Infected by trojan, several issues

Status
Not open for further replies.
K

Kman1566

New member
Hello, I was unable to update Mcafee yesterday and ran a scan with no items found by Mcafee. I then ran Malwarebytes and found "Trojan.Agent.IE". Then I ran IO Bit antimalware and it found "Trojan.Generic". I used the online Mcafee Virtual Tech which found 13 registry keys were not as expected which it seemed to fix but was not able to fix "mfencbdc driver settings" or "proxy server settings". I ran erunt sucessfully. I attempted to run dds...first try locked up computer and had to manually power down and restart. I tried 1 more time and windows shut down (blue screen with notice to protect my computer from damage). I restarted and noticed the home page on firefox had changed. I also ran Spybot with no items detected. Any help would be greatly appriciated. Thanks, Kman
 
:snwelcome:

Lets try a different scanner and see what it comes up with

OTL by OldTimer
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Click the "Scan All Users" checkbox.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
Hello Ken545, Thank you for your help. FYI after I made my post the other day I attempted to disconnect my internet connection by disabling it in the taskbar which is what I usually do when not using the internet and I recieved a message that I could not due to a protocol or system setting. Below are the requested results.

OTL logfile created on: 1/27/2014 10:03:08 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kevin\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.34% Memory free
4.85 Gb Paging File | 4.03 Gb Available in Paging File | 83.08% Paging File free
Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 456.37 Gb Total Space | 359.14 Gb Free Space | 78.70% Space Free | Partition Type: NTFS
Drive F: | 591.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOYBOX | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASC.exe (IObit)
PRC - C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCTray.exe (IObit)
PRC - C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCService.exe (IObit)
PRC - C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcupdmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
PRC - C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
PRC - C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
PRC - C:\WINDOWS\system32\dlcdcoms.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\Scan.dll ()
MOD - C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\sqlite3.dll ()
MOD - C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\webres.dll ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\WINDOWS\system32\sbe.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\dlcdcfg.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcdHPEC.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcdFLIB.DLL ()
MOD - C:\WINDOWS\system32\dlcdserv.dll ()
MOD - C:\WINDOWS\system32\dlcdlmpm.dll ()
MOD - C:\WINDOWS\system32\dlcdpplc.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 944\dlcdpplc.dll ()
MOD - C:\WINDOWS\system32\dlcdcoms.exe ()
MOD - C:\WINDOWS\system32\dlcdcomc.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 944\dlcdcomc.dll ()
MOD - C:\WINDOWS\system32\dlcdprox.dll ()
MOD - C:\WINDOWS\system32\dlcdusb1.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcdcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 944\dlcdcfg.dll ()
MOD - C:\WINDOWS\system32\dlcdcnv4.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 944\dlcddrec.dll ()


========== Services (SafeList) ==========

SRV - (KodakCCS) -- C:\WINDOWS\system32\drivers\KodakCCS.exe File not found
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdvancedSystemCareService7) -- C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (LiveUpdateSvc) -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (McAPExe) -- C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.)
SRV - (mfecore) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.)
SRV - (IMFservice) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (SecureUpdateSvc) -- C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe ()
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcpltsvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcbootdelaystartsvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (JavaQuickStarterService) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
SRV - (SgtSch2Svc) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Seagate)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (ELService) -- C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe (Intel Corporation)
SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
SRV - (dlcd_device) -- C:\WINDOWS\system32\dlcdcoms.exe ()
SRV - (IAANTMon) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV - (Winsock - Google Desktop Search Backup Before Last Install) -- File not found
DRV - (Winsock - Google Desktop Search Backup Before First Install) -- File not found
DRV - (WDICA) -- File not found
DRV - (wanatw) -- system32\DRIVERS\wanatw4.sys File not found
DRV - (usbcm) -- system32\DRIVERS\usbcm.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (geyekrjacvpwrp) -- C:\WINDOWS\system32\drivers\geyekrwdaulytl.sys File not found
DRV - (Changer) -- File not found
DRV - (bvrp_pci) -- File not found
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\LHidUsb.sys (Logitech, Inc.)
DRV - (mfencrk) -- C:\WINDOWS\system32\drivers\mfencrk.sys (McAfee, Inc.)
DRV - (mfencbdc) -- C:\WINDOWS\system32\drivers\mfencbdc.sys (McAfee, Inc.)
DRV - (RegFilter) -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys (IObit.com)
DRV - (UrlFilter) -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys (IObit.com)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (HipShieldK) -- C:\WINDOWS\system32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (FileMonitor) -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys (IObit)
DRV - (timounter) -- C:\WINDOWS\system32\drivers\timntr.sys (Acronis)
DRV - (vididr) -- C:\WINDOWS\system32\drivers\vididr.sys (Acronis)
DRV - (vidsflt53) -- C:\WINDOWS\system32\drivers\vsflt53.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (ELhid) -- C:\WINDOWS\system32\drivers\ELhid.sys (Intel Corporation)
DRV - (ELmon) -- C:\WINDOWS\system32\drivers\ELmon.sys (Intel Corporation)
DRV - (ELkbd) -- C:\WINDOWS\system32\drivers\ELkbd.sys (Intel Corporation)
DRV - (ELmou) -- C:\WINDOWS\system32\drivers\ELmou.sys (Intel Corporation)
DRV - (ELacpi) -- C:\WINDOWS\system32\drivers\ELacpi.sys (Intel Corporation)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr7/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=198484&fr=spigot-yhp-ie
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\..\SearchScopes,DefaultScope = {0FF4A0C4-D3EB-438E-A53E-A94C5694C916}
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\..\SearchScopes\{0FF4A0C4-D3EB-438E-A53E-A94C5694C916}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\..\SearchScopes\{306851AB-2967-45E2-B485-4E5B3C1A21E5}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: moveplayer%40movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledAddons: %7B1650a312-02bc-40ee-977e-83f158701739%7D:26.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.6
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Kevin\Application Data\nprhapengine.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/28 19:21:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/28 19:21:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/28 19:21:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/01/19 22:04:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/01/16 09:09:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/01/20 12:02:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\6261\FF\ [2008/06/23 17:52:42 | 000,000,000 | ---D | M]

[2008/09/07 18:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Extensions
[2014/01/25 06:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\0b41ps0e.default\extensions
[2010/04/27 15:01:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\0b41ps0e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014/01/25 06:07:00 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\0b41ps0e.default\extensions\adsremoval@adsremoval.net
[2009/03/10 18:26:56 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\0b41ps0e.default\extensions\moveplayer@movenetworks.com
[2014/01/25 06:06:16 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\0b41ps0e.default\extensions\speeddial@instair.net
[2007/04/12 19:51:42 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\0b41ps0e.default\searchplugins\siteadvisor.xml
[2013/05/18 21:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/12 07:34:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/12 07:34:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2013/12/12 07:34:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/06/23 17:52:42 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\SITEADVISOR\6261\FF
[2012/08/11 10:09:13 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

O1 HOSTS File: ([2014/01/21 01:01:45 | 000,451,153 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 15488 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Reg Error: Value error.) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Documents and Settings\Kevin\My Documents\Downloads\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.1\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Documents and Settings\Kevin\My Documents\Downloads\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [DLCDCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.DLL ()
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006..\Run: [Advanced SystemCare 7] C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006..\RunOnce: [DelayShred] c:\program files\mcafee.com\shredder\SHRED32.EXE (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1342719157853 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 184.63.96.68 184.63.96.69
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00363636-33FF-484C-A8F8-89AC0BAF378A}: DhcpNameServer = 184.63.96.68 184.63.96.69
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Kevin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kevin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6a7c86ed-15f7-11e2-9f10-ca672b9b391e}\Shell - "" = AutoRun
O33 - MountPoints2\{6a7c86ed-15f7-11e2-9f10-ca672b9b391e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a7c86ed-15f7-11e2-9f10-ca672b9b391e}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/27 09:58:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kevin\Desktop\OTL.exe
[2014/01/26 09:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/01/25 05:51:16 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Kevin\Desktop\dds.scr
[2014/01/24 15:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Malware Fighter
[2014/01/24 15:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster
[2014/01/24 13:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
[2014/01/24 13:40:40 | 000,052,312 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/01/24 13:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Application Data\TechCheck
[2014/01/24 08:35:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2014/01/20 16:06:11 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2014/01/20 16:06:11 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2014/01/20 15:53:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Application Data\ElevatedDiagnostics
[2014/01/20 15:30:22 | 000,037,804 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidUsb.sys
[2014/01/20 15:29:29 | 000,083,808 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NicInstE.dll
[2014/01/20 15:29:28 | 000,028,272 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NicCo2.dll
[2014/01/20 15:15:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood(2)
[2014/01/07 11:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\My Documents\Job Hunt 2014
[2013/12/31 10:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IObit Uninstaller
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/27 09:58:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kevin\Desktop\OTL.exe
[2014/01/26 09:38:04 | 000,445,890 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/01/26 09:38:04 | 000,073,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/01/26 09:13:18 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2014/01/26 09:12:58 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster Update.job
[2014/01/26 09:10:43 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
[2014/01/26 09:10:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/01/26 09:10:38 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster Scan.job
[2014/01/26 09:10:25 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-590471348-4020301897-3148249993-1006.job
[2014/01/26 09:10:25 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-590471348-4020301897-3148249993-1007.job
[2014/01/26 09:10:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/26 09:09:56 | 2145,554,432 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/25 22:42:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/25 05:51:16 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Kevin\Desktop\dds.scr
[2014/01/24 15:33:41 | 000,000,844 | ---- | M] () -- C:\Documents and Settings\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\IObit Malware Fighter.lnk
[2014/01/24 13:40:40 | 000,052,312 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/01/21 07:54:16 | 000,023,325 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/01/21 01:01:45 | 000,451,153 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/01/20 15:30:23 | 000,037,804 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidUsb.sys
[2014/01/20 15:29:29 | 000,309,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\Prounstl.exe
[2014/01/20 15:29:29 | 000,083,808 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\NicInstE.dll
[2014/01/20 15:29:29 | 000,028,272 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\NicCo2.dll
[2014/01/20 15:29:28 | 000,121,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\e1000msg.dll
[2014/01/20 15:29:28 | 000,002,876 | ---- | M] () -- C:\WINDOWS\System32\e1e5132.din
[2014/01/20 15:09:16 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-590471348-4020301897-3148249993-1006.job
[2014/01/20 13:12:22 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/20 13:09:14 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2014/01/20 12:29:35 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2014/01/15 20:13:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-590471348-4020301897-3148249993-1007.job
[2014/01/07 12:39:25 | 000,000,427 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\Shortcut to Job Hunt 2014.lnk
[2013/12/31 11:47:01 | 001,828,993 | ---- | M] () -- C:\Documents and Settings\Kevin\Desktop\Special Edition Use Care Guide Keurig K65.pdf
[2013/12/31 11:07:51 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/26 09:09:56 | 2145,554,432 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/24 15:33:41 | 000,000,844 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\IObit Malware Fighter.lnk
[2014/01/24 15:17:20 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\Driver Booster Scan.job
[2014/01/24 15:17:19 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\Driver Booster Update.job
[2014/01/20 13:09:14 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2014/01/19 22:05:42 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\drivers\mfencbdc.inf
[2014/01/19 22:05:42 | 000,002,641 | ---- | C] () -- C:\WINDOWS\System32\drivers\mfencrk.inf
[2014/01/07 12:39:25 | 000,000,427 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\Shortcut to Job Hunt 2014.lnk
[2013/12/31 11:47:11 | 001,828,993 | ---- | C] () -- C:\Documents and Settings\Kevin\Desktop\Special Edition Use Care Guide Keurig K65.pdf
[2013/09/08 18:48:32 | 000,268,968 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/03/25 08:45:30 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\burnaware.ini
[2012/02/18 08:10:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/12/22 17:09:59 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\kodakpcd.ini
[2007/02/05 10:04:23 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\FixVTS.ini
[2006/11/23 10:52:56 | 000,001,894 | ---- | C] () -- C:\Documents and Settings\Kevin\default.pls
[2006/07/13 21:05:11 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2006/03/25 00:03:49 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\dvd.bmk
[2006/03/08 20:31:14 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/03/07 19:32:19 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2007/12/25 13:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2011/07/30 16:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2014/01/25 06:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2013/03/09 19:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2006/03/30 15:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCA30.tmp
[2006/03/30 15:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MCA3A.tmp
[2007/10/23 16:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2012/08/28 15:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2014/01/20 12:54:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ProductData
[2012/09/05 17:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/08/23 19:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2013/12/31 10:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/02/03 13:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TSMDelux
[2012/08/28 18:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2013/11/22 22:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2011/08/20 07:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/01/22 08:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
[2013/01/22 08:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2012/09/05 17:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\A7389BEA-FD6B-409A-A860-F7619255E4AB
[2013/01/02 23:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\calibre
[2011/07/30 16:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\DJ ToneXpress
[2014/01/20 15:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\ElevatedDiagnostics
[2014/01/20 15:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\IObit
[2013/06/14 17:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\IObit Apps
[2006/03/07 21:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Leadertech
[2007/01/26 12:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\My Games
[2012/08/28 19:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Oracle
[2012/08/28 15:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\PCDr
[2007/02/05 09:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\RipIt4Me
[2012/05/20 09:25:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Kevin\Application Data\RPPrivate
[2012/09/05 17:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Seagate
[2010/02/22 09:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Skinux
[2014/01/24 13:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\TechCheck
[2006/03/26 16:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kim\Application Data\Leadertech
[2009/12/24 12:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kim\Application Data\Skinux

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F9819010
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
 
OTL Extras.TXT

OTL Extras logfile created on: 1/27/2014 10:03:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kevin\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.34% Memory free
4.85 Gb Paging File | 4.03 Gb Available in Paging File | 83.08% Paging File free
Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 456.37 Gb Total Space | 359.14 Gb Free Space | 78.70% Space Free | Partition Type: NTFS
Drive F: | 591.21 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TOYBOX | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Media Player\wmplayer.exe" = C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3 -- (Ensemble Studios)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Gold\Civilization4.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Gold\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 Gold -- (Firaxis Games)
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Gold\Warlords\Civ4Warlords.exe" = C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Gold\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4: Warlords -- (Firaxis Games)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1752D07B-9BEB-414F-9B51-AA529101F0E5}" = calibre
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33F8945B-9460-49C7-9193-DA320345CF15}" = Hanes T-ShirtMaker Deluxe 4.0.1.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B901CB2-9DAF-43FC-BDD2-4149AF19381C}" = Hallmark Card Studio 2006 Deluxe
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEA6811-DFAD-4892-828D-49941FE3B779}" = Intel(R) PROSet for Wired Connections
"{50AF9AC4-6E62-405A-A269-C02B70A21E64}" = 944plc32
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{55502C49-F061-428C-BF26-06ECDFB3AC29}" = Sid Meier's Civilization 4 Gold
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A0C892E-FD1C-4203-941E-0956AED20A6A}" = APC PowerChute Personal Edition
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7D9B77E1-0078-0001-4447-ADD4C0A93D1D}" = Sansa Media Converter
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8C22F265-DE76-44D1-8A79-A71D819137DA}" = Intel(R) Quick Resume Technology Drivers
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}" = Seagate DiscWizard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}" = Intel® Viiv™
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Google
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EA0F950C-D926-4366-A60C-9E7B71DB1FF2}" = IObit Apps Toolbar v7.1
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" = Sansa Media Converter
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"ATI Display Driver" = ATI Display Driver
"BurnAware Free_is1" = BurnAware Free 4.7
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Dell Photo AIO Printer 944" = Dell Photo AIO Printer 944
"Driver Booster_is1" = Driver Booster
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDXCopyPlatinum" = DVD X Copy Platinum 4.0.3
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ERUNT_is1" = ERUNT 1.1j
"FTDICOMM" = FTDI USB Serial Converter Drivers
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Intel® Quick Resume Technology" = Intel(R) Quick Resume Technology Drivers
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObitUninstall" = IObit Uninstaller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"PROSet" = Intel(R) Network Connections Drivers
"RealPlayer 15.0" = RealPlayer
"Scanning Suite" = Scanning Suite
"Snes9x" = Snes9x
"SpywareBlaster_is1" = SpywareBlaster 5.0
"StreetPlugin" = Learn2 Player (Uninstall Only)
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-590471348-4020301897-3148249993-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/16/2014 10:04:12 AM | Computer Name = TOYBOX | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/16/2014 10:04:12 AM | Computer Name = TOYBOX | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/16/2014 10:04:12 AM | Computer Name = TOYBOX | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/16/2014 10:04:12 AM | Computer Name = TOYBOX | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/16/2014 10:04:12 AM | Computer Name = TOYBOX | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/16/2014 10:04:12 AM | Computer Name = TOYBOX | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/19/2014 3:06:04 AM | Computer Name = TOYBOX | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 1/19/2014 11:03:43 PM | Computer Name = TOYBOX | Source = McLogEvent | ID = 5022
Description =

Error - 1/19/2014 11:03:53 PM | Computer Name = TOYBOX | Source = McLogEvent | ID = 5022
Description =

Error - 1/19/2014 11:03:56 PM | Computer Name = TOYBOX | Source = McLogEvent | ID = 5022
Description =

[ IntelDH Events ]
Error - 1/20/2014 2:12:27 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/20/2014 3:57:12 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/20/2014 4:09:39 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/20/2014 4:17:45 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/20/2014 4:44:01 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/20/2014 5:15:44 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/20/2014 5:27:55 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/24/2014 1:43:38 PM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/25/2014 7:05:57 AM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 1/25/2014 7:15:15 AM | Computer Name = TOYBOX | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

[ System Events ]
Error - 1/26/2014 10:10:44 AM | Computer Name = TOYBOX | Source = Service Control Manager | ID = 7023
Description = The Intel® Quick Resume Technology Drivers service terminated with
the following error: %%203

Error - 1/26/2014 10:12:53 AM | Computer Name = TOYBOX | Source = Service Control Manager | ID = 7022
Description = The McAfee Boot Delay Start Service service hung on starting.

