Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Video playing in background but no windows open

  1. #1
    Junior Member
    Join Date
    Dec 2009
    Posts
    23

    Default Video playing in background but no windows open

    Videos have begun playing in the background of my computer, but I have no widnows open. They will continue to play even with Internet Explorer closed completely and all applications ended in task Manager.
    Below is the DDS log and the aswMBR log and attach.txt is zipped and attached. Thank you in advance for your help:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16448
    Run by Brent at 19:40:13 on 2012-12-16
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.7861.4875 [GMT -6:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
    SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe
    C:\Windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
    C:\Windows\system32\DRIVERS\o2flash.exe
    C:\Program Files (x86)\NCH Software\Reflect\reflect.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Windows\system32\vssvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uSearch Bar = Preserve
    uProxyOverride = 127.0.0.1:9421;*.local;<local>
    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mURLSearchHooks: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: {472F6BB8-3D5A-BC24-4155-3192C7AC8CF6} - <orphaned>
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Playtopus Games: {8EBA1B69-99D8-4135-BD43-729BA79D5CC4} - C:\Users\Brent\AppData\Local\Playtopus\Playtopus.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
    BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files (x86)\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: NCH Toolbar: {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Program Files (x86)\NCH\tbNCH.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB: IE Developer Toolbar: {A202B231-EF71-4A08-BDB9-4CE5AE8BDE0A} - C:\Program Files (x86)\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
    mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [SMSTray] C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
    mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
    mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
    StartupFolder: C:\Users\Brent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\Users\Brent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - C:\Program Files (x86)\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4} : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\2375942554130343 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\24271646 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\242756E6472E08993702960586F6E656 : DHCPNameServer = 172.26.38.1 172.26.38.2
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\242756E647723702960586F6E656 : DHCPNameServer = 172.26.38.1 172.26.38.2
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 10.0.0.2
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\A7F6F6D6 : DHCPNameServer = 10.0.0.2
    TCP: Interfaces\{140C9231-7291-403D-8759-076071683FE4}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{D1EF63B9-BCEF-4A64-B020-BB1F4913FB09} : DHCPNameServer = 172.26.38.1 172.26.38.2
    TCP: Interfaces\{F0A1CA93-6B3A-41D2-8529-5B7D6C6FB0C4} : DHCPNameServer = 192.168.1.254
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files (x86)\Libronix DLS\System\FileProt.dll
    Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files (x86)\Libronix DLS\System\ResProt.dll
    Notify: GoToAssist - <no file>
    Notify: igfxcui - <no file>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - <orphaned>
    x64-Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\f7cr15ka.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - NCH Customized Web Search
    FF - component: C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\f7cr15ka.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\FFExternalAlert.dll
    FF - component: C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\f7cr15ka.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}\components\RadioWMPCore.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Brent\Desktop\npAmazonMP3DownloaderPlugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-2 55280]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-12-2 173984]
    R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/09/28 17:50:16];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-7-5 147704]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe [2010-2-1 89600]
    R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
    R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-9-28 90640]
    R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-9-28 78352]
    R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-9-28 295440]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2011-3-16 4077424]
    R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-3-10 86016]
    R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-9-28 83704]
    R2 ReflectService;Reflect Customer Database;C:\Program Files (x86)\NCH Software\Reflect\reflect.exe [2010-7-2 815108]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-3-14 1153368]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-3-2 658656]
    R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2010-2-1 23912]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-3-2 172704]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-2-1 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-1 151040]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-1 233984]
    R3 O2MDGRDR;O2MDGRDR;C:\Windows\System32\drivers\o2mdgx64.sys [2010-2-1 74016]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-2-1 239616]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-12-2 40832]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
    S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2011-3-27 31800]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-19 1255736]
    .
    =============== File Associations ===============
    .
    .txt: <filetype is not registered>
    .js: <filetype is not registered>
    .
    =============== Created Last 30 ================
    .
    2012-12-17 00:22:33 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F171B3A5-3E81-4CC4-8770-084EB600735E}\mpengine.dll
    2012-12-08 21:59:30 -------- d-----w- C:\Users\Brent\AppData\Local\Playtopus
    2012-12-08 21:58:55 -------- d-----w- C:\Program Files (x86)\Yahoo!
    2012-11-21 01:15:53 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-11-21 01:15:03 -------- d-----w- C:\Program Files\iPod
    2012-11-21 01:15:02 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-11-21 01:15:02 -------- d-----w- C:\Program Files\iTunes
    2012-11-21 01:15:02 -------- d-----w- C:\Program Files (x86)\iTunes
    .
    ==================== Find3M ====================
    .
    .
    ============= FINISH: 19:41:03.70 ===============


    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2012-12-16 19:45:40
    -----------------------------
    19:45:40.863 OS Version: Windows x64 6.1.7600
    19:45:40.864 Number of processors: 4 586 0x2502
    19:45:40.864 ComputerName: BRENT-PC UserName: Brent
    19:45:42.406 Initialize success
    19:45:52.073 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    19:45:52.077 Disk 0 Vendor: TOSHIBA_MK3256GSY LH010D Size: 305245MB BusType: 11
    19:45:52.095 Disk 0 MBR read successfully
    19:45:52.099 Disk 0 MBR scan
    19:45:52.102 Disk 0 Windows VISTA default MBR code
    19:45:52.107 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
    19:45:52.118 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
    19:45:52.137 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290204 MB offset 30801920
    19:45:52.157 Disk 0 scanning C:\Windows\system32\drivers
    19:45:59.044 Service scanning
    19:46:18.829 Modules scanning
    19:46:18.842 Disk 0 trace - called modules:
    19:46:18.851
    19:46:18.858 Scan finished successfully
    19:46:37.380 Disk 0 MBR has been saved successfully to "C:\Users\Brent\Desktop\MBR.dat"
    19:46:37.385 The log file has been saved successfully to "C:\Users\Brent\Desktop\aswMBR.txt"

  2. #2
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default




    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

    Running programs with Vista or Windows 7 , Right Click and select RUN AS ADMINISTATOR





    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! Save ComboFix.exe to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.

    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Junior Member
    Join Date
    Dec 2009
    Posts
    23

    Default ComboFix Log

    ComboFix log below:



    ComboFix 12-12-19.02 - Brent 12/19/2012 21:13:16.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.7861.5861 [GMT -6:00]
    Running from: c:\users\Brent\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
    SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Brent\AppData\Local\Playtopus\PlAYtopus.dll
    c:\users\Brent\AppData\Roaming\Adobe\plugs
    c:\users\Brent\AppData\Roaming\Adobe\plugs\mmc152.exe
    c:\users\Brent\AppData\Roaming\Adobe\plugs\mmc230.exe
    c:\users\Brent\AppData\Roaming\Adobe\plugs\mmc2438498.txt
    c:\users\Brent\AppData\Roaming\Adobe\plugs\mmc2472787.txt
    c:\users\Brent\AppData\Roaming\Adobe\plugs\mmc51.exe
    c:\users\Brent\AppData\Roaming\Adobe\plugs\mmc66.exe
    c:\users\Brent\AppData\Roaming\Adobe\shed
    c:\users\Brent\AppData\Roaming\Adobe\shed\thr1.chm
    c:\users\Brent\AppData\Roaming\Help\ceptr.tll
    c:\users\Brent\AppData\Roaming\Help\comm.tll
    c:\users\Brent\AppData\Roaming\Help\coredb\storage
    c:\users\Brent\AppData\Roaming\Identities\{23E8E1F3-4B70-4269-85E4-8F8779A2DF21}\Validator.exe
    c:\users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
    c:\users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\System Restore.lnk
    c:\users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\Uninstall System Restore.lnk
    c:\users\Brent\g2mdlhlpx.exe
    c:\windows\SysWow64\muzapp.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-11-20 to 2012-12-20 )))))))))))))))))))))))))))))))
    .
    .
    2012-12-20 03:18 . 2012-12-20 03:18 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-12-20 03:18 . 2012-12-20 03:18 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-12-20 03:10 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{218961D4-1DA9-4C48-AF5C-FC049EC5B1A6}\mpengine.dll
    2012-12-17 01:38 . 2012-12-17 01:38 -------- d-----w- c:\program files (x86)\ERUNT
    2012-12-08 21:59 . 2012-12-20 03:18 -------- d-----w- c:\users\Brent\AppData\Local\Playtopus
    2012-12-08 21:59 . 2012-12-08 21:59 -------- d-----w- c:\program files (x86)\7-Zip
    2012-12-08 21:59 . 2012-12-08 22:02 -------- d-----w- c:\programdata\Yahoo!
    2012-12-08 21:58 . 2012-12-08 22:02 -------- d-----w- c:\program files (x86)\Yahoo!
    2012-11-21 01:15 . 2012-08-21 19:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2012-11-21 01:15 . 2012-11-21 01:15 -------- d-----w- c:\program files\iPod
    2012-11-21 01:15 . 2012-11-21 01:15 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-11-21 01:15 . 2012-11-21 01:15 -------- d-----w- c:\program files\iTunes
    2012-11-21 01:15 . 2012-11-21 01:15 -------- d-----w- c:\program files (x86)\iTunes
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-11-08 17:24 . 2010-03-17 17:40 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-09-24 18:14 . 2011-10-24 23:12 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
    2012-09-24 18:14 . 2011-03-26 23:45 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
    2010-06-14 00:10 2734688 ----a-w- c:\program files (x86)\NCH\tbNCH.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{c2db4fe6-8409-45ce-8010-189a7b5cce86}"= "c:\program files (x86)\NCH\tbNCH.dll" [2010-06-14 2734688]
    .
    [HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
    "dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
    "SMSTray"="c:\program files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-12-14 132624]
    "PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2012-07-26 505872]
    "PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2012-07-26 374560]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2010-02-11 165184]
    .
    c:\users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-17 29428448]
    ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
    [BU]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
    [BU]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "wave2"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe [2011-03-16 4077424]
    R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-03-10 86016]
    R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
    R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
    R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-19 1255736]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
    S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/09/28 17:50];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-07-05 17:07 147704]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe [2009-03-02 89600]
    S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-07-26 90640]
    S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-07-26 78352]
    S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-07-26 295440]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
    S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-06-20 83704]
    S2 ReflectService;Reflect Customer Database;c:\program files (x86)\NCH Software\Reflect\reflect.exe [2010-07-02 815108]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-03-04 658656]
    S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-09-17 23912]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-25 233984]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-26 40832]
    S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [2009-11-03 74016]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-23 00:31]
    .
    2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-23 00:31]
    .
    2012-12-20 c:\windows\Tasks\Playtopus Updater.job
    - c:\users\Brent\AppData\Local\PLAYTO~1\Updater.dll [2012-12-08 21:59]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Brent\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-12-14 487424]
    "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = 127.0.0.1:9421;*.local;<local>
    TCP: DhcpNameServer = 192.168.1.254
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
    FF - ProfilePath - c:\users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\f7cr15ka.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - NCH Customized Web Search
    .
    .
    ------- File Associations -------
    .
    .txt=
    .
    - - - - ORPHANS REMOVED - - - -
    .
    BHO-{472F6BB8-3D5A-BC24-4155-3192C7AC8CF6} - (no file)
    BHO-{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} - c:\users\Brent\AppData\Local\Playtopus\Playtopus.dll
    Toolbar-Locked - (no file)
    WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
    "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
    "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-12-19 21:21:29
    ComboFix-quarantined-files.txt 2012-12-20 03:21
    ComboFix2.txt 2011-10-09 22:04
    .
    Pre-Run: 171,919,327,232 bytes free
    Post-Run: 171,967,016,960 bytes free
    .
    - - End Of File - - 25394272C1435E8D7DB653BAE98228B2

