012-08-12 03:55 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-12 03:54 . 2012-08-12 03:54 -------- d-----w- c:\program files\iPod
2012-08-12 03:53 . 2012-08-12 03:53 -------- d-----w- c:\users\Scriven\AppData\Local\Apple
2012-08-12 03:52 . 2012-08-12 03:53 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files\Common Files\Apple
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files\Bonjour
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files (x86)\Bonjour
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\programdata\Apple
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-08-10 23:51 . 2012-08-16 15:12 -------- d-----w- c:\users\Scriven\AppData\Local\ElevatedDiagnostics
2012-08-07 23:41 . 2012-08-07 23:41 -------- d-----w- c:\users\Scriven\AppData\Local\The Weather Channel
2012-08-07 14:39 . 2012-08-07 14:39 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-08-06 19:50 . 2012-08-08 00:38 -------- d-----w- c:\users\Scriven\AppData\Local\Swag_Bucks
2012-08-06 01:05 . 2012-08-06 01:05 -------- d-----w- c:\program files (x86)\Dell Digital Delivery
2012-08-02 13:14 . 2012-08-02 13:14 -------- d-----w- c:\windows\Sun
2012-08-02 03:10 . 2012-08-24 00:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-08-02 03:10 . 2012-08-12 03:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-08-02 00:53 . 2012-08-02 00:53 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-07-30 18:09 . 2012-07-30 18:09 -------- d-----w- c:\programdata\Symantec
2012-07-30 18:09 . 2012-08-06 01:38 -------- d-----w- c:\program files (x86)\Norton Security Scan
2012-07-30 18:09 . 2012-07-30 18:09 -------- d-----w- c:\windows\system32\drivers\NSSx64
2012-07-30 18:09 . 2012-08-06 01:38 -------- d-----w- c:\programdata\Norton
2012-07-30 18:09 . 2012-07-30 18:09 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-07-30 16:04 . 2012-07-30 18:45 -------- d-----w- c:\program files (x86)\Google
2012-07-28 17:16 . 2012-07-28 17:16 -------- d-----w- c:\users\Scriven\AppData\Roaming\ooVoo Details
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-27 00:57 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-22 22:15 . 2012-04-03 13:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 22:15 . 2012-02-28 13:16 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-25 20:04 . 2012-06-25 20:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-12 03:08 . 2012-07-12 07:03 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 13:44 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 13:44 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 13:44 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 13:44 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 13:44 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 13:44 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 13:44 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-19 13:58 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 13:58 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 13:58 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 13:58 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 13:58 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 13:58 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 13:58 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-19 13:58 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-19 13:58 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 07:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-12 07:01 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 07:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 07:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 07:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 07:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 07:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 07:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 07:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 13:44 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 13:44 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 13:44 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 13:44 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 13:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 13:44 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 13:44 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 13:44 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 13:44 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Swag_Bucks\prxtbSwag.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"FaxCenterServer"="c:\program files (x86)\Dell PC Fax\fm3032.exe" [2006-12-12 312200]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-05-30 885760]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-22 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 250056]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2010-09-21 348712]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-15 100912]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-14 1255736]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-15 284648]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-10-15 75808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-08-02 173056]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-12-06 161168]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-10-15 65264]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-10-15 481768]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-11-18 6301696]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-11 4500640]
"dlcqmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files (x86)\Dell Photo AIO Printer 966\memcard.exe" [2006-12-12 304008]
"DLCQCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCQtime.dll" [2006-10-16 31744]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-05-30 2055816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.200.1
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-DW6 - c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-32473346.sys
Toolbar-Locked - (no file)
WebBrowser-{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}"=hex:51,66,7a,6c,4c,1d,38,12,b8,aa,cd,
8f,50,21,85,00,f1,ff,c9,c1,aa,53,6b,80
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{27B4851A-3207-45A2-B947-BE8AFE6163AB}"=hex:51,66,7a,6c,4c,1d,38,12,74,86,a7,
23,35,7c,cc,00,c6,51,fd,ca,fb,3f,27,bf
"{4BEEA052-726D-4A6E-B65D-A6BD07C263F3}"=hex:51,66,7a,6c,4c,1d,38,12,3c,a3,fd,
4f,5f,3c,00,0f,c9,4b,e5,fd,02,9c,27,e7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,
79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
"{4A62FAC4-1670-430B-8C6B-9C7B53F51798}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f9,71,
4e,42,58,65,06,f3,7d,df,3b,56,ab,53,8c
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:98,a1,58,38,f7,74,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,b2,f1,91,5d,b2,71,41,96,b5,90,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,b2,f1,91,5d,b2,71,41,96,b5,90,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-08-27 11:30:55 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-27 15:30
.
Pre-Run: 250,084,663,296 bytes free
Post-Run: 250,542,567,424 bytes free
.
- - End Of File - - 05CAC875C580982B085213BA4A2FBFAA

oldman960
2012-08-28, 03:00
Hi ronnies



This infection is known to corrupt some of windows services. We'll have a look.
Next

Please download Farbar Service Scanner (http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/) and save it to your desktop.
Check all the boxes and click scan
Please copy and paste the log to your reply.



Next


Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.

Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output
Check the boxes beside LOP Check and Purity Check.
In the window under Custom Scans/Fixes copy and paste the following


netsvcs
/md5start
services.*
/md5stop



Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Please post back with the OTL logs and the FSS log.

ronnies
2012-08-28, 15:21
FSS Log
Farbar Service Scanner Version: 06-08-2012
Ran by Scriven (administrator) on 28-08-2012 at 08:03:26
Running from "C:\Users\Scriven\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

ronnies
2012-08-28, 15:28
OTL logfile created on: 8/28/2012 8:07:59 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Scriven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.76% Memory free
7.83 Gb Paging File | 5.92 Gb Available in Paging File | 75.61% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 232.81 Gb Free Space | 83.61% Space Free | Partition Type: NTFS

Computer Name: SCRIVEN-PC | User Name: Scriven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Scriven\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe ()
PRC - C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\DLCQcfg.dll ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqscw.dll ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqdrec.dll ()


========== Services (SafeList) ==========

SRV:[b]64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe ()
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dlcq_device) -- C:\Windows\SysNative\dlcqcoms.exe ( )
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DellDigitalDelivery) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dlcq_device) -- C:\Windows\SysWOW64\dlcqcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}
IE:64bit: - HKLM\..\SearchScopes\{AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}
IE - HKLM\..\SearchScopes\{AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}
IE - HKCU\..\SearchScopes\{0C0D7F65-CD76-42D5-9655-771D74B9781C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2260173
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/08/23 20:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/24 21:23:37 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/08/27 11:23:32 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120213144224.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120213144224.dll (McAfee, Inc.)
O2 - BHO: (Swag Bucks Toolbar) - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Swag Bucks Toolbar) - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Swag Bucks Toolbar) - {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [DLCQCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\DLCQtime.DLL ()
O4:64bit: - HKLM..\Run: [dlcqmon.exe] C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 10.6.2)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 1.7.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 1.7.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.200.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B35F3F63-C6B9-40D5-8065-255D8F8DB51D}: DhcpNameServer = 192.168.200.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


========== Files/Folders - Created Within 30 Days ==========

[2012/08/28 08:04:20 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Scriven\Desktop\OTL.exe
[2012/08/28 08:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/28 08:02:35 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Scriven\Desktop\FSS.exe
[2012/08/27 17:30:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/27 11:30:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/27 11:09:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/27 11:09:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/27 11:09:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/27 10:59:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/27 10:57:11 | 004,738,846 | R--- | C] (Swearware) -- C:\Users\Scriven\Desktop\ComboFix.exe
[2012/08/26 20:55:27 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/26 20:49:37 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Scriven\Desktop\tdsskiller.exe
[2012/08/23 22:21:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/23 22:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/23 22:06:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/08/23 22:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/08/23 22:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/08/22 22:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/22 22:53:52 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/22 22:53:52 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/22 22:53:32 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/22 22:53:32 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/22 22:53:32 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/22 22:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/22 22:29:04 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/21 20:15:24 | 000,000,000 | ---D | C] -- C:\found.000
[2012/08/20 11:50:04 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Roaming\Malwarebytes
[2012/08/20 11:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/20 11:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/19 22:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/19 22:16:10 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\AskToolbar
[2012/08/19 22:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/08/19 22:02:30 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Roaming\Avira
[2012/08/19 21:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/08/19 21:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/08/11 23:55:53 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Roaming\Apple Computer
[2012/08/11 23:55:53 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\Apple Computer
[2012/08/11 23:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/08/11 23:53:04 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\Apple
[2012/08/11 23:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/08/11 23:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/08/11 23:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/08/11 23:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/08/11 23:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/08/11 23:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/08/10 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\ElevatedDiagnostics
[2012/08/10 09:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/08/07 19:41:31 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\The Weather Channel
[2012/08/07 10:39:13 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/08/06 15:50:31 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\Swag_Bucks
[2012/08/05 21:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery
[2012/08/04 13:05:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/08/04 09:40:16 | 000,000,000 | ---D | C] -- C:\Users\Scriven\Documents\Kelly Electronic Earnings Documents System New User Activation_files
[2012/08/02 09:14:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/01 23:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/08/01 23:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/08/01 20:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/07/30 14:47:55 | 000,000,000 | ---D | C] -- C:\Users\Scriven\Documents\Fragments
[2012/07/30 14:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/07/30 14:09:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012/07/30 14:09:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012/07/30 14:09:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012/07/30 14:09:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005
[2012/07/30 14:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/07/30 14:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/07/30 14:09:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/07/30 12:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/07/30 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

ronnies
2012-08-28, 15:29
========== Files - Modified Within 30 Days ==========

[2012/08/28 08:06:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 08:06:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 08:04:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Scriven\Desktop\OTL.exe
[2012/08/28 08:03:59 | 000,778,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/28 08:03:59 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/28 08:03:59 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/28 08:02:35 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Scriven\Desktop\FSS.exe
[2012/08/28 07:58:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/28 07:58:41 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/28 04:00:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/27 12:23:48 | 000,326,530 | ---- | M] () -- C:\Users\Scriven\12_13 STAR Orientation_BBC.pdf
[2012/08/27 11:23:32 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/27 10:57:12 | 004,738,846 | R--- | M] (Swearware) -- C:\Users\Scriven\Desktop\ComboFix.exe
[2012/08/26 20:57:04 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2012/08/26 20:49:37 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Scriven\Desktop\tdsskiller.exe
[2012/08/24 21:23:39 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/08/23 22:51:48 | 000,000,512 | ---- | M] () -- C:\Users\Scriven\Desktop\MBR.dat
[2012/08/23 22:29:40 | 000,005,099 | ---- | M] () -- C:\Users\Scriven\Documents\Attach.zip
[2012/08/23 22:06:14 | 000,001,110 | ---- | M] () -- C:\Users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/08/23 22:05:59 | 000,000,930 | ---- | M] () -- C:\Users\Scriven\Desktop\NTREGOPT.lnk
[2012/08/23 22:05:59 | 000,000,911 | ---- | M] () -- C:\Users\Scriven\Desktop\ERUNT.lnk
[2012/08/22 22:53:14 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/22 22:53:13 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/22 22:53:13 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/22 22:53:13 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/22 22:53:13 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/22 22:38:11 | 430,706,627 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/22 22:29:06 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/22 22:27:09 | 000,000,133 | ---- | M] () -- C:\Windows\wininit.ini
[2012/08/22 18:15:21 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/22 18:15:21 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/22 18:00:53 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/10 09:36:28 | 000,001,288 | ---- | M] () -- C:\Users\Scriven\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/10 09:36:28 | 000,001,264 | ---- | M] () -- C:\Users\Scriven\Desktop\Spybot - Search & Destroy.lnk
[2012/08/07 19:48:56 | 000,001,367 | ---- | M] () -- C:\Users\Scriven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/04 09:40:17 | 000,034,003 | ---- | M] () -- C:\Users\Scriven\Documents\Kelly Electronic Earnings Documents System New User Activation.htm

========== Files Created - No Company Name ==========

[2012/08/27 12:23:47 | 000,326,530 | ---- | C] () -- C:\Users\Scriven\12_13 STAR Orientation_BBC.pdf
[2012/08/27 11:09:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/27 11:09:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/27 11:09:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/27 11:09:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/27 11:09:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/23 22:51:48 | 000,000,512 | ---- | C] () -- C:\Users\Scriven\Desktop\MBR.dat
[2012/08/23 22:29:40 | 000,005,099 | ---- | C] () -- C:\Users\Scriven\Documents\Attach.zip
[2012/08/23 22:06:14 | 000,001,110 | ---- | C] () -- C:\Users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/08/23 22:05:59 | 000,000,930 | ---- | C] () -- C:\Users\Scriven\Desktop\NTREGOPT.lnk
[2012/08/23 22:05:59 | 000,000,911 | ---- | C] () -- C:\Users\Scriven\Desktop\ERUNT.lnk
[2012/08/22 22:29:06 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/22 18:16:34 | 000,000,133 | ---- | C] () -- C:\Windows\wininit.ini
[2012/08/11 23:53:03 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/08/10 09:36:28 | 000,001,288 | ---- | C] () -- C:\Users\Scriven\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/10 09:36:28 | 000,001,264 | ---- | C] () -- C:\Users\Scriven\Desktop\Spybot - Search & Destroy.lnk
[2012/08/10 00:23:03 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@
[2012/08/04 13:05:36 | 430,706,627 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/04 09:40:16 | 000,034,003 | ---- | C] () -- C:\Users\Scriven\Documents\Kelly Electronic Earnings Documents System New User Activation.htm
[2012/07/30 14:09:33 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/04/05 17:07:22 | 000,001,848 | ---- | C] () -- C:\Windows\SysWow64\GacelaLSPServiceOff.ini
[2012/03/04 01:15:43 | 000,005,120 | ---- | C] () -- C:\Users\Scriven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/13 15:52:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqinpa.dll
[2012/02/13 15:52:30 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqiesc.dll
[2012/02/13 15:52:30 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\DLCQinst.dll
[2012/02/13 15:52:29 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\dlcqjswr.dll
[2012/02/13 15:52:29 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dlcqinsr.dll
[2012/02/13 15:52:29 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dlcqcur.dll
[2012/02/13 15:52:28 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqpmui.dll
[2012/02/13 15:52:28 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\dlcqutil.dll
[2012/02/13 15:52:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dlcqinsb.dll
[2012/02/13 15:52:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dlcqins.dll
[2012/02/13 15:52:26 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dlcqcub.dll
[2012/02/13 15:52:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\dlcqcu.dll
[2012/02/13 15:52:25 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqserv.dll
[2012/02/13 15:52:25 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqusb1.dll
[2012/02/13 15:52:24 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqprox.dll
[2012/02/13 15:52:23 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqlmpm.dll
[2012/02/13 15:52:23 | 000,181,128 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqppls.exe
[2012/02/13 15:52:23 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqpplc.dll
[2012/02/13 15:52:22 | 000,385,928 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqih.exe
[2012/02/13 15:52:21 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqhbn3.dll
[2012/02/13 15:52:21 | 000,537,480 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcoms.exe
[2012/02/13 15:52:20 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcomc.dll
[2012/02/13 15:52:20 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcomm.dll
[2012/02/13 15:52:19 | 000,381,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcfg.exe
[2012/02/13 15:52:19 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\DLCQcfg.dll
[2012/02/13 15:51:15 | 000,002,048 | -HS- | C] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2012/02/13 15:51:15 | 000,002,048 | -HS- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2011/07/09 07:39:56 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/07/09 07:39:38 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/09 07:39:36 | 000,214,760 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/09 07:39:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/07/09 07:39:32 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/09 07:39:31 | 013,355,008 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/02/10 12:10:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/07 15:39:22 | 000,064,336 | ---- | C] () -- C:\Windows\SysWow64\mfc100fra.dll
[2011/01/07 15:39:22 | 000,064,336 | ---- | C] () -- C:\Windows\SysWow64\mfc100deu.dll
[2011/01/07 15:39:22 | 000,063,824 | ---- | C] () -- C:\Windows\SysWow64\mfc100esn.dll
[2011/01/07 15:39:22 | 000,062,288 | ---- | C] () -- C:\Windows\SysWow64\mfc100ita.dll
[2011/01/07 15:39:22 | 000,060,752 | ---- | C] () -- C:\Windows\SysWow64\mfc100rus.dll
[2011/01/07 15:39:22 | 000,036,176 | ---- | C] () -- C:\Windows\SysWow64\mfc100cht.dll

========== LOP Check ==========

[2012/07/09 13:48:02 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Blackboard
[2012/03/20 20:30:04 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Elluminate
[2012/02/13 12:25:41 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Fingertapps
[2012/04/20 21:01:05 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\HTC
[2012/04/23 08:47:14 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/02/13 12:25:19 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Leadertech
[2012/07/28 13:16:52 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\ooVoo Details
[2012/02/13 17:02:54 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\PCDr
[2012/08/26 20:44:31 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/04/04 01:54:08 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/04/04 01:53:56 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/07/27 16:51:52 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2012/04/04 01:53:56 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/07/27 16:51:54 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
[2012/04/04 01:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/04/04 01:54:10 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/04/04 01:54:10 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 22:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/04/04 01:54:02 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/15 22:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/15 22:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/15 22:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/15 22:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/15 22:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/15 22:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/15 22:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/15 22:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/15 22:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/15 22:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/15 22:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/15 22:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/15 22:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/15 22:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/15 22:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/15 22:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/15 22:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/15 22:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/15 22:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/15 22:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/15 22:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/15 22:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/15 22:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/15 22:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/15 22:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2012/07/27 16:51:52 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2012/07/27 16:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/10/25 15:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg
[2010/11/15 22:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=014A9CB92514E27C0107614DF764BC06 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\services.exe
[2012/08/26 20:57:04 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2012/08/26 20:57:04 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/08/10 00:35:24 | 000,000,668 | ---- | M] () MD5=5105317ECA9F08DB007D7DA4B242B35D -- C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\64J7LRRR\mochiads.com\services.mochiads.com.sol
[2012/08/22 22:22:14 | 000,000,706 | ---- | M] () MD5=D59B8E5ACB7448883E938058E428CF97 -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\64J7LRRR\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2012/08/17 17:29:04 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\Dell Support Center\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.SBS >
[2011/03/01 09:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy\Includes\Services.sbs

< End of report >

ronnies
2012-08-28, 15:32
OTL Extras logfile created on: 8/28/2012 8:07:59 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Scriven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.76% Memory free
7.83 Gb Paging File | 5.92 Gb Available in Paging File | 75.61% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 232.81 Gb Free Space | 83.61% Space Free | Partition Type: NTFS

Computer Name: SCRIVEN-PC | User Name: Scriven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{706FA5AD-49F4-4C68-BA0E-6258428A8BC6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71E07CAD-7B98-40CB-9232-C7F2AAB3C281}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 966" = Dell Photo AIO Printer 966
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = Dell Support Center
"SynTPDeinstKey" = Dell Touchpad

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BF2B19D-9C79-492A-8969-F059F06A627F}" = Print to Fax
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}" = Dell Marketplace Webslice IE8
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E43D09-96AF-4CA0-85AE-9134E7FFA7FC}" = Dell Digital Delivery
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Dell Webcam Central" = Dell Webcam Central
"ERUNT_is1" = ERUNT 1.1j
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Swag_Bucks Toolbar" = Swag Bucks Toolbar
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/25/2012 2:09:28 PM | Computer Name = Scriven-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/25/2012 2:11:06 PM | Computer Name = Scriven-PC | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 7

Error - 8/25/2012 2:11:27 PM | Computer Name = Scriven-PC | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 7

Error - 8/25/2012 2:13:08 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x003bb482 Faulting process
id: 0x10b8 Faulting application start time: 0x01cd82ed4710be42 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
85a1cd3d-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:14:10 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0x1958 Faulting application start time: 0x01cd82ed6bfebd5a Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
aa10a963-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:15:11 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0xb80 Faulting application start time: 0x01cd82ed903a579b Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
ce975678-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:16:11 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0xed4 Faulting application start time: 0x01cd82edb4be7e49 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
f27f3d5e-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:17:11 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x012cb482 Faulting process
id: 0xc7c Faulting application start time: 0x01cd82edd8a5be1f Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
1669636e-eee1-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:18:12 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x012cb482 Faulting process
id: 0x1748 Faulting application start time: 0x01cd82edfca7cc98 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
3a694f00-eee1-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:19:12 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0x1190 Faulting application start time: 0x01cd82ee20a6cdc6 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
5e6c6eed-eee1-11e1-aa1e-14feb5ba7269

[ Broadcom Wireless LAN Events ]
Error - 8/5/2012 1:22:32 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 13:22:31, Sun, Aug 05, 12 Error - Unable to gain access to user store


Error - 8/5/2012 11:52:38 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 23:52:38, Sun, Aug 05, 12 Error - Unable to gain access to user store


Error - 8/13/2012 6:22:41 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 18:22:41, Mon, Aug 13, 12 Error - Unable to gain access to user store


Error - 8/18/2012 4:39:30 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 16:39:29, Sat, Aug 18, 12 Error - Unable to gain access to user store


Error - 8/18/2012 9:11:10 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 21:11:10, Sat, Aug 18, 12 Error - Unable to gain access to user store


Error - 8/18/2012 9:24:34 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 21:24:29, Sat, Aug 18, 12 Error - (WLTRAY.EXE-2448) Unable to start
peernet session, after 200 iterations

Error - 8/18/2012 9:24:34 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 21:24:34, Sat, Aug 18, 12 Error - Unable to initialize peernet library


Error - 8/22/2012 10:40:21 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 22:40:21, Wed, Aug 22, 12 Error - Unable to gain access to user store


[ System Events ]
Error - 8/27/2012 11:27:53 AM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =

Error - 8/27/2012 5:30:24 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 5:30:54 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 5:33:48 PM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =

Error - 8/27/2012 8:22:00 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 8:22:30 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 8:26:30 PM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =

Error - 8/28/2012 3:59:59 AM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Wlansvc service.

Error - 8/28/2012 7:59:34 AM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/28/2012 8:03:53 AM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =


< End of report >

oldman960
2012-08-28, 15:56
Hi ronnies,

Next, Double click on OTL.exe
Under the Custom Scans/Fixes box at the bottom, paste in the following
Do Not copy the word CODE
please note the fix starts with the :


:Services

:Files
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}
C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]
"DisplayName"="@%SystemRoot%\\system32\\qmgr.dll,-1000"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\qmgr.dll,-1001"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"DelayedAutoStart"=dword:00000001
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,45,00,76,00,65,00,\
6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,\
00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,\
72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,\
63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,\
00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
71,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance]
"Library"="bitsperf.dll"
"Open"="PerfMon_Open"
"Collect"="PerfMon_Collect"
"Close"="PerfMon_Close"
"InstallType"=dword:00000001
"PerfIniFile"="bitsctrs.ini"
"First Counter"=dword:00000774
"Last Counter"=dword:00000784
"First Help"=dword:00000775
"Last Help"=dword:00000785
"Object List"="1908"
"1008"=hex(b):bc,81,53,b3,1d,d9,cc,01
"PerfMMFileName"="Global\\MMF_BITS_s"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security]
"Security"=hex:01,00,14,90,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,\
00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
00,00,20,02,00,00,02,00,5c,00,04,00,00,00,00,02,14,00,ff,01,0f,00,01,01,00,\
00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,\
20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,\
00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,01,02,\
00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,\
00,20,02,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum]
"0"="Root\\LEGACY_BITS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

:Commands
[createrestorepoint]


Then click the Run Fix button at the top
Let the program run unhindered
Please save the resulting log to be posted in your next reply.
Reboot your computer
Please post the OTL fix log

Next rerun FSS the same way you did before and post the log.

ronnies
2012-08-28, 17:53
========== SERVICES/DRIVERS ==========
========== FILES ==========
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@ moved successfully.
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L folder moved successfully.
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U folder moved successfully.
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8} folder moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ moved successfully.
File\Folder C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U folder moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L folder moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8} folder moved successfully.
File\Folder C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8} not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"DisplayName"|"@%SystemRoot%\\system32\\qmgr.dll,-1000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ImagePath"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"Description"|"@%SystemRoot%\\system32\\qmgr.dll,-1001" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ObjectName"|"LocalSystem" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"Start"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"DelayedAutoStart"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"DependOnService"|hex(7):52,00,70,00,63,00,53,00,73,00,00,00,45,00,76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ServiceSidType"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"RequiredPrivileges"|hex(7):53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"FailureActions"|hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,71,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Library"|"bitsperf.dll" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Open"|"PerfMon_Open" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Collect"|"PerfMon_Collect" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Close"|"PerfMon_Close" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"InstallType"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"PerfIniFile"|"bitsctrs.ini" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"First Counter"|dword:00000774 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Last Counter"|dword:00000784 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"First Help"|dword:00000775 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Last Help"|dword:00000785 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Object List"|"1908" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"1008"|hex(b):bc,81,53,b3,1d,d9,cc,01 /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"PerfMMFileName"|"Global\\MMF_BITS_s" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\"Security"|hex:01,00,14,90,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,02,00,5c,00,04,00,00,00,00,02,14,00,ff,01,0f,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\"0"|"Root\\LEGACY_BITS\\0000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\"Count"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\"NextInstance"|dword:00000001 /E : value set successfully!
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.59.1 log created on 08282012_104545

ronnies
2012-08-28, 17:55
Farbar Service Scanner Version: 06-08-2012
Ran by Scriven (administrator) on 28-08-2012 at 10:54:14
Running from "C:\Users\Scriven\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

oldman960
2012-08-29, 08:16
Hi ronnies,

Looks better. Let's tidy things up a bit.