Error - 1/26/2014 10:12:53 AM | Computer Name = TOYBOX | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 1/26/2014 10:12:53 AM | Computer Name = TOYBOX | Source = Service Control Manager | ID = 7034
Description = The LiveUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 1/27/2014 10:55:13 AM | Computer Name = TOYBOX | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 162.72.121.23 on
the Network Card with network address 0013720E4A65.

Error - 1/27/2014 11:15:55 AM | Computer Name = TOYBOX | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom1.

Error - 1/27/2014 11:16:02 AM | Computer Name = TOYBOX | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom1.

Error - 1/27/2014 11:16:09 AM | Computer Name = TOYBOX | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom1.

Error - 1/27/2014 11:16:17 AM | Computer Name = TOYBOX | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom1.

Error - 1/27/2014 11:16:24 AM | Computer Name = TOYBOX | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom1.


< End of report >
 
Hi,

Read this please, this means that us and most of the malware forums will most likely drop support in a few months for the XP Operating System, also no more windows updates so this will leave you very vulnerable to getting infected
http://techpageone.dell.com/technol...id=5049884&acd=12309189674467600#.UuaUqhAo6Ul


This program is malware, see if you can uninstall it via Add Remove Programs in the Control Panel
C:\Program Files\Secure Speed Dial


You also have one file that suggests your infected with a rootkit



Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


RC1.png


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
 
I am unable to fine Secure Speed Dial in the Add/Remove programs listing. Also my Mcafee window does not have the options listings on the left of the window and I am unable to disable the firewall through the normal window. My window only has 4 boxes that allow me to go to individual settings and I was able to turn the Spyware checking to Off. I was able to download Conbofix to my desktop...should I run it and follow previous instructions?
 
I attempted to run Combofix- it did update the windows recovery console but windows shut down all 3 times I tried to run it once the scan stareted... it did also give me the warning that Mcafee antispyware and antivirus were still running and I am unable to disable them.
 
Lets try this other program

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
 
Scan found 1 threat, here is the log

[InfectedObject]
Type: Service
Name: geyekrjacvpwrp
Type: Kernel driver (0x1)
Start: System (0x1)
ImagePath: \systemroot\system32\drivers\geyekrwdaulytl.sys

I did not update the tool though a version update was available.
 