  4. #4
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Good Morning,

    Are the videos add related ?

    Please download TDSSKiller.zip
    • Extract it to your desktop
    • Double click TDSSKiller.exe
    • Press Start Scan
      • Only if Malicious objects are found then ensure Cure is selected
      • Then click Continue > Reboot now
    • Copy and paste the log in your next reply
      • A copy of the log will be saved automatically to the root of the drive (typically C:\)






    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK

    IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

    Do not re-enable these drivers until otherwise instructed.





    Next:

    Download the GMER Rootkit Scanner. Unzip it to your Desktop.

    Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
    • Double click GMER.exe.
    • If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
    • In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)

        Click the image to enlarge it
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
    • Save the log where you can easily find it, such as your desktop.
    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

    Please copy and paste the report into your Post.



    To re-enable your Emulation drivers, double click DeFogger to run the tool.
    • The application window will appear
    • Click the Re-enable button to re-enable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK

    IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

    Your Emulation drivers are now re-enabled.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #5
    Junior Member
    Join Date
    Dec 2009
    Posts
    23

    Default

    Hello,
    It's hard to tell what the videos are because I can't see them, just hear them playing. But they seem to be commercials and parts of recorded programs.

    I ran the programs you requested. The last program (GMER rootkit scanner) ran successfully, but no content was generated for the "ark.txt" log. I saved the report but it was a blank document.

    Below are the other logs you requested. Two posts due to the length of the reports generated.