Run TDSSKiller the same way you did before. When presented with this line

20:55:46.0203 1868 \Device\Harddisk0\DR0 ( TDSS File System )

Use the dropdown menu and select delete.


Next

Click your start button > Control Panel. Under Programs click uninstall a program and uninstall

Java(TM) 6 Update 24 (64-bit)


You can get the newest versions from HERE (http://www.oracle.com/technetwork/java/javase/downloads/java-se-jre-7-download-432155.html)


Accept the License Agreement
Download the last file in the list jre-7-windows-x64.exe
double click the files one at a time to install them
Decline any additional installs that may be offered during the update.



Next, Double click on OTL.exe
Under the Custom Scans/Fixes box at the bottom, paste in the following
Do Not copy the word CODE
please note the fix starts with the :


:Services

:Commands
[createrestorepoint]
[emptytemp]

Then click the Run Fix button at the top

Let the program run unhindered
Please save the resulting log to be posted in your next reply.
Please post the OTL fix log.




Next

You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.

Open MBAM


Click the Update tab
Click Check for Updates
If an update is found, it will download and install the latest version.
The program will close to update and reopen.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.




One more scan to check our handiwork.

As a Vista/Win7 user you will need to right click your browser icon and select "Run as Administrator" in order to run this scan.
Do not use this instance of your browser for anything besides doing this scan
When the scan is complete and the results saved, close that instance of your browser
Open a new one the usual way and post the results in this topic.


*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.


Go here to run an online scannner from
ESET (http://www.eset.eu/online-scanner)

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)


Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notfication Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.

Push the back button.
Push Finish
Re-enable your Antivirus software.


Please post back with
OTL fix log
MBAM log
ESET log is there is one
Everything still ok?

ronnies
2012-08-29, 17:54
TDSSKiller did not give me the options you suggested I choose.

08:41:51.0741 7756 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:41:53.0754 7756 ============================================================
08:41:53.0754 7756 Current date / time: 2012/08/29 08:41:53.0754
08:41:53.0754 7756 SystemInfo:
08:41:53.0754 7756
08:41:53.0754 7756 OS Version: 6.1.7601 ServicePack: 1.0
08:41:53.0754 7756 Product type: Workstation
08:41:53.0754 7756 ComputerName: SCRIVEN-PC
08:41:53.0754 7756 UserName: Scriven
08:41:53.0754 7756 Windows directory: C:\Windows
08:41:53.0754 7756 System windows directory: C:\Windows
08:41:53.0754 7756 Running under WOW64
08:41:53.0754 7756 Processor architecture: Intel x64
08:41:53.0754 7756 Number of processors: 2
08:41:53.0754 7756 Page size: 0x1000
08:41:53.0754 7756 Boot type: Normal boot
08:41:53.0754 7756 ============================================================
08:41:54.0534 7756 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:41:54.0549 7756 ============================================================
08:41:54.0549 7756 \Device\Harddisk0\DR0:
08:41:54.0580 7756 MBR partitions:
08:41:54.0580 7756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
08:41:54.0580 7756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x22CEA2B0
08:41:54.0580 7756 ============================================================
08:41:54.0674 7756 C: <-> \Device\Harddisk0\DR0\Partition2
08:41:54.0674 7756 ============================================================
08:41:54.0674 7756 Initialize success
08:41:54.0674 7756 ============================================================
08:42:27.0668 6672 ============================================================
08:42:27.0668 6672 Scan started
08:42:27.0668 6672 Mode: Manual; SigCheck; TDLFS;
08:42:27.0668 6672 ============================================================
08:42:30.0694 6672 ================ Scan system memory ========================
08:42:30.0694 6672 System memory - ok
08:42:30.0694 6672 ================ Scan services =============================
08:42:31.0100 6672 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:42:31.0287 6672 1394ohci - ok
08:42:31.0334 6672 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:42:31.0365 6672 ACPI - ok
08:42:31.0412 6672 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:42:31.0521 6672 AcpiPmi - ok
08:42:31.0693 6672 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:42:31.0724 6672 AdobeARMservice - ok
08:42:31.0974 6672 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:42:32.0005 6672 AdobeFlashPlayerUpdateSvc - ok
08:42:32.0083 6672 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:42:32.0114 6672 adp94xx - ok
08:42:32.0176 6672 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:42:32.0208 6672 adpahci - ok
08:42:32.0286 6672 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:42:32.0332 6672 adpu320 - ok
08:42:32.0364 6672 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:42:32.0426 6672 AeLookupSvc - ok
08:42:32.0535 6672 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:42:32.0566 6672 AERTFilters - ok
08:42:32.0598 6672 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:42:32.0691 6672 AFD - ok
08:42:32.0738 6672 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:42:32.0769 6672 agp440 - ok
08:42:32.0832 6672 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:42:32.0894 6672 ALG - ok
08:42:32.0956 6672 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:42:32.0988 6672 aliide - ok
08:42:33.0019 6672 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:42:33.0050 6672 amdide - ok
08:42:33.0112 6672 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:42:33.0144 6672 AmdK8 - ok
08:42:33.0159 6672 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:42:33.0175 6672 AmdPPM - ok
08:42:33.0222 6672 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:42:33.0253 6672 amdsata - ok
08:42:33.0300 6672 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:42:33.0331 6672 amdsbs - ok
08:42:33.0362 6672 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:42:33.0393 6672 amdxata - ok
08:42:33.0424 6672 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:42:33.0674 6672 AppID - ok
08:42:33.0768 6672 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:42:33.0814 6672 AppIDSvc - ok
08:42:33.0846 6672 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:42:33.0908 6672 Appinfo - ok
08:42:34.0033 6672 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:42:34.0048 6672 Apple Mobile Device - ok
08:42:34.0111 6672 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:42:34.0142 6672 arc - ok
08:42:34.0158 6672 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:42:34.0189 6672 arcsas - ok
08:42:34.0329 6672 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:42:34.0407 6672 aspnet_state - ok
08:42:34.0438 6672 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:42:34.0516 6672 AsyncMac - ok
08:42:34.0594 6672 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:42:34.0626 6672 atapi - ok
08:42:34.0672 6672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:42:34.0797 6672 AudioEndpointBuilder - ok
08:42:34.0813 6672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:42:34.0844 6672 AudioSrv - ok
08:42:34.0922 6672 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:42:35.0031 6672 AxInstSV - ok
08:42:35.0125 6672 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:42:35.0218 6672 b06bdrv - ok
08:42:35.0296 6672 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:42:35.0343 6672 b57nd60a - ok
08:42:35.0468 6672 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
08:42:35.0515 6672 BBSvc - ok
08:42:35.0546 6672 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
08:42:35.0562 6672 BBUpdate - ok
08:42:35.0593 6672 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
08:42:35.0655 6672 BCM42RLY - ok
08:42:35.0764 6672 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:42:35.0842 6672 BCM43XX - ok
08:42:35.0967 6672 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:42:36.0045 6672 BDESVC - ok
08:42:36.0108 6672 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:42:36.0186 6672 Beep - ok
08:42:36.0264 6672 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:42:36.0373 6672 BFE - ok
08:42:36.0466 6672 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:42:36.0576 6672 BITS - ok
08:42:36.0638 6672 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:42:36.0669 6672 blbdrive - ok
08:42:36.0763 6672 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:42:36.0794 6672 Bonjour Service - ok
08:42:36.0856 6672 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:42:36.0919 6672 bowser - ok
08:42:36.0950 6672 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:42:37.0012 6672 BrFiltLo - ok
08:42:37.0044 6672 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:42:37.0059 6672 BrFiltUp - ok
08:42:37.0122 6672 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:42:37.0200 6672 BridgeMP - ok
08:42:37.0293 6672 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
08:42:37.0356 6672 Browser - ok
08:42:37.0418 6672 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:42:37.0465 6672 Brserid - ok
08:42:37.0527 6672 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:42:37.0558 6672 BrSerWdm - ok
08:42:37.0652 6672 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:42:37.0668 6672 BrUsbMdm - ok
08:42:37.0683 6672 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:42:37.0761 6672 BrUsbSer - ok
08:42:37.0808 6672 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:42:37.0886 6672 BthEnum - ok
08:42:37.0933 6672 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:42:37.0995 6672 BTHMODEM - ok
08:42:38.0042 6672 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:42:38.0104 6672 BthPan - ok
08:42:38.0167 6672 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:42:38.0198 6672 BTHPORT - ok
08:42:38.0245 6672 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:42:38.0323 6672 bthserv - ok
08:42:38.0354 6672 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:42:38.0385 6672 BTHUSB - ok
08:42:38.0463 6672 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
08:42:38.0510 6672 BTWAMPFL - ok
08:42:38.0557 6672 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:42:38.0572 6672 btwaudio - ok
08:42:38.0588 6672 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
08:42:38.0604 6672 btwavdt - ok
08:42:38.0697 6672 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:42:38.0728 6672 btwdins - ok
08:42:38.0744 6672 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:42:38.0744 6672 btwl2cap - ok
08:42:38.0760 6672 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:42:38.0775 6672 btwrchid - ok
08:42:38.0806 6672 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:42:38.0869 6672 cdfs - ok
08:42:38.0916 6672 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:42:38.0962 6672 cdrom - ok
08:42:39.0009 6672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:42:39.0087 6672 CertPropSvc - ok
08:42:39.0165 6672 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:42:39.0196 6672 cfwids - ok
08:42:39.0212 6672 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:42:39.0243 6672 circlass - ok
08:42:39.0274 6672 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:42:39.0321 6672 CLFS - ok
08:42:39.0399 6672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:42:39.0430 6672 clr_optimization_v2.0.50727_32 - ok
08:42:39.0462 6672 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:42:39.0493 6672 clr_optimization_v2.0.50727_64 - ok
08:42:39.0555 6672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:42:39.0618 6672 clr_optimization_v4.0.30319_32 - ok
08:42:39.0633 6672 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:42:39.0696 6672 clr_optimization_v4.0.30319_64 - ok
08:42:39.0711 6672 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:42:39.0742 6672 CmBatt - ok
08:42:39.0805 6672 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:42:39.0836 6672 cmdide - ok
08:42:39.0883 6672 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:42:39.0898 6672 CNG - ok
08:42:39.0930 6672 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:42:39.0945 6672 Compbatt - ok
08:42:39.0961 6672 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:42:39.0992 6672 CompositeBus - ok
08:42:40.0008 6672 COMSysApp - ok
08:42:40.0023 6672 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:42:40.0039 6672 crcdisk - ok
08:42:40.0070 6672 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:42:40.0117 6672 CryptSvc - ok
08:42:40.0164 6672 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:42:40.0242 6672 CtClsFlt - ok
08:42:40.0320 6672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:42:40.0413 6672 DcomLaunch - ok
08:42:40.0444 6672 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:42:40.0554 6672 defragsvc - ok
08:42:40.0647 6672 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
08:42:40.0678 6672 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
08:42:40.0678 6672 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
08:42:40.0710 6672 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:42:40.0803 6672 DfsC - ok
08:42:40.0850 6672 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:42:40.0959 6672 Dhcp - ok
08:42:40.0990 6672 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:42:41.0022 6672 discache - ok
08:42:41.0068 6672 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:42:41.0084 6672 Disk - ok
08:42:41.0100 6672 dlcq_device - ok
08:42:41.0131 6672 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:42:41.0193 6672 Dnscache - ok
08:42:41.0240 6672 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:42:41.0318 6672 dot3svc - ok
08:42:41.0334 6672 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:42:41.0396 6672 DPS - ok
08:42:41.0427 6672 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:42:41.0490 6672 drmkaud - ok
08:42:41.0568 6672 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:42:41.0614 6672 DXGKrnl - ok
08:42:41.0630 6672 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:42:41.0708 6672 EapHost - ok
08:42:41.0895 6672 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:42:41.0973 6672 ebdrv - ok
08:42:42.0036 6672 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:42:42.0114 6672 EFS - ok
08:42:42.0301 6672 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:42:42.0410 6672 ehRecvr - ok
08:42:42.0441 6672 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:42:42.0472 6672 ehSched - ok
08:42:42.0613 6672 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:42:42.0675 6672 elxstor - ok
08:42:42.0691 6672 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:42:42.0738 6672 ErrDev - ok
08:42:42.0831 6672 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:42:42.0894 6672 EventSystem - ok
08:42:42.0956 6672 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:42:43.0018 6672 exfat - ok
08:42:43.0050 6672 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:42:43.0112 6672 fastfat - ok
08:42:43.0190 6672 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:42:43.0268 6672 Fax - ok
08:42:43.0299 6672 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:42:43.0362 6672 fdc - ok
08:42:43.0377 6672 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:42:43.0408 6672 fdPHost - ok
08:42:43.0424 6672 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:42:43.0502 6672 FDResPub - ok
08:42:43.0533 6672 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:42:43.0549 6672 FileInfo - ok
08:42:43.0564 6672 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:42:43.0611 6672 Filetrace - ok
08:42:43.0642 6672 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:42:43.0658 6672 flpydisk - ok
08:42:43.0689 6672 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:42:43.0705 6672 FltMgr - ok
08:42:43.0767 6672 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:42:43.0830 6672 FontCache - ok
08:42:43.0876 6672 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:42:43.0908 6672 FontCache3.0.0.0 - ok
08:42:43.0923 6672 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:42:43.0939 6672 FsDepends - ok
08:42:43.0970 6672 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:42:43.0986 6672 fssfltr - ok
08:42:44.0110 6672 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:42:44.0157 6672 fsssvc - ok
08:42:44.0235 6672 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:42:44.0251 6672 Fs_Rec - ok
08:42:44.0313 6672 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:42:44.0360 6672 fvevol - ok
08:42:44.0391 6672 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:42:44.0422 6672 gagp30kx - ok
08:42:44.0532 6672 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:42:44.0578 6672 gpsvc - ok
08:42:44.0594 6672 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:42:44.0625 6672 hcw85cir - ok
08:42:44.0656 6672 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:42:44.0734 6672 HDAudBus - ok
08:42:44.0750 6672 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:42:44.0766 6672 HidBatt - ok
08:42:44.0797 6672 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:42:44.0844 6672 HidBth - ok
08:42:44.0890 6672 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:42:44.0922 6672 HidIr - ok
08:42:44.0953 6672 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:42:45.0031 6672 hidserv - ok
08:42:45.0109 6672 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:42:45.0140 6672 HidUsb - ok
08:42:45.0171 6672 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:42:45.0234 6672 hkmsvc - ok
08:42:45.0280 6672 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:42:45.0358 6672 HomeGroupListener - ok
08:42:45.0390 6672 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:42:45.0452 6672 HomeGroupProvider - ok
08:42:45.0546 6672 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:42:45.0592 6672 HpSAMD - ok
08:42:45.0624 6672 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:42:45.0686 6672 HTCAND64 - ok
08:42:45.0748 6672 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
08:42:45.0780 6672 htcnprot - ok
08:42:45.0826 6672 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:42:45.0920 6672 HTTP - ok
08:42:45.0936 6672 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:42:45.0951 6672 hwpolicy - ok
08:42:45.0998 6672 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:42:46.0029 6672 i8042prt - ok
08:42:46.0107 6672 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:42:46.0154 6672 iaStor - ok
08:42:46.0185 6672 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:42:46.0216 6672 iaStorV - ok
08:42:46.0357 6672 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:42:46.0404 6672 idsvc - ok
08:42:46.0778 6672 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:42:47.0137 6672 igfx - ok
08:42:47.0184 6672 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:42:47.0199 6672 iirsp - ok
08:42:47.0246 6672 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:42:47.0324 6672 IKEEXT - ok
08:42:47.0371 6672 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
08:42:47.0433 6672 Impcd - ok
08:42:47.0527 6672 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:42:47.0589 6672 IntcAzAudAddService - ok
08:42:47.0636 6672 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:42:47.0698 6672 IntcDAud - ok
08:42:47.0730 6672 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:42:47.0745 6672 intelide - ok
08:42:47.0792 6672 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:42:47.0839 6672 intelppm - ok
08:42:47.0870 6672 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:42:47.0948 6672 IPBusEnum - ok
08:42:47.0979 6672 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:42:48.0057 6672 IpFilterDriver - ok
08:42:48.0104 6672 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:42:48.0166 6672 iphlpsvc - ok
08:42:48.0198 6672 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:42:48.0213 6672 IPMIDRV - ok
08:42:48.0276 6672 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:42:48.0338 6672 IPNAT - ok
08:42:48.0354 6672 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:42:48.0385 6672 IRENUM - ok
08:42:48.0400 6672 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:42:48.0400 6672 isapnp - ok
08:42:48.0463 6672 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:42:48.0494 6672 iScsiPrt - ok
08:42:48.0525 6672 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:42:48.0541 6672 kbdclass - ok
08:42:48.0572 6672 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:42:48.0603 6672 kbdhid - ok
08:42:48.0619 6672 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:42:48.0634 6672 KeyIso - ok
08:42:48.0666 6672 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:42:48.0697 6672 KSecDD - ok
08:42:48.0728 6672 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:42:48.0759 6672 KSecPkg - ok
08:42:48.0759 6672 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:42:48.0822 6672 ksthunk - ok
08:42:48.0868 6672 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:42:48.0946 6672 KtmRm - ok
08:42:48.0993 6672 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:42:49.0102 6672 LanmanServer - ok
08:42:49.0118 6672 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:42:49.0196 6672 LanmanWorkstation - ok
08:42:49.0243 6672 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:42:49.0336 6672 lltdio - ok
08:42:49.0368 6672 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:42:49.0477 6672 lltdsvc - ok
08:42:49.0508 6672 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:42:49.0555 6672 lmhosts - ok
08:42:49.0648 6672 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:42:49.0695 6672 LMS - ok
08:42:49.0711 6672 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:42:49.0726 6672 LSI_FC - ok
08:42:49.0758 6672 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:42:49.0804 6672 LSI_SAS - ok
08:42:49.0820 6672 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:42:49.0836 6672 LSI_SAS2 - ok
08:42:49.0851 6672 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:42:49.0867 6672 LSI_SCSI - ok
08:42:49.0882 6672 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:42:49.0945 6672 luafv - ok
08:42:50.0007 6672 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:42:50.0038 6672 MBAMProtector - ok
08:42:50.0101 6672 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:42:50.0148 6672 MBAMService - ok
08:42:50.0241 6672 [ F69B3AD25321B672A417C24FE6688B6F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
08:42:50.0288 6672 McAWFwk ( UnsignedFile.Multi.Generic ) - warning
08:42:50.0288 6672 McAWFwk - detected UnsignedFile.Multi.Generic (1)
08:42:50.0366 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:42:50.0413 6672 McMPFSvc - ok
08:42:50.0428 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0444 6672 mcmscsvc - ok
08:42:50.0460 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0475 6672 McNaiAnn - ok
08:42:50.0491 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0506 6672 McNASvc - ok
08:42:50.0584 6672 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
08:42:50.0631 6672 McODS - ok
08:42:50.0647 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0662 6672 McOobeSv - ok
08:42:50.0678 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0694 6672 McProxy - ok
08:42:50.0725 6672 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:42:50.0740 6672 McShield - ok
08:42:50.0772 6672 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:42:50.0818 6672 Mcx2Svc - ok
08:42:50.0850 6672 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:42:50.0865 6672 megasas - ok
08:42:50.0928 6672 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:42:50.0959 6672 MegaSR - ok
08:42:51.0006 6672 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:42:51.0021 6672 MEIx64 - ok
08:42:51.0052 6672 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
08:42:51.0099 6672 mfeapfk - ok
08:42:51.0146 6672 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
08:42:51.0193 6672 mfeavfk - ok
08:42:51.0240 6672 mfeavfk01 - ok
08:42:51.0271 6672 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:42:51.0302 6672 mfefire - ok
08:42:51.0333 6672 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
08:42:51.0349 6672 mfefirek - ok
08:42:51.0396 6672 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
08:42:51.0427 6672 mfehidk - ok
08:42:51.0474 6672 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
08:42:51.0489 6672 mfenlfk - ok
08:42:51.0536 6672 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
08:42:51.0567 6672 mferkdet - ok
08:42:51.0614 6672 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
08:42:51.0645 6672 mfevtp - ok
08:42:51.0676 6672 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
08:42:51.0708 6672 mfewfpk - ok
08:42:51.0739 6672 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:42:51.0786 6672 MMCSS - ok
08:42:51.0801 6672 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:42:51.0832 6672 Modem - ok
08:42:51.0864 6672 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:42:51.0926 6672 monitor - ok
08:42:51.0942 6672 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:42:51.0957 6672 mouclass - ok
08:42:51.0973 6672 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
08:42:51.0988 6672 mouhid - ok
08:42:52.0020 6672 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:42:52.0035 6672 mountmgr - ok
08:42:52.0051 6672 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:42:52.0066 6672 mpio - ok
08:42:52.0098 6672 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:42:52.0129 6672 mpsdrv - ok
08:42:52.0207 6672 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:42:52.0316 6672 MpsSvc - ok
08:42:52.0378 6672 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:42:52.0457 6672 MRxDAV - ok
08:42:52.0566 6672 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:42:52.0597 6672 mrxsmb - ok
08:42:52.0613 6672 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:42:52.0628 6672 mrxsmb10 - ok
08:42:52.0644 6672 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:42:52.0659 6672 mrxsmb20 - ok
08:42:52.0691 6672 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:42:52.0722 6672 msahci - ok
08:42:52.0737 6672 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:42:52.0769 6672 msdsm - ok
08:42:52.0800 6672 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:42:52.0847 6672 MSDTC - ok
08:42:52.0862 6672 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:42:52.0893 6672 Msfs - ok
08:42:52.0925 6672 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:42:52.0987 6672 mshidkmdf - ok
08:42:53.0003 6672 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:42:53.0018 6672 msisadrv - ok
08:42:53.0049 6672 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:42:53.0127 6672 MSiSCSI - ok
08:42:53.0127 6672 msiserver - ok
08:42:53.0143 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:42:53.0159 6672 MSK80Service - ok
08:42:53.0190 6672 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:42:53.0252 6672 MSKSSRV - ok
08:42:53.0268 6672 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:42:53.0299 6672 MSPCLOCK - ok
08:42:53.0315 6672 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:42:53.0377 6672 MSPQM - ok
08:42:53.0455 6672 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:42:53.0502 6672 MsRPC - ok
08:42:53.0517 6672 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:42:53.0533 6672 mssmbios - ok
08:42:53.0533 6672 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:42:53.0564 6672 MSTEE - ok
08:42:53.0595 6672 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:42:53.0611 6672 MTConfig - ok
08:42:53.0611 6672 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:42:53.0627 6672 Mup - ok
08:42:53.0658 6672 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:42:53.0705 6672 napagent - ok
08:42:53.0720 6672 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:42:53.0783 6672 NativeWifiP - ok
08:42:53.0845 6672 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:42:53.0923 6672 NDIS - ok
08:42:53.0939 6672 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:42:53.0985 6672 NdisCap - ok
08:42:54.0048 6672 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:42:54.0095 6672 NdisTapi - ok
08:42:54.0141 6672 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:42:54.0204 6672 Ndisuio - ok
08:42:54.0235 6672 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:42:54.0297 6672 NdisWan - ok
08:42:54.0329 6672 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:42:54.0360 6672 NDProxy - ok
08:42:54.0375 6672 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:42:54.0453 6672 NetBIOS - ok
08:42:54.0485 6672 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:42:54.0547 6672 NetBT - ok
08:42:54.0547 6672 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:42:54.0563 6672 Netlogon - ok
08:42:54.0609 6672 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:42:54.0719 6672 Netman - ok
08:42:54.0765 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0828 6672 NetMsmqActivator - ok
08:42:54.0828 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0843 6672 NetPipeActivator - ok
08:42:54.0875 6672 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:42:54.0968 6672 netprofm - ok
08:42:54.0968 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0984 6672 NetTcpActivator - ok
08:42:54.0984 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0999 6672 NetTcpPortSharing - ok
08:42:55.0046 6672 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:42:55.0046 6672 nfrd960 - ok
08:42:55.0093 6672 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:42:55.0155 6672 NlaSvc - ok
08:42:55.0296 6672 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
08:42:55.0421 6672 NOBU - ok
08:42:55.0436 6672 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:42:55.0467 6672 Npfs - ok
08:42:55.0483 6672 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:42:55.0530 6672 nsi - ok
08:42:55.0561 6672 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:42:55.0623 6672 nsiproxy - ok
08:42:55.0701 6672 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:42:55.0764 6672 Ntfs - ok
08:42:55.0779 6672 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:42:55.0811 6672 Null - ok
08:42:55.0842 6672 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
08:42:55.0889 6672 nusb3hub - ok
08:42:55.0920 6672 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:42:55.0982 6672 nusb3xhc - ok
08:42:56.0013 6672 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:42:56.0045 6672 nvraid - ok
08:42:56.0091 6672 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:42:56.0123 6672 nvstor - ok
08:42:56.0154 6672 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:42:56.0169 6672 nv_agp - ok
08:42:56.0169 6672 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:42:56.0201 6672 ohci1394 - ok
08:42:56.0263 6672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:42:56.0294 6672 ose - ok
08:42:56.0481 6672 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:42:56.0575 6672 osppsvc - ok
08:42:56.0606 6672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:42:56.0684 6672 p2pimsvc - ok
08:42:56.0700 6672 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:42:56.0747 6672 p2psvc - ok
08:42:56.0778 6672 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:42:56.0793 6672 Parport - ok
08:42:56.0825 6672 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:42:56.0856 6672 partmgr - ok

ronnies
2012-08-29, 17:55
08:42:56.0918 6672 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:42:56.0934 6672 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
08:42:56.0934 6672 PassThru Service - detected UnsignedFile.Multi.Generic (1)
08:42:56.0965 6672 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:42:57.0043 6672 PcaSvc - ok
08:42:57.0074 6672 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:42:57.0105 6672 pci - ok
08:42:57.0152 6672 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:42:57.0183 6672 pciide - ok
08:42:57.0215 6672 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:42:57.0230 6672 pcmcia - ok
08:42:57.0246 6672 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:42:57.0261 6672 pcw - ok
08:42:57.0277 6672 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:42:57.0355 6672 PEAUTH - ok
08:42:57.0464 6672 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:42:57.0511 6672 PerfHost - ok
08:42:57.0573 6672 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:42:57.0683 6672 pla - ok
08:42:57.0745 6672 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:42:57.0792 6672 PlugPlay - ok
08:42:57.0823 6672 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:42:57.0854 6672 PNRPAutoReg - ok
08:42:57.0885 6672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:42:57.0917 6672 PNRPsvc - ok
08:42:57.0948 6672 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:42:58.0010 6672 PolicyAgent - ok
08:42:58.0057 6672 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:42:58.0119 6672 Power - ok
08:42:58.0166 6672 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:42:58.0213 6672 PptpMiniport - ok
08:42:58.0244 6672 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:42:58.0307 6672 Processor - ok
08:42:58.0322 6672 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:42:58.0385 6672 ProfSvc - ok
08:42:58.0416 6672 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:42:58.0431 6672 ProtectedStorage - ok
08:42:58.0463 6672 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:42:58.0525 6672 Psched - ok
08:42:58.0556 6672 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:42:58.0572 6672 PxHlpa64 - ok
08:42:58.0619 6672 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:42:58.0681 6672 ql2300 - ok
08:42:58.0712 6672 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:42:58.0743 6672 ql40xx - ok
08:42:58.0775 6672 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:42:58.0790 6672 QWAVE - ok
08:42:58.0806 6672 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:42:58.0853 6672 QWAVEdrv - ok
08:42:58.0868 6672 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:42:58.0899 6672 RasAcd - ok
08:42:58.0946 6672 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:42:58.0977 6672 RasAgileVpn - ok
08:42:59.0009 6672 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:42:59.0055 6672 RasAuto - ok
08:42:59.0071 6672 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:42:59.0118 6672 Rasl2tp - ok
08:42:59.0133 6672 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:42:59.0180 6672 RasMan - ok
08:42:59.0211 6672 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:42:59.0243 6672 RasPppoe - ok
08:42:59.0258 6672 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:42:59.0305 6672 RasSstp - ok
08:42:59.0336 6672 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:42:59.0383 6672 rdbss - ok
08:42:59.0399 6672 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:42:59.0414 6672 rdpbus - ok
08:42:59.0445 6672 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:42:59.0492 6672 RDPCDD - ok
08:42:59.0523 6672 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:42:59.0570 6672 RDPENCDD - ok
08:42:59.0601 6672 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:42:59.0633 6672 RDPREFMP - ok
08:42:59.0664 6672 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:42:59.0695 6672 RDPWD - ok
08:42:59.0711 6672 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:42:59.0742 6672 rdyboost - ok
08:42:59.0773 6672 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:42:59.0835 6672 RemoteAccess - ok
08:42:59.0867 6672 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:42:59.0913 6672 RemoteRegistry - ok
08:42:59.0960 6672 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:42:59.0991 6672 RFCOMM - ok
08:43:00.0101 6672 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
08:43:00.0147 6672 RoxMediaDB12OEM - ok
08:43:00.0179 6672 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
08:43:00.0194 6672 RoxWatch12 - ok
08:43:00.0210 6672 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:43:00.0272 6672 RpcEptMapper - ok
08:43:00.0303 6672 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:43:00.0319 6672 RpcLocator - ok
08:43:00.0350 6672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:43:00.0381 6672 RpcSs - ok
08:43:00.0428 6672 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:43:00.0491 6672 rspndr - ok
08:43:00.0537 6672 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
08:43:00.0553 6672 RSUSBSTOR - ok
08:43:00.0600 6672 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:43:00.0615 6672 RTL8167 - ok
08:43:00.0631 6672 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:43:00.0647 6672 SamSs - ok
08:43:00.0662 6672 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:43:00.0693 6672 sbp2port - ok
08:43:00.0803 6672 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:43:00.0865 6672 SBSDWSCService - ok
08:43:00.0896 6672 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:43:00.0959 6672 SCardSvr - ok
08:43:00.0974 6672 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:43:01.0052 6672 scfilter - ok
08:43:01.0083 6672 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:43:01.0208 6672 Schedule - ok
08:43:01.0239 6672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:43:01.0286 6672 SCPolicySvc - ok
08:43:01.0302 6672 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:43:01.0349 6672 SDRSVC - ok
08:43:01.0395 6672 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:43:01.0473 6672 secdrv - ok
08:43:01.0489 6672 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:43:01.0536 6672 seclogon - ok
08:43:01.0551 6672 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:43:01.0629 6672 SENS - ok
08:43:01.0645 6672 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:43:01.0676 6672 SensrSvc - ok
08:43:01.0707 6672 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:43:01.0754 6672 Serenum - ok
08:43:01.0770 6672 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:43:01.0817 6672 Serial - ok
08:43:01.0832 6672 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:43:01.0879 6672 sermouse - ok
08:43:01.0895 6672 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:43:01.0941 6672 SessionEnv - ok
08:43:01.0973 6672 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:43:01.0988 6672 sffdisk - ok
08:43:02.0051 6672 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:43:02.0113 6672 sffp_mmc - ok
08:43:02.0144 6672 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:43:02.0207 6672 sffp_sd - ok
08:43:02.0222 6672 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:43:02.0269 6672 sfloppy - ok
08:43:02.0378 6672 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:43:02.0456 6672 SftService - ok
08:43:02.0519 6672 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:43:02.0565 6672 SharedAccess - ok
08:43:02.0597 6672 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:43:02.0675 6672 ShellHWDetection - ok
08:43:02.0706 6672 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:43:02.0721 6672 SiSRaid2 - ok
08:43:02.0753 6672 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:43:02.0799 6672 SiSRaid4 - ok
08:43:02.0815 6672 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:43:02.0893 6672 Smb - ok
08:43:02.0924 6672 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:43:02.0971 6672 SNMPTRAP - ok
08:43:03.0002 6672 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:43:03.0018 6672 spldr - ok
08:43:03.0033 6672 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
08:43:03.0080 6672 Spooler - ok
08:43:03.0158 6672 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:43:03.0330 6672 sppsvc - ok
08:43:03.0361 6672 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:43:03.0392 6672 sppuinotify - ok
08:43:03.0423 6672 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:43:03.0486 6672 srv - ok
08:43:03.0517 6672 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:43:03.0564 6672 srv2 - ok
08:43:03.0579 6672 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:43:03.0611 6672 srvnet - ok
08:43:03.0626 6672 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:43:03.0720 6672 SSDPSRV - ok
08:43:03.0735 6672 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:43:03.0782 6672 SstpSvc - ok
08:43:03.0798 6672 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:43:03.0813 6672 stexstor - ok
08:43:03.0860 6672 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:43:03.0907 6672 stisvc - ok
08:43:03.0938 6672 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:43:03.0969 6672 stllssvr - ok
08:43:03.0985 6672 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:43:04.0001 6672 swenum - ok
08:43:04.0032 6672 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:43:04.0110 6672 swprv - ok
08:43:04.0203 6672 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:43:04.0250 6672 SynTP - ok
08:43:04.0297 6672 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:43:04.0422 6672 SysMain - ok
08:43:04.0437 6672 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:43:04.0469 6672 TabletInputService - ok
08:43:04.0500 6672 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:43:04.0562 6672 TapiSrv - ok
08:43:04.0578 6672 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:43:04.0625 6672 TBS - ok
08:43:04.0703 6672 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:43:04.0796 6672 Tcpip - ok
08:43:04.0874 6672 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:43:04.0905 6672 TCPIP6 - ok
08:43:04.0937 6672 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:43:04.0968 6672 tcpipreg - ok
08:43:04.0983 6672 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:43:05.0015 6672 TDPIPE - ok
08:43:05.0046 6672 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:43:05.0093 6672 TDTCP - ok
08:43:05.0124 6672 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:43:05.0186 6672 tdx - ok
08:43:05.0202 6672 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:43:05.0217 6672 TermDD - ok
08:43:05.0249 6672 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:43:05.0311 6672 TermService - ok
08:43:05.0327 6672 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:43:05.0389 6672 Themes - ok
08:43:05.0420 6672 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:43:05.0467 6672 THREADORDER - ok
08:43:05.0483 6672 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:43:05.0607 6672 TrkWks - ok
08:43:05.0670 6672 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:43:05.0732 6672 TrustedInstaller - ok
08:43:05.0748 6672 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:43:05.0826 6672 tssecsrv - ok
08:43:05.0857 6672 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:43:05.0888 6672 TsUsbFlt - ok
08:43:05.0919 6672 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:43:05.0935 6672 TsUsbGD - ok
08:43:05.0966 6672 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:43:06.0029 6672 tunnel - ok
08:43:06.0060 6672 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:43:06.0075 6672 uagp35 - ok
08:43:06.0107 6672 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:43:06.0185 6672 udfs - ok
08:43:06.0216 6672 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:43:06.0231 6672 UI0Detect - ok
08:43:06.0263 6672 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:43:06.0278 6672 uliagpkx - ok
08:43:06.0294 6672 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:43:06.0325 6672 umbus - ok
08:43:06.0356 6672 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:43:06.0419 6672 UmPass - ok
08:43:06.0543 6672 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:43:06.0606 6672 UNS - ok
08:43:06.0621 6672 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:43:06.0684 6672 upnphost - ok
08:43:06.0731 6672 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:43:06.0793 6672 usbccgp - ok
08:43:06.0840 6672 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:43:06.0887 6672 usbcir - ok
08:43:06.0902 6672 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:43:06.0933 6672 usbehci - ok
08:43:06.0965 6672 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:43:07.0011 6672 usbhub - ok
08:43:07.0027 6672 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:43:07.0074 6672 usbohci - ok
08:43:07.0105 6672 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:43:07.0167 6672 usbprint - ok
08:43:07.0214 6672 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:43:07.0245 6672 usbscan - ok
08:43:07.0261 6672 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:43:07.0323 6672 USBSTOR - ok
08:43:07.0370 6672 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:43:07.0401 6672 usbuhci - ok
08:43:07.0448 6672 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:43:07.0495 6672 usbvideo - ok
08:43:07.0526 6672 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:43:07.0557 6672 UxSms - ok
08:43:07.0589 6672 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:43:07.0604 6672 VaultSvc - ok
08:43:07.0635 6672 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:43:07.0635 6672 vdrvroot - ok
08:43:07.0667 6672 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:43:07.0713 6672 vds - ok
08:43:07.0729 6672 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:43:07.0760 6672 vga - ok
08:43:07.0776 6672 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:43:07.0854 6672 VgaSave - ok
08:43:07.0869 6672 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:43:07.0885 6672 vhdmp - ok
08:43:07.0916 6672 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:43:07.0947 6672 viaide - ok
08:43:07.0979 6672 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:43:07.0979 6672 volmgr - ok
08:43:08.0010 6672 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:43:08.0025 6672 volmgrx - ok
08:43:08.0041 6672 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:43:08.0057 6672 volsnap - ok
08:43:08.0088 6672 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:43:08.0103 6672 vsmraid - ok
08:43:08.0166 6672 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:43:08.0259 6672 VSS - ok
08:43:08.0275 6672 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:43:08.0322 6672 vwifibus - ok
08:43:08.0353 6672 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:43:08.0415 6672 vwififlt - ok
08:43:08.0431 6672 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:43:08.0478 6672 vwifimp - ok
08:43:08.0493 6672 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:43:08.0540 6672 W32Time - ok
08:43:08.0556 6672 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:43:08.0571 6672 WacomPen - ok
08:43:08.0603 6672 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:43:08.0681 6672 WANARP - ok
08:43:08.0696 6672 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:43:08.0727 6672 Wanarpv6 - ok
08:43:08.0805 6672 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:43:08.0883 6672 WatAdminSvc - ok
08:43:08.0946 6672 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:43:09.0055 6672 wbengine - ok
08:43:09.0086 6672 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:43:09.0102 6672 WbioSrvc - ok
08:43:09.0117 6672 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:43:09.0164 6672 wcncsvc - ok
08:43:09.0180 6672 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:43:09.0211 6672 WcsPlugInService - ok
08:43:09.0242 6672 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:43:09.0273 6672 Wd - ok
08:43:09.0305 6672 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:43:09.0320 6672 Wdf01000 - ok
08:43:09.0336 6672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:43:09.0445 6672 WdiServiceHost - ok
08:43:09.0461 6672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:43:09.0476 6672 WdiSystemHost - ok
08:43:09.0492 6672 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:43:09.0554 6672 WebClient - ok
08:43:09.0585 6672 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:43:09.0648 6672 Wecsvc - ok
08:43:09.0679 6672 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:43:09.0741 6672 wercplsupport - ok
08:43:09.0773 6672 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:43:09.0835 6672 WerSvc - ok
08:43:09.0851 6672 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:43:09.0882 6672 WfpLwf - ok
08:43:09.0913 6672 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:43:09.0929 6672 WimFltr - ok
08:43:09.0944 6672 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:43:09.0960 6672 WIMMount - ok
08:43:10.0007 6672 WinDefend - ok
08:43:10.0022 6672 WinHttpAutoProxySvc - ok
08:43:10.0085 6672 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:43:10.0147 6672 Winmgmt - ok
08:43:10.0241 6672 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:43:10.0350 6672 WinRM - ok
08:43:10.0412 6672 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:43:10.0490 6672 Wlansvc - ok
08:43:10.0553 6672 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:43:10.0584 6672 wlcrasvc - ok
08:43:10.0709 6672 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:43:10.0755 6672 wlidsvc - ok
08:43:10.0802 6672 [ BCA22B2B27417FA7C8D824D5DE4DC03C ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
08:43:10.0818 6672 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
08:43:10.0818 6672 wltrysvc - detected UnsignedFile.Multi.Generic (1)
08:43:10.0849 6672 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:43:10.0896 6672 WmiAcpi - ok
08:43:10.0927 6672 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:43:10.0974 6672 wmiApSrv - ok
08:43:11.0005 6672 WMPNetworkSvc - ok
08:43:11.0036 6672 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:43:11.0099 6672 WPCSvc - ok
08:43:11.0114 6672 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:43:11.0130 6672 WPDBusEnum - ok
08:43:11.0161 6672 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:43:11.0192 6672 ws2ifsl - ok
08:43:11.0255 6672 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:43:11.0317 6672 wscsvc - ok
08:43:11.0333 6672 WSearch - ok
08:43:11.0426 6672 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:43:11.0520 6672 wuauserv - ok
08:43:11.0535 6672 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:43:11.0582 6672 WudfPf - ok
08:43:11.0645 6672 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:43:11.0707 6672 WUDFRd - ok
08:43:11.0738 6672 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:43:11.0785 6672 wudfsvc - ok
08:43:11.0816 6672 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:43:11.0863 6672 WwanSvc - ok
08:43:11.0894 6672 ================ Scan global ===============================
08:43:11.0910 6672 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:43:11.0925 6672 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:43:11.0941 6672 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:43:11.0957 6672 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:43:12.0003 6672 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:43:12.0003 6672 [Global] - ok
08:43:12.0003 6672 ================ Scan MBR ==================================
08:43:12.0035 6672 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:43:12.0456 6672 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:43:12.0456 6672 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:43:12.0456 6672 ================ Scan VBR ==================================
08:43:12.0456 6672 [ 119EC4FD4956138ED61A44A1279D8C5D ] \Device\Harddisk0\DR0\Partition1
08:43:12.0471 6672 \Device\Harddisk0\DR0\Partition1 - ok
08:43:12.0503 6672 [ 22BE3A84ED3753349F9ACEB9525DE59B ] \Device\Harddisk0\DR0\Partition2
08:43:12.0503 6672 \Device\Harddisk0\DR0\Partition2 - ok
08:43:12.0503 6672 ============================================================
08:43:12.0503 6672 Scan finished
08:43:12.0503 6672 ============================================================
08:43:12.0534 6740 Detected object count: 5
08:43:12.0534 6740 Actual detected object count: 5
08:43:50.0863 6740 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 McAWFwk ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 McAWFwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:43:50.0863 6740 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:54:48.0265 2632 ============================================================
08:54:48.0265 2632 Scan started
08:54:48.0265 2632 Mode: Manual; SigCheck; TDLFS;
08:54:48.0265 2632 ============================================================
08:54:48.0452 2632 ================ Scan system memory ========================
08:54:48.0452 2632 System memory - ok
08:54:48.0452 2632 ================ Scan services =============================
08:54:48.0686 2632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:54:48.0733 2632 1394ohci - ok
08:54:48.0764 2632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:54:48.0780 2632 ACPI - ok
08:54:48.0811 2632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:54:48.0826 2632 AcpiPmi - ok
08:54:48.0936 2632 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:54:48.0951 2632 AdobeARMservice - ok
08:54:49.0076 2632 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:54:49.0092 2632 AdobeFlashPlayerUpdateSvc - ok
08:54:49.0138 2632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:54:49.0154 2632 adp94xx - ok
08:54:49.0170 2632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:54:49.0185 2632 adpahci - ok
08:54:49.0201 2632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:54:49.0216 2632 adpu320 - ok
08:54:49.0248 2632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:54:49.0294 2632 AeLookupSvc - ok
08:54:49.0372 2632 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:54:49.0388 2632 AERTFilters - ok
08:54:49.0419 2632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:54:49.0450 2632 AFD - ok
08:54:49.0482 2632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:54:49.0497 2632 agp440 - ok
08:54:49.0513 2632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:54:49.0544 2632 ALG - ok
08:54:49.0560 2632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:54:49.0575 2632 aliide - ok
08:54:49.0591 2632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:54:49.0591 2632 amdide - ok
08:54:49.0622 2632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:54:49.0638 2632 AmdK8 - ok
08:54:49.0638 2632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:54:49.0653 2632 AmdPPM - ok
08:54:49.0700 2632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:54:49.0731 2632 amdsata - ok
08:54:49.0747 2632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:54:49.0778 2632 amdsbs - ok
08:54:49.0794 2632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:54:49.0809 2632 amdxata - ok
08:54:49.0825 2632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:54:49.0856 2632 AppID - ok
08:54:49.0887 2632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:54:49.0918 2632 AppIDSvc - ok
08:54:49.0934 2632 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:54:49.0981 2632 Appinfo - ok
08:54:50.0074 2632 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:54:50.0106 2632 Apple Mobile Device - ok
08:54:50.0121 2632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:54:50.0137 2632 arc - ok
08:54:50.0152 2632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:54:50.0168 2632 arcsas - ok
08:54:50.0277 2632 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:54:50.0308 2632 aspnet_state - ok
08:54:50.0324 2632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:54:50.0355 2632 AsyncMac - ok
08:54:50.0386 2632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:54:50.0402 2632 atapi - ok
08:54:50.0433 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:54:50.0496 2632 AudioEndpointBuilder - ok
08:54:50.0527 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:54:50.0574 2632 AudioSrv - ok
08:54:50.0589 2632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:54:50.0605 2632 AxInstSV - ok
08:54:50.0636 2632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:54:50.0683 2632 b06bdrv - ok
08:54:50.0698 2632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:54:50.0745 2632 b57nd60a - ok
08:54:50.0808 2632 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
08:54:50.0854 2632 BBSvc - ok
08:54:50.0870 2632 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
08:54:50.0886 2632 BBUpdate - ok
08:54:50.0917 2632 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
08:54:50.0948 2632 BCM42RLY - ok
08:54:51.0073 2632 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:54:51.0151 2632 BCM43XX - ok
08:54:51.0182 2632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:54:51.0213 2632 BDESVC - ok
08:54:51.0229 2632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:54:51.0276 2632 Beep - ok
08:54:51.0307 2632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:54:51.0338 2632 BFE - ok
08:54:51.0385 2632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:54:51.0478 2632 BITS - ok
08:54:51.0478 2632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:54:51.0494 2632 blbdrive - ok
08:54:51.0541 2632 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:54:51.0572 2632 Bonjour Service - ok
08:54:51.0603 2632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:54:51.0619 2632 bowser - ok
08:54:51.0634 2632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:54:51.0650 2632 BrFiltLo - ok
08:54:51.0666 2632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:54:51.0681 2632 BrFiltUp - ok
08:54:51.0697 2632 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:54:51.0744 2632 BridgeMP - ok
08:54:51.0775 2632 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
08:54:51.0837 2632 Browser - ok
08:54:51.0853 2632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:54:51.0884 2632 Brserid - ok
08:54:51.0884 2632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:54:51.0915 2632 BrSerWdm - ok
08:54:51.0931 2632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:54:51.0946 2632 BrUsbMdm - ok
08:54:51.0962 2632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:54:51.0978 2632 BrUsbSer - ok
08:54:52.0009 2632 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:54:52.0040 2632 BthEnum - ok
08:54:52.0056 2632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:54:52.0071 2632 BTHMODEM - ok
08:54:52.0087 2632 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:54:52.0118 2632 BthPan - ok
08:54:52.0149 2632 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:54:52.0165 2632 BTHPORT - ok
08:54:52.0196 2632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:54:52.0258 2632 bthserv - ok
08:54:52.0274 2632 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:54:52.0290 2632 BTHUSB - ok
08:54:52.0336 2632 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
08:54:52.0368 2632 BTWAMPFL - ok
08:54:52.0383 2632 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:54:52.0399 2632 btwaudio - ok
08:54:52.0414 2632 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
08:54:52.0414 2632 btwavdt - ok
08:54:52.0492 2632 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:54:52.0524 2632 btwdins - ok
08:54:52.0539 2632 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:54:52.0555 2632 btwl2cap - ok
08:54:52.0570 2632 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:54:52.0586 2632 btwrchid - ok
08:54:52.0617 2632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:54:52.0680 2632 cdfs - ok
08:54:52.0695 2632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:54:52.0711 2632 cdrom - ok
08:54:52.0726 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:54:52.0773 2632 CertPropSvc - ok
08:54:52.0789 2632 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:54:52.0804 2632 cfwids - ok
08:54:52.0820 2632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:54:52.0836 2632 circlass - ok
08:54:52.0867 2632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:54:52.0882 2632 CLFS - ok
08:54:52.0945 2632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:54:52.0976 2632 clr_optimization_v2.0.50727_32 - ok
08:54:53.0007 2632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:54:53.0023 2632 clr_optimization_v2.0.50727_64 - ok
08:54:53.0070 2632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:54:53.0085 2632 clr_optimization_v4.0.30319_32 - ok
08:54:53.0116 2632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:54:53.0132 2632 clr_optimization_v4.0.30319_64 - ok
08:54:53.0148 2632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:54:53.0163 2632 CmBatt - ok
08:54:53.0194 2632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:54:53.0194 2632 cmdide - ok
08:54:53.0241 2632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:54:53.0288 2632 CNG - ok
08:54:53.0304 2632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:54:53.0319 2632 Compbatt - ok
08:54:53.0335 2632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:54:53.0350 2632 CompositeBus - ok
08:54:53.0350 2632 COMSysApp - ok
08:54:53.0366 2632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:54:53.0382 2632 crcdisk - ok
08:54:53.0413 2632 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:54:53.0444 2632 CryptSvc - ok
08:54:53.0475 2632 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:54:53.0506 2632 CtClsFlt - ok
08:54:53.0538 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:54:53.0600 2632 DcomLaunch - ok
08:54:53.0631 2632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:54:53.0678 2632 defragsvc - ok
08:54:53.0740 2632 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
08:54:53.0756 2632 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
08:54:53.0756 2632 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
08:54:53.0772 2632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:54:53.0803 2632 DfsC - ok
08:54:53.0850 2632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:54:53.0881 2632 Dhcp - ok
08:54:53.0912 2632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:54:53.0943 2632 discache - ok
08:54:53.0974 2632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:54:53.0990 2632 Disk - ok
08:54:54.0006 2632 dlcq_device - ok
08:54:54.0068 2632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:54:54.0099 2632 Dnscache - ok
08:54:54.0115 2632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:54:54.0146 2632 dot3svc - ok
08:54:54.0162 2632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:54:54.0208 2632 DPS - ok
08:54:54.0224 2632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:54:54.0255 2632 drmkaud - ok
08:54:54.0271 2632 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:54:54.0302 2632 DXGKrnl - ok
08:54:54.0318 2632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:54:54.0349 2632 EapHost - ok
08:54:54.0442 2632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:54:54.0489 2632 ebdrv - ok
08:54:54.0520 2632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:54:54.0536 2632 EFS - ok
08:54:54.0614 2632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:54:54.0645 2632 ehRecvr - ok
08:54:54.0661 2632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:54:54.0692 2632 ehSched - ok
08:54:54.0708 2632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:54:54.0739 2632 elxstor - ok
08:54:54.0754 2632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:54:54.0770 2632 ErrDev - ok
08:54:54.0801 2632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:54:54.0864 2632 EventSystem - ok
08:54:54.0879 2632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:54:54.0926 2632 exfat - ok
08:54:54.0942 2632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:54:54.0973 2632 fastfat - ok
08:54:54.0988 2632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:54:55.0020 2632 Fax - ok
08:54:55.0035 2632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:54:55.0051 2632 fdc - ok
08:54:55.0066 2632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:54:55.0098 2632 fdPHost - ok
08:54:55.0113 2632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:54:55.0144 2632 FDResPub - ok
08:54:55.0160 2632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:54:55.0176 2632 FileInfo - ok
08:54:55.0191 2632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:54:55.0238 2632 Filetrace - ok
08:54:55.0254 2632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:54:55.0269 2632 flpydisk - ok
08:54:55.0285 2632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:54:55.0300 2632 FltMgr - ok
08:54:55.0347 2632 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:54:55.0363 2632 FontCache - ok
08:54:55.0410 2632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:54:55.0441 2632 FontCache3.0.0.0 - ok
08:54:55.0441 2632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:54:55.0456 2632 FsDepends - ok
08:54:55.0488 2632 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:54:55.0503 2632 fssfltr - ok
08:54:55.0581 2632 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:54:55.0628 2632 fsssvc - ok
08:54:55.0675 2632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:54:55.0706 2632 Fs_Rec - ok
08:54:55.0768 2632 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:54:55.0815 2632 fvevol - ok
08:54:55.0831 2632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:54:55.0846 2632 gagp30kx - ok
08:54:55.0878 2632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:54:55.0956 2632 gpsvc - ok
08:54:55.0971 2632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:54:55.0971 2632 hcw85cir - ok
08:54:55.0987 2632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:54:56.0018 2632 HDAudBus - ok
08:54:56.0018 2632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:54:56.0034 2632 HidBatt - ok
08:54:56.0065 2632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:54:56.0080 2632 HidBth - ok
08:54:56.0080 2632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:54:56.0096 2632 HidIr - ok
08:54:56.0112 2632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:54:56.0158 2632 hidserv - ok
08:54:56.0190 2632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:54:56.0221 2632 HidUsb - ok
08:54:56.0252 2632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:54:56.0314 2632 hkmsvc - ok
08:54:56.0330 2632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:54:56.0346 2632 HomeGroupListener - ok
08:54:56.0377 2632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:54:56.0408 2632 HomeGroupProvider - ok
08:54:56.0424 2632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:54:56.0439 2632 HpSAMD - ok
08:54:56.0470 2632 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:54:56.0502 2632 HTCAND64 - ok
08:54:56.0533 2632 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
08:54:56.0564 2632 htcnprot - ok
08:54:56.0580 2632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:54:56.0642 2632 HTTP - ok
08:54:56.0658 2632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:54:56.0673 2632 hwpolicy - ok
08:54:56.0704 2632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:54:56.0736 2632 i8042prt - ok
08:54:56.0767 2632 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:54:56.0798 2632 iaStor - ok
08:54:56.0814 2632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:54:56.0845 2632 iaStorV - ok
08:54:56.0907 2632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:54:56.0954 2632 idsvc - ok
08:54:57.0219 2632 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:54:57.0360 2632 igfx - ok
08:54:57.0391 2632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:54:57.0406 2632 iirsp - ok
08:54:57.0469 2632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:54:57.0531 2632 IKEEXT - ok
08:54:57.0562 2632 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
08:54:57.0594 2632 Impcd - ok
08:54:57.0672 2632 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:54:57.0750 2632 IntcAzAudAddService - ok
08:54:57.0781 2632 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:54:57.0796 2632 IntcDAud - ok
08:54:57.0828 2632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:54:57.0859 2632 intelide - ok
08:54:57.0874 2632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:54:57.0906 2632 intelppm - ok
08:54:57.0921 2632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:54:57.0968 2632 IPBusEnum - ok
08:54:57.0984 2632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:54:58.0015 2632 IpFilterDriver - ok
08:54:58.0046 2632 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:54:58.0093 2632 iphlpsvc - ok
08:54:58.0108 2632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:54:58.0124 2632 IPMIDRV - ok
08:54:58.0124 2632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:54:58.0171 2632 IPNAT - ok
08:54:58.0186 2632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:54:58.0202 2632 IRENUM - ok
08:54:58.0218 2632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:54:58.0233 2632 isapnp - ok
08:54:58.0249 2632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:54:58.0264 2632 iScsiPrt - ok
08:54:58.0280 2632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:54:58.0296 2632 kbdclass - ok
08:54:58.0311 2632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:54:58.0327 2632 kbdhid - ok
08:54:58.0358 2632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:54:58.0374 2632 KeyIso - ok
08:54:58.0405 2632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:54:58.0420 2632 KSecDD - ok
08:54:58.0467 2632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:54:58.0498 2632 KSecPkg - ok
08:54:58.0514 2632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:54:58.0545 2632 ksthunk - ok
08:54:58.0592 2632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:54:58.0654 2632 KtmRm - ok
08:54:58.0686 2632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:54:58.0748 2632 LanmanServer - ok
08:54:58.0764 2632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:54:58.0826 2632 LanmanWorkstation - ok
08:54:58.0842 2632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:54:58.0888 2632 lltdio - ok
08:54:58.0920 2632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:54:58.0982 2632 lltdsvc - ok
08:54:58.0998 2632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:54:59.0060 2632 lmhosts - ok
08:54:59.0122 2632 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:54:59.0138 2632 LMS - ok
08:54:59.0169 2632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:54:59.0169 2632 LSI_FC - ok
08:54:59.0216 2632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:54:59.0232 2632 LSI_SAS - ok
08:54:59.0247 2632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:54:59.0278 2632 LSI_SAS2 - ok
08:54:59.0310 2632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:54:59.0325 2632 LSI_SCSI - ok
08:54:59.0341 2632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:54:59.0403 2632 luafv - ok
08:54:59.0434 2632 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:54:59.0450 2632 MBAMProtector - ok
08:54:59.0512 2632 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:54:59.0528 2632 MBAMService - ok
08:54:59.0622 2632 [ F69B3AD25321B672A417C24FE6688B6F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
08:54:59.0653 2632 McAWFwk ( UnsignedFile.Multi.Generic ) - warning
08:54:59.0653 2632 McAWFwk - detected UnsignedFile.Multi.Generic (1)
08:54:59.0731 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:54:59.0762 2632 McMPFSvc - ok
08:54:59.0778 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0793 2632 mcmscsvc - ok
08:54:59.0809 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0824 2632 McNaiAnn - ok
08:54:59.0824 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0840 2632 McNASvc - ok
08:54:59.0902 2632 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
08:54:59.0934 2632 McODS - ok
08:54:59.0934 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0949 2632 McOobeSv - ok
08:54:59.0965 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0980 2632 McProxy - ok

ronnies
2012-08-29, 17:56
08:55:00.0012 2632 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:55:00.0043 2632 McShield - ok
08:55:00.0105 2632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:55:00.0136 2632 Mcx2Svc - ok
08:55:00.0168 2632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:55:00.0183 2632 megasas - ok
08:55:00.0214 2632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:55:00.0261 2632 MegaSR - ok
08:55:00.0277 2632 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:55:00.0308 2632 MEIx64 - ok
08:55:00.0355 2632 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
08:55:00.0386 2632 mfeapfk - ok
08:55:00.0402 2632 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
08:55:00.0417 2632 mfeavfk - ok
08:55:00.0433 2632 mfeavfk01 - ok
08:55:00.0448 2632 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:55:00.0464 2632 mfefire - ok
08:55:00.0480 2632 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
08:55:00.0526 2632 mfefirek - ok
08:55:00.0542 2632 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
08:55:00.0558 2632 mfehidk - ok
08:55:00.0573 2632 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
08:55:00.0589 2632 mfenlfk - ok
08:55:00.0620 2632 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
08:55:00.0651 2632 mferkdet - ok
08:55:00.0682 2632 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
08:55:00.0729 2632 mfevtp - ok
08:55:00.0745 2632 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
08:55:00.0760 2632 mfewfpk - ok
08:55:00.0776 2632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:55:00.0838 2632 MMCSS - ok
08:55:00.0854 2632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:55:00.0901 2632 Modem - ok
08:55:00.0916 2632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:55:00.0932 2632 monitor - ok
08:55:00.0963 2632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:55:00.0979 2632 mouclass - ok
08:55:00.0994 2632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
08:55:01.0010 2632 mouhid - ok
08:55:01.0026 2632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:55:01.0041 2632 mountmgr - ok
08:55:01.0057 2632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:55:01.0088 2632 mpio - ok
08:55:01.0104 2632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:55:01.0150 2632 mpsdrv - ok
08:55:01.0182 2632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:55:01.0228 2632 MpsSvc - ok
08:55:01.0244 2632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:55:01.0275 2632 MRxDAV - ok
08:55:01.0291 2632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:55:01.0322 2632 mrxsmb - ok
08:55:01.0353 2632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:55:01.0369 2632 mrxsmb10 - ok
08:55:01.0384 2632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:55:01.0400 2632 mrxsmb20 - ok
08:55:01.0416 2632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:55:01.0447 2632 msahci - ok
08:55:01.0494 2632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:55:01.0525 2632 msdsm - ok
08:55:01.0540 2632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:55:01.0556 2632 MSDTC - ok
08:55:01.0587 2632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:55:01.0618 2632 Msfs - ok
08:55:01.0634 2632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:55:01.0665 2632 mshidkmdf - ok
08:55:01.0681 2632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:55:01.0696 2632 msisadrv - ok
08:55:01.0728 2632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:55:01.0759 2632 MSiSCSI - ok
08:55:01.0774 2632 msiserver - ok
08:55:01.0790 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:55:01.0806 2632 MSK80Service - ok
08:55:01.0821 2632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:55:01.0868 2632 MSKSSRV - ok
08:55:01.0868 2632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:55:01.0915 2632 MSPCLOCK - ok
08:55:01.0930 2632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:55:01.0962 2632 MSPQM - ok
08:55:01.0993 2632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:55:02.0008 2632 MsRPC - ok
08:55:02.0024 2632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:55:02.0040 2632 mssmbios - ok
08:55:02.0040 2632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:55:02.0086 2632 MSTEE - ok
08:55:02.0102 2632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:55:02.0118 2632 MTConfig - ok
08:55:02.0133 2632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:55:02.0149 2632 Mup - ok
08:55:02.0196 2632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:55:02.0227 2632 napagent - ok
08:55:02.0242 2632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:55:02.0274 2632 NativeWifiP - ok
08:55:02.0336 2632 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:55:02.0367 2632 NDIS - ok
08:55:02.0383 2632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:55:02.0414 2632 NdisCap - ok
08:55:02.0430 2632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:55:02.0476 2632 NdisTapi - ok
08:55:02.0476 2632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:55:02.0523 2632 Ndisuio - ok
08:55:02.0523 2632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:55:02.0570 2632 NdisWan - ok
08:55:02.0586 2632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:55:02.0617 2632 NDProxy - ok
08:55:02.0632 2632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:55:02.0664 2632 NetBIOS - ok
08:55:02.0679 2632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:55:02.0710 2632 NetBT - ok
08:55:02.0726 2632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:55:02.0742 2632 Netlogon - ok
08:55:02.0788 2632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:55:02.0835 2632 Netman - ok
08:55:02.0851 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:02.0866 2632 NetMsmqActivator - ok
08:55:02.0866 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:02.0882 2632 NetPipeActivator - ok
08:55:02.0913 2632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:55:02.0976 2632 netprofm - ok
08:55:02.0976 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:02.0991 2632 NetTcpActivator - ok
08:55:02.0991 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:03.0007 2632 NetTcpPortSharing - ok
08:55:03.0038 2632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:55:03.0069 2632 nfrd960 - ok
08:55:03.0085 2632 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:55:03.0116 2632 NlaSvc - ok
08:55:03.0225 2632 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
08:55:03.0288 2632 NOBU - ok
08:55:03.0303 2632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:55:03.0334 2632 Npfs - ok
08:55:03.0350 2632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:55:03.0397 2632 nsi - ok
08:55:03.0397 2632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:55:03.0444 2632 nsiproxy - ok
08:55:03.0506 2632 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:55:03.0568 2632 Ntfs - ok
08:55:03.0584 2632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:55:03.0631 2632 Null - ok
08:55:03.0662 2632 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
08:55:03.0678 2632 nusb3hub - ok
08:55:03.0709 2632 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:55:03.0740 2632 nusb3xhc - ok
08:55:03.0771 2632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:55:03.0802 2632 nvraid - ok
08:55:03.0818 2632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:55:03.0849 2632 nvstor - ok
08:55:03.0865 2632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:55:03.0880 2632 nv_agp - ok
08:55:03.0896 2632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:55:03.0912 2632 ohci1394 - ok
08:55:03.0974 2632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:55:04.0005 2632 ose - ok
08:55:04.0192 2632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:55:04.0270 2632 osppsvc - ok
08:55:04.0302 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:55:04.0317 2632 p2pimsvc - ok
08:55:04.0348 2632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:55:04.0364 2632 p2psvc - ok
08:55:04.0380 2632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:55:04.0395 2632 Parport - ok
08:55:04.0411 2632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:55:04.0458 2632 partmgr - ok
08:55:04.0504 2632 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:55:04.0520 2632 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
08:55:04.0520 2632 PassThru Service - detected UnsignedFile.Multi.Generic (1)
08:55:04.0536 2632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:55:04.0567 2632 PcaSvc - ok
08:55:04.0598 2632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:55:04.0629 2632 pci - ok
08:55:04.0645 2632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:55:04.0676 2632 pciide - ok
08:55:04.0692 2632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:55:04.0707 2632 pcmcia - ok
08:55:04.0723 2632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:55:04.0738 2632 pcw - ok
08:55:04.0754 2632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:55:04.0801 2632 PEAUTH - ok
08:55:04.0894 2632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:55:04.0926 2632 PerfHost - ok
08:55:04.0988 2632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:55:05.0035 2632 pla - ok
08:55:05.0066 2632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:55:05.0113 2632 PlugPlay - ok
08:55:05.0128 2632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:55:05.0160 2632 PNRPAutoReg - ok
08:55:05.0191 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:55:05.0206 2632 PNRPsvc - ok
08:55:05.0253 2632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:55:05.0300 2632 PolicyAgent - ok
08:55:05.0331 2632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:55:05.0394 2632 Power - ok
08:55:05.0425 2632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:55:05.0487 2632 PptpMiniport - ok
08:55:05.0503 2632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:55:05.0518 2632 Processor - ok
08:55:05.0550 2632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:55:05.0581 2632 ProfSvc - ok
08:55:05.0596 2632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:55:05.0612 2632 ProtectedStorage - ok
08:55:05.0628 2632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:55:05.0659 2632 Psched - ok
08:55:05.0690 2632 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:55:05.0706 2632 PxHlpa64 - ok
08:55:05.0752 2632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:55:05.0799 2632 ql2300 - ok
08:55:05.0815 2632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:55:05.0830 2632 ql40xx - ok
08:55:05.0862 2632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:55:05.0893 2632 QWAVE - ok
08:55:05.0893 2632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:55:05.0924 2632 QWAVEdrv - ok
08:55:05.0940 2632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:55:05.0971 2632 RasAcd - ok
08:55:06.0002 2632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:55:06.0064 2632 RasAgileVpn - ok
08:55:06.0080 2632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:55:06.0127 2632 RasAuto - ok
08:55:06.0142 2632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:55:06.0174 2632 Rasl2tp - ok
08:55:06.0189 2632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:55:06.0236 2632 RasMan - ok
08:55:06.0252 2632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:55:06.0298 2632 RasPppoe - ok
08:55:06.0298 2632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:55:06.0345 2632 RasSstp - ok
08:55:06.0361 2632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:55:06.0408 2632 rdbss - ok
08:55:06.0423 2632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:55:06.0439 2632 rdpbus - ok
08:55:06.0454 2632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:55:06.0486 2632 RDPCDD - ok
08:55:06.0501 2632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:55:06.0548 2632 RDPENCDD - ok
08:55:06.0564 2632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:55:06.0610 2632 RDPREFMP - ok
08:55:06.0642 2632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:55:06.0673 2632 RDPWD - ok
08:55:06.0688 2632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:55:06.0704 2632 rdyboost - ok
08:55:06.0735 2632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:55:06.0782 2632 RemoteAccess - ok
08:55:06.0829 2632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:55:06.0876 2632 RemoteRegistry - ok
08:55:06.0922 2632 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:55:06.0938 2632 RFCOMM - ok
08:55:07.0063 2632 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
08:55:07.0110 2632 RoxMediaDB12OEM - ok
08:55:07.0141 2632 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
08:55:07.0172 2632 RoxWatch12 - ok
08:55:07.0188 2632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:55:07.0250 2632 RpcEptMapper - ok
08:55:07.0266 2632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:55:07.0297 2632 RpcLocator - ok
08:55:07.0328 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:55:07.0375 2632 RpcSs - ok
08:55:07.0406 2632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:55:07.0437 2632 rspndr - ok
08:55:07.0468 2632 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
08:55:07.0500 2632 RSUSBSTOR - ok
08:55:07.0531 2632 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:55:07.0562 2632 RTL8167 - ok
08:55:07.0578 2632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:55:07.0593 2632 SamSs - ok
08:55:07.0609 2632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:55:07.0624 2632 sbp2port - ok
08:55:07.0702 2632 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:55:07.0734 2632 SBSDWSCService - ok
08:55:07.0765 2632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:55:07.0827 2632 SCardSvr - ok
08:55:07.0843 2632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:55:07.0890 2632 scfilter - ok
08:55:07.0921 2632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:55:07.0968 2632 Schedule - ok
08:55:07.0999 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:55:08.0046 2632 SCPolicySvc - ok
08:55:08.0061 2632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:55:08.0077 2632 SDRSVC - ok
08:55:08.0092 2632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:55:08.0124 2632 secdrv - ok
08:55:08.0139 2632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:55:08.0186 2632 seclogon - ok
08:55:08.0186 2632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:55:08.0233 2632 SENS - ok
08:55:08.0248 2632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:55:08.0264 2632 SensrSvc - ok
08:55:08.0280 2632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:55:08.0295 2632 Serenum - ok
08:55:08.0311 2632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:55:08.0326 2632 Serial - ok
08:55:08.0342 2632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:55:08.0358 2632 sermouse - ok
08:55:08.0389 2632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:55:08.0420 2632 SessionEnv - ok
08:55:08.0482 2632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:55:08.0514 2632 sffdisk - ok
08:55:08.0529 2632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:55:08.0545 2632 sffp_mmc - ok
08:55:08.0560 2632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:55:08.0576 2632 sffp_sd - ok
08:55:08.0592 2632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:55:08.0607 2632 sfloppy - ok
08:55:08.0716 2632 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:55:08.0748 2632 SftService - ok
08:55:08.0794 2632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:55:08.0857 2632 SharedAccess - ok
08:55:08.0919 2632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:55:08.0982 2632 ShellHWDetection - ok
08:55:08.0997 2632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:55:09.0013 2632 SiSRaid2 - ok
08:55:09.0028 2632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:55:09.0044 2632 SiSRaid4 - ok
08:55:09.0060 2632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:55:09.0122 2632 Smb - ok
08:55:09.0138 2632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:55:09.0153 2632 SNMPTRAP - ok
08:55:09.0184 2632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:55:09.0200 2632 spldr - ok
08:55:09.0247 2632 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
08:55:09.0294 2632 Spooler - ok
08:55:09.0403 2632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:55:09.0481 2632 sppsvc - ok
08:55:09.0496 2632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:55:09.0543 2632 sppuinotify - ok
08:55:09.0574 2632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:55:09.0590 2632 srv - ok
08:55:09.0606 2632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:55:09.0637 2632 srv2 - ok
08:55:09.0637 2632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:55:09.0652 2632 srvnet - ok
08:55:09.0684 2632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:55:09.0715 2632 SSDPSRV - ok
08:55:09.0762 2632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:55:09.0824 2632 SstpSvc - ok
08:55:09.0855 2632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:55:09.0886 2632 stexstor - ok
08:55:09.0918 2632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:55:09.0964 2632 stisvc - ok
08:55:10.0074 2632 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:55:10.0089 2632 stllssvr - ok
08:55:10.0120 2632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:55:10.0136 2632 swenum - ok
08:55:10.0152 2632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:55:10.0198 2632 swprv - ok
08:55:10.0261 2632 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:55:10.0308 2632 SynTP - ok
08:55:10.0354 2632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:55:10.0417 2632 SysMain - ok
08:55:10.0432 2632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:55:10.0479 2632 TabletInputService - ok
08:55:10.0526 2632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:55:10.0588 2632 TapiSrv - ok
08:55:10.0620 2632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:55:10.0682 2632 TBS - ok
08:55:10.0760 2632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:55:10.0791 2632 Tcpip - ok
08:55:10.0854 2632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:55:10.0932 2632 TCPIP6 - ok
08:55:10.0963 2632 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:55:10.0994 2632 tcpipreg - ok
08:55:11.0010 2632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:55:11.0025 2632 TDPIPE - ok
08:55:11.0056 2632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:55:11.0072 2632 TDTCP - ok
08:55:11.0088 2632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:55:11.0119 2632 tdx - ok
08:55:11.0150 2632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:55:11.0166 2632 TermDD - ok
08:55:11.0197 2632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:55:11.0244 2632 TermService - ok
08:55:11.0259 2632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:55:11.0275 2632 Themes - ok
08:55:11.0306 2632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:55:11.0353 2632 THREADORDER - ok
08:55:11.0368 2632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:55:11.0415 2632 TrkWks - ok
08:55:11.0478 2632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:55:11.0524 2632 TrustedInstaller - ok
08:55:11.0540 2632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:55:11.0587 2632 tssecsrv - ok
08:55:11.0602 2632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:55:11.0618 2632 TsUsbFlt - ok
08:55:11.0649 2632 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:55:11.0680 2632 TsUsbGD - ok
08:55:11.0696 2632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:55:11.0743 2632 tunnel - ok
08:55:11.0758 2632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:55:11.0774 2632 uagp35 - ok
08:55:11.0790 2632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:55:11.0836 2632 udfs - ok
08:55:11.0868 2632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:55:11.0883 2632 UI0Detect - ok
08:55:11.0914 2632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:55:11.0914 2632 uliagpkx - ok
08:55:11.0946 2632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:55:11.0961 2632 umbus - ok
08:55:11.0992 2632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:55:12.0024 2632 UmPass - ok
08:55:12.0164 2632 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:55:12.0211 2632 UNS - ok
08:55:12.0242 2632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:55:12.0273 2632 upnphost - ok
08:55:12.0304 2632 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:55:12.0351 2632 usbccgp - ok
08:55:12.0367 2632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:55:12.0398 2632 usbcir - ok
08:55:12.0398 2632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:55:12.0414 2632 usbehci - ok
08:55:12.0445 2632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:55:12.0460 2632 usbhub - ok
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ================ Scan global ===============================
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ================ Scan MBR ==================================
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ================ Scan VBR ==================================
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ============================================================
08:55:12.0460 2632 Scan finished
08:55:12.0460 2632 ============================================================
08:55:12.0476 1836 Detected object count: 3
08:55:12.0476 1836 Actual detected object count: 3
08:55:28.0107 1836 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
08:55:28.0107 1836 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:55:28.0107 1836 McAWFwk ( UnsignedFile.Multi.Generic ) - skipped by user
08:55:28.0107 1836 McAWFwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:55:28.0107 1836 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:55:28.0123 1836 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:55:38.0232 3716 Deinitialize success

ronnies
2012-08-29, 17:59
All processes killed
========== SERVICES/DRIVERS ==========
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Scriven
->Temp folder emptied: 1184039 bytes
->Temporary Internet Files folder emptied: 1328015266 bytes
->Java cache emptied: 32109404 bytes
->Flash cache emptied: 68479 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1824 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,298.00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 08292012_090533

Files\Folders moved on Reboot...
C:\Users\Scriven\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Scriven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Scriven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8SUI7XZD\showthread[1].htm moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Scriven :: SCRIVEN-PC [administrator]

Protection: Enabled

8/29/2012 9:42:19 AM
mbam-log-2012-08-29 (09-42-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203725
Time elapsed: 2 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ronnies
2012-08-29, 19:21
ESETScan

C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Users\Scriven\AppData\Local\Temp\IWantThis.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\services.exe Win64/Patched.B.Gen trojan deleted - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.AD trojan deleted - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0006.dta Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0007.dta Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0008.dta Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0009.dta a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\08282012_104545\C_Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined

ronnies
2012-08-29, 19:48
Thanks so much for all of your help, oldman960!

I rebooted my system and downloaded Avira. I still have Spybot and Windows Defender. Start up and browsing are moving much better and definitely quicker.

ronnies
2012-08-30, 01:33
My husband uninstalled Avira because he didn't recognize it and didn't think to ask me first. I have not re-installed it.

Internet Explorer is now acting differently. Some pages are not loading completely and those that do are not responding to some actions.

oldman960
2012-08-30, 03:26
Hi ronnies,

I'm not sure what happened with TDSSK, we'll run it again in a bit and see if anything shows in the log. Before we do that let's seeif we can resolve the current issue.

When did the problem with IE start before or after Avira was uninstalled?

ronnies
2012-08-30, 05:19
Okay, thanks!

IE started acting up before Avira was uninstalled.

oldman960
2012-08-30, 15:54
Hi ronnies,

Any problems with a different browser besides IE?

Please rerun DDS and post the log and the Attach.txt.

ronnies
2012-08-30, 22:30
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Scriven at 15:25:11 on 2012-08-30
.
============== Running Processes ===============
.
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe
C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingBar.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Users\Scriven\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Scriven\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [FaxCenterServer] "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [<NO NAME>]
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
TCP: DhcpNameServer = 192.168.200.1
TCP: Interfaces\{B35F3F63-C6B9-40D5-8065-255D8F8DB51D} : DhcpNameServer = 192.168.200.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO-X64: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO-X64: Swag Bucks - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [FaxCenterServer] "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [(Default)]
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Scriven\AppData\Roaming\Mozilla\Firefox\Profiles\nrfefj31.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R? AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service
R? BBSvc;BingBar Service
R? BTWAMPFL;BTWAMPFL
R? btwl2cap;Bluetooth L2CAP Service
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? fssfltr;fssfltr
R? fsssvc;Windows Live Family Safety Service
R? HTCAND64;HTC Device Driver
R? htcnprot;HTC NDIS Protocol Driver
R? Impcd;Impcd
R? mfewfpk;McAfee Inc. mfewfpk
R? MozillaMaintenance;Mozilla Maintenance Service
R? osppsvc;Office Software Protection Platform
R? RoxMediaDB12OEM;RoxMediaDB12OEM
R? RoxWatch12;Roxio Hard Drive Watcher 12
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? WatAdminSvc;Windows Activation Technologies Service
R? wlcrasvc;Windows Live Mesh remote connections service
S? AdobeARMservice;Adobe Acrobat Update Service
S? AERTFilters;Andrea RT Filters Service
S? BBUpdate;BBUpdate
S? CtClsFlt;Creative Camera Class Upper Filter Driver
S? DellDigitalDelivery;Dell Digital Delivery Service
S? IntcDAud;Intel(R) Display Audio
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? MEIx64;Intel(R) Management Engine Interface
S? NOBU;Dell DataSafe Online
S? nusb3hub;Renesas Electronics USB 3.0 Hub Driver
S? nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver
S? PassThru Service;Internet Pass-Through Service
S? PxHlpa64;PxHlpa64
S? RTL8167;Realtek 8167 NT Driver
S? SBSDWSCService;SBSD Security Center Service
S? SftService;SoftThinks Agent Service
S? UNS;Intel(R) Management and Security Application User Notification Service
S? vwififlt;Virtual WiFi Filter Driver
S? vwifimp;Microsoft Virtual WiFi Miniport Service
.
=============== Created Last 30 ================
.
2012-08-30 12:58:00 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9CD06886-E5BB-40AF-87D8-8B78DEDA06F6}\offreg.dll
2012-08-29 18:00:55 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-08-29 18:00:55 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-08-29 16:36:16 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-08-29 16:36:13 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9CD06886-E5BB-40AF-87D8-8B78DEDA06F6}\mpengine.dll
2012-08-29 16:27:12 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-29 15:12:09 -------- d-----w- C:\Program Files (x86)\ESET
2012-08-28 14:45:45 -------- d-----w- C:\_OTL
2012-08-27 21:30:19 -------- d-sh--w- C:\$RECYCLE.BIN
2012-08-27 15:09:42 98816 ----a-w- C:\Windows\sed.exe
2012-08-27 15:09:42 518144 ----a-w- C:\Windows\SWREG.exe
2012-08-27 15:09:42 256000 ----a-w- C:\Windows\PEV.exe
2012-08-27 15:09:42 208896 ----a-w- C:\Windows\MBR.exe
2012-08-27 00:55:27 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-24 02:21:59 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2012-08-23 02:53:52 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-23 02:53:32 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-23 02:29:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-22 00:15:24 -------- d-----w- C:\found.000
2012-08-20 15:50:04 -------- d-----w- C:\Users\Scriven\AppData\Roaming\Malwarebytes
2012-08-20 15:49:55 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-20 15:49:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-20 02:16:10 -------- d-----w- C:\Users\Scriven\AppData\Local\AskToolbar
2012-08-20 02:16:05 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-08-12 03:55:53 -------- d-----w- C:\Users\Scriven\AppData\Local\Apple Computer
2012-08-12 03:54:14 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-12 03:54:14 -------- d-----w- C:\Program Files\iPod
2012-08-12 03:54:14 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-12 03:53:04 -------- d-----w- C:\Users\Scriven\AppData\Local\Apple
2012-08-12 03:52:15 -------- d-----w- C:\Program Files\Bonjour
2012-08-12 03:52:15 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-08-10 23:51:26 -------- d-----w- C:\Users\Scriven\AppData\Local\ElevatedDiagnostics
2012-08-07 23:41:31 -------- d-----w- C:\Users\Scriven\AppData\Local\The Weather Channel
2012-08-07 14:39:13 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-08-06 19:50:31 -------- d-----w- C:\Users\Scriven\AppData\Local\Swag_Bucks
2012-08-06 01:05:29 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2012-08-02 03:10:45 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-02 03:10:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-08-02 00:53:07 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
.
==================== Find3M ====================
.
2012-08-27 00:57:04 328704 ----a-w- C:\Windows\System32\services.exe
2012-08-22 22:15:21 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-22 22:15:21 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-06 12:49:52 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 15:26:04.56 ===============


.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4) MUI
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
Bing Bar
Bing Rewards Client Installer
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Coupon Printer for Windows
Cozi
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Digital Delivery
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell Marketplace Webslice IE8
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
eBay
ERUNT 1.1j
ESET Online Scanner v3
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Internet Explorer
Java 7 Update 6
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Messenger Companion
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 15.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
PhotoShowExpress
Print to Fax
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
Spybot - Search & Destroy
Swag Bucks Toolbar
swMSM
TrustedID
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================

ronnies
2012-08-30, 22:36
I installed Mozilla Firefox and it displays my homepage (msn.com) with full features (unlike IE). However, when I tried to go to another page I use multiple times daily, the page gave me a message that I needed Adobe Flash. I downloaded (so I thought) but neither IE nor Firefox is displaying properly.

Another example would be this site. After I log in, IE will no longer automatically redirect but Firefox will. Also, with IE, I cannot use my toolbars.

oldman960
2012-08-31, 04:01
Hi ronnies,

Your earlier logs showed you had McAfee installed, what happened to it?


Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) to your desktop.

Double click the aswMBR.exe to run it. If asked to download Avast's database please do so.

Click the "Scan" button to start scan
http://public.avast.com/~gmerek/aswMBR1.png

On completion of the scan click save log, save it to your desktop and post in your next reply
http://public.avast.com/~gmerek/aswMBR2.png

There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.


Please post back with
ASWmbr log
mbr.zip (attached)

ronnies
2012-08-31, 04:41
I don't know what happened to McAfee. As far as I know it was not uninstalled.


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-30 21:18:44
-----------------------------
21:18:44.562 OS Version: Windows x64 6.1.7601 Service Pack 1
21:18:44.562 Number of processors: 2 586 0x2A07
21:18:44.562 ComputerName: SCRIVEN-PC UserName: Scriven
21:18:46.076 Initialize success
21:19:57.397 AVAST engine defs: 12083001
21:20:41.545 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:20:41.545 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
21:20:41.576 Disk 0 MBR read successfully
21:20:41.576 Disk 0 MBR scan
21:20:41.576 Disk 0 Windows VISTA default MBR code
21:20:41.592 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
21:20:41.623 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
21:20:41.670 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 285140 MB offset 41172992
21:20:41.732 Disk 0 scanning C:\Windows\system32\drivers
21:20:58.474 Service scanning
21:21:24.448 Modules scanning
21:21:24.464 Disk 0 trace - called modules:
21:21:24.495 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:21:24.495 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064c2060]
21:21:24.495 3 CLASSPNP.SYS[fffff88001b9a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800469f050]
21:21:25.961 AVAST engine scan C:\Windows
21:21:30.158 AVAST engine scan C:\Windows\system32
21:25:24.428 AVAST engine scan C:\Windows\system32\drivers
21:25:37.049 AVAST engine scan C:\Users\Scriven
21:28:55.734 AVAST engine scan C:\ProgramData
21:30:58.429 Scan finished successfully
21:32:07.272 Disk 0 MBR has been saved successfully to "C:\Users\Scriven\Desktop\MBR.dat"
21:32:07.272 The log file has been saved successfully to "C:\Users\Scriven\Desktop\aswMBR08302012.txt"

ronnies
2012-08-31, 06:44
okayy, got McAfee back. All is well with IE. :bigthumb:

oldman960
2012-09-01, 18:02
Hi ronnies,

Ok good.

Please rerun TDSSKiller with the same settings as before. This time don't cure or delete anything just use skip. We just need a scan for now.

ronnies
2012-09-02, 02:56
19:48:28.0330 6328 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:48:30.0296 6328 ============================================================
19:48:30.0296 6328 Current date / time: 2012/09/01 19:48:30.0296
19:48:30.0296 6328 SystemInfo:
19:48:30.0296 6328
19:48:30.0296 6328 OS Version: 6.1.7601 ServicePack: 1.0
19:48:30.0296 6328 Product type: Workstation
19:48:30.0296 6328 ComputerName: SCRIVEN-PC
19:48:30.0296 6328 UserName: Scriven
19:48:30.0296 6328 Windows directory: C:\Windows
19:48:30.0296 6328 System windows directory: C:\Windows
19:48:30.0296 6328 Running under WOW64
19:48:30.0296 6328 Processor architecture: Intel x64
19:48:30.0296 6328 Number of processors: 2
19:48:30.0296 6328 Page size: 0x1000
19:48:30.0296 6328 Boot type: Normal boot
19:48:30.0296 6328 ============================================================
19:48:34.0134 6328 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:48:34.0134 6328 ============================================================
19:48:34.0134 6328 \Device\Harddisk0\DR0:
19:48:34.0134 6328 MBR partitions:
19:48:34.0134 6328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
19:48:34.0134 6328 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x22CEA2B0
19:48:34.0134 6328 ============================================================
19:48:34.0212 6328 C: <-> \Device\Harddisk0\DR0\Partition2
19:48:34.0212 6328 ============================================================
19:48:34.0212 6328 Initialize success
19:48:34.0212 6328 ============================================================
19:50:12.0821 6020 ============================================================
19:50:12.0821 6020 Scan started
19:50:12.0821 6020 Mode: Manual; SigCheck; TDLFS;
19:50:12.0821 6020 ============================================================
19:50:13.0117 6020 ================ Scan system memory ========================
19:50:13.0117 6020 System memory - ok
19:50:13.0117 6020 ================ Scan services =============================
19:50:13.0367 6020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:50:13.0632 6020 1394ohci - ok
19:50:13.0663 6020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:50:13.0694 6020 ACPI - ok
19:50:13.0710 6020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:50:13.0850 6020 AcpiPmi - ok
19:50:13.0975 6020 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:50:14.0006 6020 AdobeARMservice - ok
19:50:14.0162 6020 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:50:14.0209 6020 AdobeFlashPlayerUpdateSvc - ok
19:50:14.0287 6020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:50:14.0334 6020 adp94xx - ok
19:50:14.0365 6020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:50:14.0412 6020 adpahci - ok
19:50:14.0443 6020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:50:14.0490 6020 adpu320 - ok
19:50:14.0537 6020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:50:14.0677 6020 AeLookupSvc - ok
19:50:14.0817 6020 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:50:14.0849 6020 AERTFilters - ok
19:50:14.0880 6020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:50:14.0989 6020 AFD - ok
19:50:15.0036 6020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:50:15.0083 6020 agp440 - ok
19:50:15.0114 6020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:50:15.0207 6020 ALG - ok
19:50:15.0239 6020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:50:15.0270 6020 aliide - ok
19:50:15.0301 6020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:50:15.0332 6020 amdide - ok
19:50:15.0379 6020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:50:15.0473 6020 AmdK8 - ok
19:50:15.0504 6020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:50:15.0551 6020 AmdPPM - ok
19:50:15.0582 6020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:50:15.0675 6020 amdsata - ok
19:50:15.0691 6020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:50:15.0722 6020 amdsbs - ok
19:50:15.0769 6020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:50:15.0800 6020 amdxata - ok
19:50:15.0878 6020 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
19:50:16.0019 6020 AppHostSvc - ok
19:50:16.0034 6020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:50:16.0299 6020 AppID - ok
19:50:16.0331 6020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:50:16.0409 6020 AppIDSvc - ok
19:50:16.0424 6020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:50:16.0518 6020 Appinfo - ok
19:50:16.0611 6020 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:50:16.0643 6020 Apple Mobile Device - ok
19:50:16.0674 6020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:50:16.0705 6020 arc - ok
19:50:16.0736 6020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:50:16.0783 6020 arcsas - ok
19:50:16.0908 6020 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:50:16.0970 6020 aspnet_state - ok
19:50:16.0986 6020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:50:17.0064 6020 AsyncMac - ok
19:50:17.0095 6020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:50:17.0111 6020 atapi - ok
19:50:17.0189 6020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:50:17.0267 6020 AudioEndpointBuilder - ok
19:50:17.0282 6020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:50:17.0329 6020 AudioSrv - ok
19:50:17.0345 6020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:50:17.0485 6020 AxInstSV - ok
19:50:17.0516 6020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:50:17.0625 6020 b06bdrv - ok
19:50:17.0641 6020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:50:17.0735 6020 b57nd60a - ok
19:50:17.0844 6020 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
19:50:17.0875 6020 BBSvc - ok
19:50:17.0891 6020 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
19:50:17.0922 6020 BBUpdate - ok
19:50:17.0937 6020 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
19:50:18.0031 6020 BCM42RLY - ok
19:50:18.0140 6020 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:50:18.0218 6020 BCM43XX - ok
19:50:18.0249 6020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:50:18.0312 6020 BDESVC - ok
19:50:18.0327 6020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:50:18.0421 6020 Beep - ok
19:50:18.0468 6020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:50:18.0561 6020 BFE - ok
19:50:18.0593 6020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:50:18.0717 6020 BITS - ok
19:50:18.0780 6020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:50:18.0811 6020 blbdrive - ok
19:50:18.0873 6020 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:50:18.0905 6020 Bonjour Service - ok
19:50:18.0936 6020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:50:19.0014 6020 bowser - ok
19:50:19.0029 6020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:50:19.0092 6020 BrFiltLo - ok
19:50:19.0107 6020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:50:19.0139 6020 BrFiltUp - ok
19:50:19.0185 6020 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:50:19.0248 6020 BridgeMP - ok
19:50:19.0279 6020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:50:19.0357 6020 Browser - ok
19:50:19.0373 6020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:50:19.0451 6020 Brserid - ok
19:50:19.0466 6020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:50:19.0529 6020 BrSerWdm - ok
19:50:19.0544 6020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:50:19.0591 6020 BrUsbMdm - ok
19:50:19.0607 6020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:50:19.0653 6020 BrUsbSer - ok
19:50:19.0700 6020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:50:19.0778 6020 BthEnum - ok
19:50:19.0809 6020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:50:19.0856 6020 BTHMODEM - ok
19:50:19.0887 6020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:50:19.0934 6020 BthPan - ok
19:50:19.0965 6020 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:50:20.0059 6020 BTHPORT - ok
19:50:20.0106 6020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:50:20.0215 6020 bthserv - ok
19:50:20.0231 6020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:50:20.0309 6020 BTHUSB - ok
19:50:20.0355 6020 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
19:50:20.0449 6020 BTWAMPFL - ok
19:50:20.0480 6020 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:50:20.0558 6020 btwaudio - ok
19:50:20.0574 6020 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
19:50:20.0636 6020 btwavdt - ok
19:50:20.0714 6020 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:50:20.0792 6020 btwdins - ok
19:50:20.0823 6020 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:50:20.0901 6020 btwl2cap - ok
19:50:20.0901 6020 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:50:20.0964 6020 btwrchid - ok
19:50:20.0995 6020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:50:21.0057 6020 cdfs - ok
19:50:21.0073 6020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:50:21.0167 6020 cdrom - ok
19:50:21.0213 6020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:50:21.0323 6020 CertPropSvc - ok
19:50:21.0354 6020 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
19:50:21.0432 6020 cfwids - ok
19:50:21.0463 6020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:50:21.0494 6020 circlass - ok
19:50:21.0525 6020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:50:21.0572 6020 CLFS - ok
19:50:21.0635 6020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:50:21.0666 6020 clr_optimization_v2.0.50727_32 - ok
19:50:21.0713 6020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:50:21.0744 6020 clr_optimization_v2.0.50727_64 - ok
19:50:21.0791 6020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:50:21.0869 6020 clr_optimization_v4.0.30319_32 - ok
19:50:21.0900 6020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:50:21.0947 6020 clr_optimization_v4.0.30319_64 - ok
19:50:21.0962 6020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:50:22.0025 6020 CmBatt - ok
19:50:22.0056 6020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:50:22.0087 6020 cmdide - ok
19:50:22.0134 6020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:50:22.0181 6020 CNG - ok
19:50:22.0196 6020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:50:22.0212 6020 Compbatt - ok
19:50:22.0212 6020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:50:22.0305 6020 CompositeBus - ok
19:50:22.0305 6020 COMSysApp - ok
19:50:22.0337 6020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:50:22.0352 6020 crcdisk - ok
19:50:22.0383 6020 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:50:22.0477 6020 CryptSvc - ok
19:50:22.0508 6020 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:50:22.0602 6020 CtClsFlt - ok
19:50:22.0649 6020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:50:22.0727 6020 DcomLaunch - ok
19:50:22.0773 6020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:50:22.0836 6020 defragsvc - ok
19:50:22.0898 6020 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
19:50:22.0914 6020 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
19:50:22.0914 6020 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
19:50:22.0961 6020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:50:23.0039 6020 DfsC - ok
19:50:23.0070 6020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:50:23.0179 6020 Dhcp - ok
19:50:23.0195 6020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:50:23.0241 6020 discache - ok
19:50:23.0257 6020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:50:23.0273 6020 Disk - ok
19:50:23.0288 6020 dlcq_device - ok
19:50:23.0319 6020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:50:23.0382 6020 Dnscache - ok
19:50:23.0413 6020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:50:23.0538 6020 dot3svc - ok
19:50:23.0553 6020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:50:23.0631 6020 DPS - ok
19:50:23.0647 6020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:50:23.0709 6020 drmkaud - ok
19:50:23.0787 6020 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:50:23.0881 6020 DXGKrnl - ok
19:50:23.0897 6020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:50:23.0959 6020 EapHost - ok
19:50:24.0053 6020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:50:24.0209 6020 ebdrv - ok
19:50:24.0240 6020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:50:24.0318 6020 EFS - ok
19:50:24.0396 6020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:50:24.0552 6020 ehRecvr - ok
19:50:24.0583 6020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:50:24.0599 6020 ehSched - ok
19:50:24.0630 6020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:50:24.0692 6020 elxstor - ok
19:50:24.0708 6020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:50:24.0739 6020 ErrDev - ok
19:50:24.0817 6020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:50:24.0895 6020 EventSystem - ok
19:50:24.0911 6020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:50:24.0957 6020 exfat - ok
19:50:24.0973 6020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:50:25.0035 6020 fastfat - ok
19:50:25.0067 6020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:50:25.0145 6020 Fax - ok
19:50:25.0160 6020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:50:25.0223 6020 fdc - ok
19:50:25.0238 6020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:50:25.0285 6020 fdPHost - ok
19:50:25.0301 6020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:50:25.0379 6020 FDResPub - ok
19:50:25.0394 6020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:50:25.0410 6020 FileInfo - ok
19:50:25.0457 6020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:50:25.0519 6020 Filetrace - ok
19:50:25.0581 6020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:50:25.0597 6020 flpydisk - ok
19:50:25.0628 6020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:50:25.0644 6020 FltMgr - ok
19:50:25.0691 6020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:50:25.0784 6020 FontCache - ok
19:50:25.0831 6020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:50:25.0893 6020 FontCache3.0.0.0 - ok
19:50:25.0909 6020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:50:25.0925 6020 FsDepends - ok
19:50:25.0956 6020 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:50:26.0018 6020 fssfltr - ok
19:50:26.0096 6020 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:50:26.0143 6020 fsssvc - ok
19:50:26.0190 6020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:50:26.0252 6020 Fs_Rec - ok
19:50:26.0330 6020 [ 79179C6F8A3784CC3A20CDE998D5BD2C ] ftpsvc C:\Windows\system32\inetsrv\ftpsvc.dll
19:50:26.0486 6020 ftpsvc - ok
19:50:26.0533 6020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:50:26.0580 6020 fvevol - ok
19:50:26.0595 6020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:50:26.0611 6020 gagp30kx - ok
19:50:26.0658 6020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:50:26.0720 6020 gpsvc - ok
19:50:26.0751 6020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:50:26.0829 6020 hcw85cir - ok
19:50:26.0861 6020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:50:26.0923 6020 HDAudBus - ok
19:50:26.0939 6020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:50:26.0985 6020 HidBatt - ok
19:50:27.0017 6020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:50:27.0063 6020 HidBth - ok
19:50:27.0079 6020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:50:27.0110 6020 HidIr - ok
19:50:27.0126 6020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:50:27.0204 6020 hidserv - ok
19:50:27.0266 6020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:50:27.0344 6020 HidUsb - ok
19:50:27.0422 6020 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
19:50:27.0500 6020 HipShieldK - ok
19:50:27.0531 6020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:50:27.0625 6020 hkmsvc - ok
19:50:27.0656 6020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:50:27.0719 6020 HomeGroupListener - ok
19:50:27.0781 6020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:50:27.0890 6020 HomeGroupProvider - ok
19:50:27.0937 6020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:50:28.0015 6020 HpSAMD - ok
19:50:28.0046 6020 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:50:28.0187 6020 HTCAND64 - ok
19:50:28.0218 6020 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:50:28.0296 6020 htcnprot - ok
19:50:28.0327 6020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:50:28.0389 6020 HTTP - ok
19:50:28.0421 6020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:50:28.0436 6020 hwpolicy - ok
19:50:28.0467 6020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:50:28.0499 6020 i8042prt - ok
19:50:28.0530 6020 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:50:28.0561 6020 iaStor - ok
19:50:28.0592 6020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:50:28.0655 6020 iaStorV - ok
19:50:28.0733 6020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:50:28.0873 6020 idsvc - ok
19:50:29.0138 6020 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:50:29.0388 6020 igfx - ok
19:50:29.0419 6020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:50:29.0450 6020 iirsp - ok
19:50:29.0513 6020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:50:29.0606 6020 IKEEXT - ok
19:50:29.0637 6020 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
19:50:29.0778 6020 Impcd - ok
19:50:29.0871 6020 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:50:29.0981 6020 IntcAzAudAddService - ok
19:50:30.0027 6020 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:50:30.0105 6020 IntcDAud - ok
19:50:30.0137 6020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:50:30.0152 6020 intelide - ok
19:50:30.0168 6020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:50:30.0230 6020 intelppm - ok
19:50:30.0261 6020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:50:30.0355 6020 IPBusEnum - ok
19:50:30.0371 6020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:50:30.0449 6020 IpFilterDriver - ok
19:50:30.0480 6020 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:50:30.0542 6020 iphlpsvc - ok
19:50:30.0573 6020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:50:30.0651 6020 IPMIDRV - ok
19:50:30.0667 6020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:50:30.0745 6020 IPNAT - ok
19:50:30.0761 6020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:50:30.0792 6020 IRENUM - ok
19:50:30.0807 6020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:50:30.0839 6020 isapnp - ok
19:50:30.0854 6020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:50:30.0917 6020 iScsiPrt - ok
19:50:30.0932 6020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:50:30.0963 6020 kbdclass - ok
19:50:30.0979 6020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:50:31.0057 6020 kbdhid - ok
19:50:31.0073 6020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:50:31.0119 6020 KeyIso - ok
19:50:31.0151 6020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:50:31.0166 6020 KSecDD - ok
19:50:31.0197 6020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:50:31.0229 6020 KSecPkg - ok
19:50:31.0244 6020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:50:31.0307 6020 ksthunk - ok
19:50:31.0338 6020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:50:31.0431 6020 KtmRm - ok
19:50:31.0463 6020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:50:31.0541 6020 LanmanServer - ok
19:50:31.0587 6020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:50:31.0665 6020 LanmanWorkstation - ok
19:50:31.0681 6020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:50:31.0759 6020 lltdio - ok
19:50:31.0790 6020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:50:31.0853 6020 lltdsvc - ok
19:50:31.0884 6020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:50:31.0946 6020 lmhosts - ok
19:50:31.0993 6020 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:50:32.0040 6020 LMS - ok
19:50:32.0055 6020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:50:32.0087 6020 LSI_FC - ok
19:50:32.0118 6020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:50:32.0165 6020 LSI_SAS - ok
19:50:32.0180 6020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:50:32.0196 6020 LSI_SAS2 - ok
19:50:32.0211 6020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:50:32.0258 6020 LSI_SCSI - ok
19:50:32.0274 6020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:50:32.0336 6020 luafv - ok
19:50:32.0367 6020 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:50:32.0383 6020 MBAMProtector - ok
19:50:32.0445 6020 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:50:32.0523 6020 MBAMService - ok
19:50:32.0601 6020 [ C121367D21599367F2ADB9C11B7BABAA ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:32.0633 6020 McAfee SiteAdvisor Service - ok
19:50:32.0757 6020 [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
19:50:32.0789 6020 McComponentHostService - ok
19:50:32.0835 6020 [ C121367D21599367F2ADB9C11B7BABAA ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:32.0867 6020 McMPFSvc - ok
19:50:32.0867 6020 [ C121367D21599367F2ADB9C11B7BABAA ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
19:50:32.0882 6020 mcmscsvc - ok
19:50:32.0898 6020 [ C121367D21599367F2ADB9C11B7BABAA ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
19:50:32.0913 6020 McNaiAnn - ok
19:50:32.0929 6020 [ C121367D21599367F2ADB9C11B7BABAA ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
19:50:32.0945 6020 McNASvc - ok
19:50:33.0054 6020 [ 9EF2FF066F067C140EB2CB776104C602 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
19:50:33.0101 6020 McODS - ok
19:50:33.0116 6020 [ C121367D21599367F2ADB9C11B7BABAA ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
19:50:33.0132 6020 McProxy - ok
19:50:33.0179 6020 [ 837072909AD6E3FBA4B0C9334FDAD580 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
19:50:33.0210 6020 McPvDrv - ok
19:50:33.0257 6020 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:50:33.0288 6020 McShield - ok
19:50:33.0335 6020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:50:33.0397 6020 Mcx2Svc - ok
19:50:33.0428 6020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:50:33.0444 6020 megasas - ok
19:50:33.0475 6020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:50:33.0491 6020 MegaSR - ok
19:50:33.0522 6020 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:50:33.0584 6020 MEIx64 - ok
19:50:33.0616 6020 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
19:50:33.0647 6020 mfeapfk - ok
19:50:33.0694 6020 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
19:50:33.0772 6020 mfeavfk - ok
19:50:33.0803 6020 mfeavfk01 - ok
19:50:33.0818 6020 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:50:33.0834 6020 mfefire - ok
19:50:33.0881 6020 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
19:50:33.0990 6020 mfefirek - ok
19:50:34.0037 6020 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:50:34.0084 6020 mfehidk - ok
19:50:34.0130 6020 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
19:50:34.0208 6020 mferkdet - ok
19:50:34.0255 6020 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
19:50:34.0286 6020 mfevtp - ok
19:50:34.0333 6020 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
19:50:34.0349 6020 mfewfpk - ok
19:50:34.0396 6020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:50:34.0458 6020 MMCSS - ok
19:50:34.0505 6020 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
19:50:34.0536 6020 MOBKbackup - ok
19:50:34.0552 6020 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
19:50:34.0567 6020 MOBKFilter - ok
19:50:34.0583 6020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:50:34.0676 6020 Modem - ok
19:50:34.0708 6020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:50:34.0754 6020 monitor - ok
19:50:34.0801 6020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:50:34.0848 6020 mouclass - ok
19:50:34.0864 6020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
19:50:34.0910 6020 mouhid - ok
19:50:34.0942 6020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:50:34.0957 6020 mountmgr - ok
19:50:35.0004 6020 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:50:35.0051 6020 MozillaMaintenance - ok
19:50:35.0082 6020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:50:35.0144 6020 mpio - ok
19:50:35.0176 6020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:50:35.0254 6020 mpsdrv - ok
19:50:35.0316 6020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:50:35.0456 6020 MpsSvc - ok
19:50:35.0550 6020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:50:35.0659 6020 MRxDAV - ok
19:50:35.0675 6020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:50:35.0737 6020 mrxsmb - ok
19:50:35.0784 6020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:50:35.0800 6020 mrxsmb10 - ok
19:50:35.0862 6020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:50:35.0878 6020 mrxsmb20 - ok
19:50:35.0909 6020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:50:35.0971 6020 msahci - ok
19:50:36.0002 6020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:50:36.0080 6020 msdsm - ok
19:50:36.0112 6020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:50:36.0127 6020 MSDTC - ok
19:50:36.0174 6020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:50:36.0205 6020 Msfs - ok
19:50:36.0236 6020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:50:36.0299 6020 mshidkmdf - ok
19:50:36.0346 6020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:50:36.0377 6020 msisadrv - ok
19:50:36.0439 6020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:50:36.0564 6020 MSiSCSI - ok
19:50:36.0564 6020 msiserver - ok
19:50:36.0595 6020 [ C121367D21599367F2ADB9C11B7BABAA ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:36.0611 6020 MSK80Service - ok
19:50:36.0642 6020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:50:36.0736 6020 MSKSSRV - ok
19:50:36.0736 6020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:50:36.0798 6020 MSPCLOCK - ok
19:50:36.0814 6020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:50:36.0892 6020 MSPQM - ok
19:50:36.0923 6020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:50:36.0970 6020 MsRPC - ok
19:50:37.0001 6020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:50:37.0001 6020 mssmbios - ok
19:50:37.0016 6020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:50:37.0079 6020 MSTEE - ok
19:50:37.0094 6020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:50:37.0110 6020 MTConfig - ok
19:50:37.0157 6020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:50:37.0157 6020 Mup - ok
19:50:37.0235 6020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:50:37.0344 6020 napagent - ok
19:50:37.0360 6020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:50:37.0422 6020 NativeWifiP - ok
19:50:37.0484 6020 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:50:37.0562 6020 NDIS - ok
19:50:37.0578 6020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:50:37.0625 6020 NdisCap - ok
19:50:37.0640 6020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:50:37.0687 6020 NdisTapi - ok
19:50:37.0750 6020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:50:37.0859 6020 Ndisuio - ok
19:50:37.0890 6020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:50:37.0984 6020 NdisWan - ok
19:50:37.0999 6020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:50:38.0093 6020 NDProxy - ok
19:50:38.0124 6020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:50:38.0218 6020 NetBIOS - ok
19:50:38.0233 6020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:50:38.0264 6020 NetBT - ok
19:50:38.0296 6020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:50:38.0311 6020 Netlogon - ok
19:50:38.0342 6020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:50:38.0436 6020 Netman - ok
19:50:38.0483 6020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:38.0545 6020 NetMsmqActivator - ok
19:50:38.0561 6020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:38.0576 6020 NetPipeActivator - ok
19:50:38.0608 6020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:50:38.0686 6020 netprofm - ok
19:50:38.0701 6020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:38.0701 6020 NetTcpActivator - ok
19:50:38.0717 6020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:50:38.0732 6020 NetTcpPortSharing - ok
19:50:38.0748 6020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:50:38.0764 6020 nfrd960 - ok
19:50:38.0795 6020 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:50:38.0857 6020 NlaSvc - ok
19:50:38.0998 6020 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
19:50:39.0122 6020 NOBU - ok
19:50:39.0138 6020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:50:39.0185 6020 Npfs - ok
19:50:39.0232 6020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:50:39.0294 6020 nsi - ok
19:50:39.0341 6020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:50:39.0419 6020 nsiproxy - ok
19:50:39.0481 6020 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:50:39.0559 6020 Ntfs - ok
19:50:39.0575 6020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:50:39.0622 6020 Null - ok
19:50:39.0653 6020 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
19:50:39.0778 6020 nusb3hub - ok
19:50:39.0809 6020 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:50:39.0902 6020 nusb3xhc - ok
19:50:39.0965 6020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:50:40.0058 6020 nvraid - ok
19:50:40.0090 6020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:50:40.0168 6020 nvstor - ok
19:50:40.0183 6020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:50:40.0199 6020 nv_agp - ok
19:50:40.0230 6020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:50:40.0246 6020 ohci1394 - ok
19:50:40.0308 6020 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:50:40.0355 6020 ose - ok
19:50:40.0511 6020 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:50:40.0698 6020 osppsvc - ok
19:50:40.0776 6020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:50:40.0854 6020 p2pimsvc - ok
19:50:40.0885 6020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:50:40.0932 6020 p2psvc - ok
19:50:40.0963 6020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:50:40.0994 6020 Parport - ok
19:50:41.0041 6020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:50:41.0072 6020 partmgr - ok
19:50:41.0119 6020 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
19:50:41.0150 6020 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
19:50:41.0150 6020 PassThru Service - detected UnsignedFile.Multi.Generic (1)

ronnies
2012-09-02, 02:57
19:50:41.0197 6020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:50:41.0260 6020 PcaSvc - ok
19:50:41.0291 6020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:50:41.0322 6020 pci - ok
19:50:41.0353 6020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:50:41.0400 6020 pciide - ok
19:50:41.0431 6020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:50:41.0462 6020 pcmcia - ok
19:50:41.0494 6020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:50:41.0509 6020 pcw - ok
19:50:41.0540 6020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:50:41.0665 6020 PEAUTH - ok
19:50:41.0790 6020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:50:41.0852 6020 PerfHost - ok
19:50:41.0930 6020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:50:42.0071 6020 pla - ok
19:50:42.0102 6020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:50:42.0180 6020 PlugPlay - ok
19:50:42.0211 6020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:50:42.0242 6020 PNRPAutoReg - ok
19:50:42.0289 6020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:50:42.0305 6020 PNRPsvc - ok
19:50:42.0336 6020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:50:42.0445 6020 PolicyAgent - ok
19:50:42.0492 6020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:50:42.0554 6020 Power - ok
19:50:42.0601 6020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:50:42.0710 6020 PptpMiniport - ok
19:50:42.0757 6020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:50:42.0820 6020 Processor - ok
19:50:42.0851 6020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:50:42.0929 6020 ProfSvc - ok
19:50:42.0960 6020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:50:42.0976 6020 ProtectedStorage - ok
19:50:43.0007 6020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:50:43.0086 6020 Psched - ok
19:50:43.0133 6020 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:50:43.0148 6020 PxHlpa64 - ok
19:50:43.0226 6020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:50:43.0351 6020 ql2300 - ok
19:50:43.0382 6020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:50:43.0429 6020 ql40xx - ok
19:50:43.0460 6020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:50:43.0507 6020 QWAVE - ok
19:50:43.0523 6020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:50:43.0554 6020 QWAVEdrv - ok
19:50:43.0601 6020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:50:43.0679 6020 RasAcd - ok
19:50:43.0741 6020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:50:43.0803 6020 RasAgileVpn - ok
19:50:43.0819 6020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:50:43.0881 6020 RasAuto - ok
19:50:43.0913 6020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:50:44.0006 6020 Rasl2tp - ok
19:50:44.0037 6020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:50:44.0100 6020 RasMan - ok
19:50:44.0131 6020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:50:44.0225 6020 RasPppoe - ok
19:50:44.0256 6020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:50:44.0318 6020 RasSstp - ok
19:50:44.0349 6020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:50:44.0396 6020 rdbss - ok
19:50:44.0427 6020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:50:44.0459 6020 rdpbus - ok
19:50:44.0474 6020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:50:44.0521 6020 RDPCDD - ok
19:50:44.0552 6020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:50:44.0630 6020 RDPENCDD - ok
19:50:44.0661 6020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:50:44.0693 6020 RDPREFMP - ok
19:50:44.0771 6020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:50:44.0864 6020 RDPWD - ok
19:50:44.0880 6020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:50:44.0911 6020 rdyboost - ok
19:50:44.0958 6020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:50:45.0051 6020 RemoteAccess - ok
19:50:45.0083 6020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:50:45.0145 6020 RemoteRegistry - ok
19:50:45.0192 6020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:50:45.0270 6020 RFCOMM - ok
19:50:45.0395 6020 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
19:50:45.0457 6020 RoxMediaDB12OEM - ok
19:50:45.0504 6020 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
19:50:45.0519 6020 RoxWatch12 - ok
19:50:45.0566 6020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:50:45.0629 6020 RpcEptMapper - ok
19:50:45.0660 6020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:50:45.0707 6020 RpcLocator - ok
19:50:45.0753 6020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:50:45.0816 6020 RpcSs - ok
19:50:45.0863 6020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:50:45.0925 6020 rspndr - ok
19:50:45.0972 6020 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:50:45.0987 6020 RSUSBSTOR - ok
19:50:46.0003 6020 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:50:46.0081 6020 RTL8167 - ok
19:50:46.0113 6020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:50:46.0144 6020 SamSs - ok
19:50:46.0176 6020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:50:46.0238 6020 sbp2port - ok
19:50:46.0332 6020 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:50:46.0394 6020 SBSDWSCService - ok
19:50:46.0425 6020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:50:46.0488 6020 SCardSvr - ok
19:50:46.0519 6020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:50:46.0612 6020 scfilter - ok
19:50:46.0675 6020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:50:46.0784 6020 Schedule - ok
19:50:46.0831 6020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:50:46.0878 6020 SCPolicySvc - ok
19:50:46.0909 6020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:50:46.0987 6020 SDRSVC - ok
19:50:47.0018 6020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:50:47.0096 6020 secdrv - ok
19:50:47.0127 6020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:50:47.0174 6020 seclogon - ok
19:50:47.0190 6020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:50:47.0252 6020 SENS - ok
19:50:47.0283 6020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:50:47.0346 6020 SensrSvc - ok
19:50:47.0377 6020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:50:47.0424 6020 Serenum - ok
19:50:47.0455 6020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:50:47.0502 6020 Serial - ok
19:50:47.0533 6020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:50:47.0595 6020 sermouse - ok
19:50:47.0642 6020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:50:47.0736 6020 SessionEnv - ok
19:50:47.0767 6020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:50:47.0798 6020 sffdisk - ok
19:50:47.0814 6020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:50:47.0845 6020 sffp_mmc - ok
19:50:47.0876 6020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:50:47.0970 6020 sffp_sd - ok
19:50:47.0985 6020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:50:48.0016 6020 sfloppy - ok
19:50:48.0126 6020 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:50:48.0250 6020 SftService - ok
19:50:48.0297 6020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:50:48.0360 6020 SharedAccess - ok
19:50:48.0406 6020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:50:48.0531 6020 ShellHWDetection - ok
19:50:48.0547 6020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:50:48.0578 6020 SiSRaid2 - ok
19:50:48.0609 6020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:50:48.0625 6020 SiSRaid4 - ok
19:50:48.0656 6020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:50:48.0734 6020 Smb - ok
19:50:48.0781 6020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:50:48.0828 6020 SNMPTRAP - ok
19:50:48.0859 6020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:50:48.0874 6020 spldr - ok
19:50:48.0937 6020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:50:48.0999 6020 Spooler - ok
19:50:49.0093 6020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:50:49.0311 6020 sppsvc - ok
19:50:49.0342 6020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:50:49.0405 6020 sppuinotify - ok
19:50:49.0452 6020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:50:49.0545 6020 srv - ok
19:50:49.0576 6020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:50:49.0608 6020 srv2 - ok
19:50:49.0654 6020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:50:49.0670 6020 srvnet - ok
19:50:49.0717 6020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:50:49.0826 6020 SSDPSRV - ok
19:50:49.0857 6020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:50:49.0920 6020 SstpSvc - ok
19:50:49.0935 6020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:50:49.0951 6020 stexstor - ok
19:50:49.0998 6020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:50:50.0091 6020 stisvc - ok
19:50:50.0154 6020 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:50:50.0247 6020 stllssvr - ok
19:50:50.0278 6020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:50:50.0310 6020 swenum - ok
19:50:50.0356 6020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:50:50.0419 6020 swprv - ok
19:50:50.0481 6020 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:50:50.0559 6020 SynTP - ok
19:50:50.0606 6020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:50:50.0715 6020 SysMain - ok
19:50:50.0778 6020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:50:50.0856 6020 TabletInputService - ok
19:50:50.0887 6020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:50:50.0996 6020 TapiSrv - ok
19:50:51.0027 6020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:50:51.0090 6020 TBS - ok
19:50:51.0183 6020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:50:51.0292 6020 Tcpip - ok
19:50:51.0355 6020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:50:51.0402 6020 TCPIP6 - ok
19:50:51.0433 6020 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:50:51.0542 6020 tcpipreg - ok
19:50:51.0589 6020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:50:51.0651 6020 TDPIPE - ok
19:50:51.0698 6020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:50:51.0776 6020 TDTCP - ok
19:50:51.0792 6020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:50:51.0885 6020 tdx - ok
19:50:51.0901 6020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:50:51.0948 6020 TermDD - ok
19:50:51.0994 6020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:50:52.0104 6020 TermService - ok
19:50:52.0119 6020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:50:52.0182 6020 Themes - ok
19:50:52.0213 6020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:50:52.0260 6020 THREADORDER - ok
19:50:52.0275 6020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:50:52.0338 6020 TrkWks - ok
19:50:52.0400 6020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:50:52.0494 6020 TrustedInstaller - ok
19:50:52.0540 6020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:50:52.0634 6020 tssecsrv - ok
19:50:52.0665 6020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:50:52.0774 6020 TsUsbFlt - ok
19:50:52.0806 6020 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:50:52.0884 6020 TsUsbGD - ok
19:50:52.0915 6020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:50:53.0008 6020 tunnel - ok
19:50:53.0040 6020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:50:53.0055 6020 uagp35 - ok
19:50:53.0086 6020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:50:53.0211 6020 udfs - ok
19:50:53.0258 6020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:50:53.0274 6020 UI0Detect - ok
19:50:53.0305 6020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:50:53.0336 6020 uliagpkx - ok
19:50:53.0367 6020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:50:53.0445 6020 umbus - ok
19:50:53.0461 6020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:50:53.0508 6020 UmPass - ok
19:50:53.0664 6020 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:50:53.0726 6020 UNS - ok
19:50:53.0757 6020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:50:53.0835 6020 upnphost - ok
19:50:53.0866 6020 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:50:54.0007 6020 usbccgp - ok
19:50:54.0022 6020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:50:54.0054 6020 usbcir - ok
19:50:54.0085 6020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:50:54.0147 6020 usbehci - ok
19:50:54.0194 6020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:50:54.0303 6020 usbhub - ok
19:50:54.0334 6020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:50:54.0397 6020 usbohci - ok
19:50:54.0428 6020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:50:54.0459 6020 usbprint - ok
19:50:54.0506 6020 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:50:54.0537 6020 usbscan - ok
19:50:54.0568 6020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:50:54.0693 6020 USBSTOR - ok
19:50:54.0740 6020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:50:54.0834 6020 usbuhci - ok
19:50:54.0880 6020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:50:54.0958 6020 usbvideo - ok
19:50:54.0990 6020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:50:55.0068 6020 UxSms - ok
19:50:55.0083 6020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:50:55.0099 6020 VaultSvc - ok
19:50:55.0130 6020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:50:55.0146 6020 vdrvroot - ok
19:50:55.0177 6020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:50:55.0286 6020 vds - ok
19:50:55.0302 6020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:50:55.0333 6020 vga - ok
19:50:55.0348 6020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:50:55.0426 6020 VgaSave - ok
19:50:55.0458 6020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:50:55.0520 6020 vhdmp - ok
19:50:55.0536 6020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:50:55.0551 6020 viaide - ok
19:50:55.0567 6020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:50:55.0582 6020 volmgr - ok
19:50:55.0614 6020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:50:55.0629 6020 volmgrx - ok
19:50:55.0660 6020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:50:55.0676 6020 volsnap - ok
19:50:55.0707 6020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:50:55.0738 6020 vsmraid - ok
19:50:55.0832 6020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:50:55.0926 6020 VSS - ok
19:50:55.0957 6020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:50:56.0019 6020 vwifibus - ok
19:50:56.0035 6020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:50:56.0066 6020 vwififlt - ok
19:50:56.0097 6020 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:50:56.0113 6020 vwifimp - ok
19:50:56.0144 6020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:50:56.0191 6020 W32Time - ok
19:50:56.0253 6020 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
19:50:56.0347 6020 W3SVC - ok
19:50:56.0362 6020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:50:56.0394 6020 WacomPen - ok
19:50:56.0425 6020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:50:56.0565 6020 WANARP - ok
19:50:56.0581 6020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:50:56.0612 6020 Wanarpv6 - ok
19:50:56.0643 6020 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
19:50:56.0674 6020 WAS - ok
19:50:56.0752 6020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:50:56.0877 6020 WatAdminSvc - ok
19:50:56.0955 6020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:50:57.0330 6020 wbengine - ok
19:50:57.0345 6020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:50:57.0376 6020 WbioSrvc - ok
19:50:57.0408 6020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:50:57.0486 6020 wcncsvc - ok
19:50:57.0532 6020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:50:57.0595 6020 WcsPlugInService - ok
19:50:57.0642 6020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:50:57.0688 6020 Wd - ok
19:50:57.0766 6020 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:50:57.0813 6020 Wdf01000 - ok
19:50:57.0844 6020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:50:57.0938 6020 WdiServiceHost - ok
19:50:57.0938 6020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:50:57.0969 6020 WdiSystemHost - ok
19:50:58.0000 6020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:50:58.0078 6020 WebClient - ok
19:50:58.0110 6020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:50:58.0172 6020 Wecsvc - ok
19:50:58.0203 6020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:50:58.0250 6020 wercplsupport - ok
19:50:58.0266 6020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:50:58.0344 6020 WerSvc - ok
19:50:58.0375 6020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:50:58.0422 6020 WfpLwf - ok
19:50:58.0453 6020 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:50:58.0515 6020 WimFltr - ok
19:50:58.0546 6020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:50:58.0562 6020 WIMMount - ok
19:50:58.0578 6020 WinDefend - ok
19:50:58.0609 6020 WinHttpAutoProxySvc - ok
19:50:58.0671 6020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:50:58.0734 6020 Winmgmt - ok
19:50:58.0827 6020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:50:59.0046 6020 WinRM - ok
19:50:59.0139 6020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:50:59.0233 6020 Wlansvc - ok
19:50:59.0326 6020 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:50:59.0404 6020 wlcrasvc - ok
19:50:59.0529 6020 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:50:59.0592 6020 wlidsvc - ok
19:50:59.0654 6020 [ BCA22B2B27417FA7C8D824D5DE4DC03C ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
19:50:59.0685 6020 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
19:50:59.0685 6020 wltrysvc - detected UnsignedFile.Multi.Generic (1)
19:50:59.0716 6020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:50:59.0794 6020 WmiAcpi - ok
19:50:59.0872 6020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:50:59.0935 6020 wmiApSrv - ok
19:50:59.0966 6020 WMPNetworkSvc - ok
19:51:00.0013 6020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:51:00.0075 6020 WPCSvc - ok
19:51:00.0106 6020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:51:00.0169 6020 WPDBusEnum - ok
19:51:00.0216 6020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:51:00.0262 6020 ws2ifsl - ok
19:51:00.0278 6020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:51:00.0340 6020 wscsvc - ok
19:51:00.0356 6020 WSearch - ok
19:51:00.0450 6020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:51:00.0543 6020 wuauserv - ok
19:51:00.0559 6020 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:51:00.0668 6020 WudfPf - ok
19:51:00.0699 6020 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:00.0793 6020 WUDFRd - ok
19:51:00.0840 6020 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:51:00.0886 6020 wudfsvc - ok
19:51:00.0918 6020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:51:00.0996 6020 WwanSvc - ok
19:51:01.0042 6020 ================ Scan global ===============================
19:51:01.0089 6020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:51:01.0152 6020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:51:01.0183 6020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:51:01.0230 6020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:51:01.0276 6020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:51:01.0292 6020 [Global] - ok
19:51:01.0292 6020 ================ Scan MBR ==================================
19:51:01.0308 6020 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:51:01.0729 6020 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:51:01.0729 6020 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:51:01.0729 6020 ================ Scan VBR ==================================
19:51:01.0744 6020 [ 119EC4FD4956138ED61A44A1279D8C5D ] \Device\Harddisk0\DR0\Partition1
19:51:01.0744 6020 \Device\Harddisk0\DR0\Partition1 - ok
19:51:01.0760 6020 [ 22BE3A84ED3753349F9ACEB9525DE59B ] \Device\Harddisk0\DR0\Partition2
19:51:01.0760 6020 \Device\Harddisk0\DR0\Partition2 - ok
19:51:01.0760 6020 ============================================================
19:51:01.0760 6020 Scan finished
19:51:01.0760 6020 ============================================================
19:51:01.0776 5332 Detected object count: 4
19:51:01.0776 5332 Actual detected object count: 4
19:51:27.0344 5332 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
19:51:27.0344 5332 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:51:27.0344 5332 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:51:27.0344 5332 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:51:27.0360 5332 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:51:27.0360 5332 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:51:27.0360 5332 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:51:27.0360 5332 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:53:15.0513 5412 Deinitialize success

oldman960
2012-09-02, 07:58
Hi ronnies,

Rerun TDSSKiller. When presented with \Device\Harddisk0\DR0 ( TDSS File System ) use the dropdown menu and select delete. If delete isn't an option just use skip.

ronnies
2012-09-03, 05:55
22:49:45.0150 10096 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:49:45.0712 10096 ============================================================
22:49:45.0712 10096 Current date / time: 2012/09/02 22:49:45.0712
22:49:45.0712 10096 SystemInfo:
22:49:45.0712 10096
22:49:45.0712 10096 OS Version: 6.1.7601 ServicePack: 1.0
22:49:45.0712 10096 Product type: Workstation
22:49:45.0712 10096 ComputerName: SCRIVEN-PC
22:49:45.0712 10096 UserName: Scriven
22:49:45.0712 10096 Windows directory: C:\Windows
22:49:45.0712 10096 System windows directory: C:\Windows
22:49:45.0712 10096 Running under WOW64
22:49:45.0712 10096 Processor architecture: Intel x64
22:49:45.0712 10096 Number of processors: 2
22:49:45.0712 10096 Page size: 0x1000
22:49:45.0712 10096 Boot type: Normal boot
22:49:45.0712 10096 ============================================================
22:49:46.0430 10096 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:49:46.0430 10096 ============================================================
22:49:46.0430 10096 \Device\Harddisk0\DR0:
22:49:46.0430 10096 MBR partitions:
22:49:46.0430 10096 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
22:49:46.0430 10096 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x22CEA2B0
22:49:46.0430 10096 ============================================================
22:49:46.0476 10096 C: <-> \Device\Harddisk0\DR0\Partition2
22:49:46.0476 10096 ============================================================
22:49:46.0476 10096 Initialize success
22:49:46.0476 10096 ============================================================
22:50:01.0022 4340 ============================================================
22:50:01.0022 4340 Scan started
22:50:01.0022 4340 Mode: Manual; SigCheck; TDLFS;
22:50:01.0022 4340 ============================================================
22:50:01.0178 4340 ================ Scan system memory ========================
22:50:01.0178 4340 System memory - ok
22:50:01.0178 4340 ================ Scan services =============================
22:50:01.0443 4340 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:50:01.0739 4340 1394ohci - ok
22:50:01.0802 4340 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:50:01.0848 4340 ACPI - ok
22:50:01.0880 4340 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:50:02.0036 4340 AcpiPmi - ok
22:50:02.0129 4340 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:50:02.0223 4340 AdobeARMservice - ok
22:50:02.0348 4340 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:50:02.0394 4340 AdobeFlashPlayerUpdateSvc - ok
22:50:02.0426 4340 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:50:02.0488 4340 adp94xx - ok
22:50:02.0504 4340 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:50:02.0535 4340 adpahci - ok
22:50:02.0550 4340 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:50:02.0582 4340 adpu320 - ok
22:50:02.0613 4340 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:50:02.0753 4340 AeLookupSvc - ok
22:50:02.0831 4340 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
22:50:02.0925 4340 AERTFilters - ok
22:50:02.0956 4340 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:50:03.0081 4340 AFD - ok
22:50:03.0096 4340 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:50:03.0143 4340 agp440 - ok
22:50:03.0159 4340 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:50:03.0221 4340 ALG - ok
22:50:03.0237 4340 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:50:03.0268 4340 aliide - ok
22:50:03.0268 4340 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:50:03.0284 4340 amdide - ok
22:50:03.0299 4340 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:50:03.0362 4340 AmdK8 - ok
22:50:03.0377 4340 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:50:03.0440 4340 AmdPPM - ok
22:50:03.0471 4340 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:50:03.0549 4340 amdsata - ok
22:50:03.0564 4340 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:50:03.0596 4340 amdsbs - ok
22:50:03.0611 4340 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:50:03.0627 4340 amdxata - ok
22:50:03.0689 4340 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
22:50:03.0830 4340 AppHostSvc - ok
22:50:03.0845 4340 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:50:04.0142 4340 AppID - ok
22:50:04.0173 4340 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:50:04.0251 4340 AppIDSvc - ok
22:50:04.0266 4340 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:50:04.0344 4340 Appinfo - ok
22:50:04.0422 4340 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:50:04.0500 4340 Apple Mobile Device - ok
22:50:04.0532 4340 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:50:04.0547 4340 arc - ok
22:50:04.0563 4340 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:50:04.0578 4340 arcsas - ok
22:50:04.0688 4340 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:50:04.0797 4340 aspnet_state - ok
22:50:04.0812 4340 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:50:04.0890 4340 AsyncMac - ok
22:50:04.0922 4340 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:50:04.0937 4340 atapi - ok
22:50:04.0984 4340 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:50:05.0109 4340 AudioEndpointBuilder - ok
22:50:05.0124 4340 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:50:05.0171 4340 AudioSrv - ok
22:50:05.0187 4340 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:50:05.0343 4340 AxInstSV - ok
22:50:05.0390 4340 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:50:05.0499 4340 b06bdrv - ok
22:50:05.0530 4340 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:50:05.0577 4340 b57nd60a - ok
22:50:05.0655 4340 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
22:50:05.0748 4340 BBSvc - ok
22:50:05.0764 4340 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
22:50:05.0826 4340 BBUpdate - ok
22:50:05.0858 4340 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
22:50:05.0998 4340 BCM42RLY - ok
22:50:06.0107 4340 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
22:50:06.0263 4340 BCM43XX - ok
22:50:06.0294 4340 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:50:06.0388 4340 BDESVC - ok
22:50:06.0404 4340 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:50:06.0513 4340 Beep - ok
22:50:06.0544 4340 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:50:06.0669 4340 BFE - ok
22:50:06.0700 4340 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:50:06.0887 4340 BITS - ok
22:50:06.0918 4340 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:50:06.0934 4340 blbdrive - ok
22:50:06.0981 4340 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:50:07.0090 4340 Bonjour Service - ok
22:50:07.0106 4340 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:50:07.0199 4340 bowser - ok
22:50:07.0215 4340 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:50:07.0277 4340 BrFiltLo - ok
22:50:07.0293 4340 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:50:07.0355 4340 BrFiltUp - ok
22:50:07.0371 4340 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:50:07.0449 4340 BridgeMP - ok
22:50:07.0464 4340 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:50:07.0605 4340 Browser - ok
22:50:07.0620 4340 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:50:07.0698 4340 Brserid - ok
22:50:07.0730 4340 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:50:07.0792 4340 BrSerWdm - ok
22:50:07.0808 4340 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:50:07.0870 4340 BrUsbMdm - ok
22:50:07.0886 4340 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:50:07.0948 4340 BrUsbSer - ok
22:50:07.0979 4340 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:50:08.0120 4340 BthEnum - ok
22:50:08.0135 4340 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:50:08.0166 4340 BTHMODEM - ok
22:50:08.0198 4340 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:50:08.0260 4340 BthPan - ok
22:50:08.0291 4340 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:50:08.0354 4340 BTHPORT - ok
22:50:08.0400 4340 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:50:08.0478 4340 bthserv - ok
22:50:08.0510 4340 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:50:08.0588 4340 BTHUSB - ok
22:50:08.0619 4340 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
22:50:08.0681 4340 BTWAMPFL - ok
22:50:08.0712 4340 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:50:08.0790 4340 btwaudio - ok
22:50:08.0790 4340 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:50:08.0868 4340 btwavdt - ok
22:50:08.0931 4340 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:50:09.0056 4340 btwdins - ok
22:50:09.0087 4340 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:50:09.0165 4340 btwl2cap - ok
22:50:09.0165 4340 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:50:09.0227 4340 btwrchid - ok
22:50:09.0258 4340 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:50:09.0336 4340 cdfs - ok
22:50:09.0352 4340 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:50:09.0430 4340 cdrom - ok
22:50:09.0477 4340 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:50:09.0602 4340 CertPropSvc - ok
22:50:09.0648 4340 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:50:09.0726 4340 cfwids - ok
22:50:09.0742 4340 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:50:09.0804 4340 circlass - ok
22:50:09.0820 4340 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:50:09.0851 4340 CLFS - ok
22:50:09.0898 4340 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:50:09.0945 4340 clr_optimization_v2.0.50727_32 - ok
22:50:09.0976 4340 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:50:10.0007 4340 clr_optimization_v2.0.50727_64 - ok
22:50:10.0038 4340 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:50:10.0179 4340 clr_optimization_v4.0.30319_32 - ok
22:50:10.0210 4340 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:50:10.0288 4340 clr_optimization_v4.0.30319_64 - ok
22:50:10.0304 4340 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:50:10.0366 4340 CmBatt - ok
22:50:10.0382 4340 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:50:10.0413 4340 cmdide - ok
22:50:10.0460 4340 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:50:10.0506 4340 CNG - ok
22:50:10.0522 4340 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:50:10.0522 4340 Compbatt - ok
22:50:10.0538 4340 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:50:10.0616 4340 CompositeBus - ok
22:50:10.0631 4340 COMSysApp - ok
22:50:10.0647 4340 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:50:10.0662 4340 crcdisk - ok
22:50:10.0709 4340 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:50:10.0787 4340 CryptSvc - ok
22:50:10.0818 4340 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:50:10.0943 4340 CtClsFlt - ok
22:50:10.0974 4340 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:50:11.0037 4340 DcomLaunch - ok
22:50:11.0084 4340 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:50:11.0130 4340 defragsvc - ok
22:50:11.0177 4340 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
22:50:11.0255 4340 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
22:50:11.0255 4340 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
22:50:11.0286 4340 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:50:11.0349 4340 DfsC - ok
22:50:11.0380 4340 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:50:11.0474 4340 Dhcp - ok
22:50:11.0505 4340 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:50:11.0567 4340 discache - ok
22:50:11.0598 4340 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:50:11.0614 4340 Disk - ok
22:50:11.0614 4340 dlcq_device - ok
22:50:11.0661 4340 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:50:11.0754 4340 Dnscache - ok
22:50:11.0786 4340 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:50:11.0879 4340 dot3svc - ok
22:50:11.0910 4340 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:50:11.0957 4340 DPS - ok
22:50:11.0988 4340 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:50:12.0035 4340 drmkaud - ok
22:50:12.0082 4340 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:50:12.0176 4340 DXGKrnl - ok
22:50:12.0207 4340 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:50:12.0269 4340 EapHost - ok
22:50:12.0332 4340 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:50:12.0456 4340 ebdrv - ok
22:50:12.0503 4340 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:50:12.0612 4340 EFS - ok
22:50:12.0675 4340 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:50:12.0784 4340 ehRecvr - ok
22:50:12.0800 4340 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:50:12.0815 4340 ehSched - ok
22:50:12.0862 4340 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:50:12.0893 4340 elxstor - ok
22:50:12.0909 4340 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:50:12.0956 4340 ErrDev - ok
22:50:13.0002 4340 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:50:13.0080 4340 EventSystem - ok
22:50:13.0112 4340 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:50:13.0174 4340 exfat - ok
22:50:13.0205 4340 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:50:13.0268 4340 fastfat - ok
22:50:13.0299 4340 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:50:13.0455 4340 Fax - ok
22:50:13.0486 4340 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:50:13.0548 4340 fdc - ok
22:50:13.0564 4340 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:50:13.0626 4340 fdPHost - ok
22:50:13.0642 4340 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:50:13.0720 4340 FDResPub - ok
22:50:13.0736 4340 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:50:13.0751 4340 FileInfo - ok
22:50:13.0767 4340 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:50:13.0829 4340 Filetrace - ok
22:50:13.0860 4340 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:50:13.0892 4340 flpydisk - ok
22:50:13.0907 4340 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:50:13.0938 4340 FltMgr - ok
22:50:13.0985 4340 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:50:14.0157 4340 FontCache - ok
22:50:14.0204 4340 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:50:14.0282 4340 FontCache3.0.0.0 - ok
22:50:14.0297 4340 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:50:14.0313 4340 FsDepends - ok
22:50:14.0344 4340 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:50:14.0422 4340 fssfltr - ok
22:50:14.0531 4340 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:50:14.0656 4340 fsssvc - ok
22:50:14.0687 4340 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:50:14.0750 4340 Fs_Rec - ok
22:50:14.0796 4340 [ 79179C6F8A3784CC3A20CDE998D5BD2C ] ftpsvc C:\Windows\system32\inetsrv\ftpsvc.dll
22:50:14.0890 4340 ftpsvc - ok
22:50:14.0952 4340 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:50:14.0984 4340 fvevol - ok
22:50:14.0999 4340 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:50:15.0030 4340 gagp30kx - ok
22:50:15.0062 4340 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:50:15.0186 4340 gpsvc - ok
22:50:15.0202 4340 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:50:15.0311 4340 hcw85cir - ok
22:50:15.0342 4340 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:50:15.0374 4340 HDAudBus - ok
22:50:15.0405 4340 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:50:15.0436 4340 HidBatt - ok
22:50:15.0452 4340 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:50:15.0498 4340 HidBth - ok
22:50:15.0498 4340 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:50:15.0530 4340 HidIr - ok
22:50:15.0561 4340 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
22:50:15.0670 4340 hidserv - ok
22:50:15.0701 4340 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:50:15.0779 4340 HidUsb - ok
22:50:15.0842 4340 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:50:15.0935 4340 HipShieldK - ok
22:50:15.0966 4340 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:50:16.0076 4340 hkmsvc - ok
22:50:16.0107 4340 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:50:16.0216 4340 HomeGroupListener - ok
22:50:16.0263 4340 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:50:16.0341 4340 HomeGroupProvider - ok
22:50:16.0372 4340 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:50:16.0434 4340 HpSAMD - ok
22:50:16.0466 4340 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
22:50:16.0590 4340 HTCAND64 - ok
22:50:16.0622 4340 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
22:50:16.0700 4340 htcnprot - ok
22:50:16.0731 4340 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:50:16.0887 4340 HTTP - ok
22:50:16.0918 4340 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:50:16.0934 4340 hwpolicy - ok
22:50:16.0965 4340 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:50:17.0012 4340 i8042prt - ok
22:50:17.0058 4340 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
22:50:17.0090 4340 iaStor - ok
22:50:17.0121 4340 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:50:17.0183 4340 iaStorV - ok
22:50:17.0261 4340 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:50:17.0386 4340 idsvc - ok
22:50:17.0636 4340 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:50:18.0213 4340 igfx - ok
22:50:18.0244 4340 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:50:18.0260 4340 iirsp - ok
22:50:18.0322 4340 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:50:18.0478 4340 IKEEXT - ok
22:50:18.0525 4340 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
22:50:18.0681 4340 Impcd - ok
22:50:18.0806 4340 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:50:18.0868 4340 IntcAzAudAddService - ok
22:50:18.0915 4340 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:50:19.0024 4340 IntcDAud - ok
22:50:19.0055 4340 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:50:19.0071 4340 intelide - ok
22:50:19.0102 4340 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:50:19.0164 4340 intelppm - ok
22:50:19.0211 4340 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:50:19.0289 4340 IPBusEnum - ok
22:50:19.0320 4340 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:50:19.0398 4340 IpFilterDriver - ok
22:50:19.0430 4340 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:50:19.0570 4340 iphlpsvc - ok
22:50:19.0586 4340 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:50:19.0679 4340 IPMIDRV - ok
22:50:19.0695 4340 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:50:19.0757 4340 IPNAT - ok
22:50:19.0773 4340 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:50:19.0788 4340 IRENUM - ok
22:50:19.0820 4340 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:50:19.0835 4340 isapnp - ok
22:50:19.0851 4340 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:50:19.0913 4340 iScsiPrt - ok
22:50:19.0929 4340 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:50:19.0960 4340 kbdclass - ok
22:50:19.0976 4340 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:50:20.0054 4340 kbdhid - ok
22:50:20.0069 4340 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:50:20.0085 4340 KeyIso - ok
22:50:20.0116 4340 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:50:20.0147 4340 KSecDD - ok
22:50:20.0194 4340 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:50:20.0225 4340 KSecPkg - ok
22:50:20.0241 4340 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:50:20.0319 4340 ksthunk - ok
22:50:20.0366 4340 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:50:20.0459 4340 KtmRm - ok
22:50:20.0506 4340 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:50:20.0600 4340 LanmanServer - ok
22:50:20.0631 4340 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:50:20.0724 4340 LanmanWorkstation - ok
22:50:20.0756 4340 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:50:20.0834 4340 lltdio - ok
22:50:20.0849 4340 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:50:20.0927 4340 lltdsvc - ok
22:50:20.0958 4340 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:50:21.0036 4340 lmhosts - ok
22:50:21.0099 4340 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:50:21.0224 4340 LMS - ok
22:50:21.0239 4340 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:50:21.0270 4340 LSI_FC - ok
22:50:21.0302 4340 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:50:21.0348 4340 LSI_SAS - ok
22:50:21.0364 4340 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:50:21.0380 4340 LSI_SAS2 - ok
22:50:21.0395 4340 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:50:21.0426 4340 LSI_SCSI - ok
22:50:21.0458 4340 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:50:21.0520 4340 luafv - ok
22:50:21.0567 4340 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:50:21.0598 4340 MBAMProtector - ok
22:50:21.0660 4340 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:50:21.0770 4340 MBAMService - ok
22:50:21.0848 4340 [ C121367D21599367F2ADB9C11B7BABAA ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:50:21.0941 4340 McAfee SiteAdvisor Service - ok
22:50:22.0035 4340 [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
22:50:22.0128 4340 McComponentHostService - ok
22:50:22.0144 4340 [ C121367D21599367F2ADB9C11B7BABAA ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:50:22.0160 4340 McMPFSvc - ok
22:50:22.0175 4340 [ C121367D21599367F2ADB9C11B7BABAA ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:50:22.0191 4340 mcmscsvc - ok
22:50:22.0191 4340 [ C121367D21599367F2ADB9C11B7BABAA ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:50:22.0206 4340 McNaiAnn - ok
22:50:22.0222 4340 [ C121367D21599367F2ADB9C11B7BABAA ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:50:22.0238 4340 McNASvc - ok
22:50:22.0362 4340 [ 9EF2FF066F067C140EB2CB776104C602 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
22:50:22.0440 4340 McODS - ok
22:50:22.0456 4340 [ C121367D21599367F2ADB9C11B7BABAA ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:50:22.0472 4340 McProxy - ok
22:50:22.0518 4340 [ 837072909AD6E3FBA4B0C9334FDAD580 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
22:50:22.0550 4340 McPvDrv - ok
22:50:22.0596 4340 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
22:50:22.0659 4340 McShield - ok
22:50:22.0690 4340 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:50:22.0752 4340 Mcx2Svc - ok
22:50:22.0784 4340 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:50:22.0799 4340 megasas - ok
22:50:22.0815 4340 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:50:22.0846 4340 MegaSR - ok
22:50:22.0877 4340 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:50:22.0940 4340 MEIx64 - ok
22:50:22.0971 4340 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
22:50:22.0986 4340 mfeapfk - ok
22:50:23.0049 4340 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:50:23.0142 4340 mfeavfk - ok
22:50:23.0158 4340 mfeavfk01 - ok
22:50:23.0189 4340 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:50:23.0267 4340 mfefire - ok
22:50:23.0314 4340 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:50:23.0392 4340 mfefirek - ok
22:50:23.0439 4340 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:50:23.0454 4340 mfehidk - ok
22:50:23.0486 4340 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
22:50:23.0548 4340 mferkdet - ok
22:50:23.0579 4340 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
22:50:23.0657 4340 mfevtp - ok
22:50:23.0673 4340 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
22:50:23.0704 4340 mfewfpk - ok
22:50:23.0735 4340 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:50:23.0782 4340 MMCSS - ok
22:50:23.0829 4340 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
22:50:23.0891 4340 MOBKbackup - ok
22:50:23.0922 4340 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
22:50:23.0922 4340 MOBKFilter - ok
22:50:23.0954 4340 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:50:24.0016 4340 Modem - ok
22:50:24.0032 4340 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:50:24.0078 4340 monitor - ok
22:50:24.0110 4340 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:50:24.0125 4340 mouclass - ok
22:50:24.0141 4340 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
22:50:24.0172 4340 mouhid - ok
22:50:24.0203 4340 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:50:24.0219 4340 mountmgr - ok
22:50:24.0266 4340 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:50:24.0359 4340 MozillaMaintenance - ok
22:50:24.0390 4340 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:50:24.0453 4340 mpio - ok
22:50:24.0484 4340 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:50:24.0562 4340 mpsdrv - ok
22:50:24.0609 4340 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:50:24.0718 4340 MpsSvc - ok
22:50:24.0749 4340 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:50:24.0874 4340 MRxDAV - ok
22:50:24.0905 4340 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:50:24.0983 4340 mrxsmb - ok
22:50:25.0030 4340 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:50:25.0046 4340 mrxsmb10 - ok
22:50:25.0077 4340 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:50:25.0092 4340 mrxsmb20 - ok
22:50:25.0124 4340 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:50:25.0202 4340 msahci - ok
22:50:25.0233 4340 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:50:25.0326 4340 msdsm - ok
22:50:25.0342 4340 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:50:25.0404 4340 MSDTC - ok
22:50:25.0436 4340 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:50:25.0467 4340 Msfs - ok
22:50:25.0498 4340 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:50:25.0560 4340 mshidkmdf - ok
22:50:25.0592 4340 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:50:25.0607 4340 msisadrv - ok
22:50:25.0638 4340 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:50:25.0732 4340 MSiSCSI - ok
22:50:25.0732 4340 msiserver - ok
22:50:25.0763 4340 [ C121367D21599367F2ADB9C11B7BABAA ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:50:25.0779 4340 MSK80Service - ok
22:50:25.0841 4340 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:50:25.0919 4340 MSKSSRV - ok
22:50:25.0935 4340 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:50:25.0982 4340 MSPCLOCK - ok
22:50:26.0044 4340 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:50:26.0138 4340 MSPQM - ok
22:50:26.0169 4340 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:50:26.0200 4340 MsRPC - ok
22:50:26.0247 4340 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:50:26.0278 4340 mssmbios - ok
22:50:26.0278 4340 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:50:26.0372 4340 MSTEE - ok
22:50:26.0387 4340 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:50:26.0434 4340 MTConfig - ok
22:50:26.0450 4340 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:50:26.0465 4340 Mup - ok
22:50:26.0512 4340 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:50:26.0590 4340 napagent - ok
22:50:26.0606 4340 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:50:26.0652 4340 NativeWifiP - ok
22:50:26.0715 4340 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:50:26.0762 4340 NDIS - ok
22:50:26.0777 4340 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:50:26.0824 4340 NdisCap - ok
22:50:26.0840 4340 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:50:26.0886 4340 NdisTapi - ok
22:50:26.0902 4340 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:50:26.0996 4340 Ndisuio - ok
22:50:27.0027 4340 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:50:27.0136 4340 NdisWan - ok
22:50:27.0167 4340 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:50:27.0261 4340 NDProxy - ok
22:50:27.0276 4340 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:50:27.0323 4340 NetBIOS - ok
22:50:27.0339 4340 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:50:27.0432 4340 NetBT - ok
22:50:27.0448 4340 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:50:27.0479 4340 Netlogon - ok
22:50:27.0526 4340 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:50:27.0620 4340 Netman - ok
22:50:27.0666 4340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:27.0744 4340 NetMsmqActivator - ok
22:50:27.0760 4340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:27.0776 4340 NetPipeActivator - ok
22:50:27.0807 4340 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:50:27.0869 4340 netprofm - ok
22:50:27.0869 4340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:27.0885 4340 NetTcpActivator - ok
22:50:27.0900 4340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:27.0916 4340 NetTcpPortSharing - ok
22:50:27.0932 4340 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:50:27.0978 4340 nfrd960 - ok
22:50:27.0994 4340 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:50:28.0088 4340 NlaSvc - ok
22:50:28.0228 4340 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
22:50:28.0337 4340 NOBU - ok
22:50:28.0353 4340 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:50:28.0400 4340 Npfs - ok
22:50:28.0415 4340 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:50:28.0462 4340 nsi - ok
22:50:28.0493 4340 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:50:28.0540 4340 nsiproxy - ok
22:50:28.0618 4340 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:50:28.0680 4340 Ntfs - ok
22:50:28.0696 4340 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:50:28.0743 4340 Null - ok
22:50:28.0774 4340 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
22:50:28.0899 4340 nusb3hub - ok
22:50:28.0914 4340 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:50:29.0024 4340 nusb3xhc - ok
22:50:29.0070 4340 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:50:29.0164 4340 nvraid - ok
22:50:29.0195 4340 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:50:29.0273 4340 nvstor - ok
22:50:29.0320 4340 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:50:29.0336 4340 nv_agp - ok
22:50:29.0382 4340 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:50:29.0414 4340 ohci1394 - ok
22:50:29.0492 4340 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:50:29.0585 4340 ose - ok
22:50:29.0757 4340 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:50:30.0022 4340 osppsvc - ok
22:50:30.0053 4340 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:50:30.0147 4340 p2pimsvc - ok
22:50:30.0178 4340 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:50:30.0225 4340 p2psvc - ok
22:50:30.0256 4340 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:50:30.0287 4340 Parport - ok
22:50:30.0318 4340 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:50:30.0334 4340 partmgr - ok
22:50:30.0396 4340 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
22:50:30.0490 4340 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
22:50:30.0490 4340 PassThru Service - detected UnsignedFile.Multi.Generic (1)
22:50:30.0521 4340 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:50:30.0584 4340 PcaSvc - ok
22:50:30.0630 4340 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:50:30.0646 4340 pci - ok
22:50:30.0677 4340 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:50:30.0693 4340 pciide - ok
22:50:30.0724 4340 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:50:30.0771 4340 pcmcia - ok
22:50:30.0802 4340 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:50:30.0833 4340 pcw - ok
22:50:30.0849 4340 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:50:30.0927 4340 PEAUTH - ok
22:50:31.0020 4340 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:50:31.0083 4340 PerfHost - ok
22:50:31.0176 4340 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:50:31.0332 4340 pla - ok
22:50:31.0379 4340 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:50:31.0504 4340 PlugPlay - ok
22:50:31.0520 4340 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:50:31.0551 4340 PNRPAutoReg - ok
22:50:31.0598 4340 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:50:31.0613 4340 PNRPsvc - ok
22:50:31.0660 4340 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:50:31.0800 4340 PolicyAgent - ok
22:50:31.0847 4340 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:50:31.0956 4340 Power - ok
22:50:31.0988 4340 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:50:32.0081 4340 PptpMiniport - ok
22:50:32.0097 4340 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:50:32.0144 4340 Processor - ok
22:50:32.0190 4340 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:50:32.0315 4340 ProfSvc - ok
22:50:32.0346 4340 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:50:32.0362 4340 ProtectedStorage - ok
22:50:32.0409 4340 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

ronnies
2012-09-03, 05:56
22:50:32.0518 4340 Psched - ok
22:50:32.0565 4340 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:50:32.0596 4340 PxHlpa64 - ok
22:50:32.0658 4340 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:50:32.0783 4340 ql2300 - ok
22:50:32.0830 4340 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:50:32.0861 4340 ql40xx - ok
22:50:32.0908 4340 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:50:32.0939 4340 QWAVE - ok
22:50:32.0970 4340 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:50:33.0017 4340 QWAVEdrv - ok
22:50:33.0033 4340 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:50:33.0126 4340 RasAcd - ok
22:50:33.0158 4340 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:50:33.0220 4340 RasAgileVpn - ok
22:50:33.0251 4340 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:50:33.0329 4340 RasAuto - ok
22:50:33.0345 4340 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:50:33.0454 4340 Rasl2tp - ok
22:50:33.0485 4340 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:50:33.0626 4340 RasMan - ok
22:50:33.0657 4340 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:50:33.0719 4340 RasPppoe - ok
22:50:33.0750 4340 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:50:33.0797 4340 RasSstp - ok
22:50:33.0844 4340 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:50:33.0906 4340 rdbss - ok
22:50:33.0922 4340 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:50:33.0984 4340 rdpbus - ok
22:50:34.0016 4340 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:50:34.0094 4340 RDPCDD - ok
22:50:34.0125 4340 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:50:34.0203 4340 RDPENCDD - ok
22:50:34.0234 4340 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:50:34.0265 4340 RDPREFMP - ok
22:50:34.0312 4340 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:50:34.0437 4340 RDPWD - ok
22:50:34.0468 4340 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:50:34.0484 4340 rdyboost - ok
22:50:34.0546 4340 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:50:34.0655 4340 RemoteAccess - ok
22:50:34.0686 4340 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:50:34.0749 4340 RemoteRegistry - ok
22:50:34.0796 4340 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:50:34.0858 4340 RFCOMM - ok
22:50:34.0967 4340 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
22:50:35.0139 4340 RoxMediaDB12OEM - ok
22:50:35.0186 4340 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
22:50:35.0279 4340 RoxWatch12 - ok
22:50:35.0295 4340 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:50:35.0373 4340 RpcEptMapper - ok
22:50:35.0404 4340 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:50:35.0435 4340 RpcLocator - ok
22:50:35.0451 4340 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:50:35.0498 4340 RpcSs - ok
22:50:35.0544 4340 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:50:35.0638 4340 rspndr - ok
22:50:35.0685 4340 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:50:35.0716 4340 RSUSBSTOR - ok
22:50:35.0747 4340 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:50:35.0825 4340 RTL8167 - ok
22:50:35.0841 4340 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:50:35.0856 4340 SamSs - ok
22:50:35.0872 4340 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:50:35.0934 4340 sbp2port - ok
22:50:36.0028 4340 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
22:50:36.0200 4340 SBSDWSCService - ok
22:50:36.0246 4340 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:50:36.0309 4340 SCardSvr - ok
22:50:36.0340 4340 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:50:36.0434 4340 scfilter - ok
22:50:36.0480 4340 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:50:36.0605 4340 Schedule - ok
22:50:36.0652 4340 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:50:36.0714 4340 SCPolicySvc - ok
22:50:36.0730 4340 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:50:36.0839 4340 SDRSVC - ok
22:50:36.0870 4340 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:50:36.0980 4340 secdrv - ok
22:50:37.0011 4340 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:50:37.0089 4340 seclogon - ok
22:50:37.0104 4340 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
22:50:37.0182 4340 SENS - ok
22:50:37.0198 4340 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:50:37.0323 4340 SensrSvc - ok
22:50:37.0338 4340 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
22:50:37.0385 4340 Serenum - ok
22:50:37.0416 4340 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
22:50:37.0448 4340 Serial - ok
22:50:37.0479 4340 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:50:37.0526 4340 sermouse - ok
22:50:37.0572 4340 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:50:37.0666 4340 SessionEnv - ok
22:50:37.0697 4340 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:50:37.0744 4340 sffdisk - ok
22:50:37.0775 4340 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:50:37.0838 4340 sffp_mmc - ok
22:50:37.0869 4340 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:50:37.0962 4340 sffp_sd - ok
22:50:37.0978 4340 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:50:38.0009 4340 sfloppy - ok
22:50:38.0118 4340 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
22:50:38.0259 4340 SftService - ok
22:50:38.0306 4340 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:50:38.0399 4340 SharedAccess - ok
22:50:38.0462 4340 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:50:38.0571 4340 ShellHWDetection - ok
22:50:38.0602 4340 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:50:38.0618 4340 SiSRaid2 - ok
22:50:38.0664 4340 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:50:38.0696 4340 SiSRaid4 - ok
22:50:38.0727 4340 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:50:38.0852 4340 Smb - ok
22:50:38.0898 4340 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:50:38.0961 4340 SNMPTRAP - ok
22:50:38.0976 4340 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:50:38.0992 4340 spldr - ok
22:50:39.0039 4340 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:50:39.0179 4340 Spooler - ok
22:50:39.0288 4340 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:50:39.0491 4340 sppsvc - ok
22:50:39.0538 4340 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:50:39.0585 4340 sppuinotify - ok
22:50:39.0632 4340 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:50:39.0710 4340 srv - ok
22:50:39.0756 4340 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:50:39.0788 4340 srv2 - ok
22:50:39.0819 4340 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:50:39.0834 4340 srvnet - ok
22:50:39.0881 4340 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:50:39.0944 4340 SSDPSRV - ok
22:50:39.0975 4340 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:50:40.0022 4340 SstpSvc - ok
22:50:40.0053 4340 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:50:40.0068 4340 stexstor - ok
22:50:40.0115 4340 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:50:40.0271 4340 stisvc - ok
22:50:40.0302 4340 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:50:40.0380 4340 stllssvr - ok
22:50:40.0412 4340 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:50:40.0443 4340 swenum - ok
22:50:40.0490 4340 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:50:40.0552 4340 swprv - ok
22:50:40.0630 4340 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:50:40.0786 4340 SynTP - ok
22:50:40.0833 4340 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:50:40.0942 4340 SysMain - ok
22:50:40.0973 4340 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:50:41.0036 4340 TabletInputService - ok
22:50:41.0082 4340 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:50:41.0176 4340 TapiSrv - ok
22:50:41.0207 4340 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:50:41.0254 4340 TBS - ok
22:50:41.0332 4340 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:50:41.0394 4340 Tcpip - ok
22:50:41.0426 4340 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:50:41.0472 4340 TCPIP6 - ok
22:50:41.0519 4340 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:50:41.0613 4340 tcpipreg - ok
22:50:41.0660 4340 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:50:41.0706 4340 TDPIPE - ok
22:50:41.0753 4340 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:50:41.0847 4340 TDTCP - ok
22:50:41.0878 4340 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:50:41.0987 4340 tdx - ok
22:50:42.0003 4340 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:50:42.0065 4340 TermDD - ok
22:50:42.0096 4340 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:50:42.0221 4340 TermService - ok
22:50:42.0237 4340 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:50:42.0284 4340 Themes - ok
22:50:42.0315 4340 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:50:42.0362 4340 THREADORDER - ok
22:50:42.0393 4340 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:50:42.0455 4340 TrkWks - ok
22:50:42.0518 4340 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:50:42.0658 4340 TrustedInstaller - ok
22:50:42.0705 4340 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:50:42.0798 4340 tssecsrv - ok
22:50:42.0814 4340 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:50:42.0908 4340 TsUsbFlt - ok
22:50:42.0954 4340 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:50:43.0064 4340 TsUsbGD - ok
22:50:43.0095 4340 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:50:43.0188 4340 tunnel - ok
22:50:43.0220 4340 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:50:43.0235 4340 uagp35 - ok
22:50:43.0266 4340 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:50:43.0391 4340 udfs - ok
22:50:43.0438 4340 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:50:43.0500 4340 UI0Detect - ok
22:50:43.0532 4340 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:50:43.0547 4340 uliagpkx - ok
22:50:43.0578 4340 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:50:43.0656 4340 umbus - ok
22:50:43.0688 4340 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:50:43.0734 4340 UmPass - ok
22:50:43.0875 4340 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:50:44.0031 4340 UNS - ok
22:50:44.0109 4340 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:50:44.0187 4340 upnphost - ok
22:50:44.0234 4340 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:50:44.0358 4340 usbccgp - ok
22:50:44.0405 4340 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:50:44.0436 4340 usbcir - ok
22:50:44.0468 4340 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:50:44.0530 4340 usbehci - ok
22:50:44.0592 4340 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:50:44.0670 4340 usbhub - ok
22:50:44.0702 4340 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:50:44.0795 4340 usbohci - ok
22:50:44.0826 4340 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:50:44.0873 4340 usbprint - ok
22:50:44.0904 4340 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:50:44.0967 4340 usbscan - ok
22:50:44.0998 4340 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:50:45.0123 4340 USBSTOR - ok
22:50:45.0154 4340 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:50:45.0232 4340 usbuhci - ok
22:50:45.0263 4340 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:50:45.0341 4340 usbvideo - ok
22:50:45.0372 4340 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:50:45.0450 4340 UxSms - ok
22:50:45.0482 4340 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:50:45.0497 4340 VaultSvc - ok
22:50:45.0513 4340 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:50:45.0528 4340 vdrvroot - ok
22:50:45.0560 4340 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:50:45.0669 4340 vds - ok
22:50:45.0684 4340 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:50:45.0716 4340 vga - ok
22:50:45.0731 4340 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:50:45.0809 4340 VgaSave - ok
22:50:45.0856 4340 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:50:45.0934 4340 vhdmp - ok
22:50:45.0981 4340 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:50:46.0012 4340 viaide - ok
22:50:46.0043 4340 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:50:46.0059 4340 volmgr - ok
22:50:46.0090 4340 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:50:46.0106 4340 volmgrx - ok
22:50:46.0137 4340 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:50:46.0153 4340 volsnap - ok
22:50:46.0184 4340 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:50:46.0215 4340 vsmraid - ok
22:50:46.0293 4340 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:50:46.0449 4340 VSS - ok
22:50:46.0465 4340 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:50:46.0527 4340 vwifibus - ok
22:50:46.0543 4340 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:50:46.0605 4340 vwififlt - ok
22:50:46.0621 4340 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:50:46.0652 4340 vwifimp - ok
22:50:46.0667 4340 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:50:46.0730 4340 W32Time - ok
22:50:46.0792 4340 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
22:50:46.0870 4340 W3SVC - ok
22:50:46.0886 4340 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:50:46.0948 4340 WacomPen - ok
22:50:46.0979 4340 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:50:47.0073 4340 WANARP - ok
22:50:47.0089 4340 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:50:47.0120 4340 Wanarpv6 - ok
22:50:47.0151 4340 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
22:50:47.0182 4340 WAS - ok
22:50:47.0260 4340 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:50:47.0401 4340 WatAdminSvc - ok
22:50:47.0479 4340 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:50:47.0681 4340 wbengine - ok
22:50:47.0713 4340 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:50:47.0744 4340 WbioSrvc - ok
22:50:47.0775 4340 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:50:47.0853 4340 wcncsvc - ok
22:50:47.0884 4340 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:50:47.0931 4340 WcsPlugInService - ok
22:50:47.0993 4340 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:50:48.0025 4340 Wd - ok
22:50:48.0056 4340 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:50:48.0071 4340 Wdf01000 - ok
22:50:48.0103 4340 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:50:48.0196 4340 WdiServiceHost - ok
22:50:48.0212 4340 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:50:48.0227 4340 WdiSystemHost - ok
22:50:48.0259 4340 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:50:48.0352 4340 WebClient - ok
22:50:48.0383 4340 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:50:48.0446 4340 Wecsvc - ok
22:50:48.0477 4340 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:50:48.0524 4340 wercplsupport - ok
22:50:48.0539 4340 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:50:48.0602 4340 WerSvc - ok
22:50:48.0633 4340 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:50:48.0664 4340 WfpLwf - ok
22:50:48.0695 4340 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
22:50:48.0789 4340 WimFltr - ok
22:50:48.0820 4340 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:50:48.0836 4340 WIMMount - ok
22:50:48.0867 4340 WinDefend - ok
22:50:48.0929 4340 WinHttpAutoProxySvc - ok
22:50:48.0992 4340 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:50:49.0085 4340 Winmgmt - ok
22:50:49.0179 4340 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:50:49.0413 4340 WinRM - ok
22:50:49.0475 4340 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:50:49.0553 4340 Wlansvc - ok
22:50:49.0631 4340 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:50:49.0709 4340 wlcrasvc - ok
22:50:49.0834 4340 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:50:50.0037 4340 wlidsvc - ok
22:50:50.0131 4340 [ BCA22B2B27417FA7C8D824D5DE4DC03C ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
22:50:50.0224 4340 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
22:50:50.0224 4340 wltrysvc - detected UnsignedFile.Multi.Generic (1)
22:50:50.0255 4340 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:50:50.0302 4340 WmiAcpi - ok
22:50:50.0365 4340 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:50:50.0427 4340 wmiApSrv - ok
22:50:50.0474 4340 WMPNetworkSvc - ok
22:50:50.0521 4340 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:50:50.0583 4340 WPCSvc - ok
22:50:50.0614 4340 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:50:50.0677 4340 WPDBusEnum - ok
22:50:50.0723 4340 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:50:50.0770 4340 ws2ifsl - ok
22:50:50.0786 4340 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
22:50:50.0848 4340 wscsvc - ok
22:50:50.0864 4340 WSearch - ok
22:50:50.0973 4340 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:50:51.0160 4340 wuauserv - ok
22:50:51.0191 4340 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:50:51.0316 4340 WudfPf - ok
22:50:51.0347 4340 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:51.0441 4340 WUDFRd - ok
22:50:51.0488 4340 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:50:51.0581 4340 wudfsvc - ok
22:50:51.0613 4340 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:50:51.0691 4340 WwanSvc - ok
22:50:51.0753 4340 ================ Scan global ===============================
22:50:51.0784 4340 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:50:51.0815 4340 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:50:51.0878 4340 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:50:51.0925 4340 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:50:51.0971 4340 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:50:51.0987 4340 [Global] - ok
22:50:51.0987 4340 ================ Scan MBR ==================================
22:50:52.0003 4340 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:50:52.0393 4340 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:50:52.0393 4340 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:50:52.0393 4340 ================ Scan VBR ==================================
22:50:52.0393 4340 [ 119EC4FD4956138ED61A44A1279D8C5D ] \Device\Harddisk0\DR0\Partition1
22:50:52.0393 4340 \Device\Harddisk0\DR0\Partition1 - ok
22:50:52.0439 4340 [ 22BE3A84ED3753349F9ACEB9525DE59B ] \Device\Harddisk0\DR0\Partition2
22:50:52.0439 4340 \Device\Harddisk0\DR0\Partition2 - ok
22:50:52.0439 4340 ============================================================
22:50:52.0439 4340 Scan finished
22:50:52.0439 4340 ============================================================
22:50:52.0439 8060 Detected object count: 4
22:50:52.0439 8060 Actual detected object count: 4
22:51:21.0081 8060 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
22:51:21.0081 8060 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:51:21.0081 8060 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:51:21.0081 8060 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:51:21.0081 8060 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:51:21.0081 8060 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:51:21.0097 8060 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
22:51:21.0112 8060 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
22:51:21.0112 8060 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
22:51:21.0128 8060 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
22:51:21.0143 8060 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:51:21.0206 8060 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:51:21.0206 8060 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
22:51:21.0206 8060 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
22:51:21.0221 8060 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
22:51:21.0268 8060 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:51:21.0284 8060 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:51:21.0284 8060 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
22:51:21.0299 8060 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
22:51:21.0299 8060 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
22:51:21.0315 8060 \Device\Harddisk0\DR0\TDLFS - deleted
22:51:21.0315 8060 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
22:51:55.0229 8876 Deinitialize success

oldman960
2012-09-03, 09:59
Hi ronnies,

that looks like the last of it. How's the computer?

ronnies
2012-09-03, 17:26
Hi oldman960,

Everything seems to be running just fine now. Thank you so much for all your help. Should I keep TDSSK, ERUNT, etc. downloaded on my system?

oldman960
2012-09-04, 07:16
Hi ronnies,

I do believe you are good to go. You can keep ERUNT if you want but we will removed the rest.

We'll clean up the tools now.

From your desktop, please delete, if present
any notepads/logs that we created
aswMBR.exe
mbr.zip
mbr.dat
DDS.scr
TDSSKiller
Farbar Service Scanner
You can also delete all the TDSSKiller logs from C:\. They will be named TDSSKiller.[Version]_[Date]_[Time]_log.txt

Delete this folder also, C:\TDSSKiller_Quarantine


Next

Click the Start button. Copy and paste the following line into the search box and hit enter


Combofix /uninstall



Next

Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.

I suggest you keep MBAM. Keep it updated and use it regularly.


Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. Those you have.

You should also use Spyware Blaster (http://www.javacoolsoftware.com/spywareblaster.html) to help immunize your computer.

- SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs.

OR

A guide to understanding and using the hosts file.

Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS (http://www.mvps.org/winhelp2002/hosts.htm)

Please read the info on disabling the DNS Client before installing a custom hosts file.


-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.


- Make sure you have reset Windows Updates to your chosen option. Click your start button > Control Panel > System > Windows updates (lower left) > change settings


- Keep your antivirus program updated, as well as any other security programs you have.


-More tips and programs can be found HERE (http://forums.whatthetech.com/Preventing_Malware_Tools_Practices_Safe_Computing_t98700.html)

Please post back if you have any problems.

Take care

oldman960
2012-09-10, 10:59
Since this issue appears to be resolved ... this Topic has been closed.