My apologies...wrong document, here is the log.
15:24:42.0906 5436 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:24:44.0906 5436 ============================================================
15:24:44.0906 5436 Current date / time: 2014/01/27 15:24:44.0906
15:24:44.0906 5436 SystemInfo:
15:24:44.0906 5436
15:24:44.0906 5436 OS Version: 5.1.2600 ServicePack: 3.0
15:24:44.0906 5436 Product type: Workstation
15:24:44.0906 5436 ComputerName: TOYBOX
15:24:44.0906 5436 UserName: Kevin
15:24:44.0906 5436 Windows directory: C:\WINDOWS
15:24:44.0906 5436 System windows directory: C:\WINDOWS
15:24:44.0906 5436 Processor architecture: Intel x86
15:24:44.0906 5436 Number of processors: 2
15:24:44.0906 5436 Page size: 0x1000
15:24:44.0906 5436 Boot type: Normal boot
15:24:44.0906 5436 ============================================================
15:24:46.0609 5436 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:24:46.0625 5436 ============================================================
15:24:46.0625 5436 \Device\Harddisk0\DR0:
15:24:46.0625 5436 MBR partitions:
15:24:46.0625 5436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33800, BlocksNum 0x390BC800
15:24:46.0625 5436 ============================================================
15:24:46.0671 5436 C: <-> \Device\Harddisk0\DR0\Partition1
15:24:46.0671 5436 ============================================================
15:24:46.0671 5436 Initialize success
15:24:46.0671 5436 ============================================================
15:26:20.0781 0836 ============================================================
15:26:20.0781 0836 Scan started
15:26:20.0781 0836 Mode: Manual;
15:26:20.0781 0836 ============================================================
15:26:21.0218 0836 ================ Scan system memory ========================
15:26:21.0218 0836 System memory - ok
15:26:21.0218 0836 ================ Scan services =============================
15:26:23.0093 0836 Abiosdsk - ok
15:26:23.0140 0836 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:26:23.0296 0836 abp480n5 - ok
15:26:23.0421 0836 ACDaemon - ok
15:26:23.0453 0836 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:26:23.0640 0836 ACPI - ok
15:26:23.0656 0836 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:26:23.0703 0836 ACPIEC - ok
15:26:23.0765 0836 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:26:23.0765 0836 AdobeFlashPlayerUpdateSvc - ok
15:26:23.0796 0836 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:26:23.0953 0836 adpu160m - ok
15:26:24.0156 0836 [ F5456293D2604BCE2BEC07FC6186A341 ] AdvancedSystemCareService7 C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCService.exe
15:26:24.0515 0836 AdvancedSystemCareService7 - ok
15:26:24.0546 0836 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:26:24.0593 0836 aec - ok
15:26:24.0640 0836 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:26:24.0828 0836 AFD - ok
15:26:24.0859 0836 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
15:26:25.0015 0836 agp440 - ok
15:26:25.0031 0836 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:26:25.0078 0836 agpCPQ - ok
15:26:25.0093 0836 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:26:25.0250 0836 Aha154x - ok
15:26:25.0265 0836 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:26:25.0437 0836 aic78u2 - ok
15:26:25.0453 0836 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:26:25.0609 0836 aic78xx - ok
15:26:25.0625 0836 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:26:25.0765 0836 Alerter - ok
15:26:25.0828 0836 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
15:26:25.0984 0836 ALG - ok
15:26:26.0015 0836 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
15:26:26.0171 0836 AliIde - ok
15:26:26.0171 0836 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:26:26.0218 0836 alim1541 - ok
15:26:26.0250 0836 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:26:26.0296 0836 amdagp - ok
15:26:26.0312 0836 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
15:26:26.0484 0836 amsint - ok
15:26:26.0531 0836 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
15:26:26.0796 0836 APC UPS Service - ok
15:26:26.0921 0836 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:26:26.0937 0836 Apple Mobile Device - ok
15:26:26.0968 0836 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:26:27.0109 0836 AppMgmt - ok
15:26:27.0140 0836 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
15:26:27.0296 0836 asc - ok
15:26:27.0312 0836 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:26:27.0468 0836 asc3350p - ok
15:26:27.0484 0836 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:26:27.0640 0836 asc3550 - ok
15:26:27.0687 0836 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
15:26:27.0843 0836 Aspi32 - ok
15:26:27.0953 0836 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:26:28.0015 0836 aspnet_state - ok
15:26:28.0031 0836 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:26:28.0078 0836 AsyncMac - ok
15:26:28.0093 0836 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:26:28.0250 0836 atapi - ok
15:26:28.0265 0836 Atdisk - ok
15:26:28.0281 0836 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:26:28.0375 0836 Ati HotKey Poller - ok
15:26:28.0437 0836 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:26:28.0671 0836 ati2mtag - ok
15:26:28.0718 0836 [ F9C24D25D9FF29F894995A64812B4D85 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
15:26:28.0890 0836 atksgt - ok
15:26:28.0906 0836 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:26:28.0953 0836 Atmarpc - ok
15:26:28.0984 0836 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:26:29.0125 0836 AudioSrv - ok
15:26:29.0156 0836 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:26:29.0203 0836 audstub - ok
15:26:29.0250 0836 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:26:29.0296 0836 Beep - ok
15:26:29.0328 0836 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
15:26:29.0515 0836 BITS - ok
15:26:29.0578 0836 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:26:29.0593 0836 Bonjour Service - ok
15:26:29.0625 0836 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
15:26:29.0765 0836 Browser - ok
15:26:29.0765 0836 bvrp_pci - ok
15:26:29.0796 0836 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:26:29.0953 0836 cbidf - ok
15:26:29.0968 0836 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:26:29.0968 0836 cbidf2k - ok
15:26:29.0968 0836 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:26:30.0125 0836 cd20xrnt - ok
15:26:30.0156 0836 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:26:30.0203 0836 Cdaudio - ok
15:26:30.0250 0836 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:26:30.0312 0836 Cdfs - ok
15:26:30.0343 0836 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:26:30.0609 0836 Cdrom - ok
15:26:30.0640 0836 [ D787C026F15BD8F762AB5829428FAA9C ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
15:26:30.0640 0836 cfwids - ok
15:26:30.0640 0836 Changer - ok
15:26:30.0687 0836 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:26:30.0734 0836 CiSvc - ok
15:26:30.0750 0836 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:26:30.0812 0836 ClipSrv - ok
15:26:30.0843 0836 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:26:30.0890 0836 clr_optimization_v2.0.50727_32 - ok
15:26:30.0921 0836 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:26:30.0968 0836 CmdIde - ok
15:26:30.0984 0836 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:26:31.0140 0836 Compbatt - ok
15:26:31.0140 0836 COMSysApp - ok
15:26:31.0156 0836 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:26:31.0218 0836 Cpqarray - ok
15:26:31.0234 0836 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:26:31.0375 0836 CryptSvc - ok
15:26:31.0406 0836 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:26:31.0468 0836 dac2w2k - ok
15:26:31.0484 0836 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:26:31.0640 0836 dac960nt - ok
15:26:31.0671 0836 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:26:31.0687 0836 DcomLaunch - ok
15:26:31.0718 0836 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:26:31.0718 0836 Dhcp - ok
15:26:31.0734 0836 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:26:31.0890 0836 Disk - ok
15:26:31.0953 0836 [ D8D58A84F3ECE3359DF95FD2E459B330 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
15:26:32.0109 0836 DLABOIOM - ok
15:26:32.0125 0836 [ EC6AE8BC9F773382D2EED49E4DFDAE2A ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
15:26:32.0281 0836 DLACDBHM - ok
15:26:32.0281 0836 [ 27C78078BD9C4F2DE2AD3EB04BFE101B ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
15:26:32.0421 0836 DLADResN - ok
15:26:32.0437 0836 [ 7F2D93E560B763EF5D11422D78DA8ED0 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
15:26:32.0609 0836 DLAIFS_M - ok
15:26:32.0609 0836 [ F643637DE6AAC57E38D197AA63D9EA74 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
15:26:32.0765 0836 DLAOPIOM - ok
15:26:32.0781 0836 [ 340705474807F57A46D59D18FC2959F1 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
15:26:32.0937 0836 DLAPoolM - ok
15:26:32.0968 0836 [ 0605B66052F82B6F07204DBDB61C13FF ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
15:26:33.0125 0836 DLARTL_N - ok
15:26:33.0140 0836 [ 6984EA763907C045CE813468882BC587 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
15:26:33.0312 0836 DLAUDFAM - ok
15:26:33.0343 0836 [ 12B30C449CFD36ADBED53EB6560933C6 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
15:26:33.0515 0836 DLAUDF_M - ok
15:26:33.0515 0836 dlcd_device - ok
15:26:33.0531 0836 dmadmin - ok
15:26:33.0546 0836 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:26:33.0625 0836 dmboot - ok
15:26:33.0625 0836 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:26:33.0812 0836 dmio - ok
15:26:33.0843 0836 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:26:33.0984 0836 dmload - ok
15:26:34.0031 0836 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:26:34.0171 0836 dmserver - ok
15:26:34.0203 0836 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:26:34.0359 0836 DMusic - ok
15:26:34.0390 0836 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:26:34.0531 0836 Dnscache - ok
15:26:34.0562 0836 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:26:34.0703 0836 Dot3svc - ok
15:26:34.0718 0836 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:26:34.0765 0836 dpti2o - ok
15:26:34.0781 0836 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:26:34.0937 0836 drmkaud - ok
15:26:34.0953 0836 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
15:26:35.0125 0836 DRVMCDB - ok
15:26:35.0156 0836 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
15:26:35.0328 0836 DRVNDDM - ok
15:26:35.0375 0836 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
15:26:35.0421 0836 DSBrokerService - ok
15:26:35.0453 0836 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
15:26:35.0609 0836 DSproct - ok
15:26:35.0640 0836 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
15:26:35.0687 0836 dsunidrv - ok
15:26:35.0703 0836 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:26:35.0875 0836 E100B - ok
15:26:35.0906 0836 [ D334D3052BDD61F8A5F0A59D31466BAC ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
15:26:35.0968 0836 e1express - ok
15:26:36.0000 0836 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:26:36.0140 0836 EapHost - ok
15:26:36.0234 0836 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
15:26:36.0312 0836 ehRecvr - ok
15:26:36.0312 0836 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
15:26:36.0484 0836 ehSched - ok
15:26:36.0531 0836 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys
15:26:36.0671 0836 ELacpi - ok
15:26:36.0703 0836 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys
15:26:36.0859 0836 ELhid - ok
15:26:36.0875 0836 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys
15:26:37.0031 0836 ELkbd - ok
15:26:37.0046 0836 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys
15:26:37.0203 0836 ELmon - ok
15:26:37.0203 0836 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys
15:26:37.0359 0836 ELmou - ok
15:26:37.0468 0836 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
15:26:37.0687 0836 ELService - ok
15:26:37.0703 0836 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:26:37.0843 0836 ERSvc - ok
15:26:37.0859 0836 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
15:26:37.0953 0836 Eventlog - ok
15:26:37.0984 0836 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\Es.dll
15:26:38.0140 0836 EventSystem - ok
15:26:38.0156 0836 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:26:38.0328 0836 Fastfat - ok
15:26:38.0375 0836 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:26:38.0406 0836 FastUserSwitchingCompatibility - ok
15:26:38.0421 0836 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:26:38.0468 0836 Fdc - ok
15:26:38.0609 0836 [ 9840396B26E424046AD335C98B3F16C3 ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
15:26:38.0937 0836 FileMonitor - ok
15:26:38.0968 0836 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:26:39.0156 0836 Fips - ok
15:26:39.0187 0836 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:26:39.0359 0836 Flpydisk - ok
15:26:39.0390 0836 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:26:39.0453 0836 FltMgr - ok
15:26:39.0515 0836 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:26:39.0578 0836 FontCache3.0.0.0 - ok
15:26:39.0656 0836 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:26:39.0703 0836 Fs_Rec - ok
15:26:39.0734 0836 [ B283F1BC1FF852BD232449A4B3E3CE63 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
15:26:39.0921 0836 FTDIBUS - ok
15:26:39.0937 0836 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:26:39.0984 0836 Ftdisk - ok
15:26:40.0000 0836 geyekrjacvpwrp ( Rootkit.Win32.TDSS.tdl2 ) - infected
15:26:40.0000 0836 geyekrjacvpwrp - detected Rootkit.Win32.TDSS.tdl2 (0)
15:26:40.0031 0836 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:26:40.0203 0836 Gpc - ok
15:26:40.0218 0836 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:26:40.0437 0836 HDAudBus - ok
15:26:40.0531 0836 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:26:40.0656 0836 helpsvc - ok
15:26:40.0703 0836 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
15:26:40.0843 0836 HidBatt - ok
15:26:40.0890 0836 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:26:41.0015 0836 HidServ - ok
15:26:41.0031 0836 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:26:41.0187 0836 HidUsb - ok
15:26:41.0234 0836 [ 156765F692192EA9039A6C4A809312FD ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
15:26:41.0234 0836 HipShieldK - ok
15:26:41.0281 0836 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:26:41.0437 0836 hkmsvc - ok
15:26:41.0546 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
15:26:41.0546 0836 HomeNetSvc - ok
15:26:41.0562 0836 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
15:26:41.0734 0836 hpn - ok
15:26:41.0765 0836 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
15:26:41.0921 0836 HSFHWBS2 - ok
15:26:41.0937 0836 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
15:26:42.0140 0836 HSF_DP - ok
15:26:42.0187 0836 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:26:42.0500 0836 HTTP - ok
15:26:42.0531 0836 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:26:42.0671 0836 HTTPFilter - ok
15:26:42.0687 0836 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
15:26:42.0843 0836 i2omgmt - ok
15:26:42.0859 0836 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:26:43.0015 0836 i2omp - ok
15:26:43.0031 0836 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:26:43.0078 0836 i8042prt - ok
15:26:43.0156 0836 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
15:26:43.0375 0836 IAANTMon - ok
15:26:43.0390 0836 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
15:26:43.0406 0836 iastor - ok
15:26:43.0500 0836 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:26:43.0671 0836 IDriverT - ok
15:26:43.0750 0836 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:26:43.0812 0836 idsvc - ok
15:26:43.0828 0836 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:26:43.0984 0836 Imapi - ok
15:26:44.0031 0836 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:26:44.0078 0836 ImapiService - ok
15:26:44.0125 0836 [ EAEA4B0005869A4ABE6070BD364143B7 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
15:26:44.0312 0836 IMFservice - ok
15:26:44.0343 0836 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:26:44.0500 0836 ini910u - ok
15:26:44.0531 0836 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
15:26:44.0718 0836 IntelIde - ok
15:26:44.0781 0836 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:26:44.0968 0836 intelppm - ok
15:26:44.0984 0836 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:26:45.0140 0836 Ip6Fw - ok
15:26:45.0156 0836 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:26:45.0328 0836 IpFilterDriver - ok
15:26:45.0343 0836 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:26:45.0390 0836 IpInIp - ok
15:26:45.0406 0836 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:26:45.0484 0836 IpNat - ok
15:26:45.0515 0836 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:26:45.0671 0836 IPSec - ok
15:26:45.0687 0836 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:26:45.0843 0836 IRENUM - ok
15:26:45.0859 0836 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:26:46.0015 0836 isapnp - ok
15:26:46.0046 0836 [ 4AC11B2250106774F694DF2DB4FFED61 ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
15:26:46.0203 0836 Iviaspi - ok
15:26:46.0312 0836 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
15:26:46.0328 0836 JavaQuickStarterService - ok
15:26:46.0328 0836 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:26:46.0484 0836 Kbdclass - ok
15:26:46.0484 0836 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:26:46.0531 0836 kbdhid - ok
15:26:46.0562 0836 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:26:46.0750 0836 kmixer - ok
15:26:46.0750 0836 KodakCCS - ok
15:26:46.0781 0836 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:26:46.0828 0836 KSecDD - ok
15:26:46.0843 0836 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:26:47.0000 0836 lanmanserver - ok
15:26:47.0031 0836 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:26:47.0171 0836 lanmanworkstation - ok
15:26:47.0171 0836 lbrtfdc - ok
15:26:47.0203 0836 [ AC05A1B5C66D693B1598FD83617D1820 ] LHidUsb C:\WINDOWS\system32\Drivers\LHidUsb.Sys
15:26:47.0468 0836 LHidUsb - ok
15:26:47.0500 0836 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
15:26:47.0656 0836 lirsgt - ok
15:26:47.0718 0836 [ 935E2093CEED8198C820B7F60BB63167 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
15:26:47.0937 0836 LiveUpdateSvc - ok
15:26:47.0968 0836 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:26:48.0109 0836 LmHosts - ok
15:26:48.0296 0836 [ 5467B4D77044E4FF56E8FEB9D2F6FE5A ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
15:26:48.0296 0836 McAPExe - ok
15:26:48.0328 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcbootdelaystartsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:26:48.0328 0836 mcbootdelaystartsvc - ok
15:26:48.0343 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
15:26:48.0343 0836 McMPFSvc - ok
15:26:48.0343 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:26:48.0343 0836 McNaiAnn - ok
15:26:48.0500 0836 [ 3A01047FFF666D33EBDE3513D20DA1F5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
15:26:48.0500 0836 McODS - ok
15:26:48.0515 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:26:48.0515 0836 mcpltsvc - ok
15:26:48.0515 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
15:26:48.0531 0836 McProxy - ok
15:26:48.0609 0836 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
15:26:48.0781 0836 McrdSvc - ok
15:26:48.0875 0836 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:26:48.0875 0836 MDM - ok
15:26:48.0890 0836 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:26:49.0031 0836 mdmxsdk - ok
15:26:49.0078 0836 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:26:49.0203 0836 Messenger - ok
15:26:49.0234 0836 [ 75A2B9F70B77AA3DB15E96BDAAE484A2 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
15:26:49.0234 0836 mfeapfk - ok
15:26:49.0265 0836 [ 070850EFFC731B4A22FB7DDEAD41B943 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
15:26:49.0265 0836 mfeavfk - ok
15:26:49.0265 0836 [ FC28E41FE9D4F3283FB41717C0BF0109 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
15:26:49.0265 0836 mfebopk - ok
15:26:49.0343 0836 [ A507872B611576AF33BCF473231391F9 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
15:26:49.0343 0836 mfecore - ok
15:26:49.0421 0836 [ 7A9F90099CBF6FA6D4011E10F36EF0C7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:26:49.0421 0836 mfefire - ok
15:26:49.0437 0836 [ 768AA2C44C589EA27E80E4EC05BD5F76 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
15:26:49.0437 0836 mfefirek - ok
15:26:49.0468 0836 [ 24E6ABD47FD50FC187FFC3583A14F339 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
15:26:49.0484 0836 mfehidk - ok
15:26:49.0500 0836 [ 286C46ADBF17272A479C91116FA50524 ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
15:26:49.0500 0836 mfencbdc - ok
15:26:49.0531 0836 [ 0C9EA2919A7EB871FF9BAFB3A11C145E ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
15:26:49.0531 0836 mfencrk - ok