    17:35:06.0073 5860 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    17:35:06.0432 5860 ============================================================
    17:35:06.0432 5860 Current date / time: 2012/12/23 17:35:06.0432
    17:35:06.0432 5860 SystemInfo:
    17:35:06.0432 5860
    17:35:06.0432 5860 OS Version: 6.1.7600 ServicePack: 0.0
    17:35:06.0432 5860 Product type: Workstation
    17:35:06.0432 5860 ComputerName: BRENT-PC
    17:35:06.0432 5860 UserName: Brent
    17:35:06.0432 5860 Windows directory: C:\Windows
    17:35:06.0432 5860 System windows directory: C:\Windows
    17:35:06.0432 5860 Running under WOW64
    17:35:06.0432 5860 Processor architecture: Intel x64
    17:35:06.0432 5860 Number of processors: 4
    17:35:06.0432 5860 Page size: 0x1000
    17:35:06.0432 5860 Boot type: Normal boot
    17:35:06.0432 5860 ============================================================
    17:35:08.0756 5860 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    17:35:08.0756 5860 ============================================================
    17:35:08.0756 5860 \Device\Harddisk0\DR0:
    17:35:08.0756 5860 MBR partitions:
    17:35:08.0756 5860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
    17:35:08.0756 5860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
    17:35:08.0756 5860 ============================================================
    17:35:08.0772 5860 C: <-> \Device\Harddisk0\DR0\Partition2
    17:35:08.0772 5860 ============================================================
    17:35:08.0772 5860 Initialize success
    17:35:08.0772 5860 ============================================================
    17:35:15.0449 2304 ============================================================
    17:35:15.0449 2304 Scan started
    17:35:15.0449 2304 Mode: Manual;
    17:35:15.0449 2304 ============================================================
    17:35:15.0917 2304 ================ Scan system memory ========================
    17:35:15.0917 2304 System memory - ok
    17:35:15.0917 2304 ================ Scan services =============================
    17:35:16.0104 2304 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
    17:35:16.0135 2304 1394ohci - ok
    17:35:16.0166 2304 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
    17:35:16.0166 2304 Acceler - ok
    17:35:16.0197 2304 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
    17:35:16.0197 2304 ACPI - ok
    17:35:16.0213 2304 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
    17:35:16.0229 2304 AcpiPmi - ok
    17:35:16.0291 2304 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys
    17:35:16.0291 2304 adfs - ok
    17:35:16.0447 2304 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    17:35:16.0447 2304 AdobeARMservice - ok
    17:35:16.0494 2304 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    17:35:16.0509 2304 adp94xx - ok
    17:35:16.0541 2304 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    17:35:16.0541 2304 adpahci - ok
    17:35:16.0587 2304 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    17:35:16.0603 2304 adpu320 - ok
    17:35:16.0650 2304 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    17:35:16.0650 2304 AeLookupSvc - ok
    17:35:16.0790 2304 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe
    17:35:16.0853 2304 AESTFilters - ok
    17:35:16.0931 2304 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
    17:35:16.0962 2304 AFD - ok
    17:35:16.0993 2304 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
    17:35:17.0024 2304 agp440 - ok
    17:35:17.0211 2304 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
    17:35:17.0211 2304 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
    17:35:17.0211 2304 Akamai ( HiddenFile.Multi.Generic ) - warning
    17:35:17.0211 2304 Akamai - detected HiddenFile.Multi.Generic (1)
    17:35:17.0258 2304 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    17:35:17.0289 2304 ALG - ok
    17:35:17.0336 2304 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
    17:35:17.0336 2304 aliide - ok
    17:35:17.0367 2304 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
    17:35:17.0367 2304 amdide - ok
    17:35:17.0383 2304 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    17:35:17.0399 2304 AmdK8 - ok
    17:35:17.0430 2304 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    17:35:17.0430 2304 AmdPPM - ok
    17:35:17.0477 2304 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    17:35:17.0477 2304 amdsata - ok
    17:35:17.0508 2304 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    17:35:17.0508 2304 amdsbs - ok
    17:35:17.0523 2304 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
    17:35:17.0523 2304 amdxata - ok
    17:35:17.0555 2304 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
    17:35:17.0570 2304 AppID - ok
    17:35:17.0586 2304 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    17:35:17.0601 2304 AppIDSvc - ok
    17:35:17.0617 2304 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
    17:35:17.0633 2304 Appinfo - ok
    17:35:17.0726 2304 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    17:35:17.0726 2304 Apple Mobile Device - ok
    17:35:17.0789 2304 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
    17:35:17.0789 2304 arc - ok
    17:35:17.0804 2304 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    17:35:17.0804 2304 arcsas - ok
    17:35:17.0945 2304 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    17:35:17.0945 2304 aspnet_state - ok
    17:35:17.0960 2304 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    17:35:17.0976 2304 AsyncMac - ok
    17:35:18.0007 2304 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
    17:35:18.0007 2304 atapi - ok
    17:35:18.0069 2304 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    17:35:18.0101 2304 AudioEndpointBuilder - ok
    17:35:18.0116 2304 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
    17:35:18.0116 2304 AudioSrv - ok
    17:35:18.0147 2304 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
    17:35:18.0163 2304 AxInstSV - ok
    17:35:18.0225 2304 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    17:35:18.0241 2304 b06bdrv - ok
    17:35:18.0288 2304 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    17:35:18.0303 2304 b57nd60a - ok
    17:35:18.0350 2304 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
    17:35:18.0350 2304 BCM42RLY - ok
    17:35:18.0444 2304 [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
    17:35:18.0459 2304 BCM43XX - ok
    17:35:18.0506 2304 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    17:35:18.0553 2304 BDESVC - ok
    17:35:18.0615 2304 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    17:35:18.0631 2304 Beep - ok
    17:35:18.0678 2304 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
    17:35:18.0725 2304 BFE - ok
    17:35:18.0771 2304 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
    17:35:18.0818 2304 BITS - ok
    17:35:18.0834 2304 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    17:35:18.0849 2304 blbdrive - ok
    17:35:18.0943 2304 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    17:35:18.0959 2304 Bonjour Service - ok
    17:35:19.0005 2304 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    17:35:19.0021 2304 bowser - ok
    17:35:19.0052 2304 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    17:35:19.0068 2304 BrFiltLo - ok
    17:35:19.0083 2304 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    17:35:19.0099 2304 BrFiltUp - ok
    17:35:19.0146 2304 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    17:35:19.0161 2304 BridgeMP - ok
    17:35:19.0208 2304 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
    17:35:19.0239 2304 Browser - ok
    17:35:19.0271 2304 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
    17:35:19.0271 2304 Brserid - ok
    17:35:19.0286 2304 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    17:35:19.0302 2304 BrSerWdm - ok
    17:35:19.0317 2304 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    17:35:19.0333 2304 BrUsbMdm - ok
    17:35:19.0333 2304 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
    17:35:19.0349 2304 BrUsbSer - ok
    17:35:19.0364 2304 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    17:35:19.0380 2304 BTHMODEM - ok
    17:35:19.0411 2304 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    17:35:19.0442 2304 bthserv - ok
    17:35:19.0442 2304 catchme - ok
    17:35:19.0473 2304 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    17:35:19.0473 2304 cdfs - ok
    17:35:19.0505 2304 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    17:35:19.0520 2304 cdrom - ok
    17:35:19.0536 2304 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
    17:35:19.0567 2304 CertPropSvc - ok
    17:35:19.0583 2304 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    17:35:19.0598 2304 circlass - ok
    17:35:19.0614 2304 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    17:35:19.0629 2304 CLFS - ok
    17:35:19.0817 2304 [ EC6B664082E04D9007513C7090110B0E ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    17:35:19.0817 2304 CLHNServiceForPowerDVD12 - ok
    17:35:19.0895 2304 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    17:35:19.0910 2304 clr_optimization_v2.0.50727_32 - ok
    17:35:19.0957 2304 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    17:35:19.0957 2304 clr_optimization_v2.0.50727_64 - ok
    17:35:20.0051 2304 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    17:35:20.0051 2304 clr_optimization_v4.0.30319_32 - ok
    17:35:20.0066 2304 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    17:35:20.0066 2304 clr_optimization_v4.0.30319_64 - ok
    17:35:20.0097 2304 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    17:35:20.0113 2304 CmBatt - ok
    17:35:20.0144 2304 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
    17:35:20.0144 2304 cmdide - ok
    17:35:20.0207 2304 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
    17:35:20.0222 2304 CNG - ok
    17:35:20.0238 2304 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    17:35:20.0238 2304 Compbatt - ok
    17:35:20.0253 2304 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
    17:35:20.0269 2304 CompositeBus - ok
    17:35:20.0285 2304 COMSysApp - ok
    17:35:20.0300 2304 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    17:35:20.0300 2304 crcdisk - ok
    17:35:20.0363 2304 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
    17:35:20.0394 2304 CryptSvc - ok
    17:35:20.0456 2304 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
    17:35:20.0472 2304 CtClsFlt - ok
    17:35:20.0534 2304 [ 9519CB1BEF593A29EB8C8BE0E7E9D7CF ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    17:35:20.0534 2304 CyberLink PowerDVD 12 Media Server Monitor Service - ok
    17:35:20.0581 2304 [ 8570A9460AAD8C1A0E53CC6D71BF51D0 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    17:35:20.0581 2304 CyberLink PowerDVD 12 Media Server Service - ok
    17:35:20.0628 2304 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
    17:35:20.0628 2304 dc3d - ok
    17:35:20.0675 2304 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
    17:35:20.0690 2304 DcomLaunch - ok
    17:35:20.0721 2304 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    17:35:20.0768 2304 defragsvc - ok
    17:35:20.0815 2304 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    17:35:20.0831 2304 DfsC - ok
    17:35:20.0846 2304 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
    17:35:20.0877 2304 Dhcp - ok
    17:35:20.0924 2304 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    17:35:20.0940 2304 discache - ok
    17:35:21.0002 2304 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    17:35:21.0002 2304 Disk - ok
    17:35:21.0049 2304 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
    17:35:21.0049 2304 Dnscache - ok
    17:35:21.0127 2304 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
    17:35:21.0127 2304 DockLoginService - ok
    17:35:21.0158 2304 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
    17:35:21.0205 2304 dot3svc - ok
    17:35:21.0221 2304 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
    17:35:21.0221 2304 DPS - ok
    17:35:21.0267 2304 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    17:35:21.0283 2304 drmkaud - ok
    17:35:21.0330 2304 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    17:35:21.0345 2304 DXGKrnl - ok
    17:35:21.0392 2304 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    17:35:21.0423 2304 EapHost - ok
    17:35:21.0517 2304 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    17:35:21.0564 2304 ebdrv - ok
    17:35:21.0611 2304 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
    17:35:21.0642 2304 EFS - ok
    17:35:21.0735 2304 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    17:35:21.0782 2304 ehRecvr - ok
    17:35:21.0829 2304 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    17:35:21.0860 2304 ehSched - ok
    17:35:21.0891 2304 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    17:35:21.0907 2304 elxstor - ok
    17:35:21.0923 2304 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
    17:35:21.0938 2304 ErrDev - ok
    17:35:21.0985 2304 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    17:35:22.0032 2304 EventSystem - ok
    17:35:22.0063 2304 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    17:35:22.0079 2304 exfat - ok
    17:35:22.0110 2304 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    17:35:22.0125 2304 fastfat - ok
    17:35:22.0157 2304 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
    17:35:22.0235 2304 Fax - ok
    17:35:22.0266 2304 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    17:35:22.0281 2304 fdc - ok
    17:35:22.0297 2304 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    17:35:22.0313 2304 fdPHost - ok
    17:35:22.0328 2304 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    17:35:22.0344 2304 FDResPub - ok
    17:35:22.0359 2304 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    17:35:22.0359 2304 FileInfo - ok
    17:35:22.0375 2304 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    17:35:22.0391 2304 Filetrace - ok
    17:35:22.0469 2304 [ D60EF46DC0E757FE5EB579DB95B88954 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    17:35:22.0484 2304 FLEXnet Licensing Service - ok
    17:35:22.0500 2304 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    17:35:22.0515 2304 flpydisk - ok
    17:35:22.0547 2304 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    17:35:22.0547 2304 FltMgr - ok
    17:35:22.0640 2304 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
    17:35:22.0687 2304 FontCache - ok
    17:35:22.0765 2304 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    17:35:22.0765 2304 FontCache3.0.0.0 - ok
    17:35:22.0796 2304 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    17:35:22.0796 2304 FsDepends - ok
    17:35:22.0827 2304 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    17:35:22.0827 2304 Fs_Rec - ok
    17:35:22.0890 2304 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    17:35:22.0890 2304 fvevol - ok
    17:35:22.0937 2304 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    17:35:22.0937 2304 gagp30kx - ok
    17:35:22.0983 2304 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    17:35:22.0983 2304 GEARAspiWDM - ok
    17:35:23.0030 2304 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    17:35:23.0030 2304 GoToAssist - ok
    17:35:23.0093 2304 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
    17:35:23.0139 2304 gpsvc - ok
    17:35:23.0186 2304 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
    17:35:23.0186 2304 grmnusb - ok
    17:35:23.0280 2304 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:35:23.0295 2304 gupdate - ok
    17:35:23.0327 2304 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    17:35:23.0342 2304 gupdatem - ok
    17:35:23.0420 2304 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    17:35:23.0420 2304 gusvc - ok
    17:35:23.0451 2304 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    17:35:23.0467 2304 hcw85cir - ok
    17:35:23.0498 2304 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    17:35:23.0514 2304 HDAudBus - ok
    17:35:23.0561 2304 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    17:35:23.0561 2304 HECIx64 - ok
    17:35:23.0576 2304 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    17:35:23.0592 2304 HidBatt - ok
    17:35:23.0592 2304 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    17:35:23.0607 2304 HidBth - ok
    17:35:23.0639 2304 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    17:35:23.0654 2304 HidIr - ok
    17:35:23.0685 2304 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
    17:35:23.0717 2304 hidserv - ok
    17:35:23.0748 2304 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    17:35:23.0763 2304 HidUsb - ok
    17:35:23.0810 2304 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
    17:35:23.0841 2304 hkmsvc - ok
    17:35:23.0857 2304 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    17:35:23.0873 2304 HomeGroupListener - ok
    17:35:23.0919 2304 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    17:35:23.0951 2304 HomeGroupProvider - ok
    17:35:23.0982 2304 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
    17:35:23.0982 2304 HpSAMD - ok
    17:35:24.0029 2304 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    17:35:24.0060 2304 HTTP - ok
    17:35:24.0075 2304 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    17:35:24.0075 2304 hwpolicy - ok
    17:35:24.0138 2304 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    17:35:24.0169 2304 i8042prt - ok
    17:35:24.0200 2304 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    17:35:24.0200 2304 iaStorV - ok
    17:35:24.0263 2304 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    17:35:24.0278 2304 idsvc - ok
    17:35:24.0497 2304 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    17:35:24.0731 2304 igfx - ok
    17:35:24.0777 2304 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    17:35:24.0777 2304 iirsp - ok
    17:35:24.0824 2304 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
    17:35:24.0871 2304 IKEEXT - ok
    17:35:24.0918 2304 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
    17:35:24.0949 2304 Impcd - ok
    17:35:24.0996 2304 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    17:35:25.0027 2304 IntcDAud - ok
    17:35:25.0058 2304 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
    17:35:25.0058 2304 intelide - ok
    17:35:25.0089 2304 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    17:35:25.0105 2304 intelppm - ok
    17:35:25.0121 2304 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    17:35:25.0136 2304 IPBusEnum - ok
    17:35:25.0167 2304 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    17:35:25.0167 2304 IpFilterDriver - ok
    17:35:25.0199 2304 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    17:35:25.0261 2304 iphlpsvc - ok
    17:35:25.0277 2304 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
    17:35:25.0277 2304 IPMIDRV - ok
    17:35:25.0308 2304 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    17:35:25.0355 2304 IPNAT - ok
    17:35:25.0417 2304 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    17:35:25.0433 2304 iPod Service - ok
    17:35:25.0464 2304 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    17:35:25.0464 2304 IRENUM - ok
    17:35:25.0479 2304 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
    17:35:25.0495 2304 isapnp - ok
    17:35:25.0511 2304 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
    17:35:25.0511 2304 iScsiPrt - ok
    17:35:25.0542 2304 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    17:35:25.0542 2304 kbdclass - ok
    17:35:25.0557 2304 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    17:35:25.0573 2304 kbdhid - ok
    17:35:25.0604 2304 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
    17:35:25.0604 2304 KeyIso - ok
    17:35:25.0635 2304 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    17:35:25.0635 2304 KSecDD - ok
    17:35:25.0651 2304 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    17:35:25.0651 2304 KSecPkg - ok
    17:35:25.0682 2304 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    17:35:25.0698 2304 ksthunk - ok
    17:35:25.0745 2304 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    17:35:25.0776 2304 KtmRm - ok
    17:35:25.0823 2304 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
    17:35:25.0869 2304 LanmanServer - ok
    17:35:25.0901 2304 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    17:35:25.0932 2304 LanmanWorkstation - ok
    17:35:25.0963 2304 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    17:35:25.0979 2304 lltdio - ok
    17:35:26.0025 2304 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    17:35:26.0041 2304 lltdsvc - ok
    17:35:26.0057 2304 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    17:35:26.0072 2304 lmhosts - ok
    17:35:26.0103 2304 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    17:35:26.0103 2304 LSI_FC - ok
    17:35:26.0135 2304 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    17:35:26.0135 2304 LSI_SAS - ok
    17:35:26.0150 2304 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    17:35:26.0150 2304 LSI_SAS2 - ok
    17:35:26.0181 2304 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    17:35:26.0181 2304 LSI_SCSI - ok
    17:35:26.0197 2304 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    17:35:26.0213 2304 luafv - ok
    17:35:26.0322 2304 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    17:35:26.0322 2304 McComponentHostService - ok
    17:35:26.0369 2304 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    17:35:26.0400 2304 Mcx2Svc - ok
    17:35:26.0556 2304 [ B98C68EA98EBD13EF1105ABC54E15B20 ] MediaMall Server C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    17:35:26.0634 2304 MediaMall Server - ok
    17:35:26.0665 2304 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    17:35:26.0665 2304 megasas - ok
    17:35:26.0696 2304 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    17:35:26.0712 2304 MegaSR - ok
    17:35:26.0837 2304 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_32 C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
    17:35:26.0883 2304 mi-raysat_3dsmax2011_32 - ok
    17:35:26.0961 2304 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    17:35:26.0961 2304 Microsoft Office Groove Audit Service - ok
    17:35:27.0008 2304 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    17:35:27.0008 2304 MMCSS - ok
    17:35:27.0024 2304 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    17:35:27.0039 2304 Modem - ok
    17:35:27.0071 2304 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    17:35:27.0086 2304 monitor - ok
    17:35:27.0102 2304 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    17:35:27.0102 2304 mouclass - ok
    17:35:27.0149 2304 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    17:35:27.0164 2304 mouhid - ok
    17:35:27.0180 2304 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    17:35:27.0180 2304 mountmgr - ok
    17:35:27.0227 2304 [ C4D8C3031C7CD5884CA856B15307E997 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    17:35:27.0242 2304 MpFilter - ok
    17:35:27.0258 2304 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
    17:35:27.0258 2304 mpio - ok
    17:35:27.0273 2304 [ A768F58C55D3F303E686A7646348AEC3 ] MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys
    17:35:27.0273 2304 MpNWMon - ok
    17:35:27.0289 2304 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    17:35:27.0305 2304 mpsdrv - ok
    17:35:27.0336 2304 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
    17:35:27.0351 2304 MpsSvc - ok
    17:35:27.0351 2304 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    17:35:27.0367 2304 MRxDAV - ok
    17:35:27.0414 2304 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    17:35:27.0429 2304 mrxsmb - ok
    17:35:27.0476 2304 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    17:35:27.0492 2304 mrxsmb10 - ok
    17:35:27.0507 2304 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    17:35:27.0523 2304 mrxsmb20 - ok
    17:35:27.0570 2304 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
    17:35:27.0570 2304 msahci - ok
    17:35:27.0601 2304 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
    17:35:27.0601 2304 msdsm - ok
    17:35:27.0617 2304 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    17:35:27.0663 2304 MSDTC - ok
    17:35:27.0679 2304 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    17:35:27.0679 2304 Msfs - ok
    17:35:27.0695 2304 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    17:35:27.0710 2304 mshidkmdf - ok
    17:35:27.0710 2304 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
    17:35:27.0726 2304 msisadrv - ok
    17:35:27.0757 2304 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    17:35:27.0788 2304 MSiSCSI - ok
    17:35:27.0788 2304 msiserver - ok
    17:35:27.0819 2304 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV

  6. #6
    Junior Member
    Join Date
    Dec 2009
    Posts
    23

    Default Part two:

    C:\Windows\system32\drivers\MSKSSRV.sys
    17:35:27.0835 2304 MSKSSRV - ok
    17:35:27.0882 2304 [ 2275C89D8B702C1EF05D6966139C3865 ] MsMpSvc c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    17:35:27.0897 2304 MsMpSvc - ok
    17:35:27.0897 2304 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    17:35:27.0913 2304 MSPCLOCK - ok
    17:35:27.0929 2304 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    17:35:27.0944 2304 MSPQM - ok
    17:35:27.0960 2304 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    17:35:27.0960 2304 MsRPC - ok
    17:35:27.0975 2304 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    17:35:27.0975 2304 mssmbios - ok
    17:35:27.0991 2304 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    17:35:28.0007 2304 MSTEE - ok
    17:35:28.0053 2304 [ C83829C280F0207677B7AAA151EF9C4D ] msvad_simple C:\Windows\system32\drivers\povrtdev.sys
    17:35:28.0053 2304 msvad_simple - ok
    17:35:28.0085 2304 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    17:35:28.0100 2304 MTConfig - ok
    17:35:28.0116 2304 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    17:35:28.0131 2304 Mup - ok
    17:35:28.0178 2304 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
    17:35:28.0178 2304 napagent - ok
    17:35:28.0209 2304 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    17:35:28.0241 2304 NativeWifiP - ok
    17:35:28.0272 2304 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
    17:35:28.0287 2304 NDIS - ok
    17:35:28.0303 2304 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    17:35:28.0319 2304 NdisCap - ok
    17:35:28.0350 2304 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    17:35:28.0365 2304 NdisTapi - ok
    17:35:28.0381 2304 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    17:35:28.0397 2304 Ndisuio - ok
    17:35:28.0412 2304 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    17:35:28.0428 2304 NdisWan - ok
    17:35:28.0428 2304 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    17:35:28.0443 2304 NDProxy - ok
    17:35:28.0506 2304 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
    17:35:28.0521 2304 Netaapl - ok
    17:35:28.0537 2304 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    17:35:28.0553 2304 NetBIOS - ok
    17:35:28.0599 2304 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    17:35:28.0615 2304 NetBT - ok
    17:35:28.0646 2304 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
    17:35:28.0646 2304 Netlogon - ok
    17:35:28.0693 2304 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    17:35:28.0709 2304 Netman - ok
    17:35:28.0755 2304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:35:28.0755 2304 NetMsmqActivator - ok
    17:35:28.0771 2304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:35:28.0771 2304 NetPipeActivator - ok
    17:35:28.0802 2304 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    17:35:28.0802 2304 netprofm - ok
    17:35:28.0818 2304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:35:28.0818 2304 NetTcpActivator - ok
    17:35:28.0818 2304 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    17:35:28.0818 2304 NetTcpPortSharing - ok
    17:35:28.0849 2304 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    17:35:28.0849 2304 nfrd960 - ok
    17:35:28.0865 2304 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
    17:35:28.0896 2304 NlaSvc - ok
    17:35:28.0911 2304 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    17:35:28.0927 2304 Npfs - ok
    17:35:28.0958 2304 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    17:35:28.0989 2304 nsi - ok
    17:35:29.0005 2304 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    17:35:29.0021 2304 nsiproxy - ok
    17:35:29.0083 2304 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    17:35:29.0099 2304 Ntfs - ok
    17:35:29.0223 2304 [ A773AA47341A1FD16C6A9BA3C11D7DAA ] ntk_PowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
    17:35:29.0223 2304 ntk_PowerDVD12 - ok
    17:35:29.0255 2304 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    17:35:29.0270 2304 Null - ok
    17:35:29.0317 2304 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    17:35:29.0317 2304 nvraid - ok
    17:35:29.0333 2304 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    17:35:29.0348 2304 nvstor - ok
    17:35:29.0379 2304 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
    17:35:29.0379 2304 nv_agp - ok
    17:35:29.0426 2304 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
    17:35:29.0473 2304 O2FLASH - ok
    17:35:29.0489 2304 [ A3C51527DFD788880C2ECE6E9FB68355 ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdgx64.sys
    17:35:29.0489 2304 O2MDGRDR - ok
    17:35:29.0582 2304 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    17:35:29.0582 2304 odserv - ok
    17:35:29.0613 2304 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
    17:35:29.0629 2304 ohci1394 - ok
    17:35:29.0676 2304 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    17:35:29.0691 2304 ose - ok
    17:35:29.0738 2304 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    17:35:29.0769 2304 p2pimsvc - ok
    17:35:29.0801 2304 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    17:35:29.0816 2304 p2psvc - ok
    17:35:29.0863 2304 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    17:35:29.0879 2304 Parport - ok
    17:35:29.0910 2304 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    17:35:29.0925 2304 partmgr - ok
    17:35:29.0941 2304 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    17:35:29.0972 2304 PcaSvc - ok
    17:35:30.0019 2304 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
    17:35:30.0019 2304 pci - ok
    17:35:30.0035 2304 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
    17:35:30.0035 2304 pciide - ok
    17:35:30.0066 2304 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    17:35:30.0066 2304 pcmcia - ok
    17:35:30.0081 2304 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    17:35:30.0081 2304 pcw - ok
    17:35:30.0113 2304 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    17:35:30.0128 2304 PEAUTH - ok
    17:35:30.0237 2304 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    17:35:30.0253 2304 PerfHost - ok
    17:35:30.0315 2304 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
    17:35:30.0378 2304 pla - ok
    17:35:30.0425 2304 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    17:35:30.0456 2304 PlugPlay - ok
    17:35:30.0471 2304 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    17:35:30.0503 2304 PNRPAutoReg - ok
    17:35:30.0518 2304 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    17:35:30.0518 2304 PNRPsvc - ok
    17:35:30.0581 2304 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
    17:35:30.0581 2304 Point64 - ok
    17:35:30.0627 2304 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    17:35:30.0659 2304 PolicyAgent - ok
    17:35:30.0705 2304 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    17:35:30.0737 2304 Power - ok
    17:35:30.0799 2304 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    17:35:30.0815 2304 PptpMiniport - ok
    17:35:30.0830 2304 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    17:35:30.0846 2304 Processor - ok
    17:35:30.0893 2304 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
    17:35:30.0924 2304 ProfSvc - ok
    17:35:30.0939 2304 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
    17:35:30.0939 2304 ProtectedStorage - ok
    17:35:30.0971 2304 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    17:35:30.0986 2304 Psched - ok
    17:35:31.0033 2304 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    17:35:31.0049 2304 PxHlpa64 - ok
    17:35:31.0095 2304 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    17:35:31.0127 2304 ql2300 - ok
    17:35:31.0142 2304 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    17:35:31.0142 2304 ql40xx - ok
    17:35:31.0189 2304 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    17:35:31.0220 2304 QWAVE - ok
    17:35:31.0236 2304 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    17:35:31.0251 2304 QWAVEdrv - ok
    17:35:31.0267 2304 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    17:35:31.0267 2304 RasAcd - ok
    17:35:31.0329 2304 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    17:35:31.0345 2304 RasAgileVpn - ok
    17:35:31.0361 2304 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    17:35:31.0392 2304 RasAuto - ok
    17:35:31.0407 2304 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    17:35:31.0407 2304 Rasl2tp - ok
    17:35:31.0439 2304 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
    17:35:31.0485 2304 RasMan - ok
    17:35:31.0501 2304 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    17:35:31.0501 2304 RasPppoe - ok
    17:35:31.0517 2304 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    17:35:31.0532 2304 RasSstp - ok
    17:35:31.0579 2304 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    17:35:31.0610 2304 rdbss - ok
    17:35:31.0626 2304 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    17:35:31.0641 2304 rdpbus - ok
    17:35:31.0673 2304 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    17:35:31.0673 2304 RDPCDD - ok
    17:35:31.0688 2304 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    17:35:31.0704 2304 RDPENCDD - ok
    17:35:31.0704 2304 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    17:35:31.0719 2304 RDPREFMP - ok
    17:35:31.0766 2304 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    17:35:31.0782 2304 RDPWD - ok
    17:35:31.0797 2304 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    17:35:31.0797 2304 rdyboost - ok
    17:35:31.0891 2304 [ 1A21A00CE437766B0E55F74D3C87BE17 ] ReflectService C:\Program Files (x86)\NCH Software\Reflect\reflect.exe
    17:35:32.0265 2304 ReflectService - ok
    17:35:32.0328 2304 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    17:35:32.0359 2304 RemoteAccess - ok
    17:35:32.0406 2304 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    17:35:32.0437 2304 RemoteRegistry - ok
    17:35:32.0484 2304 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
    17:35:32.0499 2304 Revoflt - ok
    17:35:32.0515 2304 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    17:35:32.0546 2304 RpcEptMapper - ok
    17:35:32.0577 2304 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    17:35:32.0593 2304 RpcLocator - ok
    17:35:32.0624 2304 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
    17:35:32.0624 2304 RpcSs - ok
    17:35:32.0671 2304 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    17:35:32.0687 2304 rspndr - ok
    17:35:32.0733 2304 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    17:35:32.0749 2304 RTL8167 - ok
    17:35:32.0780 2304 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
    17:35:32.0780 2304 SamSs - ok
    17:35:32.0796 2304 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
    17:35:32.0796 2304 sbp2port - ok
    17:35:32.0905 2304 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    17:35:32.0921 2304 SBSDWSCService - ok
    17:35:32.0952 2304 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    17:35:32.0999 2304 SCardSvr - ok
    17:35:33.0014 2304 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    17:35:33.0014 2304 scfilter - ok
    17:35:33.0077 2304 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
    17:35:33.0139 2304 Schedule - ok
    17:35:33.0186 2304 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
    17:35:33.0186 2304 SCPolicySvc - ok
    17:35:33.0233 2304 [ 4E54822ED2350EB1F31F95F0FD674EF3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
    17:35:33.0248 2304 sdbus - ok
    17:35:33.0264 2304 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    17:35:33.0311 2304 SDRSVC - ok
    17:35:33.0357 2304 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    17:35:33.0373 2304 secdrv - ok
    17:35:33.0373 2304 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
    17:35:33.0404 2304 seclogon - ok
    17:35:33.0404 2304 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
    17:35:33.0420 2304 SENS - ok
    17:35:33.0435 2304 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    17:35:33.0451 2304 SensrSvc - ok
    17:35:33.0467 2304 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    17:35:33.0467 2304 Serenum - ok
    17:35:33.0513 2304 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    17:35:33.0529 2304 Serial - ok
    17:35:33.0560 2304 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    17:35:33.0576 2304 sermouse - ok
    17:35:33.0623 2304 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
    17:35:33.0669 2304 SessionEnv - ok
    17:35:33.0685 2304 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
    17:35:33.0685 2304 sffdisk - ok
    17:35:33.0716 2304 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
    17:35:33.0716 2304 sffp_mmc - ok
    17:35:33.0732 2304 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
    17:35:33.0747 2304 sffp_sd - ok
    17:35:33.0747 2304 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    17:35:33.0747 2304 sfloppy - ok
    17:35:33.0841 2304 [ 21D48D7C9BDEF13AF16FDCBC5719FC3B ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    17:35:33.0935 2304 SftService - ok
    17:35:33.0981 2304 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    17:35:34.0028 2304 SharedAccess - ok
    17:35:34.0044 2304 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    17:35:34.0059 2304 ShellHWDetection - ok
    17:35:34.0091 2304 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    17:35:34.0091 2304 SiSRaid2 - ok
    17:35:34.0122 2304 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    17:35:34.0122 2304 SiSRaid4 - ok