15:26:49.0531 0836 [ B475C9545475B44EA23CE22119149440 ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
15:26:49.0546 0836 mfendisk - ok
15:26:49.0593 0836 [ B475C9545475B44EA23CE22119149440 ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
15:26:49.0593 0836 mfendiskmp - ok
15:26:49.0640 0836 [ E487B1ABF6B4E17AEE023022FA927841 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
15:26:49.0640 0836 mfetdi2k - ok
15:26:49.0656 0836 [ A1262E7DC2394EA04AB97D48752F7332 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
15:26:49.0656 0836 mfevtp - ok
15:26:49.0687 0836 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
15:26:49.0828 0836 MHN - ok
15:26:49.0906 0836 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:26:50.0171 0836 MHNDRV - ok
15:26:50.0203 0836 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:26:50.0250 0836 mnmdd - ok
15:26:50.0281 0836 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:26:50.0359 0836 mnmsrvc - ok
15:26:50.0390 0836 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:26:50.0546 0836 Modem - ok
15:26:50.0593 0836 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
15:26:50.0781 0836 MODEMCSA - ok
15:26:50.0796 0836 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:26:50.0843 0836 Mouclass - ok
15:26:50.0890 0836 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:26:50.0968 0836 mouhid - ok
15:26:51.0015 0836 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:26:51.0062 0836 MountMgr - ok
15:26:51.0109 0836 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:26:51.0171 0836 MozillaMaintenance - ok
15:26:51.0218 0836 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:26:51.0375 0836 mraid35x - ok
15:26:51.0406 0836 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:26:51.0484 0836 MRxDAV - ok
15:26:51.0500 0836 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:26:51.0843 0836 MRxSmb - ok
15:26:51.0859 0836 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:26:51.0921 0836 MSDTC - ok
15:26:51.0968 0836 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:26:52.0000 0836 Msfs - ok
15:26:52.0015 0836 MSIServer - ok
15:26:52.0031 0836 [ 5007E21208DA68F60EBF43352BDFE6D0 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
15:26:52.0031 0836 MSK80Service - ok
15:26:52.0062 0836 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:26:52.0203 0836 MSKSSRV - ok
15:26:52.0218 0836 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:26:52.0375 0836 MSPCLOCK - ok
15:26:52.0390 0836 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:26:52.0531 0836 MSPQM - ok
15:26:52.0546 0836 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:26:52.0734 0836 mssmbios - ok
15:26:52.0750 0836 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:26:52.0906 0836 Mup - ok
15:26:52.0937 0836 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:26:53.0093 0836 napagent - ok
15:26:53.0109 0836 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:26:53.0187 0836 NDIS - ok
15:26:53.0234 0836 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:26:53.0375 0836 NdisTapi - ok
15:26:53.0390 0836 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:26:53.0437 0836 Ndisuio - ok
15:26:53.0453 0836 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:26:53.0500 0836 NdisWan - ok
15:26:53.0515 0836 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:26:53.0687 0836 NDProxy - ok
15:26:53.0687 0836 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:26:53.0859 0836 NetBIOS - ok
15:26:53.0890 0836 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:26:54.0062 0836 NetBT - ok
15:26:54.0093 0836 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
15:26:54.0171 0836 NetDDE - ok
15:26:54.0171 0836 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:26:54.0171 0836 NetDDEdsdm - ok
15:26:54.0203 0836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:26:54.0250 0836 Netlogon - ok
15:26:54.0265 0836 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
15:26:54.0406 0836 Netman - ok
15:26:54.0500 0836 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
15:26:54.0718 0836 NetSvc - ok
15:26:54.0765 0836 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:26:54.0812 0836 NetTcpPortSharing - ok
15:26:54.0843 0836 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
15:26:54.0843 0836 Nla - ok
15:26:54.0875 0836 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:26:55.0031 0836 Npfs - ok
15:26:55.0046 0836 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:26:55.0265 0836 Ntfs - ok
15:26:55.0281 0836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:26:55.0281 0836 NtLmSsp - ok
15:26:55.0328 0836 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:26:55.0484 0836 NtmsSvc - ok
15:26:55.0515 0836 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:26:55.0562 0836 Null - ok
15:26:55.0625 0836 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:26:55.0750 0836 nv - ok
15:26:55.0781 0836 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:26:55.0828 0836 NwlnkFlt - ok
15:26:55.0859 0836 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:26:56.0015 0836 NwlnkFwd - ok
15:26:56.0031 0836 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:26:56.0093 0836 ose - ok
15:26:56.0125 0836 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:26:56.0312 0836 Parport - ok
15:26:56.0328 0836 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:26:56.0484 0836 PartMgr - ok
15:26:56.0531 0836 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:26:56.0593 0836 ParVdm - ok
15:26:56.0609 0836 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:26:56.0765 0836 PCI - ok
15:26:56.0765 0836 PCIDump - ok
15:26:56.0781 0836 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:26:56.0828 0836 PCIIde - ok
15:26:56.0843 0836 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:26:57.0000 0836 Pcmcia - ok
15:26:57.0031 0836 [ C3224A794B4FE2F6D0D5434A9FCAD26D ] Pcouffin C:\WINDOWS\system32\Drivers\Pcouffin.sys
15:26:57.0203 0836 Pcouffin - ok
15:26:57.0218 0836 PDCOMP - ok
15:26:57.0218 0836 PDFRAME - ok
15:26:57.0234 0836 PDRELI - ok
15:26:57.0234 0836 PDRFRAME - ok
15:26:57.0265 0836 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
15:26:57.0437 0836 perc2 - ok
15:26:57.0453 0836 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:26:57.0500 0836 perc2hib - ok
15:26:57.0656 0836 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
15:26:59.0015 0836 PEVSystemStart - ok
15:26:59.0046 0836 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
15:26:59.0046 0836 PlugPlay - ok
15:26:59.0062 0836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:26:59.0062 0836 PolicyAgent - ok
15:26:59.0093 0836 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:26:59.0140 0836 PptpMiniport - ok
15:26:59.0156 0836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:26:59.0156 0836 ProtectedStorage - ok
15:26:59.0171 0836 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:26:59.0328 0836 PSched - ok
15:26:59.0343 0836 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:26:59.0390 0836 Ptilink - ok
15:26:59.0421 0836 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:26:59.0468 0836 ql1080 - ok
15:26:59.0484 0836 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:26:59.0531 0836 Ql10wnt - ok
15:26:59.0562 0836 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:26:59.0625 0836 ql12160 - ok
15:26:59.0640 0836 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:26:59.0671 0836 ql1240 - ok
15:26:59.0687 0836 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:26:59.0734 0836 ql1280 - ok
15:26:59.0765 0836 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:26:59.0812 0836 RasAcd - ok
15:26:59.0843 0836 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:26:59.0984 0836 RasAuto - ok
15:27:00.0015 0836 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:27:00.0171 0836 Rasl2tp - ok
15:27:00.0187 0836 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:27:00.0343 0836 RasMan - ok
15:27:00.0343 0836 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:27:00.0390 0836 RasPppoe - ok
15:27:00.0390 0836 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:27:00.0437 0836 Raspti - ok
15:27:00.0453 0836 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:27:00.0546 0836 Rdbss - ok
15:27:00.0546 0836 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:27:00.0703 0836 RDPCDD - ok
15:27:00.0734 0836 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:27:00.0812 0836 rdpdr - ok
15:27:00.0859 0836 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:27:01.0156 0836 RDPWD - ok
15:27:01.0171 0836 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:27:01.0343 0836 RDSessMgr - ok
15:27:01.0375 0836 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:27:01.0640 0836 redbook - ok
15:27:01.0656 0836 [ 69AA6AF470BA8D8CE13FA45DE0D49C1C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
15:27:01.0937 0836 RegFilter - ok
15:27:01.0953 0836 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:27:02.0000 0836 RemoteAccess - ok
15:27:02.0015 0836 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:27:02.0156 0836 RemoteRegistry - ok
15:27:02.0156 0836 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
15:27:02.0328 0836 RpcLocator - ok
15:27:02.0359 0836 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
15:27:02.0359 0836 RpcSs - ok
15:27:02.0390 0836 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:27:02.0578 0836 RSVP - ok
15:27:02.0593 0836 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
15:27:02.0593 0836 SamSs - ok
15:27:02.0609 0836 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:27:02.0671 0836 SCardSvr - ok
15:27:02.0687 0836 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:27:02.0828 0836 Schedule - ok
15:27:02.0859 0836 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:27:02.0890 0836 Secdrv - ok
15:27:02.0921 0836 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:27:03.0062 0836 seclogon - ok
15:27:03.0140 0836 [ CA9C2939BDFC5B77D73E3B07C8805C59 ] SecureUpdateSvc C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
15:27:03.0359 0836 SecureUpdateSvc - ok
15:27:03.0375 0836 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
15:27:03.0515 0836 SENS - ok
15:27:03.0578 0836 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:27:03.0640 0836 serenum - ok
15:27:03.0640 0836 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:27:03.0796 0836 Serial - ok
15:27:03.0828 0836 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:27:03.0875 0836 Sfloppy - ok
15:27:03.0937 0836 [ C950D0381B42A54541CD55ADCCF3D75B ] SgtSch2Svc C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
15:27:04.0187 0836 SgtSch2Svc - ok
15:27:04.0218 0836 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:27:04.0390 0836 SharedAccess - ok
15:27:04.0406 0836 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:27:04.0406 0836 ShellHWDetection - ok
15:27:04.0421 0836 Simbad - ok
15:27:04.0468 0836 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:27:04.0515 0836 sisagp - ok
15:27:04.0546 0836 [ 98B44C15B4EED76AA8DCCB64A4CA11AF ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
15:27:04.0734 0836 snapman - ok
15:27:04.0765 0836 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:27:04.0812 0836 Sparrow - ok
15:27:04.0843 0836 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:27:04.0890 0836 splitter - ok
15:27:04.0921 0836 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:27:05.0078 0836 Spooler - ok
15:27:05.0093 0836 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:27:05.0250 0836 sr - ok
15:27:05.0265 0836 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
15:27:05.0406 0836 srservice - ok
15:27:05.0437 0836 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:27:05.0656 0836 Srv - ok
15:27:05.0671 0836 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:27:05.0812 0836 SSDPSRV - ok
15:27:05.0859 0836 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
15:27:06.0109 0836 STHDA - ok
15:27:06.0156 0836 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
15:27:06.0312 0836 StillCam - ok
15:27:06.0328 0836 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:27:06.0468 0836 stisvc - ok
15:27:06.0515 0836 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:27:06.0656 0836 swenum - ok
15:27:06.0687 0836 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:27:06.0843 0836 swmidi - ok
15:27:06.0843 0836 SwPrv - ok
15:27:06.0875 0836 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
15:27:07.0046 0836 symc810 - ok
15:27:07.0062 0836 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:27:07.0218 0836 symc8xx - ok
15:27:07.0234 0836 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:27:07.0281 0836 sym_hi - ok
15:27:07.0281 0836 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:27:07.0437 0836 sym_u3 - ok
15:27:07.0468 0836 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:27:07.0515 0836 sysaudio - ok
15:27:07.0546 0836 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:27:07.0703 0836 SysmonLog - ok
15:27:07.0734 0836 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:27:07.0890 0836 TapiSrv - ok
15:27:07.0921 0836 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:27:08.0015 0836 Tcpip - ok
15:27:08.0046 0836 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:27:08.0203 0836 TDPIPE - ok
15:27:08.0218 0836 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:27:08.0359 0836 TDTCP - ok
15:27:08.0390 0836 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:27:08.0531 0836 TermDD - ok
15:27:08.0562 0836 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
15:27:08.0718 0836 TermService - ok
15:27:08.0750 0836 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
15:27:08.0750 0836 Themes - ok
15:27:08.0796 0836 [ D8A96D0E25D43FDAC3BED09ADF39FDE9 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
15:27:09.0000 0836 timounter - ok
15:27:09.0046 0836 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:27:09.0109 0836 TlntSvr - ok
15:27:09.0140 0836 [ DF8444A8FA8FD38D8848BDD40A8403B3 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
15:27:09.0187 0836 tmcomm - ok
15:27:09.0218 0836 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
15:27:09.0265 0836 TosIde - ok
15:27:09.0296 0836 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:27:09.0437 0836 TrkWks - ok
15:27:09.0484 0836 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:27:09.0656 0836 Udfs - ok
15:27:09.0687 0836 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
15:27:09.0843 0836 ultra - ok
15:27:09.0875 0836 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:27:10.0046 0836 Update - ok
15:27:10.0078 0836 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:27:10.0218 0836 upnphost - ok
15:27:10.0250 0836 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
15:27:10.0421 0836 UPS - ok
15:27:10.0437 0836 [ B1C51A3CB466C0C4AFA54F0FA199F6B8 ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
15:27:10.0734 0836 UrlFilter - ok
15:27:10.0765 0836 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
15:27:11.0015 0836 USBAAPL - ok
15:27:11.0046 0836 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:27:11.0218 0836 usbccgp - ok
15:27:11.0218 0836 usbcm - ok
15:27:11.0234 0836 [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:27:11.0515 0836 usbehci - ok
15:27:11.0578 0836 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:27:11.0734 0836 usbhub - ok
15:27:11.0765 0836 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:27:11.0796 0836 usbprint - ok
15:27:11.0812 0836 [ F8EDE2B6928970DCE3D5614C27D9E7F6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:27:11.0984 0836 usbscan - ok
15:27:12.0000 0836 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:27:12.0031 0836 USBSTOR - ok
15:27:12.0046 0836 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:27:12.0203 0836 usbuhci - ok
15:27:12.0203 0836 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:27:12.0375 0836 VgaSave - ok
15:27:12.0390 0836 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:27:12.0546 0836 viaagp - ok
15:27:12.0578 0836 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
15:27:12.0718 0836 ViaIde - ok
15:27:12.0765 0836 [ 149EC3E217F9D11E9CA6C54CE3D70C73 ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
15:27:12.0953 0836 vididr - ok
15:27:12.0968 0836 [ E31E9CD40677B84B3ADAA7A0D80DC439 ] vidsflt53 C:\WINDOWS\system32\DRIVERS\vsflt53.sys
15:27:13.0156 0836 vidsflt53 - ok
15:27:13.0156 0836 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:27:13.0328 0836 VolSnap - ok
15:27:13.0359 0836 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
15:27:13.0546 0836 VSS - ok
15:27:13.0578 0836 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
15:27:13.0718 0836 w32time - ok
15:27:13.0765 0836 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:27:13.0828 0836 Wanarp - ok
15:27:13.0828 0836 wanatw - ok
15:27:13.0875 0836 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
15:27:14.0125 0836 WDC_SAM - ok
15:27:14.0125 0836 WDICA - ok
15:27:14.0156 0836 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:27:14.0328 0836 wdmaud - ok
15:27:14.0328 0836 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:27:14.0468 0836 WebClient - ok
15:27:14.0531 0836 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:27:14.0609 0836 winachsf - ok
15:27:14.0687 0836 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
15:27:14.0687 0836 WinDefend - ok
15:27:14.0750 0836 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:27:14.0796 0836 winmgmt - ok
15:27:14.0859 0836 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:27:15.0046 0836 WinRM - ok
15:27:15.0125 0836 [ BC3ECBCB40147BDAE3AD2FD0B4B346D8 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
15:27:15.0265 0836 WmBEnum - ok
15:27:15.0296 0836 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:27:15.0421 0836 WmdmPmSN - ok
15:27:15.0468 0836 [ 19F9881D8B3484FEDB605D0216876898 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
15:27:15.0609 0836 WmFilter - ok
15:27:15.0640 0836 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:27:15.0656 0836 Wmi - ok
15:27:15.0687 0836 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:27:15.0750 0836 WmiApSrv - ok
15:27:15.0812 0836 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:27:15.0890 0836 WMPNetworkSvc - ok
15:27:15.0921 0836 [ 7A51545A6409A25EEDBDBD97D019E8CC ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
15:27:16.0046 0836 WmVirHid - ok
15:27:16.0078 0836 [ 1F083B3BC73017E60C3CA85CF4A70753 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
15:27:16.0218 0836 WmXlCore - ok
15:27:16.0250 0836 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
15:27:16.0515 0836 WpdUsb - ok
15:27:16.0609 0836 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:27:16.0656 0836 WS2IFSL - ok
15:27:16.0687 0836 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:27:16.0828 0836 wscsvc - ok
15:27:16.0843 0836 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:27:17.0015 0836 wuauserv - ok
15:27:17.0031 0836 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:27:17.0093 0836 WudfPf - ok
15:27:17.0109 0836 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:27:17.0171 0836 WudfRd - ok
15:27:17.0187 0836 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:27:17.0250 0836 WudfSvc - ok
15:27:17.0281 0836 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:27:17.0437 0836 WZCSVC - ok
15:27:17.0468 0836 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:27:17.0671 0836 xmlprov - ok
15:27:17.0671 0836 ================ Scan global ===============================
15:27:17.0718 0836 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:27:17.0875 0836 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
15:27:18.0031 0836 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
15:27:18.0062 0836 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:27:18.0062 0836 [Global] - ok
15:27:18.0062 0836 ================ Scan MBR ==================================
15:27:18.0078 0836 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
15:27:18.0234 0836 \Device\Harddisk0\DR0 - ok
15:27:18.0234 0836 ================ Scan VBR ==================================
15:27:18.0234 0836 [ 23FB66AC9808F7118DDB9CE83F1BE91B ] \Device\Harddisk0\DR0\Partition1
15:27:18.0234 0836 \Device\Harddisk0\DR0\Partition1 - ok
15:27:18.0234 0836 ============================================================
15:27:18.0234 0836 Scan finished
15:27:18.0234 0836 ============================================================
15:27:18.0250 4844 Detected object count: 1
15:27:18.0250 4844 Actual detected object count: 1
15:28:07.0703 4844 C:\WINDOWS\system32\drivers\geyekrwdaulytl.sys - will be deleted on reboot
15:28:07.0703 4844 C:\WINDOWS\system32\geyekrxyunkoqc.dll - will be deleted on reboot
15:28:07.0703 4844 C:\WINDOWS\system32\geyekrdwivjaxl.dat - will be deleted on reboot
15:28:07.0703 4844 C:\WINDOWS\system32\geyekrtqktotxl.dll - will be deleted on reboot
15:28:07.0703 4844 C:\WINDOWS\system32\geyekriosfoonb.dat - will be deleted on reboot
15:28:07.0703 4844 HKLM\SYSTEM\ControlSet001\services\geyekrjacvpwrp - will be deleted on reboot
15:28:07.0703 4844 HKLM\SYSTEM\ControlSet002\services\geyekrjacvpwrp - will be deleted on reboot
15:28:07.0734 4844 C:\WINDOWS\system32\drivers\geyekrwdaulytl.sys - will be deleted on reboot
15:28:07.0734 4844 geyekrjacvpwrp ( Rootkit.Win32.TDSS.tdl2 ) - User select action: Delete
15:28:30.0515 3788 Deinitialize success
 