    17:35:34.0137 2304 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    17:35:34.0169 2304 Smb - ok
    17:35:34.0184 2304 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    17:35:34.0215 2304 SNMPTRAP - ok
    17:35:34.0231 2304 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    17:35:34.0231 2304 spldr - ok
    17:35:34.0278 2304 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
    17:35:34.0325 2304 Spooler - ok
    17:35:34.0418 2304 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
    17:35:34.0621 2304 sppsvc - ok
    17:35:34.0637 2304 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    17:35:34.0668 2304 sppuinotify - ok
    17:35:34.0730 2304 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    17:35:34.0730 2304 sprtsvc_DellSupportCenter - ok
    17:35:34.0777 2304 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
    17:35:34.0808 2304 srv - ok
    17:35:34.0824 2304 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    17:35:34.0839 2304 srv2 - ok
    17:35:34.0855 2304 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    17:35:34.0871 2304 srvnet - ok
    17:35:34.0917 2304 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    17:35:34.0949 2304 SSDPSRV - ok
    17:35:34.0964 2304 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    17:35:34.0980 2304 SstpSvc - ok
    17:35:35.0120 2304 [ 7AA12DB4BB2CB414C3525E1C02DA911F ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\STacSV64.exe
    17:35:35.0183 2304 STacSV - ok
    17:35:35.0214 2304 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    17:35:35.0214 2304 stexstor - ok
    17:35:35.0261 2304 [ 2D7C3CA0FDB0F438671C89FA1804674F ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
    17:35:35.0292 2304 STHDA - ok
    17:35:35.0339 2304 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
    17:35:35.0385 2304 stisvc - ok
    17:35:35.0401 2304 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    17:35:35.0401 2304 swenum - ok
    17:35:35.0417 2304 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    17:35:35.0463 2304 swprv - ok
    17:35:35.0495 2304 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
    17:35:35.0510 2304 SynTP - ok
    17:35:35.0588 2304 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
    17:35:35.0666 2304 SysMain - ok
    17:35:35.0682 2304 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
    17:35:35.0713 2304 TabletInputService - ok
    17:35:35.0729 2304 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
    17:35:35.0744 2304 TapiSrv - ok
    17:35:35.0760 2304 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    17:35:35.0791 2304 TBS - ok
    17:35:35.0869 2304 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    17:35:35.0900 2304 Tcpip - ok
    17:35:35.0931 2304 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    17:35:35.0931 2304 TCPIP6 - ok
    17:35:35.0978 2304 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    17:35:35.0994 2304 tcpipreg - ok
    17:35:36.0025 2304 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    17:35:36.0025 2304 TDPIPE - ok
    17:35:36.0056 2304 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    17:35:36.0072 2304 TDTCP - ok
    17:35:36.0103 2304 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    17:35:36.0119 2304 tdx - ok
    17:35:36.0134 2304 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    17:35:36.0134 2304 TermDD - ok
    17:35:36.0197 2304 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
    17:35:36.0259 2304 TermService - ok
    17:35:36.0275 2304 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    17:35:36.0290 2304 Themes - ok
    17:35:36.0321 2304 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    17:35:36.0321 2304 THREADORDER - ok
    17:35:36.0353 2304 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    17:35:36.0384 2304 TrkWks - ok
    17:35:36.0462 2304 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    17:35:36.0493 2304 TrustedInstaller - ok
    17:35:36.0509 2304 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    17:35:36.0524 2304 tssecsrv - ok
    17:35:36.0571 2304 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    17:35:36.0602 2304 tunnel - ok
    17:35:36.0618 2304 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    17:35:36.0618 2304 uagp35 - ok
    17:35:36.0633 2304 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    17:35:36.0665 2304 udfs - ok
    17:35:36.0680 2304 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    17:35:36.0711 2304 UI0Detect - ok
    17:35:36.0727 2304 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
    17:35:36.0727 2304 uliagpkx - ok
    17:35:36.0758 2304 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    17:35:36.0774 2304 umbus - ok
    17:35:36.0789 2304 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    17:35:36.0789 2304 UmPass - ok
    17:35:36.0836 2304 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    17:35:36.0867 2304 upnphost - ok
    17:35:36.0899 2304 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
    17:35:36.0914 2304 USBAAPL64 - ok
    17:35:36.0961 2304 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    17:35:36.0977 2304 usbccgp - ok
    17:35:36.0992 2304 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
    17:35:37.0008 2304 usbcir - ok
    17:35:37.0023 2304 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
    17:35:37.0023 2304 usbehci - ok
    17:35:37.0039 2304 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    17:35:37.0086 2304 usbhub - ok
    17:35:37.0117 2304 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    17:35:37.0133 2304 usbohci - ok
    17:35:37.0179 2304 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    17:35:37.0195 2304 usbprint - ok
    17:35:37.0226 2304 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    17:35:37.0257 2304 usbscan - ok
    17:35:37.0289 2304 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    17:35:37.0304 2304 USBSTOR - ok
    17:35:37.0320 2304 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    17:35:37.0335 2304 usbuhci - ok
    17:35:37.0382 2304 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    17:35:37.0413 2304 usbvideo - ok
    17:35:37.0445 2304 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    17:35:37.0476 2304 UxSms - ok
    17:35:37.0491 2304 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
    17:35:37.0491 2304 VaultSvc - ok
    17:35:37.0507 2304 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
    17:35:37.0507 2304 vdrvroot - ok
    17:35:37.0538 2304 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
    17:35:37.0569 2304 vds - ok
    17:35:37.0585 2304 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    17:35:37.0601 2304 vga - ok
    17:35:37.0616 2304 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    17:35:37.0632 2304 VgaSave - ok
    17:35:37.0647 2304 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
    17:35:37.0647 2304 vhdmp - ok
    17:35:37.0663 2304 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
    17:35:37.0663 2304 viaide - ok
    17:35:37.0679 2304 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
    17:35:37.0679 2304 volmgr - ok
    17:35:37.0710 2304 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    17:35:37.0725 2304 volmgrx - ok
    17:35:37.0741 2304 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
    17:35:37.0741 2304 volsnap - ok
    17:35:37.0757 2304 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    17:35:37.0772 2304 vsmraid - ok
    17:35:37.0803 2304 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
    17:35:37.0866 2304 VSS - ok
    17:35:37.0881 2304 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    17:35:37.0913 2304 vwifibus - ok
    17:35:37.0928 2304 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    17:35:37.0944 2304 vwififlt - ok
    17:35:37.0991 2304 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    17:35:38.0022 2304 W32Time - ok
    17:35:38.0037 2304 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    17:35:38.0037 2304 WacomPen - ok
    17:35:38.0069 2304 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    17:35:38.0084 2304 WANARP - ok
    17:35:38.0100 2304 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    17:35:38.0100 2304 Wanarpv6 - ok
    17:35:38.0162 2304 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    17:35:38.0178 2304 WatAdminSvc - ok
    17:35:38.0225 2304 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
    17:35:38.0318 2304 wbengine - ok
    17:35:38.0349 2304 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    17:35:38.0365 2304 WbioSrvc - ok
    17:35:38.0412 2304 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    17:35:38.0443 2304 wcncsvc - ok
    17:35:38.0459 2304 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    17:35:38.0474 2304 WcsPlugInService - ok
    17:35:38.0521 2304 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    17:35:38.0521 2304 Wd - ok
    17:35:38.0552 2304 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    17:35:38.0568 2304 Wdf01000 - ok
    17:35:38.0583 2304 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    17:35:38.0599 2304 WdiServiceHost - ok
    17:35:38.0599 2304 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    17:35:38.0615 2304 WdiSystemHost - ok
    17:35:38.0646 2304 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
    17:35:38.0677 2304 WebClient - ok
    17:35:38.0724 2304 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    17:35:38.0755 2304 Wecsvc - ok
    17:35:38.0771 2304 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    17:35:38.0786 2304 wercplsupport - ok
    17:35:38.0817 2304 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    17:35:38.0833 2304 WerSvc - ok
    17:35:38.0849 2304 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    17:35:38.0864 2304 WfpLwf - ok
    17:35:38.0911 2304 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
    17:35:38.0911 2304 WimFltr - ok
    17:35:38.0927 2304 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    17:35:38.0927 2304 WIMMount - ok
    17:35:38.0958 2304 WinDefend - ok
    17:35:38.0958 2304 WinHttpAutoProxySvc - ok
    17:35:39.0036 2304 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    17:35:39.0083 2304 Winmgmt - ok
    17:35:39.0129 2304 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
    17:35:39.0207 2304 WinRM - ok
    17:35:39.0254 2304 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    17:35:39.0270 2304 WinUsb - ok
    17:35:39.0317 2304 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    17:35:39.0332 2304 Wlansvc - ok
    17:35:39.0410 2304 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    17:35:39.0441 2304 wltrysvc - ok
    17:35:39.0441 2304 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
    17:35:39.0457 2304 WmiAcpi - ok
    17:35:39.0473 2304 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    17:35:39.0488 2304 wmiApSrv - ok
    17:35:39.0519 2304 WMPNetworkSvc - ok
    17:35:39.0519 2304 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    17:35:39.0535 2304 WPCSvc - ok
    17:35:39.0551 2304 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    17:35:39.0566 2304 WPDBusEnum - ok
    17:35:39.0597 2304 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    17:35:39.0613 2304 ws2ifsl - ok
    17:35:39.0660 2304 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
    17:35:39.0691 2304 wscsvc - ok
    17:35:39.0691 2304 WSearch - ok
    17:35:39.0785 2304 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    17:35:39.0816 2304 wuauserv - ok
    17:35:39.0831 2304 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    17:35:39.0847 2304 WudfPf - ok
    17:35:39.0878 2304 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    17:35:39.0894 2304 WUDFRd - ok
    17:35:39.0925 2304 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    17:35:39.0941 2304 wudfsvc - ok
    17:35:39.0972 2304 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    17:35:39.0987 2304 WwanSvc - ok
    17:35:40.0190 2304 [ 6F610F00DC6B4489811EDCBC76D3EBA6 ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
    17:35:40.0190 2304 {73526619-C24F-470B-9BED-53D455FBB5C6} - ok
    17:35:40.0206 2304 ================ Scan global ===============================
    17:35:40.0237 2304 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    17:35:40.0299 2304 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
    17:35:40.0346 2304 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
    17:35:40.0377 2304 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    17:35:40.0440 2304 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    17:35:40.0455 2304 [Global] - ok
    17:35:40.0455 2304 ================ Scan MBR ==================================
    17:35:40.0471 2304 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
    17:35:40.0752 2304 \Device\Harddisk0\DR0 - ok
    17:35:40.0752 2304 ================ Scan VBR ==================================
    17:35:40.0752 2304 [ 0AD6A635F28FCA44FE35DA09D299FBE0 ] \Device\Harddisk0\DR0\Partition1
    17:35:40.0752 2304 \Device\Harddisk0\DR0\Partition1 - ok
    17:35:40.0767 2304 [ 9B3FD1742E036D9023B28A5D19B0344F ] \Device\Harddisk0\DR0\Partition2
    17:35:40.0783 2304 \Device\Harddisk0\DR0\Partition2 - ok
    17:35:40.0783 2304 ============================================================
    17:35:40.0783 2304 Scan finished
    17:35:40.0783 2304 ============================================================
    17:35:40.0799 6060 Detected object count: 1
    17:35:40.0799 6060 Actual detected object count: 1
    17:36:27.0131 6060 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
    17:36:27.0131 6060 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
    17:37:43.0399 4588 Deinitialize success


    Defogger Log:
    defogger_disable by jpshortstuff (23.02.10.1)
    Log created at 17:39 on 23/12/2012 (Brent)

    Checking for autostart values...
    HKCU\~\Run values retrieved.
    HKLM\~\Run values retrieved.

    Checking for services/drivers...


    -=E.O.F=-

  7. #7
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Go here and download AdwCleaner to your desktop

    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.







    Then lets try this other rootkit scanner


    Scan With RootKitUnHooker

    • Please choose one link and download Rootkit Unhooker and save it to your desktop.
      Link 1
      Link 2
      Link 3
    • Now double-click on RKUnhookerLE.exe to run it.
    • Click the Report tab, then click Scan.
    • Check (Tick) Drivers and Stealth
    • Uncheck the rest. then click OK
    • When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
    • Wait till the scanner has finished and then click File > Save Report.
    • Save the report somewhere where you can find it. Click Close.
    • Copy the entire contents of the report and paste it in your next reply.


    Note** you may get the following warning, just click OK and continue.

    "Rootkit Unhooker has detected a parasite inside itself!
    It is recommended to remove parasite, okay?"



    Then run OTL again and let me see a new log please
    Last edited by ken545; 2012-12-24 at 03:15.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  8. #8
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Good Morning,

    I believe what you may have is an infected Master Boot Record, go ahead and bypass Rootkit Unhooker for now but do run AdwCleaner as you have some bogus toolbars you dont need.


    Download MBRCheck.exe to your desktop.
    • Be sure to disable your security programs
    • Double click on the file to run it
    • A window will open on your desktop
    • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
    • If nothing unusual is found just press Enter
    • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
    • Please post the contents of that file.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #9
    Junior Member
    Join Date
    Dec 2009
    Posts
    23

    Default

    Hello,
    Below are the results of the AdwCleaner and MBR Check:

    # AdwCleaner v2.103 - Logfile created 12/25/2012 at 18:01:00
    # Updated 25/12/2012 by Xplode
    # Operating system : Windows 7 Home Premium (64 bits)
    # User : Brent - BRENT-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Brent\Desktop\AdwCleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\f7cr15ka.default\searchplugins\Conduit.xml
    File Deleted : C:\Users\Brent\Desktop\Uninstall.exe
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\NCH
    Folder Deleted : C:\Users\Brent\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Brent\AppData\LocalLow\NCH

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\NCH
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100685.FCTB000100685Pos
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100685.FCTB000100685Pos.1
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100685.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100685.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100685.JSOptionsImpl
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100685.JSOptionsImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
    Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{887E10B8-6173-48ED-83DA-4BCB4781DB6D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_5aab5a491a3a52ae624fd639f6aaa95
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_674de92534e78ca5194a049722987cc
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_6e02d32c7e5a9d9fc86bc91618cafda
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_9107cc52ed6a148a98fad4f22b15a79
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_9f42804f89f9a287eff5269cd426478
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_b3449bacc3f59b3b46b353ca9840034
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Key Deleted : HKLM\Software\NCH
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{887E10B8-6173-48ED-83DA-4BCB4781DB6D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH Toolbar
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16448

    [OK] Registry is clean.

    -\\ Mozilla Firefox v7.0.1 (en-US)

    File : C:\Users\Brent\AppData\Roaming\Mozilla\Firefox\Profiles\f7cr15ka.default\prefs.js

    Deleted : user_pref("browser.search.defaultthis.engineName", "NCH Customized Web Search");
    Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&Sea[...]
    Deleted : user_pref("browser.search.selectedEngine", "NCH Customized Web Search");
    Deleted : user_pref("extensions.veohsearchrecs.SupportedSites", "<?xml version=\"1.0\" ?>\r\n<results revision[...]
    Deleted : user_pref("extensions.veohsearchrecs.VeohVersion", "1.5.2");
    Deleted : user_pref("extensions.veohsearchrecs.id", "ad3118988-b826-c67c-867b-b8b04272ac3");
    Deleted : user_pref("extensions.veohsearchrecs.lastsitedate", "4");

    *************************

    AdwCleaner[R1].txt - [5220 octets] - [25/12/2012 18:00:08]
    AdwCleaner[S1].txt - [5103 octets] - [25/12/2012 18:01:00]

    ########## EOF - C:\AdwCleaner[S1].txt - [5163 octets] ##########




    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Home Premium Edition
    Windows Information: (build 7600), 64-bit
    Base Board Manufacturer: Dell Inc.
    BIOS Manufacturer: Dell Inc.
    System Manufacturer: Dell Inc.
    System Product Name: Studio 1749
    Logical Drives Mask: 0x0000000c