Go ahead and run TDSSkiller again, this time update it and select cure if any thing is found than post the log please

The files TDSSkiller found where part of a rootkit
 
When I open TDSSKILLER is prompts me to update... when selected, it opens a new window in Internet Explorer but no page opens, it just remains blank with nothing happening.....?
 
Found 0 threats

16:30:22.0736 2768 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:30:24.0736 2768 ============================================================
16:30:24.0736 2768 Current date / time: 2014/01/27 16:30:24.0736
16:30:24.0736 2768 SystemInfo:
16:30:24.0736 2768
16:30:24.0736 2768 OS Version: 5.1.2600 ServicePack: 3.0
16:30:24.0736 2768 Product type: Workstation
16:30:24.0736 2768 ComputerName: TOYBOX
16:30:24.0736 2768 UserName: Kevin
16:30:24.0736 2768 Windows directory: C:\WINDOWS
16:30:24.0736 2768 System windows directory: C:\WINDOWS
16:30:24.0736 2768 Processor architecture: Intel x86
16:30:24.0736 2768 Number of processors: 2
16:30:24.0736 2768 Page size: 0x1000
16:30:24.0736 2768 Boot type: Normal boot
16:30:24.0736 2768 ============================================================
16:30:24.0892 2768 BG loaded
16:30:25.0204 2768 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:30:25.0220 2768 ============================================================
16:30:25.0220 2768 \Device\Harddisk0\DR0:
16:30:25.0220 2768 MBR partitions:
16:30:25.0220 2768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33800, BlocksNum 0x390BC800
16:30:25.0220 2768 ============================================================
16:30:25.0251 2768 C: <-> \Device\Harddisk0\DR0\Partition1
16:30:25.0251 2768 ============================================================
16:30:25.0251 2768 Initialize success
16:30:25.0251 2768 ============================================================
16:31:53.0652 4272 ============================================================
16:31:53.0652 4272 Scan started
16:31:53.0652 4272 Mode: Manual;
16:31:53.0652 4272 ============================================================
16:31:53.0792 4272 ================ Scan system memory ========================
16:31:53.0808 4272 System memory - ok
16:31:53.0808 4272 ================ Scan services =============================
16:31:54.0449 4272 Abiosdsk - ok
16:31:54.0480 4272 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:31:54.0480 4272 abp480n5 - ok
16:31:54.0620 4272 ACDaemon - ok
16:31:54.0652 4272 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:31:54.0652 4272 ACPI - ok
16:31:54.0667 4272 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:31:54.0683 4272 ACPIEC - ok
16:31:54.0730 4272 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:54.0730 4272 AdobeFlashPlayerUpdateSvc - ok
16:31:54.0745 4272 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:31:54.0761 4272 adpu160m - ok
16:31:54.0917 4272 [ F5456293D2604BCE2BEC07FC6186A341 ] AdvancedSystemCareService7 C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCService.exe
16:31:54.0933 4272 AdvancedSystemCareService7 - ok
16:31:54.0949 4272 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:31:54.0949 4272 aec - ok
16:31:54.0995 4272 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:31:54.0995 4272 AFD - ok
16:31:55.0027 4272 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:31:55.0027 4272 agp440 - ok
16:31:55.0042 4272 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:31:55.0058 4272 agpCPQ - ok
16:31:55.0074 4272 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:31:55.0074 4272 Aha154x - ok
16:31:55.0089 4272 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:31:55.0089 4272 aic78u2 - ok
16:31:55.0105 4272 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:31:55.0105 4272 aic78xx - ok
16:31:55.0136 4272 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:31:55.0136 4272 Alerter - ok
16:31:55.0167 4272 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:31:55.0167 4272 ALG - ok
16:31:55.0167 4272 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:31:55.0167 4272 AliIde - ok
16:31:55.0199 4272 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:31:55.0199 4272 alim1541 - ok
16:31:55.0230 4272 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:31:55.0230 4272 amdagp - ok
16:31:55.0245 4272 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:31:55.0245 4272 amsint - ok
16:31:55.0292 4272 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
16:31:55.0308 4272 APC UPS Service - ok
16:31:55.0355 4272 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:31:55.0355 4272 Apple Mobile Device - ok
16:31:55.0386 4272 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:31:55.0386 4272 AppMgmt - ok
16:31:55.0417 4272 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:31:55.0417 4272 asc - ok
16:31:55.0433 4272 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:31:55.0433 4272 asc3350p - ok
16:31:55.0433 4272 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:31:55.0448 4272 asc3550 - ok
16:31:55.0495 4272 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
16:31:55.0495 4272 Aspi32 - ok
16:31:55.0589 4272 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:31:55.0605 4272 aspnet_state - ok
16:31:55.0636 4272 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:31:55.0636 4272 AsyncMac - ok
16:31:55.0652 4272 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:31:55.0652 4272 atapi - ok
16:31:55.0652 4272 Atdisk - ok
16:31:55.0667 4272 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:31:55.0683 4272 Ati HotKey Poller - ok
16:31:55.0745 4272 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:31:55.0761 4272 ati2mtag - ok
16:31:55.0808 4272 [ F9C24D25D9FF29F894995A64812B4D85 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
16:31:55.0808 4272 atksgt - ok
16:31:55.0839 4272 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:31:55.0855 4272 Atmarpc - ok
16:31:55.0902 4272 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:31:55.0902 4272 AudioSrv - ok
16:31:55.0917 4272 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:31:55.0917 4272 audstub - ok
16:31:55.0933 4272 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:31:55.0933 4272 Beep - ok
16:31:55.0964 4272 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:31:56.0011 4272 BITS - ok
16:31:56.0042 4272 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:31:56.0058 4272 Bonjour Service - ok
16:31:56.0105 4272 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
16:31:56.0105 4272 Browser - ok
16:31:56.0120 4272 bvrp_pci - ok
16:31:56.0167 4272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:31:56.0167 4272 cbidf - ok
16:31:56.0167 4272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:31:56.0167 4272 cbidf2k - ok
16:31:56.0183 4272 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:31:56.0183 4272 cd20xrnt - ok
16:31:56.0214 4272 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:31:56.0214 4272 Cdaudio - ok
16:31:56.0261 4272 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:31:56.0261 4272 Cdfs - ok
16:31:56.0308 4272 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:31:56.0308 4272 Cdrom - ok
16:31:56.0339 4272 [ D787C026F15BD8F762AB5829428FAA9C ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
16:31:56.0339 4272 cfwids - ok
16:31:56.0355 4272 Changer - ok
16:31:56.0386 4272 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:31:56.0386 4272 CiSvc - ok
16:31:56.0402 4272 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:31:56.0417 4272 ClipSrv - ok
16:31:56.0448 4272 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:56.0448 4272 clr_optimization_v2.0.50727_32 - ok
16:31:56.0480 4272 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:31:56.0480 4272 CmdIde - ok
16:31:56.0495 4272 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:31:56.0495 4272 Compbatt - ok
16:31:56.0511 4272 COMSysApp - ok
16:31:56.0558 4272 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:31:56.0558 4272 Cpqarray - ok
16:31:56.0573 4272 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:31:56.0589 4272 CryptSvc - ok
16:31:56.0620 4272 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:31:56.0636 4272 dac2w2k - ok
16:31:56.0652 4272 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:31:56.0652 4272 dac960nt - ok
16:31:56.0698 4272 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:31:56.0698 4272 DcomLaunch - ok
16:31:56.0714 4272 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:31:56.0714 4272 Dhcp - ok
16:31:56.0730 4272 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:31:56.0730 4272 Disk - ok
16:31:56.0792 4272 [ D8D58A84F3ECE3359DF95FD2E459B330 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
16:31:56.0792 4272 DLABOIOM - ok
16:31:56.0792 4272 [ EC6AE8BC9F773382D2EED49E4DFDAE2A ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
16:31:56.0808 4272 DLACDBHM - ok
16:31:56.0808 4272 [ 27C78078BD9C4F2DE2AD3EB04BFE101B ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
16:31:56.0808 4272 DLADResN - ok
16:31:56.0823 4272 [ 7F2D93E560B763EF5D11422D78DA8ED0 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
16:31:56.0823 4272 DLAIFS_M - ok
16:31:56.0823 4272 [ F643637DE6AAC57E38D197AA63D9EA74 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
16:31:56.0839 4272 DLAOPIOM - ok
16:31:56.0839 4272 [ 340705474807F57A46D59D18FC2959F1 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
16:31:56.0839 4272 DLAPoolM - ok
16:31:56.0855 4272 [ 0605B66052F82B6F07204DBDB61C13FF ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
16:31:56.0855 4272 DLARTL_N - ok
16:31:56.0855 4272 [ 6984EA763907C045CE813468882BC587 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
16:31:56.0855 4272 DLAUDFAM - ok
16:31:56.0870 4272 [ 12B30C449CFD36ADBED53EB6560933C6 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
16:31:56.0870 4272 DLAUDF_M - ok
16:31:56.0870 4272 dlcd_device - ok
16:31:56.0886 4272 dmadmin - ok
16:31:56.0917 4272 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:31:56.0933 4272 dmboot - ok
16:31:56.0933 4272 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:31:56.0933 4272 dmio - ok
16:31:56.0948 4272 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:31:56.0948 4272 dmload - ok
16:31:56.0980 4272 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:31:56.0995 4272 dmserver - ok
16:31:56.0995 4272 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:31:56.0995 4272 DMusic - ok
16:31:57.0058 4272 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:31:57.0058 4272 Dnscache - ok
16:31:57.0089 4272 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:31:57.0089 4272 Dot3svc - ok
16:31:57.0105 4272 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:31:57.0105 4272 dpti2o - ok
16:31:57.0136 4272 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:31:57.0136 4272 drmkaud - ok
16:31:57.0152 4272 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
16:31:57.0152 4272 DRVMCDB - ok
16:31:57.0167 4272 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
16:31:57.0167 4272 DRVNDDM - ok
16:31:57.0214 4272 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
16:31:57.0214 4272 DSBrokerService - ok
16:31:57.0245 4272 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
16:31:57.0245 4272 DSproct - ok
16:31:57.0292 4272 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
16:31:57.0292 4272 dsunidrv - ok
16:31:57.0323 4272 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:31:57.0323 4272 E100B - ok
16:31:57.0355 4272 [ D334D3052BDD61F8A5F0A59D31466BAC ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
16:31:57.0355 4272 e1express - ok
16:31:57.0401 4272 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:31:57.0401 4272 EapHost - ok
16:31:57.0448 4272 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
16:31:57.0464 4272 ehRecvr - ok
16:31:57.0464 4272 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
16:31:57.0464 4272 ehSched - ok
16:31:57.0511 4272 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys
16:31:57.0511 4272 ELacpi - ok
16:31:57.0526 4272 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys
16:31:57.0542 4272 ELhid - ok
16:31:57.0542 4272 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys
16:31:57.0542 4272 ELkbd - ok
16:31:57.0542 4272 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys
16:31:57.0558 4272 ELmon - ok
16:31:57.0558 4272 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys
16:31:57.0558 4272 ELmou - ok
16:31:57.0605 4272 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
16:31:57.0605 4272 ELService - ok
16:31:57.0636 4272 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:31:57.0636 4272 ERSvc - ok
16:31:57.0683 4272 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:31:57.0698 4272 Eventlog - ok
16:31:57.0714 4272 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\Es.dll
16:31:57.0714 4272 EventSystem - ok
16:31:57.0761 4272 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:31:57.0761 4272 Fastfat - ok
16:31:57.0808 4272 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:31:57.0823 4272 FastUserSwitchingCompatibility - ok
16:31:57.0839 4272 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:31:57.0855 4272 Fdc - ok
16:31:57.0980 4272 [ 9840396B26E424046AD335C98B3F16C3 ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
16:31:57.0995 4272 FileMonitor - ok
16:31:58.0026 4272 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:31:58.0042 4272 Fips - ok
16:31:58.0058 4272 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:31:58.0058 4272 Flpydisk - ok
16:31:58.0089 4272 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:31:58.0089 4272 FltMgr - ok
16:31:58.0167 4272 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:31:58.0167 4272 FontCache3.0.0.0 - ok
16:31:58.0183 4272 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:31:58.0183 4272 Fs_Rec - ok
16:31:58.0214 4272 [ B283F1BC1FF852BD232449A4B3E3CE63 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
16:31:58.0230 4272 FTDIBUS - ok
16:31:58.0245 4272 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:31:58.0245 4272 Ftdisk - ok
16:31:58.0292 4272 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:31:58.0292 4272 Gpc - ok
16:31:58.0308 4272 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:31:58.0308 4272 HDAudBus - ok
16:31:58.0370 4272 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:31:58.0370 4272 helpsvc - ok
16:31:58.0401 4272 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
16:31:58.0401 4272 HidBatt - ok
16:31:58.0433 4272 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:31:58.0433 4272 HidServ - ok
16:31:58.0448 4272 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:31:58.0448 4272 HidUsb - ok
16:31:58.0511 4272 [ 156765F692192EA9039A6C4A809312FD ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
16:31:58.0511 4272 HipShieldK - ok
16:31:58.0542 4272 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:31:58.0558 4272 hkmsvc - ok
16:31:58.0667 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
16:31:58.0667 4272 HomeNetSvc - ok
16:31:58.0683 4272 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:31:58.0698 4272 hpn - ok
16:31:58.0730 4272 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
16:31:58.0730 4272 HSFHWBS2 - ok
16:31:58.0745 4272 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
16:31:58.0761 4272 HSF_DP - ok
16:31:58.0808 4272 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:31:58.0808 4272 HTTP - ok
16:31:58.0855 4272 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:31:58.0855 4272 HTTPFilter - ok
16:31:58.0870 4272 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:31:58.0886 4272 i2omgmt - ok
16:31:58.0901 4272 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:31:58.0901 4272 i2omp - ok
16:31:58.0917 4272 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:31:58.0917 4272 i8042prt - ok
16:31:58.0964 4272 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
16:31:58.0964 4272 IAANTMon - ok
16:31:58.0995 4272 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
16:31:58.0995 4272 iastor - ok
16:31:59.0073 4272 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:31:59.0073 4272 IDriverT - ok
16:31:59.0136 4272 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:31:59.0151 4272 idsvc - ok
16:31:59.0198 4272 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:31:59.0198 4272 Imapi - ok
16:31:59.0245 4272 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:31:59.0245 4272 ImapiService - ok
16:31:59.0276 4272 [ EAEA4B0005869A4ABE6070BD364143B7 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
16:31:59.0276 4272 IMFservice - ok
16:31:59.0308 4272 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:31:59.0308 4272 ini910u - ok
16:31:59.0323 4272 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:31:59.0323 4272 IntelIde - ok
16:31:59.0354 4272 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:31:59.0370 4272 intelppm - ok
16:31:59.0386 4272 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:31:59.0386 4272 Ip6Fw - ok
16:31:59.0417 4272 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:31:59.0417 4272 IpFilterDriver - ok
16:31:59.0433 4272 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:31:59.0433 4272 IpInIp - ok
16:31:59.0464 4272 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:31:59.0464 4272 IpNat - ok
16:31:59.0479 4272 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:31:59.0495 4272 IPSec - ok
16:31:59.0511 4272 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:31:59.0526 4272 IRENUM - ok
16:31:59.0558 4272 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:31:59.0558 4272 isapnp - ok
16:31:59.0589 4272 [ 4AC11B2250106774F694DF2DB4FFED61 ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
16:31:59.0604 4272 Iviaspi - ok
16:31:59.0651 4272 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
16:31:59.0651 4272 JavaQuickStarterService - ok
16:31:59.0667 4272 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:31:59.0667 4272 Kbdclass - ok
16:31:59.0683 4272 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:31:59.0683 4272 kbdhid - ok
16:31:59.0729 4272 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:31:59.0729 4272 kmixer - ok
16:31:59.0745 4272 KodakCCS - ok
16:31:59.0761 4272 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:31:59.0776 4272 KSecDD - ok
16:31:59.0808 4272 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:31:59.0808 4272 lanmanserver - ok
16:31:59.0839 4272 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:31:59.0854 4272 lanmanworkstation - ok
16:31:59.0854 4272 lbrtfdc - ok
16:31:59.0886 4272 [ AC05A1B5C66D693B1598FD83617D1820 ] LHidUsb C:\WINDOWS\system32\Drivers\LHidUsb.Sys
16:31:59.0901 4272 LHidUsb - ok
16:31:59.0917 4272 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
16:31:59.0917 4272 lirsgt - ok
16:31:59.0964 4272 [ 935E2093CEED8198C820B7F60BB63167 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
16:31:59.0979 4272 LiveUpdateSvc - ok
16:32:00.0026 4272 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:32:00.0026 4272 LmHosts - ok
16:32:00.0104 4272 [ 5467B4D77044E4FF56E8FEB9D2F6FE5A ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
16:32:00.0120 4272 McAPExe - ok
16:32:00.0136 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcbootdelaystartsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0136 4272 mcbootdelaystartsvc - ok
16:32:00.0151 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
16:32:00.0151 4272 McMPFSvc - ok
16:32:00.0151 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0151 4272 McNaiAnn - ok
16:32:00.0214 4272 [ 3A01047FFF666D33EBDE3513D20DA1F5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
16:32:00.0214 4272 McODS - ok
16:32:00.0229 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0229 4272 mcpltsvc - ok
16:32:00.0229 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0229 4272 McProxy - ok
16:32:00.0292 4272 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
16:32:00.0292 4272 McrdSvc - ok
16:32:00.0354 4272 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:32:00.0354 4272 MDM - ok
16:32:00.0370 4272 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:32:00.0370 4272 mdmxsdk - ok
16:32:00.0401 4272 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:32:00.0401 4272 Messenger - ok
16:32:00.0448 4272 [ 75A2B9F70B77AA3DB15E96BDAAE484A2 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
16:32:00.0448 4272 mfeapfk - ok
16:32:00.0464 4272 [ 070850EFFC731B4A22FB7DDEAD41B943 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
16:32:00.0464 4272 mfeavfk - ok
16:32:00.0479 4272 [ FC28E41FE9D4F3283FB41717C0BF0109 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
16:32:00.0495 4272 mfebopk - ok
16:32:00.0542 4272 [ A507872B611576AF33BCF473231391F9 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
16:32:00.0542 4272 mfecore - ok
16:32:00.0589 4272 [ 7A9F90099CBF6FA6D4011E10F36EF0C7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:32:00.0589 4272 mfefire - ok
16:32:00.0604 4272 [ 768AA2C44C589EA27E80E4EC05BD5F76 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
16:32:00.0620 4272 mfefirek - ok
16:32:00.0667 4272 [ 24E6ABD47FD50FC187FFC3583A14F339 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
16:32:00.0683 4272 mfehidk - ok
16:32:00.0698 4272 [ 286C46ADBF17272A479C91116FA50524 ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
16:32:00.0714 4272 mfencbdc - ok
16:32:00.0745 4272 [ 0C9EA2919A7EB871FF9BAFB3A11C145E ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
16:32:00.0745 4272 mfencrk - ok
16:32:00.0745 4272 [ B475C9545475B44EA23CE22119149440 ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:32:00.0761 4272 mfendisk - ok
16:32:00.0761 4272 [ B475C9545475B44EA23CE22119149440 ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:32:00.0761 4272 mfendiskmp - ok
16:32:00.0776 4272 [ E487B1ABF6B4E17AEE023022FA927841 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
16:32:00.0776 4272 mfetdi2k - ok
16:32:00.0792 4272 [ A1262E7DC2394EA04AB97D48752F7332 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
16:32:00.0792 4272 mfevtp - ok
16:32:00.0823 4272 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
16:32:00.0823 4272 MHN - ok
16:32:00.0839 4272 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
16:32:00.0839 4272 MHNDRV - ok
16:32:00.0870 4272 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:32:00.0886 4272 mnmdd - ok
16:32:00.0901 4272 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:32:00.0917 4272 mnmsrvc - ok
16:32:00.0933 4272 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:32:00.0933 4272 Modem - ok
16:32:00.0948 4272 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
16:32:00.0964 4272 MODEMCSA - ok
16:32:00.0964 4272 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:32:00.0964 4272 Mouclass - ok
16:32:01.0011 4272 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:32:01.0011 4272 mouhid - ok
16:32:01.0026 4272 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:32:01.0026 4272 MountMgr - ok
16:32:01.0058 4272 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:32:01.0058 4272 MozillaMaintenance - ok
16:32:01.0089 4272 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:32:01.0089 4272 mraid35x - ok
16:32:01.0104 4272 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:32:01.0120 4272 MRxDAV - ok
16:32:01.0167 4272 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:32:01.0183 4272 MRxSmb - ok
16:32:01.0214 4272 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:32:01.0214 4272 MSDTC - ok
16:32:01.0229 4272 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:32:01.0229 4272 Msfs - ok
16:32:01.0229 4272 MSIServer - ok
16:32:01.0276 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
16:32:01.0276 4272 MSK80Service - ok
16:32:01.0307 4272 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:32:01.0307 4272 MSKSSRV - ok
16:32:01.0339 4272 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:32:01.0339 4272 MSPCLOCK - ok
16:32:01.0354 4272 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:32:01.0354 4272 MSPQM - ok
16:32:01.0386 4272 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:32:01.0386 4272 mssmbios - ok
16:32:01.0432 4272 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:32:01.0432 4272 Mup - ok
16:32:01.0464 4272 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:32:01.0479 4272 napagent - ok
16:32:01.0479 4272 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:32:01.0479 4272 NDIS - ok
16:32:01.0526 4272 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:32:01.0526 4272 NdisTapi - ok
16:32:01.0542 4272 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:32:01.0542 4272 Ndisuio - ok
16:32:01.0542 4272 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:32:01.0542 4272 NdisWan - ok
16:32:01.0573 4272 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:32:01.0573 4272 NDProxy - ok
16:32:01.0573 4272 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:32:01.0589 4272 NetBIOS - ok
16:32:01.0604 4272 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:32:01.0620 4272 NetBT - ok
16:32:01.0636 4272 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:32:01.0651 4272 NetDDE - ok
16:32:01.0651 4272 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:32:01.0651 4272 NetDDEdsdm - ok
16:32:01.0682 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:32:01.0682 4272 Netlogon - ok
16:32:01.0698 4272 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:32:01.0698 4272 Netman - ok
16:32:01.0776 4272 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
16:32:01.0792 4272 NetSvc - ok
16:32:01.0807 4272 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:01.0823 4272 NetTcpPortSharing - ok
16:32:01.0854 4272 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:32:01.0854 4272 Nla - ok
16:32:01.0870 4272 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:32:01.0886 4272 Npfs - ok
16:32:01.0901 4272 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:32:01.0901 4272 Ntfs - ok
16:32:01.0932 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:32:01.0932 4272 NtLmSsp - ok
16:32:01.0964 4272 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:32:01.0964 4272 NtmsSvc - ok
16:32:01.0995 4272 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:32:01.0995 4272 Null - ok
16:32:02.0042 4272 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:32:02.0073 4272 nv - ok
16:32:02.0089 4272 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:32:02.0089 4272 NwlnkFlt - ok
16:32:02.0120 4272 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:32:02.0120 4272 NwlnkFwd - ok
16:32:02.0151 4272 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:02.0151 4272 ose - ok
16:32:02.0198 4272 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:32:02.0198 4272 Parport - ok
16:32:02.0229 4272 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:32:02.0229 4272 PartMgr - ok
16:32:02.0276 4272 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:32:02.0276 4272 ParVdm - ok
16:32:02.0276 4272 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:32:02.0292 4272 PCI - ok
16:32:02.0292 4272 PCIDump - ok
16:32:02.0307 4272 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:32:02.0307 4272 PCIIde - ok
16:32:02.0339 4272 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:32:02.0339 4272 Pcmcia - ok
16:32:02.0386 4272 [ C3224A794B4FE2F6D0D5434A9FCAD26D ] Pcouffin C:\WINDOWS\system32\Drivers\Pcouffin.sys
16:32:02.0386 4272 Pcouffin - ok
16:32:02.0386 4272 PDCOMP - ok
16:32:02.0401 4272 PDFRAME - ok
16:32:02.0401 4272 PDRELI - ok
16:32:02.0417 4272 PDRFRAME - ok
16:32:02.0448 4272 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:32:02.0448 4272 perc2 - ok
16:32:02.0464 4272 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:32:02.0464 4272 perc2hib - ok
16:32:02.0620 4272 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
16:32:02.0620 4272 PEVSystemStart - ok
16:32:02.0636 4272 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:32:02.0651 4272 PlugPlay - ok
16:32:02.0651 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:32:02.0651 4272 PolicyAgent - ok
16:32:02.0682 4272 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:32:02.0698 4272 PptpMiniport - ok
16:32:02.0698 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:32:02.0698 4272 ProtectedStorage - ok
16:32:02.0714 4272 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:32:02.0714 4272 PSched - ok
16:32:02.0745 4272 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:32:02.0745 4272 Ptilink - ok
16:32:02.0776 4272 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:32:02.0792 4272 ql1080 - ok
16:32:02.0807 4272 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:32:02.0823 4272 Ql10wnt - ok
16:32:02.0839 4272 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:32:02.0839 4272 ql12160 - ok
16:32:02.0854 4272 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:32:02.0854 4272 ql1240 - ok
16:32:02.0870 4272 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:32:02.0870 4272 ql1280 - ok
16:32:02.0901 4272 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:32:02.0901 4272 RasAcd - ok
16:32:02.0964 4272 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:32:02.0964 4272 RasAuto - ok
16:32:02.0979 4272 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:32:02.0995 4272 Rasl2tp - ok
16:32:03.0042 4272 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:32:03.0042 4272 RasMan - ok
16:32:03.0042 4272 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:32:03.0057 4272 RasPppoe - ok
16:32:03.0057 4272 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:32:03.0057 4272 Raspti - ok
16:32:03.0073 4272 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:32:03.0073 4272 Rdbss - ok
16:32:03.0089 4272 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:32:03.0089 4272 RDPCDD - ok
16:32:03.0120 4272 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:32:03.0120 4272 rdpdr - ok
16:32:03.0167 4272 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:32:03.0182 4272 RDPWD - ok
16:32:03.0198 4272 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:32:03.0198 4272 RDSessMgr - ok
16:32:03.0245 4272 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:32:03.0245 4272 redbook - ok
16:32:03.0292 4272 [ 69AA6AF470BA8D8CE13FA45DE0D49C1C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
16:32:03.0292 4272 RegFilter - ok
16:32:03.0323 4272 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:32:03.0339 4272 RemoteAccess - ok
16:32:03.0370 4272 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:32:03.0370 4272 RemoteRegistry - ok
16:32:03.0385 4272 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:32:03.0385 4272 RpcLocator - ok
16:32:03.0464 4272 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:32:03.0464 4272 RpcSs - ok
16:32:03.0495 4272 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:32:03.0495 4272 RSVP - ok
16:32:03.0542 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:32:03.0542 4272 SamSs - ok
16:32:03.0542 4272 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:32:03.0557 4272 SCardSvr - ok
16:32:03.0589 4272 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:32:03.0589 4272 Schedule - ok
16:32:03.0635 4272 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:32:03.0635 4272 Secdrv - ok
16:32:03.0667 4272 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:32:03.0667 4272 seclogon - ok
16:32:03.0745 4272 [ CA9C2939BDFC5B77D73E3B07C8805C59 ] SecureUpdateSvc C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
16:32:03.0760 4272 SecureUpdateSvc - ok
16:32:03.0776 4272 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:32:03.0776 4272 SENS - ok
16:32:03.0807 4272 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:32:03.0807 4272 serenum - ok
16:32:03.0823 4272 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:32:03.0823 4272 Serial - ok
16:32:03.0854 4272 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:32:03.0854 4272 Sfloppy - ok
16:32:03.0917 4272 [ C950D0381B42A54541CD55ADCCF3D75B ] SgtSch2Svc C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
16:32:03.0917 4272 SgtSch2Svc - ok
16:32:03.0948 4272 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:32:03.0964 4272 SharedAccess - ok
16:32:03.0979 4272 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:32:03.0979 4272 ShellHWDetection - ok
16:32:03.0979 4272 Simbad - ok
16:32:04.0010 4272 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:32:04.0010 4272 sisagp - ok
16:32:04.0057 4272 [ 98B44C15B4EED76AA8DCCB64A4CA11AF ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
16:32:04.0057 4272 snapman - ok
16:32:04.0089 4272 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:32:04.0104 4272 Sparrow - ok
16:32:04.0120 4272 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:32:04.0120 4272 splitter - ok
16:32:04.0167 4272 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:32:04.0167 4272 Spooler - ok
16:32:04.0167 4272 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:32:04.0182 4272 sr - ok
16:32:04.0198 4272 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:32:04.0198 4272 srservice - ok
16:32:04.0229 4272 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:32:04.0229 4272 Srv - ok
16:32:04.0260 4272 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:32:04.0276 4272 SSDPSRV - ok
16:32:04.0323 4272 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
16:32:04.0339 4272 STHDA - ok
16:32:04.0385 4272 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
16:32:04.0385 4272 StillCam - ok
16:32:04.0432 4272 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:32:04.0432 4272 stisvc - ok
16:32:04.0448 4272 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:32:04.0464 4272 swenum - ok
16:32:04.0479 4272 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:32:04.0479 4272 swmidi - ok
16:32:04.0479 4272 SwPrv - ok
16:32:04.0526 4272 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:32:04.0526 4272 symc810 - ok
16:32:04.0542 4272 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:32:04.0542 4272 symc8xx - ok
16:32:04.0557 4272 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:32:04.0573 4272 sym_hi - ok
16:32:04.0573 4272 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:32:04.0589 4272 sym_u3 - ok
16:32:04.0620 4272 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:32:04.0620 4272 sysaudio - ok
16:32:04.0635 4272 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:32:04.0651 4272 SysmonLog - ok
16:32:04.0651 4272 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:32:04.0667 4272 TapiSrv - ok
16:32:04.0698 4272 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:32:04.0714 4272 Tcpip - ok
16:32:04.0760 4272 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:32:04.0760 4272 TDPIPE - ok
16:32:04.0792 4272 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:32:04.0792 4272 TDTCP - ok
16:32:04.0823 4272 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:32:04.0839 4272 TermDD - ok
16:32:04.0854 4272 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:32:04.0854 4272 TermService - ok
16:32:04.0870 4272 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:32:04.0870 4272 Themes - ok
16:32:04.0917 4272 [ D8A96D0E25D43FDAC3BED09ADF39FDE9 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
16:32:04.0932 4272 timounter - ok
16:32:04.0964 4272 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:32:04.0979 4272 TlntSvr - ok
16:32:05.0010 4272 [ DF8444A8FA8FD38D8848BDD40A8403B3 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
16:32:05.0010 4272 tmcomm - ok
16:32:05.0026 4272 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:32:05.0042 4272 TosIde - ok
16:32:05.0073 4272 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:32:05.0089 4272 TrkWks - ok
16:32:05.0104 4272 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:32:05.0104 4272 Udfs - ok
16:32:05.0135 4272 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:32:05.0135 4272 ultra - ok
16:32:05.0182 4272 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:32:05.0182 4272 Update - ok
16:32:05.0213 4272 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:32:05.0213 4272 upnphost - ok
16:32:05.0260 4272 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:32:05.0260 4272 UPS - ok
16:32:05.0292 4272 [ B1C51A3CB466C0C4AFA54F0FA199F6B8 ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
16:32:05.0292 4272 UrlFilter - ok
16:32:05.0338 4272 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
16:32:05.0338 4272 USBAAPL - ok
16:32:05.0370 4272 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:32:05.0385 4272 usbccgp - ok
16:32:05.0401 4272 usbcm - ok
16:32:05.0432 4272 [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:32:05.0432 4272 usbehci - ok
16:32:05.0448 4272 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:32:05.0448 4272 usbhub - ok
16:32:05.0463 4272 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:32:05.0463 4272 usbprint - ok
16:32:05.0495 4272 [ F8EDE2B6928970DCE3D5614C27D9E7F6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:32:05.0495 4272 usbscan - ok
16:32:05.0510 4272 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:32:05.0510 4272 USBSTOR - ok
16:32:05.0542 4272 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:32:05.0542 4272 usbuhci - ok
16:32:05.0542 4272 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:32:05.0557 4272 VgaSave - ok
16:32:05.0588 4272 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:32:05.0588 4272 viaagp - ok
16:32:05.0604 4272 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:32:05.0604 4272 ViaIde - ok
16:32:05.0651 4272 [ 149EC3E217F9D11E9CA6C54CE3D70C73 ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
16:32:05.0651 4272 vididr - ok
16:32:05.0682 4272 [ E31E9CD40677B84B3ADAA7A0D80DC439 ] vidsflt53 C:\WINDOWS\system32\DRIVERS\vsflt53.sys
16:32:05.0682 4272 vidsflt53 - ok
16:32:05.0698 4272 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:32:05.0698 4272 VolSnap - ok
16:32:05.0729 4272 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:32:05.0745 4272 VSS - ok
16:32:05.0760 4272 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
16:32:05.0776 4272 w32time - ok
16:32:05.0823 4272 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:32:05.0823 4272 Wanarp - ok
16:32:05.0838 4272 wanatw - ok
16:32:05.0870 4272 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
16:32:05.0870 4272 WDC_SAM - ok
16:32:05.0885 4272 WDICA - ok
16:32:05.0901 4272 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:32:05.0901 4272 wdmaud - ok
16:32:05.0917 4272 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:32:05.0932 4272 WebClient - ok
16:32:05.0995 4272 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:32:05.0995 4272 winachsf - ok
16:32:06.0073 4272 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
16:32:06.0073 4272 WinDefend - ok
16:32:06.0135 4272 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:32:06.0151 4272 winmgmt - ok
16:32:06.0213 4272 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:32:06.0229 4272 WinRM - ok
16:32:06.0323 4272 [ BC3ECBCB40147BDAE3AD2FD0B4B346D8 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
16:32:06.0323 4272 WmBEnum - ok
16:32:06.0354 4272 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:32:06.0354 4272 WmdmPmSN - ok
16:32:06.0370 4272 [ 19F9881D8B3484FEDB605D0216876898 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
16:32:06.0370 4272 WmFilter - ok
16:32:06.0417 4272 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:32:06.0417 4272 Wmi - ok
16:32:06.0463 4272 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:32:06.0463 4272 WmiApSrv - ok
16:32:06.0526 4272 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:32:06.0542 4272 WMPNetworkSvc - ok
16:32:06.0557 4272 [ 7A51545A6409A25EEDBDBD97D019E8CC ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
16:32:06.0573 4272 WmVirHid - ok
16:32:06.0604 4272 [ 1F083B3BC73017E60C3CA85CF4A70753 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
16:32:06.0604 4272 WmXlCore - ok
16:32:06.0635 4272 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
16:32:06.0651 4272 WpdUsb - ok
16:32:06.0682 4272 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:32:06.0698 4272 WS2IFSL - ok
16:32:06.0729 4272 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:32:06.0729 4272 wscsvc - ok
16:32:06.0760 4272 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:32:06.0792 4272 wuauserv - ok
16:32:06.0823 4272 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:32:06.0838 4272 WudfPf - ok
16:32:06.0854 4272 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:32:06.0870 4272 WudfRd - ok
16:32:06.0885 4272 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:32:06.0901 4272 WudfSvc - ok
16:32:06.0948 4272 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:32:06.0948 4272 WZCSVC - ok
16:32:06.0979 4272 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:32:07.0042 4272 xmlprov - ok
16:32:07.0057 4272 ================ Scan global ===============================
16:32:07.0088 4272 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:32:07.0104 4272 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:32:07.0151 4272 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:32:07.0166 4272 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:32:07.0166 4272 [Global] - ok
16:32:07.0182 4272 ================ Scan MBR ==================================
16:32:07.0198 4272 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
16:32:07.0354 4272 \Device\Harddisk0\DR0 - ok
16:32:07.0354 4272 ================ Scan VBR ==================================
16:32:07.0354 4272 [ 23FB66AC9808F7118DDB9CE83F1BE91B ] \Device\Harddisk0\DR0\Partition1
16:32:07.0354 4272 \Device\Harddisk0\DR0\Partition1 - ok
16:32:07.0354 4272 ============================================================
16:32:07.0354 4272 Scan finished
16:32:07.0354 4272 ============================================================
16:32:07.0370 5704 Detected object count: 0
16:32:07.0370 5704 Actual detected object count: 0
 
Found 0 threats

16:30:22.0736 2768 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:30:24.0736 2768 ============================================================
16:30:24.0736 2768 Current date / time: 2014/01/27 16:30:24.0736
16:30:24.0736 2768 SystemInfo:
16:30:24.0736 2768
16:30:24.0736 2768 OS Version: 5.1.2600 ServicePack: 3.0
16:30:24.0736 2768 Product type: Workstation
16:30:24.0736 2768 ComputerName: TOYBOX
16:30:24.0736 2768 UserName: Kevin
16:30:24.0736 2768 Windows directory: C:\WINDOWS
16:30:24.0736 2768 System windows directory: C:\WINDOWS
16:30:24.0736 2768 Processor architecture: Intel x86
16:30:24.0736 2768 Number of processors: 2
16:30:24.0736 2768 Page size: 0x1000
16:30:24.0736 2768 Boot type: Normal boot
16:30:24.0736 2768 ============================================================
16:30:24.0892 2768 BG loaded
16:30:25.0204 2768 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:30:25.0220 2768 ============================================================
16:30:25.0220 2768 \Device\Harddisk0\DR0:
16:30:25.0220 2768 MBR partitions:
16:30:25.0220 2768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x33800, BlocksNum 0x390BC800
16:30:25.0220 2768 ============================================================
16:30:25.0251 2768 C: <-> \Device\Harddisk0\DR0\Partition1
16:30:25.0251 2768 ============================================================
16:30:25.0251 2768 Initialize success
16:30:25.0251 2768 ============================================================
16:31:53.0652 4272 ============================================================
16:31:53.0652 4272 Scan started
16:31:53.0652 4272 Mode: Manual;
16:31:53.0652 4272 ============================================================
16:31:53.0792 4272 ================ Scan system memory ========================
16:31:53.0808 4272 System memory - ok
16:31:53.0808 4272 ================ Scan services =============================
16:31:54.0449 4272 Abiosdsk - ok
16:31:54.0480 4272 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:31:54.0480 4272 abp480n5 - ok
16:31:54.0620 4272 ACDaemon - ok
16:31:54.0652 4272 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:31:54.0652 4272 ACPI - ok
16:31:54.0667 4272 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:31:54.0683 4272 ACPIEC - ok
16:31:54.0730 4272 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:54.0730 4272 AdobeFlashPlayerUpdateSvc - ok
16:31:54.0745 4272 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:31:54.0761 4272 adpu160m - ok
16:31:54.0917 4272 [ F5456293D2604BCE2BEC07FC6186A341 ] AdvancedSystemCareService7 C:\Documents and Settings\Kevin\My Documents\Downloads\Advanced SystemCare 7\ASCService.exe
16:31:54.0933 4272 AdvancedSystemCareService7 - ok
16:31:54.0949 4272 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:31:54.0949 4272 aec - ok
16:31:54.0995 4272 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:31:54.0995 4272 AFD - ok
16:31:55.0027 4272 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:31:55.0027 4272 agp440 - ok
16:31:55.0042 4272 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:31:55.0058 4272 agpCPQ - ok
16:31:55.0074 4272 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:31:55.0074 4272 Aha154x - ok
16:31:55.0089 4272 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:31:55.0089 4272 aic78u2 - ok
16:31:55.0105 4272 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:31:55.0105 4272 aic78xx - ok
16:31:55.0136 4272 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:31:55.0136 4272 Alerter - ok
16:31:55.0167 4272 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:31:55.0167 4272 ALG - ok
16:31:55.0167 4272 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:31:55.0167 4272 AliIde - ok
16:31:55.0199 4272 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:31:55.0199 4272 alim1541 - ok
16:31:55.0230 4272 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:31:55.0230 4272 amdagp - ok
16:31:55.0245 4272 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:31:55.0245 4272 amsint - ok
16:31:55.0292 4272 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
16:31:55.0308 4272 APC UPS Service - ok
16:31:55.0355 4272 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:31:55.0355 4272 Apple Mobile Device - ok
16:31:55.0386 4272 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:31:55.0386 4272 AppMgmt - ok
16:31:55.0417 4272 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:31:55.0417 4272 asc - ok
16:31:55.0433 4272 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:31:55.0433 4272 asc3350p - ok
16:31:55.0433 4272 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:31:55.0448 4272 asc3550 - ok
16:31:55.0495 4272 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
16:31:55.0495 4272 Aspi32 - ok
16:31:55.0589 4272 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:31:55.0605 4272 aspnet_state - ok
16:31:55.0636 4272 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:31:55.0636 4272 AsyncMac - ok
16:31:55.0652 4272 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:31:55.0652 4272 atapi - ok
16:31:55.0652 4272 Atdisk - ok
16:31:55.0667 4272 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:31:55.0683 4272 Ati HotKey Poller - ok
16:31:55.0745 4272 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:31:55.0761 4272 ati2mtag - ok
16:31:55.0808 4272 [ F9C24D25D9FF29F894995A64812B4D85 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
16:31:55.0808 4272 atksgt - ok
16:31:55.0839 4272 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:31:55.0855 4272 Atmarpc - ok
16:31:55.0902 4272 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:31:55.0902 4272 AudioSrv - ok
16:31:55.0917 4272 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:31:55.0917 4272 audstub - ok
16:31:55.0933 4272 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:31:55.0933 4272 Beep - ok
16:31:55.0964 4272 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:31:56.0011 4272 BITS - ok
16:31:56.0042 4272 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:31:56.0058 4272 Bonjour Service - ok
16:31:56.0105 4272 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
16:31:56.0105 4272 Browser - ok
16:31:56.0120 4272 bvrp_pci - ok
16:31:56.0167 4272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:31:56.0167 4272 cbidf - ok
16:31:56.0167 4272 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:31:56.0167 4272 cbidf2k - ok
16:31:56.0183 4272 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:31:56.0183 4272 cd20xrnt - ok
16:31:56.0214 4272 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:31:56.0214 4272 Cdaudio - ok
16:31:56.0261 4272 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:31:56.0261 4272 Cdfs - ok
16:31:56.0308 4272 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:31:56.0308 4272 Cdrom - ok
16:31:56.0339 4272 [ D787C026F15BD8F762AB5829428FAA9C ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
16:31:56.0339 4272 cfwids - ok
16:31:56.0355 4272 Changer - ok
16:31:56.0386 4272 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:31:56.0386 4272 CiSvc - ok
16:31:56.0402 4272 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:31:56.0417 4272 ClipSrv - ok
16:31:56.0448 4272 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:56.0448 4272 clr_optimization_v2.0.50727_32 - ok
16:31:56.0480 4272 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:31:56.0480 4272 CmdIde - ok
16:31:56.0495 4272 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:31:56.0495 4272 Compbatt - ok
16:31:56.0511 4272 COMSysApp - ok
16:31:56.0558 4272 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:31:56.0558 4272 Cpqarray - ok
16:31:56.0573 4272 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:31:56.0589 4272 CryptSvc - ok
16:31:56.0620 4272 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:31:56.0636 4272 dac2w2k - ok
16:31:56.0652 4272 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:31:56.0652 4272 dac960nt - ok
16:31:56.0698 4272 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:31:56.0698 4272 DcomLaunch - ok
16:31:56.0714 4272 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:31:56.0714 4272 Dhcp - ok
16:31:56.0730 4272 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:31:56.0730 4272 Disk - ok
16:31:56.0792 4272 [ D8D58A84F3ECE3359DF95FD2E459B330 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
16:31:56.0792 4272 DLABOIOM - ok
16:31:56.0792 4272 [ EC6AE8BC9F773382D2EED49E4DFDAE2A ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
16:31:56.0808 4272 DLACDBHM - ok
16:31:56.0808 4272 [ 27C78078BD9C4F2DE2AD3EB04BFE101B ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
16:31:56.0808 4272 DLADResN - ok
16:31:56.0823 4272 [ 7F2D93E560B763EF5D11422D78DA8ED0 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
16:31:56.0823 4272 DLAIFS_M - ok
16:31:56.0823 4272 [ F643637DE6AAC57E38D197AA63D9EA74 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
16:31:56.0839 4272 DLAOPIOM - ok
16:31:56.0839 4272 [ 340705474807F57A46D59D18FC2959F1 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
16:31:56.0839 4272 DLAPoolM - ok
16:31:56.0855 4272 [ 0605B66052F82B6F07204DBDB61C13FF ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
16:31:56.0855 4272 DLARTL_N - ok
16:31:56.0855 4272 [ 6984EA763907C045CE813468882BC587 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
16:31:56.0855 4272 DLAUDFAM - ok
16:31:56.0870 4272 [ 12B30C449CFD36ADBED53EB6560933C6 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
16:31:56.0870 4272 DLAUDF_M - ok
16:31:56.0870 4272 dlcd_device - ok
16:31:56.0886 4272 dmadmin - ok
16:31:56.0917 4272 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:31:56.0933 4272 dmboot - ok
16:31:56.0933 4272 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:31:56.0933 4272 dmio - ok
16:31:56.0948 4272 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:31:56.0948 4272 dmload - ok
16:31:56.0980 4272 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:31:56.0995 4272 dmserver - ok
16:31:56.0995 4272 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:31:56.0995 4272 DMusic - ok
16:31:57.0058 4272 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:31:57.0058 4272 Dnscache - ok
16:31:57.0089 4272 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:31:57.0089 4272 Dot3svc - ok
16:31:57.0105 4272 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:31:57.0105 4272 dpti2o - ok
16:31:57.0136 4272 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:31:57.0136 4272 drmkaud - ok
16:31:57.0152 4272 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
16:31:57.0152 4272 DRVMCDB - ok
16:31:57.0167 4272 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
16:31:57.0167 4272 DRVNDDM - ok
16:31:57.0214 4272 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
16:31:57.0214 4272 DSBrokerService - ok
16:31:57.0245 4272 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
16:31:57.0245 4272 DSproct - ok
16:31:57.0292 4272 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
16:31:57.0292 4272 dsunidrv - ok
16:31:57.0323 4272 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:31:57.0323 4272 E100B - ok
16:31:57.0355 4272 [ D334D3052BDD61F8A5F0A59D31466BAC ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
16:31:57.0355 4272 e1express - ok
16:31:57.0401 4272 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:31:57.0401 4272 EapHost - ok
16:31:57.0448 4272 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
16:31:57.0464 4272 ehRecvr - ok
16:31:57.0464 4272 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
16:31:57.0464 4272 ehSched - ok
16:31:57.0511 4272 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys
16:31:57.0511 4272 ELacpi - ok
16:31:57.0526 4272 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys
16:31:57.0542 4272 ELhid - ok
16:31:57.0542 4272 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys
16:31:57.0542 4272 ELkbd - ok
16:31:57.0542 4272 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys
16:31:57.0558 4272 ELmon - ok
16:31:57.0558 4272 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys
16:31:57.0558 4272 ELmou - ok
16:31:57.0605 4272 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
16:31:57.0605 4272 ELService - ok
16:31:57.0636 4272 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:31:57.0636 4272 ERSvc - ok
16:31:57.0683 4272 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:31:57.0698 4272 Eventlog - ok
16:31:57.0714 4272 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\Es.dll
16:31:57.0714 4272 EventSystem - ok
16:31:57.0761 4272 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:31:57.0761 4272 Fastfat - ok
16:31:57.0808 4272 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:31:57.0823 4272 FastUserSwitchingCompatibility - ok
16:31:57.0839 4272 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:31:57.0855 4272 Fdc - ok
16:31:57.0980 4272 [ 9840396B26E424046AD335C98B3F16C3 ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
16:31:57.0995 4272 FileMonitor - ok
16:31:58.0026 4272 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:31:58.0042 4272 Fips - ok
16:31:58.0058 4272 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:31:58.0058 4272 Flpydisk - ok
16:31:58.0089 4272 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:31:58.0089 4272 FltMgr - ok
16:31:58.0167 4272 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:31:58.0167 4272 FontCache3.0.0.0 - ok
16:31:58.0183 4272 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:31:58.0183 4272 Fs_Rec - ok
16:31:58.0214 4272 [ B283F1BC1FF852BD232449A4B3E3CE63 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
16:31:58.0230 4272 FTDIBUS - ok
16:31:58.0245 4272 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:31:58.0245 4272 Ftdisk - ok
16:31:58.0292 4272 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:31:58.0292 4272 Gpc - ok
16:31:58.0308 4272 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:31:58.0308 4272 HDAudBus - ok
16:31:58.0370 4272 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:31:58.0370 4272 helpsvc - ok
16:31:58.0401 4272 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
16:31:58.0401 4272 HidBatt - ok
16:31:58.0433 4272 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:31:58.0433 4272 HidServ - ok
16:31:58.0448 4272 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:31:58.0448 4272 HidUsb - ok
16:31:58.0511 4272 [ 156765F692192EA9039A6C4A809312FD ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
16:31:58.0511 4272 HipShieldK - ok
16:31:58.0542 4272 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:31:58.0558 4272 hkmsvc - ok
16:31:58.0667 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
16:31:58.0667 4272 HomeNetSvc - ok
16:31:58.0683 4272 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:31:58.0698 4272 hpn - ok
16:31:58.0730 4272 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
16:31:58.0730 4272 HSFHWBS2 - ok
16:31:58.0745 4272 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
16:31:58.0761 4272 HSF_DP - ok
16:31:58.0808 4272 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:31:58.0808 4272 HTTP - ok
16:31:58.0855 4272 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:31:58.0855 4272 HTTPFilter - ok
16:31:58.0870 4272 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:31:58.0886 4272 i2omgmt - ok
16:31:58.0901 4272 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:31:58.0901 4272 i2omp - ok
16:31:58.0917 4272 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:31:58.0917 4272 i8042prt - ok
16:31:58.0964 4272 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
16:31:58.0964 4272 IAANTMon - ok
16:31:58.0995 4272 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
16:31:58.0995 4272 iastor - ok
16:31:59.0073 4272 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:31:59.0073 4272 IDriverT - ok
16:31:59.0136 4272 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:31:59.0151 4272 idsvc - ok
16:31:59.0198 4272 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:31:59.0198 4272 Imapi - ok
16:31:59.0245 4272 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:31:59.0245 4272 ImapiService - ok
16:31:59.0276 4272 [ EAEA4B0005869A4ABE6070BD364143B7 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
16:31:59.0276 4272 IMFservice - ok
16:31:59.0308 4272 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:31:59.0308 4272 ini910u - ok
16:31:59.0323 4272 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:31:59.0323 4272 IntelIde - ok
16:31:59.0354 4272 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:31:59.0370 4272 intelppm - ok
16:31:59.0386 4272 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:31:59.0386 4272 Ip6Fw - ok
16:31:59.0417 4272 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:31:59.0417 4272 IpFilterDriver - ok
16:31:59.0433 4272 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:31:59.0433 4272 IpInIp - ok
16:31:59.0464 4272 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:31:59.0464 4272 IpNat - ok
16:31:59.0479 4272 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:31:59.0495 4272 IPSec - ok
16:31:59.0511 4272 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:31:59.0526 4272 IRENUM - ok
16:31:59.0558 4272 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:31:59.0558 4272 isapnp - ok
16:31:59.0589 4272 [ 4AC11B2250106774F694DF2DB4FFED61 ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
16:31:59.0604 4272 Iviaspi - ok
16:31:59.0651 4272 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
16:31:59.0651 4272 JavaQuickStarterService - ok
16:31:59.0667 4272 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:31:59.0667 4272 Kbdclass - ok
16:31:59.0683 4272 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:31:59.0683 4272 kbdhid - ok
16:31:59.0729 4272 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:31:59.0729 4272 kmixer - ok
16:31:59.0745 4272 KodakCCS - ok
16:31:59.0761 4272 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:31:59.0776 4272 KSecDD - ok
16:31:59.0808 4272 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:31:59.0808 4272 lanmanserver - ok
16:31:59.0839 4272 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:31:59.0854 4272 lanmanworkstation - ok
16:31:59.0854 4272 lbrtfdc - ok
16:31:59.0886 4272 [ AC05A1B5C66D693B1598FD83617D1820 ] LHidUsb C:\WINDOWS\system32\Drivers\LHidUsb.Sys
16:31:59.0901 4272 LHidUsb - ok
16:31:59.0917 4272 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
16:31:59.0917 4272 lirsgt - ok
16:31:59.0964 4272 [ 935E2093CEED8198C820B7F60BB63167 ] LiveUpdateSvc C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
16:31:59.0979 4272 LiveUpdateSvc - ok
16:32:00.0026 4272 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:32:00.0026 4272 LmHosts - ok
16:32:00.0104 4272 [ 5467B4D77044E4FF56E8FEB9D2F6FE5A ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
16:32:00.0120 4272 McAPExe - ok
16:32:00.0136 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcbootdelaystartsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0136 4272 mcbootdelaystartsvc - ok
16:32:00.0151 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
16:32:00.0151 4272 McMPFSvc - ok
16:32:00.0151 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0151 4272 McNaiAnn - ok
16:32:00.0214 4272 [ 3A01047FFF666D33EBDE3513D20DA1F5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
16:32:00.0214 4272 McODS - ok
16:32:00.0229 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0229 4272 mcpltsvc - ok
16:32:00.0229 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
16:32:00.0229 4272 McProxy - ok
16:32:00.0292 4272 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
16:32:00.0292 4272 McrdSvc - ok
16:32:00.0354 4272 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:32:00.0354 4272 MDM - ok
16:32:00.0370 4272 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:32:00.0370 4272 mdmxsdk - ok
16:32:00.0401 4272 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:32:00.0401 4272 Messenger - ok
16:32:00.0448 4272 [ 75A2B9F70B77AA3DB15E96BDAAE484A2 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
16:32:00.0448 4272 mfeapfk - ok
16:32:00.0464 4272 [ 070850EFFC731B4A22FB7DDEAD41B943 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
16:32:00.0464 4272 mfeavfk - ok
16:32:00.0479 4272 [ FC28E41FE9D4F3283FB41717C0BF0109 ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
16:32:00.0495 4272 mfebopk - ok
16:32:00.0542 4272 [ A507872B611576AF33BCF473231391F9 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
16:32:00.0542 4272 mfecore - ok
16:32:00.0589 4272 [ 7A9F90099CBF6FA6D4011E10F36EF0C7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:32:00.0589 4272 mfefire - ok
16:32:00.0604 4272 [ 768AA2C44C589EA27E80E4EC05BD5F76 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
16:32:00.0620 4272 mfefirek - ok
16:32:00.0667 4272 [ 24E6ABD47FD50FC187FFC3583A14F339 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
16:32:00.0683 4272 mfehidk - ok
16:32:00.0698 4272 [ 286C46ADBF17272A479C91116FA50524 ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
16:32:00.0714 4272 mfencbdc - ok
16:32:00.0745 4272 [ 0C9EA2919A7EB871FF9BAFB3A11C145E ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
16:32:00.0745 4272 mfencrk - ok
16:32:00.0745 4272 [ B475C9545475B44EA23CE22119149440 ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:32:00.0761 4272 mfendisk - ok
16:32:00.0761 4272 [ B475C9545475B44EA23CE22119149440 ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:32:00.0761 4272 mfendiskmp - ok
16:32:00.0776 4272 [ E487B1ABF6B4E17AEE023022FA927841 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
16:32:00.0776 4272 mfetdi2k - ok
16:32:00.0792 4272 [ A1262E7DC2394EA04AB97D48752F7332 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
16:32:00.0792 4272 mfevtp - ok
16:32:00.0823 4272 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
16:32:00.0823 4272 MHN - ok
16:32:00.0839 4272 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
16:32:00.0839 4272 MHNDRV - ok
16:32:00.0870 4272 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:32:00.0886 4272 mnmdd - ok
16:32:00.0901 4272 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:32:00.0917 4272 mnmsrvc - ok
16:32:00.0933 4272 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:32:00.0933 4272 Modem - ok
16:32:00.0948 4272 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
16:32:00.0964 4272 MODEMCSA - ok
16:32:00.0964 4272 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:32:00.0964 4272 Mouclass - ok
16:32:01.0011 4272 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:32:01.0011 4272 mouhid - ok
16:32:01.0026 4272 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:32:01.0026 4272 MountMgr - ok
16:32:01.0058 4272 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:32:01.0058 4272 MozillaMaintenance - ok
16:32:01.0089 4272 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:32:01.0089 4272 mraid35x - ok
16:32:01.0104 4272 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:32:01.0120 4272 MRxDAV - ok
16:32:01.0167 4272 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:32:01.0183 4272 MRxSmb - ok
16:32:01.0214 4272 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:32:01.0214 4272 MSDTC - ok
16:32:01.0229 4272 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:32:01.0229 4272 Msfs - ok
16:32:01.0229 4272 MSIServer - ok
16:32:01.0276 4272 [ 5007E21208DA68F60EBF43352BDFE6D0 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
16:32:01.0276 4272 MSK80Service - ok
16:32:01.0307 4272 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:32:01.0307 4272 MSKSSRV - ok
16:32:01.0339 4272 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:32:01.0339 4272 MSPCLOCK - ok
16:32:01.0354 4272 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:32:01.0354 4272 MSPQM - ok
16:32:01.0386 4272 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:32:01.0386 4272 mssmbios - ok
16:32:01.0432 4272 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:32:01.0432 4272 Mup - ok
16:32:01.0464 4272 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:32:01.0479 4272 napagent - ok
16:32:01.0479 4272 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:32:01.0479 4272 NDIS - ok
16:32:01.0526 4272 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:32:01.0526 4272 NdisTapi - ok
16:32:01.0542 4272 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:32:01.0542 4272 Ndisuio - ok
16:32:01.0542 4272 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:32:01.0542 4272 NdisWan - ok
16:32:01.0573 4272 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:32:01.0573 4272 NDProxy - ok
16:32:01.0573 4272 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:32:01.0589 4272 NetBIOS - ok
16:32:01.0604 4272 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:32:01.0620 4272 NetBT - ok
16:32:01.0636 4272 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:32:01.0651 4272 NetDDE - ok
16:32:01.0651 4272 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:32:01.0651 4272 NetDDEdsdm - ok
16:32:01.0682 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:32:01.0682 4272 Netlogon - ok
16:32:01.0698 4272 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:32:01.0698 4272 Netman - ok
16:32:01.0776 4272 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
16:32:01.0792 4272 NetSvc - ok
16:32:01.0807 4272 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:01.0823 4272 NetTcpPortSharing - ok
16:32:01.0854 4272 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:32:01.0854 4272 Nla - ok
16:32:01.0870 4272 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:32:01.0886 4272 Npfs - ok
16:32:01.0901 4272 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:32:01.0901 4272 Ntfs - ok
16:32:01.0932 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:32:01.0932 4272 NtLmSsp - ok
16:32:01.0964 4272 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:32:01.0964 4272 NtmsSvc - ok
16:32:01.0995 4272 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:32:01.0995 4272 Null - ok
16:32:02.0042 4272 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:32:02.0073 4272 nv - ok
16:32:02.0089 4272 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:32:02.0089 4272 NwlnkFlt - ok
16:32:02.0120 4272 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:32:02.0120 4272 NwlnkFwd - ok
16:32:02.0151 4272 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:02.0151 4272 ose - ok
16:32:02.0198 4272 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:32:02.0198 4272 Parport - ok
16:32:02.0229 4272 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:32:02.0229 4272 PartMgr - ok
16:32:02.0276 4272 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:32:02.0276 4272 ParVdm - ok
16:32:02.0276 4272 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:32:02.0292 4272 PCI - ok
16:32:02.0292 4272 PCIDump - ok
16:32:02.0307 4272 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:32:02.0307 4272 PCIIde - ok
16:32:02.0339 4272 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:32:02.0339 4272 Pcmcia - ok
16:32:02.0386 4272 [ C3224A794B4FE2F6D0D5434A9FCAD26D ] Pcouffin C:\WINDOWS\system32\Drivers\Pcouffin.sys
16:32:02.0386 4272 Pcouffin - ok
16:32:02.0386 4272 PDCOMP - ok
16:32:02.0401 4272 PDFRAME - ok
16:32:02.0401 4272 PDRELI - ok
16:32:02.0417 4272 PDRFRAME - ok
16:32:02.0448 4272 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:32:02.0448 4272 perc2 - ok
16:32:02.0464 4272 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:32:02.0464 4272 perc2hib - ok
16:32:02.0620 4272 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
16:32:02.0620 4272 PEVSystemStart - ok
16:32:02.0636 4272 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:32:02.0651 4272 PlugPlay - ok
16:32:02.0651 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:32:02.0651 4272 PolicyAgent - ok
16:32:02.0682 4272 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:32:02.0698 4272 PptpMiniport - ok
16:32:02.0698 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:32:02.0698 4272 ProtectedStorage - ok
16:32:02.0714 4272 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:32:02.0714 4272 PSched - ok
16:32:02.0745 4272 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:32:02.0745 4272 Ptilink - ok
16:32:02.0776 4272 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:32:02.0792 4272 ql1080 - ok
16:32:02.0807 4272 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:32:02.0823 4272 Ql10wnt - ok
16:32:02.0839 4272 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:32:02.0839 4272 ql12160 - ok
16:32:02.0854 4272 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:32:02.0854 4272 ql1240 - ok
16:32:02.0870 4272 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:32:02.0870 4272 ql1280 - ok
16:32:02.0901 4272 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:32:02.0901 4272 RasAcd - ok
16:32:02.0964 4272 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:32:02.0964 4272 RasAuto - ok
16:32:02.0979 4272 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:32:02.0995 4272 Rasl2tp - ok
16:32:03.0042 4272 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:32:03.0042 4272 RasMan - ok
16:32:03.0042 4272 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:32:03.0057 4272 RasPppoe - ok
16:32:03.0057 4272 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:32:03.0057 4272 Raspti - ok
16:32:03.0073 4272 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:32:03.0073 4272 Rdbss - ok
16:32:03.0089 4272 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:32:03.0089 4272 RDPCDD - ok
16:32:03.0120 4272 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:32:03.0120 4272 rdpdr - ok
16:32:03.0167 4272 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:32:03.0182 4272 RDPWD - ok
16:32:03.0198 4272 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:32:03.0198 4272 RDSessMgr - ok
16:32:03.0245 4272 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:32:03.0245 4272 redbook - ok
16:32:03.0292 4272 [ 69AA6AF470BA8D8CE13FA45DE0D49C1C ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
16:32:03.0292 4272 RegFilter - ok
16:32:03.0323 4272 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:32:03.0339 4272 RemoteAccess - ok
16:32:03.0370 4272 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:32:03.0370 4272 RemoteRegistry - ok
16:32:03.0385 4272 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:32:03.0385 4272 RpcLocator - ok
16:32:03.0464 4272 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:32:03.0464 4272 RpcSs - ok
16:32:03.0495 4272 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:32:03.0495 4272 RSVP - ok
16:32:03.0542 4272 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:32:03.0542 4272 SamSs - ok
16:32:03.0542 4272 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:32:03.0557 4272 SCardSvr - ok
16:32:03.0589 4272 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:32:03.0589 4272 Schedule - ok
16:32:03.0635 4272 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:32:03.0635 4272 Secdrv - ok
16:32:03.0667 4272 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:32:03.0667 4272 seclogon - ok
16:32:03.0745 4272 [ CA9C2939BDFC5B77D73E3B07C8805C59 ] SecureUpdateSvc C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
16:32:03.0760 4272 SecureUpdateSvc - ok
16:32:03.0776 4272 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:32:03.0776 4272 SENS - ok
16:32:03.0807 4272 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:32:03.0807 4272 serenum - ok
16:32:03.0823 4272 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:32:03.0823 4272 Serial - ok
16:32:03.0854 4272 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:32:03.0854 4272 Sfloppy - ok
16:32:03.0917 4272 [ C950D0381B42A54541CD55ADCCF3D75B ] SgtSch2Svc C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
16:32:03.0917 4272 SgtSch2Svc - ok
16:32:03.0948 4272 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:32:03.0964 4272 SharedAccess - ok
16:32:03.0979 4272 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:32:03.0979 4272 ShellHWDetection - ok
16:32:03.0979 4272 Simbad - ok
16:32:04.0010 4272 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:32:04.0010 4272 sisagp - ok
16:32:04.0057 4272 [ 98B44C15B4EED76AA8DCCB64A4CA11AF ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
16:32:04.0057 4272 snapman - ok
16:32:04.0089 4272 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:32:04.0104 4272 Sparrow - ok
16:32:04.0120 4272 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:32:04.0120 4272 splitter - ok
16:32:04.0167 4272 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:32:04.0167 4272 Spooler - ok
16:32:04.0167 4272 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:32:04.0182 4272 sr - ok
16:32:04.0198 4272 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:32:04.0198 4272 srservice - ok
16:32:04.0229 4272 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:32:04.0229 4272 Srv - ok
16:32:04.0260 4272 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:32:04.0276 4272 SSDPSRV - ok
16:32:04.0323 4272 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
16:32:04.0339 4272 STHDA - ok
16:32:04.0385 4272 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
16:32:04.0385 4272 StillCam - ok
16:32:04.0432 4272 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:32:04.0432 4272 stisvc - ok
16:32:04.0448 4272 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:32:04.0464 4272 swenum - ok
16:32:04.0479 4272 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:32:04.0479 4272 swmidi - ok
16:32:04.0479 4272 SwPrv - ok
16:32:04.0526 4272 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:32:04.0526 4272 symc810 - ok
16:32:04.0542 4272 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:32:04.0542 4272 symc8xx - ok
16:32:04.0557 4272 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:32:04.0573 4272 sym_hi - ok
16:32:04.0573 4272 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:32:04.0589 4272 sym_u3 - ok
16:32:04.0620 4272 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:32:04.0620 4272 sysaudio - ok
16:32:04.0635 4272 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:32:04.0651 4272 SysmonLog - ok
16:32:04.0651 4272 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:32:04.0667 4272 TapiSrv - ok
16:32:04.0698 4272 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:32:04.0714 4272 Tcpip - ok
16:32:04.0760 4272 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:32:04.0760 4272 TDPIPE - ok
16:32:04.0792 4272 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:32:04.0792 4272 TDTCP - ok
16:32:04.0823 4272 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:32:04.0839 4272 TermDD - ok
16:32:04.0854 4272 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:32:04.0854 4272 TermService - ok
16:32:04.0870 4272 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:32:04.0870 4272 Themes - ok
16:32:04.0917 4272 [ D8A96D0E25D43FDAC3BED09ADF39FDE9 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
16:32:04.0932 4272 timounter - ok
16:32:04.0964 4272 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:32:04.0979 4272 TlntSvr - ok
16:32:05.0010 4272 [ DF8444A8FA8FD38D8848BDD40A8403B3 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
16:32:05.0010 4272 tmcomm - ok
16:32:05.0026 4272 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:32:05.0042 4272 TosIde - ok
16:32:05.0073 4272 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:32:05.0089 4272 TrkWks - ok
16:32:05.0104 4272 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:32:05.0104 4272 Udfs - ok
16:32:05.0135 4272 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:32:05.0135 4272 ultra - ok
16:32:05.0182 4272 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:32:05.0182 4272 Update - ok
16:32:05.0213 4272 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:32:05.0213 4272 upnphost - ok
16:32:05.0260 4272 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:32:05.0260 4272 UPS - ok
16:32:05.0292 4272 [ B1C51A3CB466C0C4AFA54F0FA199F6B8 ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
16:32:05.0292 4272 UrlFilter - ok
16:32:05.0338 4272 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
16:32:05.0338 4272 USBAAPL - ok
16:32:05.0370 4272 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:32:05.0385 4272 usbccgp - ok
16:32:05.0401 4272 usbcm - ok
16:32:05.0432 4272 [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:32:05.0432 4272 usbehci - ok
16:32:05.0448 4272 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:32:05.0448 4272 usbhub - ok
16:32:05.0463 4272 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:32:05.0463 4272 usbprint - ok
16:32:05.0495 4272 [ F8EDE2B6928970DCE3D5614C27D9E7F6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:32:05.0495 4272 usbscan - ok
16:32:05.0510 4272 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:32:05.0510 4272 USBSTOR - ok
16:32:05.0542 4272 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:32:05.0542 4272 usbuhci - ok
16:32:05.0542 4272 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:32:05.0557 4272 VgaSave - ok
16:32:05.0588 4272 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:32:05.0588 4272 viaagp - ok
16:32:05.0604 4272 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:32:05.0604 4272 ViaIde - ok
16:32:05.0651 4272 [ 149EC3E217F9D11E9CA6C54CE3D70C73 ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
16:32:05.0651 4272 vididr - ok
16:32:05.0682 4272 [ E31E9CD40677B84B3ADAA7A0D80DC439 ] vidsflt53 C:\WINDOWS\system32\DRIVERS\vsflt53.sys
16:32:05.0682 4272 vidsflt53 - ok
16:32:05.0698 4272 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:32:05.0698 4272 VolSnap - ok
16:32:05.0729 4272 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:32:05.0745 4272 VSS - ok
16:32:05.0760 4272 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
16:32:05.0776 4272 w32time - ok
16:32:05.0823 4272 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:32:05.0823 4272 Wanarp - ok
16:32:05.0838 4272 wanatw - ok
16:32:05.0870 4272 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
16:32:05.0870 4272 WDC_SAM - ok
16:32:05.0885 4272 WDICA - ok
16:32:05.0901 4272 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:32:05.0901 4272 wdmaud - ok
16:32:05.0917 4272 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:32:05.0932 4272 WebClient - ok
16:32:05.0995 4272 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:32:05.0995 4272 winachsf - ok
16:32:06.0073 4272 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
16:32:06.0073 4272 WinDefend - ok
16:32:06.0135 4272 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:32:06.0151 4272 winmgmt - ok
16:32:06.0213 4272 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:32:06.0229 4272 WinRM - ok
16:32:06.0323 4272 [ BC3ECBCB40147BDAE3AD2FD0B4B346D8 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
16:32:06.0323 4272 WmBEnum - ok
16:32:06.0354 4272 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:32:06.0354 4272 WmdmPmSN - ok
16:32:06.0370 4272 [ 19F9881D8B3484FEDB605D0216876898 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
16:32:06.0370 4272 WmFilter - ok
16:32:06.0417 4272 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:32:06.0417 4272 Wmi - ok
16:32:06.0463 4272 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:32:06.0463 4272 WmiApSrv - ok
16:32:06.0526 4272 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:32:06.0542 4272 WMPNetworkSvc - ok
16:32:06.0557 4272 [ 7A51545A6409A25EEDBDBD97D019E8CC ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
16:32:06.0573 4272 WmVirHid - ok
16:32:06.0604 4272 [ 1F083B3BC73017E60C3CA85CF4A70753 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
16:32:06.0604 4272 WmXlCore - ok
16:32:06.0635 4272 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
16:32:06.0651 4272 WpdUsb - ok
16:32:06.0682 4272 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:32:06.0698 4272 WS2IFSL - ok
16:32:06.0729 4272 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:32:06.0729 4272 wscsvc - ok
16:32:06.0760 4272 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:32:06.0792 4272 wuauserv - ok
16:32:06.0823 4272 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:32:06.0838 4272 WudfPf - ok
16:32:06.0854 4272 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:32:06.0870 4272 WudfRd - ok
16:32:06.0885 4272 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:32:06.0901 4272 WudfSvc - ok
16:32:06.0948 4272 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:32:06.0948 4272 WZCSVC - ok
16:32:06.0979 4272 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:32:07.0042 4272 xmlprov - ok
16:32:07.0057 4272 ================ Scan global ===============================
16:32:07.0088 4272 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:32:07.0104 4272 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:32:07.0151 4272 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:32:07.0166 4272 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:32:07.0166 4272 [Global] - ok
16:32:07.0182 4272 ================ Scan MBR ==================================
16:32:07.0198 4272 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
16:32:07.0354 4272 \Device\Harddisk0\DR0 - ok
16:32:07.0354 4272 ================ Scan VBR ==================================
16:32:07.0354 4272 [ 23FB66AC9808F7118DDB9CE83F1BE91B ] \Device\Harddisk0\DR0\Partition1
16:32:07.0354 4272 \Device\Harddisk0\DR0\Partition1 - ok
16:32:07.0354 4272 ============================================================
16:32:07.0354 4272 Scan finished
16:32:07.0354 4272 ============================================================
16:32:07.0370 5704 Detected object count: 0
16:32:07.0370 5704 Actual detected object count: 0
 
2 more failed attempts at Combofix...After about 2 minutes into the scan windows shuts down... the message was= driver IRQL not less or equal
 
  • Physically disconnect from the internet and STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields)
  • Click on your START button and choose Run. Then copy/paste the entire code in RED (Including the "" marks and the Symbols) into the run box.

    Go to
    StartBtn.gif
    Then Run

    "%userprofile%\desktop\combofix.exe" /killall

    killall.JPG

  • Click OK and this will start ComboFix in a special way.
  • When finished, it will produce a log. Please save that log to a Notepad File to post in your next reply .


    Note:
    Do not mouse-click combofix's window while it is running. That may cause it to stall.
  • After you have saved the logs, restart your system to re-enable all the programs that were disabled during the running of ComboFix.
  • Reconnect to the internet
  • Post the Report
  • You can find it at C:\ComboFix.txt
 
Status
Not open for further replies.
Back
Top