    Kernel Drivers (total 199):
    0x02C5B000 \SystemRoot\system32\ntoskrnl.exe
    0x02C12000 \SystemRoot\system32\hal.dll
    0x00BBA000 \SystemRoot\system32\kdcom.dll
    0x00C87000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x00CCB000 \SystemRoot\system32\PSHED.dll
    0x00CDF000 \SystemRoot\system32\CLFS.SYS
    0x00D3D000 \SystemRoot\system32\CI.dll
    0x00EAB000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00F4F000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x00F5E000 \SystemRoot\system32\DRIVERS\ACPI.sys
    0x00FB5000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
    0x00FBE000 \SystemRoot\system32\DRIVERS\msisadrv.sys
    0x00FC8000 \SystemRoot\system32\DRIVERS\pci.sys
    0x00E00000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
    0x00E0D000 \SystemRoot\System32\drivers\partmgr.sys
    0x00E22000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x00E2B000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x00E37000 \SystemRoot\system32\DRIVERS\volmgr.sys
    0x00E4C000 \SystemRoot\System32\drivers\volmgrx.sys
    0x00C00000 \SystemRoot\System32\drivers\mountmgr.sys
    0x00C1A000 \SystemRoot\system32\DRIVERS\atapi.sys
    0x00C23000 \SystemRoot\system32\DRIVERS\ataport.SYS
    0x00C4D000 \SystemRoot\system32\DRIVERS\msahci.sys
    0x00C58000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
    0x00C68000 \SystemRoot\system32\drivers\amdxata.sys
    0x01050000 \SystemRoot\system32\drivers\fltmgr.sys
    0x0109C000 \SystemRoot\system32\drivers\fileinfo.sys
    0x010B0000 \SystemRoot\System32\Drivers\PxHlpa64.sys
    0x01209000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x010BC000 \SystemRoot\System32\Drivers\msrpc.sys
    0x013AB000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x0111A000 \SystemRoot\System32\Drivers\cng.sys
    0x013C5000 \SystemRoot\System32\drivers\pcw.sys
    0x013D6000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x0145F000 \SystemRoot\system32\drivers\ndis.sys
    0x01551000 \SystemRoot\system32\drivers\NETIO.SYS
    0x015B1000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x01400000 \SystemRoot\system32\DRIVERS\volsnap.sys
    0x0144C000 \SystemRoot\System32\Drivers\spldr.sys
    0x0118C000 \SystemRoot\System32\drivers\rdyboost.sys
    0x015DC000 \SystemRoot\System32\Drivers\mup.sys
    0x015EE000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x011C6000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x013E0000 \SystemRoot\system32\DRIVERS\disk.sys
    0x01000000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x028F2000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x0291C000 \SystemRoot\system32\DRIVERS\MpFilter.sys
    0x02949000 \SystemRoot\System32\Drivers\Null.SYS
    0x02952000 \SystemRoot\System32\Drivers\Beep.SYS
    0x02959000 \SystemRoot\System32\drivers\vga.sys
    0x02967000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x0298C000 \SystemRoot\System32\drivers\watchdog.sys
    0x0299C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x029A5000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x029AE000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x029B7000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x029C2000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x03A02000 \SystemRoot\System32\drivers\tcpip.sys
    0x02800000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x0284A000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x02868000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x03C86000 \SystemRoot\system32\drivers\afd.sys
    0x03D0F000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x03D54000 \SystemRoot\system32\drivers\ws2ifsl.sys
    0x03D5F000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x03D68000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x03D8E000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x03DA4000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x03DB3000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x03DCE000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x03C00000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x03C51000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x03C5D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x03C68000 \SystemRoot\System32\drivers\discache.sys
    0x03DE2000 \SystemRoot\System32\Drivers\dfsc.sys
    0x02875000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x02886000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x03C77000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x04474000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
    0x04E93000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x04F87000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x04FCD000 \SystemRoot\system32\DRIVERS\HECIx64.sys
    0x04FDE000 \SystemRoot\system32\drivers\usbehci.sys
    0x04400000 \SystemRoot\system32\drivers\USBPORT.SYS
    0x028AC000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x03E22000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
    0x040CA000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x040D7000 \SystemRoot\system32\DRIVERS\1394ohci.sys
    0x04115000 \SystemRoot\system32\DRIVERS\sdbus.sys
    0x04135000 \SystemRoot\system32\DRIVERS\o2mdgx64.sys
    0x04146000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
    0x04175000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
    0x041B4000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x041B9000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x041D7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x05419000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x05468000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x0546A000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x05479000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x05480000 \SystemRoot\system32\DRIVERS\Impcd.sys
    0x054A5000 \SystemRoot\system32\DRIVERS\Acceler.sys
    0x054B1000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x054C7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x054D7000 \SystemRoot\system32\drivers\povrtdev.sys
    0x054E2000 \SystemRoot\system32\drivers\portcls.sys
    0x0551F000 \SystemRoot\system32\drivers\drmk.sys
    0x05541000 \SystemRoot\system32\drivers\ks.sys
    0x05584000 \SystemRoot\system32\drivers\ksthunk.sys
    0x0558A000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x055A0000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x055C4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x055D0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x03E00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x028D0000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x041E6000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x05400000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x05402000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x05802000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x0585C000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x05871000 \SystemRoot\system32\DRIVERS\stwrt64.sys
    0x058F0000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
    0x000D0000 \SystemRoot\System32\win32k.sys
    0x0592E000 \SystemRoot\System32\drivers\Dxapi.sys
    0x0593A000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x05957000 \SystemRoot\System32\Drivers\usbvideo.sys
    0x05985000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
    0x059B0000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x004C0000 \SystemRoot\System32\TSDDD.dll
    0x006A0000 \SystemRoot\System32\cdd.dll
    0x008D0000 \SystemRoot\System32\ATMFD.DLL
    0x059BE000 \SystemRoot\system32\drivers\luafv.sys
    0x029D3000 \SystemRoot\system32\drivers\WudfPf.sys
    0x059E1000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x0227E000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x022D1000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x022E4000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x022FC000 \SystemRoot\system32\drivers\HTTP.sys
    0x023C4000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x023E2000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x02200000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x0222D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x034E1000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x03504000 \SystemRoot\System32\Drivers\adfs.SYS
    0x0351C000 \SystemRoot\system32\DRIVERS\udfs.sys
    0x03570000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
    0x03580000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x0358E000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x0359A000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x035A5000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x035B8000 \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
    0x03400000 \SystemRoot\system32\drivers\peauth.sys
    0x034A6000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x034B1000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x035DC000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x060A9000 \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
    0x060D4000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x0613B000 \SystemRoot\System32\DRIVERS\srv.sys
    0x061D0000 \SystemRoot\system32\drivers\BCM42RLY.sys
    0x06000000 \SystemRoot\System32\Drivers\fastfat.SYS
    0x774C0000 \Windows\System32\ntdll.dll
    0x47C80000 \Windows\System32\smss.exe
    0xFF7E0000 \Windows\System32\apisetschema.dll
    0xFF480000 \Windows\System32\autochk.exe
    0x77690000 \Windows\System32\normaliz.dll
    0xFF6F0000 \Windows\System32\advapi32.dll
    0x77680000 \Windows\System32\psapi.dll
    0xFF670000 \Windows\System32\shlwapi.dll
    0x773A0000 \Windows\System32\kernel32.dll
    0xFF5F0000 \Windows\System32\difxapi.dll
    0xFF5D0000 \Windows\System32\imagehlp.dll
    0xFF3C0000 \Windows\System32\ole32.dll
    0xFE630000 \Windows\System32\shell32.dll
    0xFE550000 \Windows\System32\oleaut32.dll
    0xFE500000 \Windows\System32\Wldap32.dll
    0xFE460000 \Windows\System32\msvcrt.dll
    0xFE410000 \Windows\System32\ws2_32.dll
    0xFE3A0000 \Windows\System32\gdi32.dll
    0xFE300000 \Windows\System32\clbcatq.dll
    0xFE230000 \Windows\System32\usp10.dll
    0xFE050000 \Windows\System32\setupapi.dll
    0xFE030000 \Windows\System32\sechost.dll
    0xFE000000 \Windows\System32\imm32.dll
    0x77190000 \Windows\System32\iertutil.dll
    0xFDEF0000 \Windows\System32\msctf.dll
    0x77040000 \Windows\System32\urlmon.dll
    0xFDE50000 \Windows\System32\comdlg32.dll
    0xFDE40000 \Windows\System32\lpk.dll
    0xFDD10000 \Windows\System32\rpcrt4.dll
    0xFDD00000 \Windows\System32\nsi.dll
    0x76EE0000 \Windows\System32\wininet.dll
    0x76DE0000 \Windows\System32\user32.dll
    0xFDB90000 \Windows\System32\crypt32.dll
    0xFDB50000 \Windows\System32\wintrust.dll
    0xFDB30000 \Windows\System32\devobj.dll
    0xFDA90000 \Windows\System32\comctl32.dll
    0xFDA50000 \Windows\System32\cfgmgr32.dll
    0xFD9E0000 \Windows\System32\KernelBase.dll
    0xFD9D0000 \Windows\System32\msasn1.dll
    0x74FB0000 \Windows\SysWOW64\normaliz.dll

    Processes (total 84):
    0 System Idle Process
    4 System
    288 C:\Windows\System32\smss.exe
    388 csrss.exe
    448 C:\Windows\System32\wininit.exe
    472 csrss.exe
    508 C:\Windows\System32\services.exe
    532 C:\Windows\System32\lsass.exe
    540 C:\Windows\System32\lsm.exe
    640 C:\Windows\System32\svchost.exe
    720 C:\Windows\System32\svchost.exe
    780 C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    832 C:\Windows\System32\svchost.exe
    884 C:\Windows\System32\svchost.exe
    916 C:\Windows\System32\svchost.exe
    956 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\stacsv64.exe
    420 C:\Windows\System32\audiodg.exe
    656 C:\Windows\System32\svchost.exe
    408 C:\Program Files\Dell\DellDock\DockLogin.exe
    1080 C:\Windows\System32\svchost.exe
    1180 C:\Windows\System32\winlogon.exe
    1216 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    1224 C:\Windows\System32\wlanext.exe
    1232 C:\Windows\System32\conhost.exe
    1260 C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
    1400 C:\Windows\System32\spoolsv.exe
    1448 C:\Windows\System32\svchost.exe
    1568 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    1936 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d29e7c5b1ea33de7\AESTSr64.exe
    1972 C:\Windows\SysWOW64\svchost.exe
    1992 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    2024 C:\Program Files\Bonjour\mDNSResponder.exe
    1036 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    384 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    1480 C:\Windows\System32\svchost.exe
    1860 C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    2104 C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
    2144 C:\Windows\System32\drivers\o2flash.exe
    2200 C:\Program Files (x86)\NCH Software\Reflect\reflect.exe
    2240 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    2396 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    2916 WmiPrvSE.exe
    3120 WmiPrvSE.exe
    3292 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    3496 C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    2716 C:\Program Files\Windows Media Player\wmpnetwk.exe
    748 C:\Windows\System32\SearchIndexer.exe
    3892 C:\Windows\System32\taskhost.exe
    480 C:\Windows\System32\dwm.exe
    3212 C:\Windows\explorer.exe
    4004 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
    2296 C:\Windows\System32\vds.exe
    2840 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    2908 C:\Program Files\IDT\WDM\sttray64.exe
    632 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    972 C:\Windows\System32\igfxtray.exe
    3236 C:\Windows\System32\hkcmd.exe
    636 C:\Windows\System32\igfxpers.exe
    2768 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    2208 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    2412 C:\Users\Brent\AppData\Roaming\Dropbox\bin\Dropbox.exe
    2036 C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    2944 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    3076 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    3928 C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
    3356 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    4000 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    4100 C:\Program Files (x86)\iTunes\iTunesHelper.exe
    4272 C:\Windows\System32\notepad.exe
    4404 C:\Program Files\iPod\bin\iPodService.exe
    1600 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    4820 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    3372 C:\Windows\System32\wuauclt.exe
    4416 C:\Windows\System32\svchost.exe
    4788 C:\Windows\System32\svchost.exe
    5804 C:\Windows\servicing\TrustedInstaller.exe
    5764 WmiPrvSE.exe
    5708 WmiPrvSE.exe
    6080 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    5840 C:\Windows\System32\SearchProtocolHost.exe
    4448 C:\Windows\System32\SearchFilterHost.exe
    2460 C:\Users\Brent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZR2SBP0\MBRCheck.exe
    712 C:\Windows\System32\conhost.exe
    4292 C:\Windows\System32\dllhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)

    PhysicalDrive0 Model Number: TOSHIBAMK3256GSY, Rev: LH010D

    Size Device Name MBR Status
    --------------------------------------------
    298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
    SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


    Done!

  10. #10
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Great, still have problems with the background adds through the speakers ?

    Run OTL and post a new log please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •