All sorts of problems: Trojans, Smitfraud, etc.

Status
Not open for further replies.
R

ronnies

New member
I'm not even sure when this all began. I will guess around the beginning of August. I noticed my computer was loading slower but I figured it was due to add-ons. Then I noticed an additional IE window that I did not open. That's when I downloaded Spybot and discovered the intruders.

Here's my DDS:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Scriven at 22:07:42 on 2012-08-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2230 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\dlcqcoms.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe
C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingApp.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingBar.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingSurrogate.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingSurrogate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingSurrogate.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120213144224.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [FaxCenterServer] "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Scriven\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
TCP: DhcpNameServer = 192.168.200.1
TCP: Interfaces\{B35F3F63-C6B9-40D5-8065-255D8F8DB51D} : DhcpNameServer = 192.168.200.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120213144224.dll
BHO-X64: scriptproxy - No File
BHO-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
BHO-X64: Swag Bucks - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [FaxCenterServer] "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-7-9 98208]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-8-2 173056]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-22 655944]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-7-9 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-7-9 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-7-9 1692480]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-9 2656280]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-8-10 1153368]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250056]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-7-9 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-13 249936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-24 00:30:22 20480 ----a-w- C:\Windows\svchost.exe
2012-08-23 02:53:52 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-23 02:53:32 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-23 02:29:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-22 00:15:24 -------- d-sh--w- C:\found.000
2012-08-20 15:50:04 -------- d-----w- C:\Users\Scriven\AppData\Roaming\Malwarebytes
2012-08-20 15:49:55 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-20 15:49:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-20 02:16:10 -------- d-----w- C:\Users\Scriven\AppData\Local\AskToolbar
2012-08-20 02:16:05 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-08-20 02:02:30 -------- d-----w- C:\Users\Scriven\AppData\Roaming\Avira
2012-08-20 01:55:53 -------- d-----w- C:\ProgramData\Avira
2012-08-20 01:55:53 -------- d-----w- C:\Program Files (x86)\Avira
2012-08-12 03:55:53 -------- d-----w- C:\Users\Scriven\AppData\Local\Apple Computer
2012-08-12 03:54:14 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-12 03:54:14 -------- d-----w- C:\Program Files\iPod
2012-08-12 03:54:14 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-12 03:53:04 -------- d-----w- C:\Users\Scriven\AppData\Local\Apple
2012-08-12 03:52:15 -------- d-----w- C:\Program Files\Bonjour
2012-08-12 03:52:15 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-08-10 23:51:26 -------- d-----w- C:\Users\Scriven\AppData\Local\ElevatedDiagnostics
2012-08-07 23:41:31 -------- d-----w- C:\Users\Scriven\AppData\Local\The Weather Channel
2012-08-07 14:39:13 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-08-06 19:50:31 -------- d-----w- C:\Users\Scriven\AppData\Local\Swag_Bucks
2012-08-06 01:05:29 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2012-08-02 03:10:45 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-02 03:10:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-08-02 00:53:07 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-07-30 18:09:53 -------- d-----w- C:\ProgramData\Symantec
2012-07-30 18:09:33 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307020.005
2012-07-30 18:09:33 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2012-07-30 18:09:33 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2012-07-30 18:09:20 -------- d-----w- C:\ProgramData\Norton
2012-07-30 18:09:18 -------- d-----w- C:\ProgramData\NortonInstaller
2012-07-30 18:09:18 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-07-28 17:16:11 -------- d-----w- C:\Users\Scriven\AppData\Roaming\ooVoo Details
.
==================== Find3M ====================
.
2012-08-22 22:15:21 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-22 22:15:21 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 22:09:13.15 ===============

aswMBR Log:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-23 22:34:11
-----------------------------
22:34:11.366 OS Version: Windows x64 6.1.7601 Service Pack 1
22:34:11.366 Number of processors: 2 586 0x2A07
22:34:11.366 ComputerName: SCRIVEN-PC UserName: Scriven
22:34:14.050 Initialize success
22:35:39.309 AVAST engine defs: 12082400
22:36:42.021 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:36:42.021 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
22:36:42.037 Device \Driver\iaStor -> MajorFunction fffffa80069545e8
22:36:42.037 Disk 0 MBR read successfully
22:36:42.037 Disk 0 MBR scan
22:36:42.052 Disk 0 Windows VISTA default MBR code
22:36:42.052 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
22:36:42.068 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
22:36:42.083 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 285140 MB offset 41172992
22:36:42.115 Disk 0 scanning C:\Windows\system32\drivers
22:36:53.269 Service scanning
22:37:17.636 Modules scanning
22:37:17.651 Disk 0 trace - called modules:
22:37:17.667 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80069545e8]<<
22:37:17.667 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006521060]
22:37:17.667 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046b3050]
22:37:17.683 \Driver\iaStor[0xfffffa80069366a0] -> IRP_MJ_CREATE -> 0xfffffa80069545e8
22:37:19.055 AVAST engine scan C:\Windows
22:37:21.427 AVAST engine scan C:\Windows\system32
22:39:10.507 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:39:13.159 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:40:38.694 AVAST engine scan C:\Windows\system32\drivers
22:40:59.801 AVAST engine scan C:\Users\Scriven
22:51:48.024 Disk 0 MBR has been saved successfully to "C:\Users\Scriven\Desktop\MBR.dat"
22:51:48.024 The log file has been saved successfully to "C:\Users\Scriven\Desktop\aswMBR.txt"


I hope I did everything right. I've never done this before. Thank you so much!
 
Hi ronnies, welcome to the forum.

To make cleaning this machine easier
  • Please do not uninstall/install any programs unless asked to
    It is more difficult when files/programs are appearing in/disappearing from the logs.
  • Please do not run any scans other than those requested
  • Please follow all instructions in the order posted
  • All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
  • Do not attach any logs/reports, etc.. unless specifically requested to do so.
  • If you have problems with or do not understand the instructions, Please ask before continuing.
  • Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    tdss_1.jpg

  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    tdss_2.jpg

  • Click the Start Scan button.

    tdss_3.jpg

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    tdss_4.jpg

  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    tdss_5.jpg

  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
 
20:50:11.0385 6172 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:50:11.0853 6172 ============================================================
20:50:11.0853 6172 Current date / time: 2012/08/26 20:50:11.0853
20:50:11.0853 6172 SystemInfo:
20:50:11.0853 6172
20:50:11.0853 6172 OS Version: 6.1.7601 ServicePack: 1.0
20:50:11.0853 6172 Product type: Workstation
20:50:11.0853 6172 ComputerName: SCRIVEN-PC
20:50:11.0853 6172 UserName: Scriven
20:50:11.0853 6172 Windows directory: C:\Windows
20:50:11.0853 6172 System windows directory: C:\Windows
20:50:11.0853 6172 Running under WOW64
20:50:11.0853 6172 Processor architecture: Intel x64
20:50:11.0853 6172 Number of processors: 2
20:50:11.0853 6172 Page size: 0x1000
20:50:11.0853 6172 Boot type: Normal boot
20:50:11.0853 6172 ============================================================
20:50:13.0179 6172 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:13.0195 6172 ============================================================
20:50:13.0195 6172 \Device\Harddisk0\DR0:
20:50:13.0195 6172 MBR partitions:
20:50:13.0195 6172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
20:50:13.0195 6172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x22CEA2B0
20:50:13.0195 6172 ============================================================
20:50:13.0211 6172 C: <-> \Device\Harddisk0\DR0\Partition2
20:50:13.0211 6172 ============================================================
20:50:13.0211 6172 Initialize success
20:50:13.0211 6172 ============================================================
20:53:49.0608 2160 ============================================================
20:53:49.0608 2160 Scan started
20:53:49.0608 2160 Mode: Manual; SigCheck; TDLFS;
20:53:49.0608 2160 ============================================================
20:53:50.0481 2160 ================ Scan system memory ========================
20:53:50.0481 2160 System memory - ok
20:53:50.0481 2160 ================ Scan services =============================
20:53:51.0246 2160 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:53:51.0417 2160 1394ohci - ok
20:53:51.0464 2160 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:53:51.0495 2160 ACPI - ok
20:53:51.0542 2160 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:53:51.0667 2160 AcpiPmi - ok
20:53:51.0823 2160 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:53:51.0854 2160 AdobeARMservice - ok
20:53:52.0057 2160 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:53:52.0088 2160 AdobeFlashPlayerUpdateSvc - ok
20:53:52.0182 2160 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:53:52.0213 2160 adp94xx - ok
20:53:52.0260 2160 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:53:52.0307 2160 adpahci - ok
20:53:52.0353 2160 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:53:52.0385 2160 adpu320 - ok
20:53:52.0431 2160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:53:52.0650 2160 AeLookupSvc - ok
20:53:52.0728 2160 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:53:52.0759 2160 AERTFilters - ok
20:53:52.0853 2160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:53:52.0946 2160 AFD - ok
20:53:53.0009 2160 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:53:53.0040 2160 agp440 - ok
20:53:53.0118 2160 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:53:53.0196 2160 ALG - ok
20:53:53.0258 2160 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:53:53.0289 2160 aliide - ok
20:53:53.0321 2160 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:53:53.0352 2160 amdide - ok
20:53:53.0367 2160 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:53:53.0414 2160 AmdK8 - ok
20:53:53.0430 2160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:53:53.0461 2160 AmdPPM - ok
20:53:53.0508 2160 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:53:53.0555 2160 amdsata - ok
20:53:53.0586 2160 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:53:53.0601 2160 amdsbs - ok
20:53:53.0601 2160 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:53:53.0617 2160 amdxata - ok
20:53:53.0648 2160 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:53:53.0882 2160 AppID - ok
20:53:53.0898 2160 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:53:53.0976 2160 AppIDSvc - ok
20:53:53.0991 2160 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:53:54.0054 2160 Appinfo - ok
20:53:54.0179 2160 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:53:54.0210 2160 Apple Mobile Device - ok
20:53:54.0241 2160 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:53:54.0272 2160 arc - ok
20:53:54.0303 2160 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:53:54.0303 2160 arcsas - ok
20:53:54.0428 2160 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:53:54.0475 2160 aspnet_state - ok
20:53:54.0491 2160 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:53:54.0569 2160 AsyncMac - ok
20:53:54.0615 2160 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:53:54.0615 2160 atapi - ok
20:53:54.0662 2160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:53:54.0740 2160 AudioEndpointBuilder - ok
20:53:54.0756 2160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:53:54.0803 2160 AudioSrv - ok
20:53:54.0834 2160 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:53:54.0943 2160 AxInstSV - ok
20:53:54.0990 2160 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:53:55.0052 2160 b06bdrv - ok
20:53:55.0115 2160 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:53:55.0224 2160 b57nd60a - ok
20:53:55.0349 2160 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
20:53:55.0380 2160 BBSvc - ok
20:53:55.0411 2160 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
20:53:55.0427 2160 BBUpdate - ok
20:53:55.0458 2160 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
20:53:55.0489 2160 BCM42RLY - ok
20:53:55.0598 2160 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:53:55.0692 2160 BCM43XX - ok
20:53:55.0754 2160 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:53:55.0817 2160 BDESVC - ok
20:53:55.0848 2160 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:53:55.0973 2160 Beep - ok
20:53:56.0004 2160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:53:56.0051 2160 blbdrive - ok
20:53:56.0097 2160 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:53:56.0144 2160 Bonjour Service - ok
20:53:56.0175 2160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:53:56.0222 2160 bowser - ok
20:53:56.0238 2160 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:53:56.0300 2160 BrFiltLo - ok
20:53:56.0316 2160 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:53:56.0331 2160 BrFiltUp - ok
20:53:56.0363 2160 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
20:53:56.0456 2160 Browser - ok
20:53:56.0487 2160 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:53:56.0565 2160 Brserid - ok
20:53:56.0581 2160 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:53:56.0628 2160 BrSerWdm - ok
20:53:56.0643 2160 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:53:56.0690 2160 BrUsbMdm - ok
20:53:56.0706 2160 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:53:56.0737 2160 BrUsbSer - ok
20:53:56.0784 2160 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:53:56.0862 2160 BthEnum - ok
20:53:56.0893 2160 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:53:56.0940 2160 BTHMODEM - ok
20:53:56.0987 2160 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:53:57.0049 2160 BthPan - ok
20:53:57.0096 2160 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:53:57.0143 2160 BTHPORT - ok
20:53:57.0205 2160 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:53:57.0267 2160 bthserv - ok
20:53:57.0299 2160 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:53:57.0345 2160 BTHUSB - ok
20:53:57.0408 2160 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
20:53:57.0439 2160 BTWAMPFL - ok
20:53:57.0470 2160 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:53:57.0501 2160 btwaudio - ok
20:53:57.0517 2160 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
20:53:57.0533 2160 btwavdt - ok
20:53:57.0595 2160 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:53:57.0642 2160 btwdins - ok
20:53:57.0657 2160 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:53:57.0673 2160 btwl2cap - ok
20:53:57.0689 2160 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:53:57.0689 2160 btwrchid - ok
20:53:57.0735 2160 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:53:57.0813 2160 cdfs - ok
20:53:57.0845 2160 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:53:57.0891 2160 cdrom - ok
20:53:57.0938 2160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:53:58.0016 2160 CertPropSvc - ok
20:53:58.0063 2160 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
20:53:58.0094 2160 cfwids - ok
20:53:58.0141 2160 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:53:58.0188 2160 circlass - ok
20:53:58.0203 2160 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:53:58.0219 2160 CLFS - ok
20:53:58.0281 2160 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:53:58.0313 2160 clr_optimization_v2.0.50727_32 - ok
20:53:58.0344 2160 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:53:58.0375 2160 clr_optimization_v2.0.50727_64 - ok
20:53:58.0422 2160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:53:58.0500 2160 clr_optimization_v4.0.30319_32 - ok
20:53:58.0531 2160 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:53:58.0578 2160 clr_optimization_v4.0.30319_64 - ok
20:53:58.0593 2160 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:53:58.0625 2160 CmBatt - ok
20:53:58.0656 2160 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:53:58.0671 2160 cmdide - ok
20:53:58.0718 2160 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:53:58.0765 2160 CNG - ok
20:53:58.0796 2160 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:53:58.0812 2160 Compbatt - ok
20:53:58.0827 2160 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:53:58.0890 2160 CompositeBus - ok
20:53:58.0905 2160 COMSysApp - ok
20:53:58.0921 2160 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:53:58.0968 2160 crcdisk - ok
20:53:58.0999 2160 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:53:59.0061 2160 CryptSvc - ok
20:53:59.0108 2160 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:53:59.0171 2160 CtClsFlt - ok
20:53:59.0217 2160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:53:59.0295 2160 DcomLaunch - ok
20:53:59.0342 2160 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:53:59.0451 2160 defragsvc - ok
20:53:59.0514 2160 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
20:53:59.0545 2160 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
20:53:59.0545 2160 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
20:53:59.0592 2160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:53:59.0670 2160 DfsC - ok
20:53:59.0701 2160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:53:59.0763 2160 Dhcp - ok
20:53:59.0779 2160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:53:59.0857 2160 discache - ok
20:53:59.0888 2160 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:53:59.0919 2160 Disk - ok
20:53:59.0935 2160 dlcq_device - ok
20:53:59.0966 2160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:54:00.0029 2160 Dnscache - ok
20:54:00.0044 2160 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:54:00.0122 2160 dot3svc - ok
20:54:00.0153 2160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:54:00.0216 2160 DPS - ok
20:54:00.0247 2160 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:54:00.0310 2160 drmkaud - ok
20:54:00.0356 2160 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:54:00.0403 2160 DXGKrnl - ok
20:54:00.0434 2160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:54:00.0512 2160 EapHost - ok
20:54:00.0606 2160 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:54:00.0731 2160 ebdrv - ok
20:54:00.0746 2160 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:54:00.0824 2160 EFS - ok
20:54:00.0887 2160 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:54:00.0996 2160 ehRecvr - ok
20:54:01.0012 2160 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:54:01.0027 2160 ehSched - ok
20:54:01.0074 2160 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:54:01.0121 2160 elxstor - ok
20:54:01.0136 2160 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:54:01.0183 2160 ErrDev - ok
20:54:01.0230 2160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:54:01.0308 2160 EventSystem - ok
20:54:01.0339 2160 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:54:01.0386 2160 exfat - ok
20:54:01.0417 2160 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:54:01.0495 2160 fastfat - ok
20:54:01.0542 2160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:54:01.0636 2160 Fax - ok
20:54:01.0667 2160 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:54:01.0714 2160 fdc - ok
20:54:01.0745 2160 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:54:01.0792 2160 fdPHost - ok
20:54:01.0792 2160 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:54:01.0854 2160 FDResPub - ok
20:54:01.0870 2160 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:54:01.0885 2160 FileInfo - ok
20:54:01.0901 2160 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:54:01.0994 2160 Filetrace - ok
20:54:02.0010 2160 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:54:02.0026 2160 flpydisk - ok
20:54:02.0041 2160 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:54:02.0057 2160 FltMgr - ok
20:54:02.0104 2160 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:54:02.0197 2160 FontCache - ok
20:54:02.0260 2160 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:54:02.0275 2160 FontCache3.0.0.0 - ok
20:54:02.0291 2160 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:54:02.0306 2160 FsDepends - ok
20:54:02.0353 2160 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:54:02.0384 2160 fssfltr - ok
20:54:02.0462 2160 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:54:02.0540 2160 fsssvc - ok
20:54:02.0587 2160 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:54:02.0603 2160 Fs_Rec - ok
20:54:02.0650 2160 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:54:02.0681 2160 fvevol - ok
20:54:02.0696 2160 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:54:02.0712 2160 gagp30kx - ok
20:54:02.0743 2160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:54:02.0821 2160 gpsvc - ok
20:54:02.0837 2160 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:54:02.0899 2160 hcw85cir - ok
20:54:02.0930 2160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:54:02.0993 2160 HDAudBus - ok
20:54:03.0024 2160 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:54:03.0055 2160 HidBatt - ok
20:54:03.0086 2160 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:54:03.0149 2160 HidBth - ok
20:54:03.0164 2160 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:54:03.0196 2160 HidIr - ok
20:54:03.0211 2160 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:54:03.0274 2160 hidserv - ok
20:54:03.0336 2160 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:54:03.0367 2160 HidUsb - ok
20:54:03.0430 2160 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:54:03.0539 2160 hkmsvc - ok
20:54:03.0554 2160 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:54:03.0617 2160 HomeGroupListener - ok
20:54:03.0632 2160 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:54:03.0695 2160 HomeGroupProvider - ok
20:54:03.0726 2160 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:54:03.0757 2160 HpSAMD - ok
20:54:03.0788 2160 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:54:03.0851 2160 HTCAND64 - ok
20:54:03.0913 2160 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:54:03.0929 2160 htcnprot - ok
20:54:03.0960 2160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:54:04.0054 2160 HTTP - ok
20:54:04.0085 2160 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:54:04.0085 2160 hwpolicy - ok
20:54:04.0132 2160 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:54:04.0163 2160 i8042prt - ok
20:54:04.0210 2160 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:54:04.0241 2160 iaStor - ok
20:54:04.0272 2160 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:54:04.0303 2160 iaStorV - ok
20:54:04.0366 2160 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:54:04.0412 2160 idsvc - ok
20:54:04.0678 2160 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:54:05.0052 2160 igfx - ok
20:54:05.0083 2160 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:54:05.0099 2160 iirsp - ok
20:54:05.0161 2160 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:54:05.0286 2160 IKEEXT - ok
20:54:05.0333 2160 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
20:54:05.0395 2160 Impcd - ok
20:54:05.0489 2160 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:54:05.0551 2160 IntcAzAudAddService - ok
20:54:05.0598 2160 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:54:05.0645 2160 IntcDAud - ok
20:54:05.0660 2160 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:54:05.0692 2160 intelide - ok
20:54:05.0723 2160 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:54:05.0754 2160 intelppm - ok
20:54:05.0801 2160 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:54:05.0863 2160 IPBusEnum - ok
20:54:05.0879 2160 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:54:05.0910 2160 IpFilterDriver - ok
20:54:05.0926 2160 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:54:05.0972 2160 IPMIDRV - ok
20:54:06.0019 2160 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:54:06.0113 2160 IPNAT - ok
20:54:06.0144 2160 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:54:06.0160 2160 IRENUM - ok
20:54:06.0175 2160 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:54:06.0191 2160 isapnp - ok
20:54:06.0206 2160 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:54:06.0222 2160 iScsiPrt - ok
20:54:06.0238 2160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:54:06.0253 2160 kbdclass - ok
20:54:06.0269 2160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:54:06.0331 2160 kbdhid - ok
20:54:06.0347 2160 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:54:06.0378 2160 KeyIso - ok
20:54:06.0409 2160 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:54:06.0440 2160 KSecDD - ok
20:54:06.0472 2160 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:54:06.0503 2160 KSecPkg - ok
20:54:06.0503 2160 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:54:06.0565 2160 ksthunk - ok
20:54:06.0612 2160 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:54:06.0706 2160 KtmRm - ok
20:54:06.0768 2160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:54:06.0830 2160 LanmanServer - ok
20:54:06.0877 2160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:54:06.0955 2160 LanmanWorkstation - ok
20:54:06.0986 2160 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:54:07.0049 2160 lltdio - ok
20:54:07.0096 2160 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:54:07.0174 2160 lltdsvc - ok
20:54:07.0189 2160 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:54:07.0236 2160 lmhosts - ok
20:54:07.0314 2160 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:54:07.0345 2160 LMS - ok
20:54:07.0376 2160 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:54:07.0408 2160 LSI_FC - ok
20:54:07.0470 2160 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:54:07.0501 2160 LSI_SAS - ok
20:54:07.0532 2160 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:54:07.0548 2160 LSI_SAS2 - ok
20:54:07.0564 2160 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:54:07.0579 2160 LSI_SCSI - ok
20:54:07.0595 2160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:54:07.0688 2160 luafv - ok
20:54:07.0735 2160 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:54:07.0766 2160 MBAMProtector - ok
20:54:07.0829 2160 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:54:07.0876 2160 MBAMService - ok
20:54:08.0032 2160 [ F69B3AD25321B672A417C24FE6688B6F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
20:54:08.0078 2160 McAWFwk ( UnsignedFile.Multi.Generic ) - warning
20:54:08.0078 2160 McAWFwk - detected UnsignedFile.Multi.Generic (1)
20:54:08.0156 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:54:08.0188 2160 McMPFSvc - ok
20:54:08.0203 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0219 2160 mcmscsvc - ok
20:54:08.0266 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0297 2160 McNaiAnn - ok
20:54:08.0312 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0328 2160 McNASvc - ok
20:54:08.0406 2160 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
20:54:08.0453 2160 McODS - ok
20:54:08.0453 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0468 2160 McOobeSv - ok
20:54:08.0468 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:54:08.0484 2160 McProxy - ok
20:54:08.0531 2160 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:54:08.0562 2160 McShield - ok
20:54:08.0593 2160 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:54:08.0609 2160 Mcx2Svc - ok
20:54:08.0640 2160 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:54:08.0656 2160 megasas - ok
20:54:08.0702 2160 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:54:08.0718 2160 MegaSR - ok
20:54:08.0765 2160 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:54:08.0796 2160 MEIx64 - ok
20:54:08.0827 2160 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:54:08.0843 2160 mfeapfk - ok
20:54:08.0874 2160 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:54:08.0905 2160 mfeavfk - ok
20:54:08.0921 2160 mfeavfk01 - ok
20:54:08.0952 2160 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:54:08.0983 2160 mfefire - ok
20:54:08.0999 2160 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:54:09.0014 2160 mfefirek - ok
20:54:09.0046 2160 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:54:09.0077 2160 mfehidk - ok
20:54:09.0108 2160 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
20:54:09.0139 2160 mfenlfk - ok
20:54:09.0170 2160 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
20:54:09.0202 2160 mferkdet - ok
20:54:09.0233 2160 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
20:54:09.0280 2160 mfevtp - ok
20:54:09.0295 2160 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:54:09.0311 2160 mfewfpk - ok
20:54:09.0326 2160 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:54:09.0420 2160 MMCSS - ok
20:54:09.0436 2160 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:54:09.0514 2160 Modem - ok
20:54:09.0529 2160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:54:09.0592 2160 monitor - ok
20:54:09.0607 2160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:54:09.0623 2160 mouclass - ok
20:54:09.0654 2160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
20:54:09.0701 2160 mouhid - ok
20:54:09.0732 2160 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:54:09.0748 2160 mountmgr - ok
20:54:09.0779 2160 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:54:09.0794 2160 mpio - ok
20:54:09.0810 2160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:54:09.0841 2160 mpsdrv - ok
20:54:09.0872 2160 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:54:09.0919 2160 MRxDAV - ok
20:54:09.0950 2160 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:54:09.0982 2160 mrxsmb - ok
20:54:09.0997 2160 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:54:10.0028 2160 mrxsmb10 - ok
20:54:10.0044 2160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:54:10.0060 2160 mrxsmb20 - ok
20:54:10.0091 2160 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:54:10.0106 2160 msahci - ok
20:54:10.0122 2160 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:54:10.0138 2160 msdsm - ok
20:54:10.0169 2160 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:54:10.0216 2160 MSDTC - ok
20:54:10.0231 2160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:54:10.0294 2160 Msfs - ok
20:54:10.0325 2160 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:54:10.0403 2160 mshidkmdf - ok
20:54:10.0418 2160 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:54:10.0434 2160 msisadrv - ok
20:54:10.0465 2160 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:54:10.0559 2160 MSiSCSI - ok
20:54:10.0574 2160 msiserver - ok
20:54:10.0590 2160 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:54:10.0606 2160 MSK80Service - ok
20:54:10.0621 2160 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:54:10.0715 2160 MSKSSRV - ok
20:54:10.0715 2160 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:54:10.0762 2160 MSPCLOCK - ok
20:54:10.0793 2160 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:54:10.0871 2160 MSPQM - ok
20:54:10.0902 2160 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:54:10.0918 2160 MsRPC - ok
20:54:10.0933 2160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:54:10.0949 2160 mssmbios - ok
20:54:10.0949 2160 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:54:10.0996 2160 MSTEE - ok
20:54:11.0027 2160 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:54:11.0042 2160 MTConfig - ok
20:54:11.0042 2160 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:54:11.0058 2160 Mup - ok
20:54:11.0089 2160 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:54:11.0152 2160 napagent - ok
20:54:11.0183 2160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:54:11.0230 2160 NativeWifiP - ok
20:54:11.0292 2160 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:54:11.0354 2160 NDIS - ok
20:54:11.0386 2160 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:54:11.0432 2160 NdisCap - ok
20:54:11.0448 2160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:54:11.0495 2160 NdisTapi - ok
20:54:11.0526 2160 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:54:11.0604 2160 Ndisuio - ok
20:54:11.0635 2160 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:54:11.0698 2160 NdisWan - ok
20:54:11.0713 2160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:54:11.0760 2160 NDProxy - ok
20:54:11.0776 2160 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:54:11.0838 2160 NetBIOS - ok
20:54:11.0869 2160 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:54:11.0916 2160 NetBT - ok
20:54:11.0932 2160 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:54:11.0947 2160 Netlogon - ok
20:54:11.0994 2160 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:54:12.0088 2160 Netman - ok
20:54:12.0119 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0166 2160 NetMsmqActivator - ok
20:54:12.0166 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0181 2160 NetPipeActivator - ok
20:54:12.0197 2160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:54:12.0290 2160 netprofm - ok
20:54:12.0306 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0322 2160 NetTcpActivator - ok
20:54:12.0322 2160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:54:12.0337 2160 NetTcpPortSharing - ok
20:54:12.0353 2160 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:54:12.0368 2160 nfrd960 - ok
20:54:12.0384 2160 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:54:12.0446 2160 NlaSvc - ok
 
20:54:12.0618 2160 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
20:54:12.0712 2160 NOBU - ok
20:54:12.0727 2160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:54:12.0774 2160 Npfs - ok
20:54:12.0805 2160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:54:12.0868 2160 nsi - ok
20:54:12.0899 2160 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:54:12.0977 2160 nsiproxy - ok
20:54:13.0055 2160 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:54:13.0148 2160 Ntfs - ok
20:54:13.0148 2160 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:54:13.0195 2160 Null - ok
20:54:13.0226 2160 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:54:13.0273 2160 nusb3hub - ok
20:54:13.0304 2160 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:54:13.0367 2160 nusb3xhc - ok
20:54:13.0414 2160 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:54:13.0445 2160 nvraid - ok
20:54:13.0476 2160 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:54:13.0523 2160 nvstor - ok
20:54:13.0554 2160 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:54:13.0601 2160 nv_agp - ok
20:54:13.0616 2160 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:54:13.0648 2160 ohci1394 - ok
20:54:13.0726 2160 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:54:13.0757 2160 ose - ok
20:54:13.0913 2160 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:54:14.0084 2160 osppsvc - ok
20:54:14.0131 2160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:54:14.0194 2160 p2pimsvc - ok
20:54:14.0225 2160 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:54:14.0272 2160 p2psvc - ok
20:54:14.0287 2160 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:54:14.0318 2160 Parport - ok
20:54:14.0350 2160 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:54:14.0381 2160 partmgr - ok
20:54:14.0428 2160 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:54:14.0443 2160 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:54:14.0443 2160 PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:54:14.0474 2160 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:54:14.0537 2160 PcaSvc - ok
20:54:14.0568 2160 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:54:14.0599 2160 pci - ok
20:54:14.0630 2160 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:54:14.0662 2160 pciide - ok
20:54:14.0693 2160 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:54:14.0740 2160 pcmcia - ok
20:54:14.0755 2160 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:54:14.0771 2160 pcw - ok
20:54:14.0786 2160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:54:14.0880 2160 PEAUTH - ok
20:54:14.0989 2160 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:54:15.0052 2160 PerfHost - ok
20:54:15.0114 2160 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:54:15.0192 2160 pla - ok
20:54:15.0254 2160 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:54:15.0301 2160 PlugPlay - ok
20:54:15.0332 2160 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:54:15.0379 2160 PNRPAutoReg - ok
20:54:15.0410 2160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:54:15.0426 2160 PNRPsvc - ok
20:54:15.0457 2160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:54:15.0551 2160 PolicyAgent - ok
20:54:15.0613 2160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:54:15.0691 2160 Power - ok
20:54:15.0722 2160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:54:15.0816 2160 PptpMiniport - ok
20:54:15.0832 2160 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:54:15.0863 2160 Processor - ok
20:54:15.0894 2160 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:54:15.0956 2160 ProfSvc - ok
20:54:15.0972 2160 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:54:16.0003 2160 ProtectedStorage - ok
20:54:16.0034 2160 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:54:16.0112 2160 Psched - ok
20:54:16.0144 2160 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:54:16.0144 2160 PxHlpa64 - ok
20:54:16.0222 2160 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:54:16.0300 2160 ql2300 - ok
20:54:16.0331 2160 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:54:16.0362 2160 ql40xx - ok
20:54:16.0393 2160 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:54:16.0424 2160 QWAVE - ok
20:54:16.0424 2160 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:54:16.0487 2160 QWAVEdrv - ok
20:54:16.0502 2160 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:54:16.0596 2160 RasAcd - ok
20:54:16.0627 2160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:54:16.0674 2160 RasAgileVpn - ok
20:54:16.0690 2160 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:54:16.0768 2160 RasAuto - ok
20:54:16.0799 2160 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:54:16.0892 2160 Rasl2tp - ok
20:54:16.0924 2160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:54:16.0986 2160 RasMan - ok
20:54:17.0002 2160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:54:17.0064 2160 RasPppoe - ok
20:54:17.0095 2160 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:54:17.0158 2160 RasSstp - ok
20:54:17.0189 2160 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:54:17.0236 2160 rdbss - ok
20:54:17.0236 2160 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:54:17.0298 2160 rdpbus - ok
20:54:17.0314 2160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:54:17.0376 2160 RDPCDD - ok
20:54:17.0423 2160 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:54:17.0485 2160 RDPENCDD - ok
20:54:17.0516 2160 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:54:17.0548 2160 RDPREFMP - ok
20:54:17.0610 2160 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:54:17.0657 2160 RDPWD - ok
20:54:17.0688 2160 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:54:17.0719 2160 rdyboost - ok
20:54:17.0750 2160 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:54:17.0844 2160 RemoteAccess - ok
20:54:17.0875 2160 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:54:17.0938 2160 RemoteRegistry - ok
20:54:17.0984 2160 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:54:18.0047 2160 RFCOMM - ok
20:54:18.0140 2160 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
20:54:18.0218 2160 RoxMediaDB12OEM - ok
20:54:18.0250 2160 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
20:54:18.0265 2160 RoxWatch12 - ok
20:54:18.0296 2160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:54:18.0374 2160 RpcEptMapper - ok
20:54:18.0406 2160 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:54:18.0421 2160 RpcLocator - ok
20:54:18.0437 2160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:54:18.0484 2160 RpcSs - ok
20:54:18.0530 2160 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:54:18.0608 2160 rspndr - ok
20:54:18.0655 2160 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:54:18.0686 2160 RSUSBSTOR - ok
20:54:18.0733 2160 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:54:18.0764 2160 RTL8167 - ok
20:54:18.0780 2160 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:54:18.0796 2160 SamSs - ok
20:54:18.0811 2160 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:54:18.0827 2160 sbp2port - ok
20:54:18.0905 2160 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
20:54:18.0936 2160 SBSDWSCService - ok
20:54:18.0967 2160 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:54:19.0014 2160 SCardSvr - ok
20:54:19.0030 2160 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:54:19.0108 2160 scfilter - ok
20:54:19.0139 2160 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:54:19.0217 2160 Schedule - ok
20:54:19.0248 2160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:54:19.0279 2160 SCPolicySvc - ok
20:54:19.0310 2160 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:54:19.0326 2160 SDRSVC - ok
20:54:19.0373 2160 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:54:19.0435 2160 secdrv - ok
20:54:19.0466 2160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:54:19.0498 2160 seclogon - ok
20:54:19.0529 2160 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:54:19.0591 2160 SENS - ok
20:54:19.0591 2160 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:54:19.0654 2160 SensrSvc - ok
20:54:19.0685 2160 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:54:19.0732 2160 Serenum - ok
20:54:19.0778 2160 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:54:19.0825 2160 Serial - ok
20:54:19.0872 2160 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:54:19.0934 2160 sermouse - ok
20:54:19.0966 2160 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:54:20.0059 2160 SessionEnv - ok
20:54:20.0106 2160 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:54:20.0137 2160 sffdisk - ok
20:54:20.0153 2160 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:54:20.0184 2160 sffp_mmc - ok
20:54:20.0200 2160 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:54:20.0262 2160 sffp_sd - ok
20:54:20.0278 2160 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:54:20.0309 2160 sfloppy - ok
20:54:20.0434 2160 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
20:54:20.0496 2160 SftService - ok
20:54:20.0527 2160 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:54:20.0605 2160 ShellHWDetection - ok
20:54:20.0621 2160 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:54:20.0636 2160 SiSRaid2 - ok
20:54:20.0652 2160 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:54:20.0668 2160 SiSRaid4 - ok
20:54:20.0699 2160 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:54:20.0761 2160 Smb - ok
20:54:20.0792 2160 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:54:20.0839 2160 SNMPTRAP - ok
20:54:20.0870 2160 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:54:20.0902 2160 spldr - ok
20:54:20.0917 2160 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:54:20.0964 2160 Spooler - ok
20:54:21.0042 2160 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:54:21.0198 2160 sppsvc - ok
20:54:21.0229 2160 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:54:21.0260 2160 sppuinotify - ok
20:54:21.0292 2160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:54:21.0354 2160 srv - ok
20:54:21.0385 2160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:54:21.0432 2160 srv2 - ok
20:54:21.0463 2160 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:54:21.0494 2160 srvnet - ok
20:54:21.0526 2160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:54:21.0604 2160 SSDPSRV - ok
20:54:21.0619 2160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:54:21.0666 2160 SstpSvc - ok
20:54:21.0697 2160 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:54:21.0713 2160 stexstor - ok
20:54:21.0775 2160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:54:21.0822 2160 stisvc - ok
20:54:21.0869 2160 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:54:21.0869 2160 stllssvr - ok
20:54:21.0884 2160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:54:21.0900 2160 swenum - ok
20:54:21.0916 2160 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:54:21.0978 2160 swprv - ok
20:54:22.0056 2160 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:54:22.0103 2160 SynTP - ok
20:54:22.0150 2160 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:54:22.0274 2160 SysMain - ok
20:54:22.0290 2160 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:54:22.0337 2160 TabletInputService - ok
20:54:22.0352 2160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:54:22.0399 2160 TapiSrv - ok
20:54:22.0415 2160 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:54:22.0462 2160 TBS - ok
20:54:22.0555 2160 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:54:22.0649 2160 Tcpip - ok
20:54:22.0711 2160 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:54:22.0758 2160 TCPIP6 - ok
20:54:22.0789 2160 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:54:22.0898 2160 tcpipreg - ok
20:54:22.0914 2160 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:54:22.0976 2160 TDPIPE - ok
20:54:23.0008 2160 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:54:23.0054 2160 TDTCP - ok
20:54:23.0054 2160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:54:23.0101 2160 tdx - ok
20:54:23.0117 2160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:54:23.0117 2160 TermDD - ok
20:54:23.0164 2160 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:54:23.0242 2160 TermService - ok
20:54:23.0273 2160 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:54:23.0335 2160 Themes - ok
20:54:23.0366 2160 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:54:23.0429 2160 THREADORDER - ok
20:54:23.0429 2160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:54:23.0491 2160 TrkWks - ok
20:54:23.0554 2160 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:54:23.0632 2160 TrustedInstaller - ok
20:54:23.0647 2160 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:54:23.0725 2160 tssecsrv - ok
20:54:23.0756 2160 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:54:23.0803 2160 TsUsbFlt - ok
20:54:23.0834 2160 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:54:23.0866 2160 TsUsbGD - ok
20:54:23.0897 2160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:54:23.0975 2160 tunnel - ok
20:54:23.0990 2160 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:54:24.0006 2160 uagp35 - ok
20:54:24.0022 2160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:54:24.0084 2160 udfs - ok
20:54:24.0115 2160 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:54:24.0162 2160 UI0Detect - ok
20:54:24.0178 2160 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:54:24.0209 2160 uliagpkx - ok
20:54:24.0224 2160 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:54:24.0256 2160 umbus - ok
20:54:24.0287 2160 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:54:24.0349 2160 UmPass - ok
20:54:24.0458 2160 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:54:24.0505 2160 UNS - ok
20:54:24.0552 2160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:54:24.0630 2160 upnphost - ok
20:54:24.0661 2160 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:54:24.0724 2160 usbccgp - ok
20:54:24.0786 2160 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:54:24.0817 2160 usbcir - ok
20:54:24.0848 2160 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:54:24.0895 2160 usbehci - ok
20:54:24.0942 2160 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:54:25.0020 2160 usbhub - ok
20:54:25.0051 2160 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:54:25.0082 2160 usbohci - ok
20:54:25.0114 2160 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:54:25.0176 2160 usbprint - ok
20:54:25.0223 2160 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:54:25.0270 2160 usbscan - ok
20:54:25.0301 2160 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:54:25.0363 2160 USBSTOR - ok
20:54:25.0379 2160 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:54:25.0426 2160 usbuhci - ok
20:54:25.0488 2160 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:54:25.0535 2160 usbvideo - ok
20:54:25.0566 2160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:54:25.0628 2160 UxSms - ok
20:54:25.0660 2160 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:54:25.0660 2160 VaultSvc - ok
20:54:25.0691 2160 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:54:25.0691 2160 vdrvroot - ok
20:54:25.0722 2160 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:54:25.0784 2160 vds - ok
20:54:25.0816 2160 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:54:25.0847 2160 vga - ok
20:54:25.0862 2160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:54:25.0909 2160 VgaSave - ok
20:54:25.0940 2160 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:54:25.0956 2160 vhdmp - ok
20:54:25.0972 2160 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:54:25.0972 2160 viaide - ok
20:54:25.0987 2160 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:54:26.0003 2160 volmgr - ok
20:54:26.0018 2160 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:54:26.0050 2160 volmgrx - ok
20:54:26.0065 2160 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:54:26.0081 2160 volsnap - ok
20:54:26.0096 2160 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:54:26.0112 2160 vsmraid - ok
20:54:26.0174 2160 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:54:26.0268 2160 VSS - ok
20:54:26.0284 2160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:54:26.0315 2160 vwifibus - ok
20:54:26.0362 2160 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:54:26.0408 2160 vwififlt - ok
20:54:26.0424 2160 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:54:26.0440 2160 vwifimp - ok
20:54:26.0471 2160 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:54:26.0518 2160 W32Time - ok
20:54:26.0533 2160 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:54:26.0596 2160 WacomPen - ok
20:54:26.0611 2160 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:54:26.0705 2160 WANARP - ok
20:54:26.0705 2160 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:54:26.0752 2160 Wanarpv6 - ok
20:54:26.0830 2160 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:54:26.0908 2160 WatAdminSvc - ok
20:54:26.0970 2160 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:54:27.0079 2160 wbengine - ok
20:54:27.0079 2160 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:54:27.0110 2160 WbioSrvc - ok
20:54:27.0126 2160 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:54:27.0188 2160 wcncsvc - ok
20:54:27.0204 2160 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:54:27.0235 2160 WcsPlugInService - ok
20:54:27.0266 2160 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:54:27.0282 2160 Wd - ok
20:54:27.0329 2160 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:54:27.0376 2160 Wdf01000 - ok
20:54:27.0391 2160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:54:27.0516 2160 WdiServiceHost - ok
20:54:27.0532 2160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:54:27.0547 2160 WdiSystemHost - ok
20:54:27.0563 2160 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:54:27.0641 2160 WebClient - ok
20:54:27.0656 2160 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:54:27.0750 2160 Wecsvc - ok
20:54:27.0766 2160 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:54:27.0828 2160 wercplsupport - ok
20:54:27.0859 2160 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:54:27.0890 2160 WerSvc - ok
20:54:27.0922 2160 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:54:27.0968 2160 WfpLwf - ok
20:54:28.0000 2160 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:54:28.0031 2160 WimFltr - ok
20:54:28.0046 2160 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:54:28.0062 2160 WIMMount - ok
20:54:28.0062 2160 WinHttpAutoProxySvc - ok
20:54:28.0140 2160 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:54:28.0202 2160 Winmgmt - ok
20:54:28.0280 2160 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:54:28.0390 2160 WinRM - ok
20:54:28.0452 2160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:54:28.0561 2160 Wlansvc - ok
20:54:28.0639 2160 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:54:28.0670 2160 wlcrasvc - ok
20:54:28.0780 2160 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:54:28.0873 2160 wlidsvc - ok
20:54:28.0936 2160 [ BCA22B2B27417FA7C8D824D5DE4DC03C ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
20:54:28.0967 2160 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
20:54:28.0967 2160 wltrysvc - detected UnsignedFile.Multi.Generic (1)
20:54:28.0982 2160 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:54:29.0045 2160 WmiAcpi - ok
20:54:29.0092 2160 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:54:29.0123 2160 wmiApSrv - ok
20:54:29.0154 2160 WMPNetworkSvc - ok
20:54:29.0185 2160 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:54:29.0232 2160 WPCSvc - ok
20:54:29.0248 2160 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:54:29.0294 2160 WPDBusEnum - ok
20:54:29.0341 2160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:54:29.0404 2160 ws2ifsl - ok
20:54:29.0404 2160 WSearch - ok
20:54:29.0419 2160 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:54:29.0497 2160 WudfPf - ok
20:54:29.0513 2160 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:54:29.0606 2160 WUDFRd - ok
20:54:29.0622 2160 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:54:29.0669 2160 wudfsvc - ok
20:54:29.0684 2160 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:54:29.0747 2160 WwanSvc - ok
20:54:29.0778 2160 ================ Scan global ===============================
20:54:29.0794 2160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:54:29.0825 2160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:54:29.0840 2160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:54:29.0872 2160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:54:29.0934 2160 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
20:54:29.0934 2160 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
20:54:29.0934 2160 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
20:54:29.0934 2160 ================ Scan MBR ==================================
20:54:29.0950 2160 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:54:29.0950 2160 Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:54:29.0996 2160 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
20:54:29.0996 2160 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
20:54:30.0090 2160 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:54:30.0106 2160 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:54:30.0106 2160 ================ Scan VBR ==================================
20:54:30.0106 2160 [ 119EC4FD4956138ED61A44A1279D8C5D ] \Device\Harddisk0\DR0\Partition1
20:54:30.0106 2160 \Device\Harddisk0\DR0\Partition1 - ok
20:54:30.0152 2160 [ 22BE3A84ED3753349F9ACEB9525DE59B ] \Device\Harddisk0\DR0\Partition2
20:54:30.0152 2160 \Device\Harddisk0\DR0\Partition2 - ok
20:54:30.0152 2160 ============================================================
20:54:30.0152 2160 Scan finished
20:54:30.0152 2160============================================================
20:54:30.0152 1868 Detected object count: 7
20:54:30.0152 1868 Actual detected object count: 7
20:55:27.0311 1868 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0311 1868 McAWFwk ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 McAWFwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0311 1868 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0311 1868 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:27.0311 1868 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:27.0389 1868 C:\Windows\system32\services.exe - copied to quarantine
20:55:29.0089 1868 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
20:55:29.0089 1868 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
20:55:29.0136 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ - copied to quarantine
20:55:29.0136 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@ - copied to quarantine
20:55:29.0136 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\201d3dde - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000004.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000008.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\000000cb.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@ - copied to quarantine
20:55:29.0152 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000032.@ - copied to quarantine
20:55:29.0167 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000064.@ - copied to quarantine
20:55:44.0831 1868 Backup copy found, using it..
20:55:44.0924 1868 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000004.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000008.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\000000cb.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000032.@ - will be deleted on reboot
20:55:44.0924 1868 C:\Windows\installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000064.@ - will be deleted on reboot
20:55:44.0940 1868 C:\Windows\system32\services.exe - will be cured on reboot
20:55:44.0940 1868 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
20:55:45.0954 1868 \Device\Harddisk0\DR0\# - copied to quarantine
20:55:45.0954 1868 \Device\Harddisk0\DR0 - copied to quarantine
20:55:46.0016 1868 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:55:46.0016 1868 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:55:46.0032 1868 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
20:55:46.0047 1868 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
20:55:46.0063 1868 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:55:46.0079 1868 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:55:46.0094 1868 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:55:46.0141 1868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
20:55:46.0141 1868 \Device\Harddisk0\DR0 - ok
20:55:46.0188 1868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
20:55:46.0203 1868 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:55:46.0203 1868 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:56:38.0800 3420 Deinitialize success
 
Hi ronnies,

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
  • Right click on ComboFix.exe, click Run as Administrator & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Please post back with the combofix log.

Thanks
 
ComboFix 12-08-25.04 - Scriven 08/27/2012 11:12:33.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2450 [GMT -4:00]
Running from: c:\users\Scriven\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))))
.
.
2012-08-27 15:20 . 2012-08-27 15:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-27 00:55 . 2012-08-27 00:55 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-24 02:21 . 2012-08-24 02:21 -------- d-----w- c:\programdata\PC-Doctor for Windows
2012-08-24 02:05 . 2012-08-24 02:06 -------- d-----w- c:\program files (x86)\ERUNT
2012-08-23 02:54 . 2012-08-23 02:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-08-23 02:53 . 2012-08-23 02:53 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-23 02:53 . 2012-08-23 02:53 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-23 02:29 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-22 00:15 . 2012-08-22 00:15 -------- d-----w- C:\found.000
2012-08-20 15:50 . 2012-08-20 15:50 -------- d-----w- c:\users\Scriven\AppData\Roaming\Malwarebytes
2012-08-20 15:49 . 2012-08-20 15:49 -------- d-----w- c:\programdata\Malwarebytes
2012-08-20 15:49 . 2012-08-24 00:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-20 02:16 . 2012-08-20 02:16 -------- d-----w- c:\users\Scriven\AppData\Local\AskToolbar
2012-08-20 02:16 . 2012-08-22 22:44 -------- d-----w- c:\program files (x86)\Ask.com
2012-08-20 02:02 . 2012-08-20 02:02 -------- d-----w- c:\users\Scriven\AppData\Roaming\Avira
2012-08-20 01:55 . 2012-08-20 02:16 -------- d-----w- c:\programdata\Avira
2012-08-20 01:55 . 2012-08-20 01:55 -------- d-----w- c:\program files (x86)\Avira
2012-08-12 03:55 . 2012-08-13 04:56 -------- d-----w- c:\users\Scriven\AppData\Roaming\Apple Computer
2012-08-12 03:55 . 2012-08-12 03:55 -------- d-----w- c:\users\Scriven\AppData\Local\Apple Computer
2012-08-12 03:54 . 2012-08-22 22:44 -------- d-----w- c:\program files (x86)\iTunes
2012-08-12 03:54 . 2012-08-22 22:44 -------- d-----w- c:\programdata\Apple Computer
2012-08-12 03:54 . 2012-08-12 03:55 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-08-12 03:54 . 2012-08-12 03:54 -------- d-----w- c:\program files\iPod
2012-08-12 03:53 . 2012-08-12 03:53 -------- d-----w- c:\users\Scriven\AppData\Local\Apple
2012-08-12 03:52 . 2012-08-12 03:53 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files\Common Files\Apple
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files\Bonjour
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files (x86)\Bonjour
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\programdata\Apple
2012-08-12 03:52 . 2012-08-12 03:52 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-08-10 23:51 . 2012-08-16 15:12 -------- d-----w- c:\users\Scriven\AppData\Local\ElevatedDiagnostics
2012-08-07 23:41 . 2012-08-07 23:41 -------- d-----w- c:\users\Scriven\AppData\Local\The Weather Channel
2012-08-07 14:39 . 2012-08-07 14:39 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-08-06 19:50 . 2012-08-08 00:38 -------- d-----w- c:\users\Scriven\AppData\Local\Swag_Bucks
2012-08-06 01:05 . 2012-08-06 01:05 -------- d-----w- c:\program files (x86)\Dell Digital Delivery
2012-08-02 13:14 . 2012-08-02 13:14 -------- d-----w- c:\windows\Sun
2012-08-02 03:10 . 2012-08-24 00:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-08-02 03:10 . 2012-08-12 03:57 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-08-02 00:53 . 2012-08-02 00:53 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-07-30 18:09 . 2012-07-30 18:09 -------- d-----w- c:\programdata\Symantec
2012-07-30 18:09 . 2012-08-06 01:38 -------- d-----w- c:\program files (x86)\Norton Security Scan
2012-07-30 18:09 . 2012-07-30 18:09 -------- d-----w- c:\windows\system32\drivers\NSSx64
2012-07-30 18:09 . 2012-08-06 01:38 -------- d-----w- c:\programdata\Norton
2012-07-30 18:09 . 2012-07-30 18:09 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-07-30 16:04 . 2012-07-30 18:45 -------- d-----w- c:\program files (x86)\Google
2012-07-28 17:16 . 2012-07-28 17:16 -------- d-----w- c:\users\Scriven\AppData\Roaming\ooVoo Details
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-27 00:57 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-22 22:15 . 2012-04-03 13:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 22:15 . 2012-02-28 13:16 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-25 20:04 . 2012-06-25 20:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-12 03:08 . 2012-07-12 07:03 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 13:44 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 13:44 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 13:44 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 13:44 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 13:44 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 13:44 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 13:44 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-19 13:58 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 13:58 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 13:58 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 13:58 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 13:58 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 13:58 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 13:58 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-19 13:58 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-19 13:58 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 07:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-12 07:01 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 07:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 07:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 07:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 07:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 07:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 07:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 07:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 13:44 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 13:44 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 13:44 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 13:44 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 13:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 13:44 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 13:44 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 13:44 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 13:44 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Swag_Bucks\prxtbSwag.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"FaxCenterServer"="c:\program files (x86)\Dell PC Fax\fm3032.exe" [2006-12-12 312200]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-05-30 885760]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-22 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 250056]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2010-09-21 348712]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-15 100912]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-14 1255736]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-15 284648]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-10-15 75808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-08-02 173056]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-12-06 161168]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-10-15 65264]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-10-15 481768]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-11-18 6301696]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-11 4500640]
"dlcqmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files (x86)\Dell Photo AIO Printer 966\memcard.exe" [2006-12-12 304008]
"DLCQCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCQtime.dll" [2006-10-16 31744]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-05-30 2055816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.200.1
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-DW6 - c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-32473346.sys
Toolbar-Locked - (no file)
WebBrowser-{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}"=hex:51,66,7a,6c,4c,1d,38,12,b8,aa,cd,
8f,50,21,85,00,f1,ff,c9,c1,aa,53,6b,80
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{27B4851A-3207-45A2-B947-BE8AFE6163AB}"=hex:51,66,7a,6c,4c,1d,38,12,74,86,a7,
23,35,7c,cc,00,c6,51,fd,ca,fb,3f,27,bf
"{4BEEA052-726D-4A6E-B65D-A6BD07C263F3}"=hex:51,66,7a,6c,4c,1d,38,12,3c,a3,fd,
4f,5f,3c,00,0f,c9,4b,e5,fd,02,9c,27,e7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,
79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
"{4A62FAC4-1670-430B-8C6B-9C7B53F51798}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f9,71,
4e,42,58,65,06,f3,7d,df,3b,56,ab,53,8c
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:98,a1,58,38,f7,74,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,b2,f1,91,5d,b2,71,41,96,b5,90,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,b2,f1,91,5d,b2,71,41,96,b5,90,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-08-27 11:30:55 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-27 15:30
.
Pre-Run: 250,084,663,296 bytes free
Post-Run: 250,542,567,424 bytes free
.
- - End Of File - - 05CAC875C580982B085213BA4A2FBFAA
 
Hi ronnies



This infection is known to corrupt some of windows services. We'll have a look.
Next

Please download Farbar Service Scanner and save it to your desktop.
  • Check all the boxes and click scan
  • Please copy and paste the log to your reply.


Next


Download OTL to your desktop.
  • Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output
  • Check the boxes beside LOP Check and Purity Check.
  • In the window under Custom Scans/Fixes copy and paste the following


    netsvcs
    /md5start
    services.*
    /md5stop


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Please post back with the OTL logs and the FSS log.
 
FSS Log
Farbar Service Scanner Version: 06-08-2012
Ran by Scriven (administrator) on 28-08-2012 at 08:03:26
Running from "C:\Users\Scriven\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
 
OTL logfile created on: 8/28/2012 8:07:59 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Scriven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.76% Memory free
7.83 Gb Paging File | 5.92 Gb Available in Paging File | 75.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 232.81 Gb Free Space | 83.61% Space Free | Partition Type: NTFS

Computer Name: SCRIVEN-PC | User Name: Scriven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Scriven\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe ()
PRC - C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\DLCQcfg.dll ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqscw.dll ()
MOD - C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqdrec.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe ()
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dlcq_device) -- C:\Windows\SysNative\dlcqcoms.exe ( )
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DellDigitalDelivery) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (dlcq_device) -- C:\Windows\SysWOW64\dlcqcoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}
IE:64bit: - HKLM\..\SearchScopes\{AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}
IE - HKLM\..\SearchScopes\{AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {AE14F4AE-7444-4C5B-B29A-2E1A0B58C561}
IE - HKCU\..\SearchScopes\{0C0D7F65-CD76-42D5-9655-771D74B9781C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2260173
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/08/23 20:17:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/24 21:23:37 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/08/27 11:23:32 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120213144224.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120213144224.dll (McAfee, Inc.)
O2 - BHO: (Swag Bucks Toolbar) - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Swag Bucks Toolbar) - {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Swag Bucks Toolbar) - {8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - C:\Program Files (x86)\Swag_Bucks\prxtbSwag.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [DLCQCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\DLCQtime.DLL ()
O4:64bit: - HKLM..\Run: [dlcqmon.exe] C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 10.6.2)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 1.7.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 1.7.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.200.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B35F3F63-C6B9-40D5-8065-255D8F8DB51D}: DhcpNameServer = 192.168.200.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


========== Files/Folders - Created Within 30 Days ==========

[2012/08/28 08:04:20 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Scriven\Desktop\OTL.exe
[2012/08/28 08:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/28 08:02:35 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Scriven\Desktop\FSS.exe
[2012/08/27 17:30:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/27 11:30:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/27 11:09:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/27 11:09:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/27 11:09:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/27 10:59:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/27 10:57:11 | 004,738,846 | R--- | C] (Swearware) -- C:\Users\Scriven\Desktop\ComboFix.exe
[2012/08/26 20:55:27 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/26 20:49:37 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Scriven\Desktop\tdsskiller.exe
[2012/08/23 22:21:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/23 22:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/23 22:06:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/08/23 22:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/08/23 22:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/08/22 22:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/22 22:53:52 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/22 22:53:52 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/22 22:53:32 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/22 22:53:32 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/22 22:53:32 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/22 22:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/22 22:29:04 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/21 20:15:24 | 000,000,000 | ---D | C] -- C:\found.000
[2012/08/20 11:50:04 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Roaming\Malwarebytes
[2012/08/20 11:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/20 11:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/19 22:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/19 22:16:10 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\AskToolbar
[2012/08/19 22:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/08/19 22:02:30 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Roaming\Avira
[2012/08/19 21:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/08/19 21:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012/08/11 23:55:53 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Roaming\Apple Computer
[2012/08/11 23:55:53 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\Apple Computer
[2012/08/11 23:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/08/11 23:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/08/11 23:53:04 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\Apple
[2012/08/11 23:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/08/11 23:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/08/11 23:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/08/11 23:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/08/11 23:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/08/11 23:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/08/10 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\ElevatedDiagnostics
[2012/08/10 09:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/08/07 19:41:31 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\The Weather Channel
[2012/08/07 10:39:13 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/08/06 15:50:31 | 000,000,000 | ---D | C] -- C:\Users\Scriven\AppData\Local\Swag_Bucks
[2012/08/05 21:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery
[2012/08/04 13:05:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/08/04 09:40:16 | 000,000,000 | ---D | C] -- C:\Users\Scriven\Documents\Kelly Electronic Earnings Documents System New User Activation_files
[2012/08/02 09:14:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/01 23:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/08/01 23:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/08/01 20:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/07/30 14:47:55 | 000,000,000 | ---D | C] -- C:\Users\Scriven\Documents\Fragments
[2012/07/30 14:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/07/30 14:09:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012/07/30 14:09:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012/07/30 14:09:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012/07/30 14:09:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005
[2012/07/30 14:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/07/30 14:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/07/30 14:09:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/07/30 12:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/07/30 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
 
========== Files - Modified Within 30 Days ==========

[2012/08/28 08:06:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 08:06:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 08:04:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Scriven\Desktop\OTL.exe
[2012/08/28 08:03:59 | 000,778,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/28 08:03:59 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/28 08:03:59 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/28 08:02:35 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Scriven\Desktop\FSS.exe
[2012/08/28 07:58:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/28 07:58:41 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/28 04:00:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/27 12:23:48 | 000,326,530 | ---- | M] () -- C:\Users\Scriven\12_13 STAR Orientation_BBC.pdf
[2012/08/27 11:23:32 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/27 10:57:12 | 004,738,846 | R--- | M] (Swearware) -- C:\Users\Scriven\Desktop\ComboFix.exe
[2012/08/26 20:57:04 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2012/08/26 20:49:37 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Scriven\Desktop\tdsskiller.exe
[2012/08/24 21:23:39 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/08/23 22:51:48 | 000,000,512 | ---- | M] () -- C:\Users\Scriven\Desktop\MBR.dat
[2012/08/23 22:29:40 | 000,005,099 | ---- | M] () -- C:\Users\Scriven\Documents\Attach.zip
[2012/08/23 22:06:14 | 000,001,110 | ---- | M] () -- C:\Users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/08/23 22:05:59 | 000,000,930 | ---- | M] () -- C:\Users\Scriven\Desktop\NTREGOPT.lnk
[2012/08/23 22:05:59 | 000,000,911 | ---- | M] () -- C:\Users\Scriven\Desktop\ERUNT.lnk
[2012/08/22 22:53:14 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/22 22:53:13 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/22 22:53:13 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/22 22:53:13 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/22 22:53:13 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/22 22:38:11 | 430,706,627 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/22 22:29:06 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/22 22:27:09 | 000,000,133 | ---- | M] () -- C:\Windows\wininit.ini
[2012/08/22 18:15:21 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/22 18:15:21 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/22 18:00:53 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/10 09:36:28 | 000,001,288 | ---- | M] () -- C:\Users\Scriven\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/10 09:36:28 | 000,001,264 | ---- | M] () -- C:\Users\Scriven\Desktop\Spybot - Search & Destroy.lnk
[2012/08/07 19:48:56 | 000,001,367 | ---- | M] () -- C:\Users\Scriven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/04 09:40:17 | 000,034,003 | ---- | M] () -- C:\Users\Scriven\Documents\Kelly Electronic Earnings Documents System New User Activation.htm

========== Files Created - No Company Name ==========

[2012/08/27 12:23:47 | 000,326,530 | ---- | C] () -- C:\Users\Scriven\12_13 STAR Orientation_BBC.pdf
[2012/08/27 11:09:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/27 11:09:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/27 11:09:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/27 11:09:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/27 11:09:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/23 22:51:48 | 000,000,512 | ---- | C] () -- C:\Users\Scriven\Desktop\MBR.dat
[2012/08/23 22:29:40 | 000,005,099 | ---- | C] () -- C:\Users\Scriven\Documents\Attach.zip
[2012/08/23 22:06:14 | 000,001,110 | ---- | C] () -- C:\Users\Scriven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/08/23 22:05:59 | 000,000,930 | ---- | C] () -- C:\Users\Scriven\Desktop\NTREGOPT.lnk
[2012/08/23 22:05:59 | 000,000,911 | ---- | C] () -- C:\Users\Scriven\Desktop\ERUNT.lnk
[2012/08/22 22:29:06 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/22 18:16:34 | 000,000,133 | ---- | C] () -- C:\Windows\wininit.ini
[2012/08/11 23:53:03 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/08/10 09:36:28 | 000,001,288 | ---- | C] () -- C:\Users\Scriven\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/08/10 09:36:28 | 000,001,264 | ---- | C] () -- C:\Users\Scriven\Desktop\Spybot - Search & Destroy.lnk
[2012/08/10 00:23:03 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@
[2012/08/04 13:05:36 | 430,706,627 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/04 09:40:16 | 000,034,003 | ---- | C] () -- C:\Users\Scriven\Documents\Kelly Electronic Earnings Documents System New User Activation.htm
[2012/07/30 14:09:33 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini
[2012/04/05 17:07:22 | 000,001,848 | ---- | C] () -- C:\Windows\SysWow64\GacelaLSPServiceOff.ini
[2012/03/04 01:15:43 | 000,005,120 | ---- | C] () -- C:\Users\Scriven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/13 15:52:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqinpa.dll
[2012/02/13 15:52:30 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqiesc.dll
[2012/02/13 15:52:30 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\DLCQinst.dll
[2012/02/13 15:52:29 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\dlcqjswr.dll
[2012/02/13 15:52:29 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dlcqinsr.dll
[2012/02/13 15:52:29 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dlcqcur.dll
[2012/02/13 15:52:28 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqpmui.dll
[2012/02/13 15:52:28 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\dlcqutil.dll
[2012/02/13 15:52:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dlcqinsb.dll
[2012/02/13 15:52:27 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dlcqins.dll
[2012/02/13 15:52:26 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dlcqcub.dll
[2012/02/13 15:52:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\dlcqcu.dll
[2012/02/13 15:52:25 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqserv.dll
[2012/02/13 15:52:25 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqusb1.dll
[2012/02/13 15:52:24 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqprox.dll
[2012/02/13 15:52:23 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqlmpm.dll
[2012/02/13 15:52:23 | 000,181,128 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqppls.exe
[2012/02/13 15:52:23 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqpplc.dll
[2012/02/13 15:52:22 | 000,385,928 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqih.exe
[2012/02/13 15:52:21 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqhbn3.dll
[2012/02/13 15:52:21 | 000,537,480 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcoms.exe
[2012/02/13 15:52:20 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcomc.dll
[2012/02/13 15:52:20 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcomm.dll
[2012/02/13 15:52:19 | 000,381,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcqcfg.exe
[2012/02/13 15:52:19 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\DLCQcfg.dll
[2012/02/13 15:51:15 | 000,002,048 | -HS- | C] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2012/02/13 15:51:15 | 000,002,048 | -HS- | C] () -- C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
[2011/07/09 07:39:56 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/07/09 07:39:38 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/09 07:39:36 | 000,214,760 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/09 07:39:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/07/09 07:39:32 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/09 07:39:31 | 013,355,008 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/02/10 12:10:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/07 15:39:22 | 000,064,336 | ---- | C] () -- C:\Windows\SysWow64\mfc100fra.dll
[2011/01/07 15:39:22 | 000,064,336 | ---- | C] () -- C:\Windows\SysWow64\mfc100deu.dll
[2011/01/07 15:39:22 | 000,063,824 | ---- | C] () -- C:\Windows\SysWow64\mfc100esn.dll
[2011/01/07 15:39:22 | 000,062,288 | ---- | C] () -- C:\Windows\SysWow64\mfc100ita.dll
[2011/01/07 15:39:22 | 000,060,752 | ---- | C] () -- C:\Windows\SysWow64\mfc100rus.dll
[2011/01/07 15:39:22 | 000,036,176 | ---- | C] () -- C:\Windows\SysWow64\mfc100cht.dll

========== LOP Check ==========

[2012/07/09 13:48:02 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Blackboard
[2012/03/20 20:30:04 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Elluminate
[2012/02/13 12:25:41 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Fingertapps
[2012/04/20 21:01:05 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\HTC
[2012/04/23 08:47:14 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/02/13 12:25:19 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\Leadertech
[2012/07/28 13:16:52 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\ooVoo Details
[2012/02/13 17:02:54 | 000,000,000 | ---D | M] -- C:\Users\Scriven\AppData\Roaming\PCDr
[2012/08/26 20:44:31 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/04/04 01:54:08 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/04/04 01:53:56 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/07/27 16:51:52 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2012/04/04 01:53:56 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/07/27 16:51:54 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx
[2012/04/04 01:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/04/04 01:54:10 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/04/04 01:54:10 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/04/04 01:54:02 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/04/04 01:54:08 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/04/04 01:54:04 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 22:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/04/04 01:54:02 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/04/04 01:53:58 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/15 22:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/15 22:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/15 22:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/15 22:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/15 22:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/15 22:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/15 22:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/15 22:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/15 22:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/15 22:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/15 22:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/15 22:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/15 22:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/15 22:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/15 22:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/15 22:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/15 22:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/15 22:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/15 22:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/15 22:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/15 22:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/15 22:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/15 22:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/15 22:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/15 22:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2012/07/27 16:51:52 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2012/07/27 16:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/10/25 15:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg
[2010/11/15 22:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=014A9CB92514E27C0107614DF764BC06 -- C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\services.exe
[2012/08/26 20:57:04 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2012/08/26 20:57:04 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/08/10 00:35:24 | 000,000,668 | ---- | M] () MD5=5105317ECA9F08DB007D7DA4B242B35D -- C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\64J7LRRR\mochiads.com\services.mochiads.com.sol
[2012/08/22 22:22:14 | 000,000,706 | ---- | M] () MD5=D59B8E5ACB7448883E938058E428CF97 -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\64J7LRRR\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2012/08/17 17:29:04 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\Dell Support Center\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.SBS >
[2011/03/01 09:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy\Includes\Services.sbs

< End of report >
 
OTL Extras logfile created on: 8/28/2012 8:07:59 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Scriven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.76% Memory free
7.83 Gb Paging File | 5.92 Gb Available in Paging File | 75.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 232.81 Gb Free Space | 83.61% Space Free | Partition Type: NTFS

Computer Name: SCRIVEN-PC | User Name: Scriven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{706FA5AD-49F4-4C68-BA0E-6258428A8BC6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71E07CAD-7B98-40CB-9232-C7F2AAB3C281}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 966" = Dell Photo AIO Printer 966
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = Dell Support Center
"SynTPDeinstKey" = Dell Touchpad

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BF2B19D-9C79-492A-8969-F059F06A627F}" = Print to Fax
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}" = Dell Marketplace Webslice IE8
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E43D09-96AF-4CA0-85AE-9134E7FFA7FC}" = Dell Digital Delivery
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Dell Webcam Central" = Dell Webcam Central
"ERUNT_is1" = ERUNT 1.1j
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Swag_Bucks Toolbar" = Swag Bucks Toolbar
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/25/2012 2:09:28 PM | Computer Name = Scriven-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/25/2012 2:11:06 PM | Computer Name = Scriven-PC | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 7

Error - 8/25/2012 2:11:27 PM | Computer Name = Scriven-PC | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 7

Error - 8/25/2012 2:13:08 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x003bb482 Faulting process
id: 0x10b8 Faulting application start time: 0x01cd82ed4710be42 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
85a1cd3d-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:14:10 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0x1958 Faulting application start time: 0x01cd82ed6bfebd5a Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
aa10a963-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:15:11 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0xb80 Faulting application start time: 0x01cd82ed903a579b Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
ce975678-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:16:11 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0xed4 Faulting application start time: 0x01cd82edb4be7e49 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
f27f3d5e-eee0-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:17:11 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x012cb482 Faulting process
id: 0xc7c Faulting application start time: 0x01cd82edd8a5be1f Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
1669636e-eee1-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:18:12 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x012cb482 Faulting process
id: 0x1748 Faulting application start time: 0x01cd82edfca7cc98 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
3a694f00-eee1-11e1-aa1e-14feb5ba7269

Error - 8/25/2012 2:19:12 PM | Computer Name = Scriven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time
stamp: 0x4fe23011 Exception code: 0xc0000005 Fault offset: 0x0001b482 Faulting process
id: 0x1190 Faulting application start time: 0x01cd82ee20a6cdc6 Faulting application
path: C:\Windows\SysWOW64\svchost.exe Faulting module path: 80000032.@ Report Id:
5e6c6eed-eee1-11e1-aa1e-14feb5ba7269

[ Broadcom Wireless LAN Events ]
Error - 8/5/2012 1:22:32 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 13:22:31, Sun, Aug 05, 12 Error - Unable to gain access to user store


Error - 8/5/2012 11:52:38 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 23:52:38, Sun, Aug 05, 12 Error - Unable to gain access to user store


Error - 8/13/2012 6:22:41 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 18:22:41, Mon, Aug 13, 12 Error - Unable to gain access to user store


Error - 8/18/2012 4:39:30 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 16:39:29, Sat, Aug 18, 12 Error - Unable to gain access to user store


Error - 8/18/2012 9:11:10 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 21:11:10, Sat, Aug 18, 12 Error - Unable to gain access to user store


Error - 8/18/2012 9:24:34 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 21:24:29, Sat, Aug 18, 12 Error - (WLTRAY.EXE-2448) Unable to start
peernet session, after 200 iterations

Error - 8/18/2012 9:24:34 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 21:24:34, Sat, Aug 18, 12 Error - Unable to initialize peernet library


Error - 8/22/2012 10:40:21 PM | Computer Name = Scriven-PC | Source = WLAN-Tray | ID = 0
Description = 22:40:21, Wed, Aug 22, 12 Error - Unable to gain access to user store


[ System Events ]
Error - 8/27/2012 11:27:53 AM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =

Error - 8/27/2012 5:30:24 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 5:30:54 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 5:33:48 PM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =

Error - 8/27/2012 8:22:00 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 8:22:30 PM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/27/2012 8:26:30 PM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =

Error - 8/28/2012 3:59:59 AM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Wlansvc service.

Error - 8/28/2012 7:59:34 AM | Computer Name = Scriven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 8/28/2012 8:03:53 AM | Computer Name = Scriven-PC | Source = DCOM | ID = 10010
Description =


< End of report >
 
Hi ronnies,

Next, Double click on OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • Do Not copy the word CODE
  • please note the fix starts with the :
Code: 
:Services

:Files
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}
C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]
"DisplayName"="@%SystemRoot%\\system32\\qmgr.dll,-1000"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\qmgr.dll,-1001"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"DelayedAutoStart"=dword:00000001
"Type"=dword:00000020
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,45,00,76,00,65,00,\
  6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,\
  00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
  67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
  00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
  00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
  00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,\
  72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,\
  00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,\
  63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,\
  00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  71,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance]
"Library"="bitsperf.dll"
"Open"="PerfMon_Open"
"Collect"="PerfMon_Collect"
"Close"="PerfMon_Close"
"InstallType"=dword:00000001
"PerfIniFile"="bitsctrs.ini"
"First Counter"=dword:00000774
"Last Counter"=dword:00000784
"First Help"=dword:00000775
"Last Help"=dword:00000785
"Object List"="1908"
"1008"=hex(b):bc,81,53,b3,1d,d9,cc,01
"PerfMMFileName"="Global\\MMF_BITS_s"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security]
"Security"=hex:01,00,14,90,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,\
  00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
  00,00,20,02,00,00,02,00,5c,00,04,00,00,00,00,02,14,00,ff,01,0f,00,01,01,00,\
  00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,\
  20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,\
  00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,01,02,\
  00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,\
  00,20,02,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum]
"0"="Root\\LEGACY_BITS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

:Commands
[createrestorepoint]

Then click the Run Fix button at the top
  • Let the program run unhindered
  • Please save the resulting log to be posted in your next reply.
  • Reboot your computer
Please post the OTL fix log

Next rerun FSS the same way you did before and post the log.
 
Last edited:
========== SERVICES/DRIVERS ==========
========== FILES ==========
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L\00000004.@ moved successfully.
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L folder moved successfully.
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U folder moved successfully.
C:\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8} folder moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ moved successfully.
File\Folder C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\@ not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U folder moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\L folder moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8} folder moved successfully.
File\Folder C:\Windows\System32\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8} not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"DisplayName"|"@%SystemRoot%\\system32\\qmgr.dll,-1000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ImagePath"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"Description"|"@%SystemRoot%\\system32\\qmgr.dll,-1001" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ObjectName"|"LocalSystem" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"Start"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"DelayedAutoStart"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"DependOnService"|hex(7):52,00,70,00,63,00,53,00,73,00,00,00,45,00,76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"ServiceSidType"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"RequiredPrivileges"|hex(7):53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\"FailureActions"|hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,00,01,00,00,00,60,ea,00,00,01,00,00,00,c0,d4,01,00,00,00,00,00,00,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,71,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Library"|"bitsperf.dll" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Open"|"PerfMon_Open" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Collect"|"PerfMon_Collect" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Close"|"PerfMon_Close" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"InstallType"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"PerfIniFile"|"bitsctrs.ini" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"First Counter"|dword:00000774 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Last Counter"|dword:00000784 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"First Help"|dword:00000775 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Last Help"|dword:00000785 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"Object List"|"1908" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"1008"|hex(b):bc,81,53,b3,1d,d9,cc,01 /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Performance\\"PerfMMFileName"|"Global\\MMF_BITS_s" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\"Security"|hex:01,00,14,90,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,02,00,5c,00,04,00,00,00,00,02,14,00,ff,01,0f,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\"0"|"Root\\LEGACY_BITS\\0000" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\"Count"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\"NextInstance"|dword:00000001 /E : value set successfully!
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.59.1 log created on 08282012_104545
 
Farbar Service Scanner Version: 06-08-2012
Ran by Scriven (administrator) on 28-08-2012 at 10:54:14
Running from "C:\Users\Scriven\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
 
Hi ronnies,

Looks better. Let's tidy things up a bit.

Run TDSSKiller the same way you did before. When presented with this line

20:55:46.0203 1868 \Device\Harddisk0\DR0 ( TDSS File System )

Use the dropdown menu and select delete.


Next

Click your start button > Control Panel. Under Programs click uninstall a program and uninstall

Java(TM) 6 Update 24 (64-bit)


You can get the newest versions from HERE

  • Accept the License Agreement
  • Download the last file in the list jre-7-windows-x64.exe
  • double click the files one at a time to install them
Decline any additional installs that may be offered during the update.



Next, Double click on OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
  • Do Not copy the word CODE
  • please note the fix starts with the :
Code: 
:Services

:Commands
[createrestorepoint]
[emptytemp]

Then click the Run Fix button at the top
  • Let the program run unhindered
  • Please save the resulting log to be posted in your next reply.
Please post the OTL fix log.




Next

You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.

Open MBAM

  • Click the Update tab
  • Click Check for Updates
  • If an update is found, it will download and install the latest version.
  • The program will close to update and reopen.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.




One more scan to check our handiwork.

As a Vista/Win7 user you will need to right click your browser icon and select "Run as Administrator" in order to run this scan.
  • Do not use this instance of your browser for anything besides doing this scan
  • When the scan is complete and the results saved, close that instance of your browser
  • Open a new one the usual way and post the results in this topic.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.


Go here to run an online scannner from
ESET

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Disable your Antivirus software. You can usually do this with its Notfication Tray icon near the clock
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
  • Click Scan.
  • Wait for the scan to finish.
  • When the scan completes, click List of found threats
  • click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
  • Include the contents of this report in your next reply

    Note - when ESET doesn't find any threats, no report will be created.
  • Push the back button.
  • Push Finish
  • Re-enable your Antivirus software.

Please post back with
  • OTL fix log
  • MBAM log
  • ESET log is there is one
Everything still ok?
 
TDSSKiller did not give me the options you suggested I choose.

08:41:51.0741 7756 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:41:53.0754 7756 ============================================================
08:41:53.0754 7756 Current date / time: 2012/08/29 08:41:53.0754
08:41:53.0754 7756 SystemInfo:
08:41:53.0754 7756
08:41:53.0754 7756 OS Version: 6.1.7601 ServicePack: 1.0
08:41:53.0754 7756 Product type: Workstation
08:41:53.0754 7756 ComputerName: SCRIVEN-PC
08:41:53.0754 7756 UserName: Scriven
08:41:53.0754 7756 Windows directory: C:\Windows
08:41:53.0754 7756 System windows directory: C:\Windows
08:41:53.0754 7756 Running under WOW64
08:41:53.0754 7756 Processor architecture: Intel x64
08:41:53.0754 7756 Number of processors: 2
08:41:53.0754 7756 Page size: 0x1000
08:41:53.0754 7756 Boot type: Normal boot
08:41:53.0754 7756 ============================================================
08:41:54.0534 7756 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:41:54.0549 7756 ============================================================
08:41:54.0549 7756 \Device\Harddisk0\DR0:
08:41:54.0580 7756 MBR partitions:
08:41:54.0580 7756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
08:41:54.0580 7756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x22CEA2B0
08:41:54.0580 7756 ============================================================
08:41:54.0674 7756 C: <-> \Device\Harddisk0\DR0\Partition2
08:41:54.0674 7756 ============================================================
08:41:54.0674 7756 Initialize success
08:41:54.0674 7756 ============================================================
08:42:27.0668 6672 ============================================================
08:42:27.0668 6672 Scan started
08:42:27.0668 6672 Mode: Manual; SigCheck; TDLFS;
08:42:27.0668 6672 ============================================================
08:42:30.0694 6672 ================ Scan system memory ========================
08:42:30.0694 6672 System memory - ok
08:42:30.0694 6672 ================ Scan services =============================
08:42:31.0100 6672 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:42:31.0287 6672 1394ohci - ok
08:42:31.0334 6672 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:42:31.0365 6672 ACPI - ok
08:42:31.0412 6672 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:42:31.0521 6672 AcpiPmi - ok
08:42:31.0693 6672 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:42:31.0724 6672 AdobeARMservice - ok
08:42:31.0974 6672 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:42:32.0005 6672 AdobeFlashPlayerUpdateSvc - ok
08:42:32.0083 6672 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:42:32.0114 6672 adp94xx - ok
08:42:32.0176 6672 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:42:32.0208 6672 adpahci - ok
08:42:32.0286 6672 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:42:32.0332 6672 adpu320 - ok
08:42:32.0364 6672 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:42:32.0426 6672 AeLookupSvc - ok
08:42:32.0535 6672 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:42:32.0566 6672 AERTFilters - ok
08:42:32.0598 6672 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:42:32.0691 6672 AFD - ok
08:42:32.0738 6672 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:42:32.0769 6672 agp440 - ok
08:42:32.0832 6672 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:42:32.0894 6672 ALG - ok
08:42:32.0956 6672 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:42:32.0988 6672 aliide - ok
08:42:33.0019 6672 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:42:33.0050 6672 amdide - ok
08:42:33.0112 6672 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:42:33.0144 6672 AmdK8 - ok
08:42:33.0159 6672 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:42:33.0175 6672 AmdPPM - ok
08:42:33.0222 6672 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:42:33.0253 6672 amdsata - ok
08:42:33.0300 6672 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:42:33.0331 6672 amdsbs - ok
08:42:33.0362 6672 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:42:33.0393 6672 amdxata - ok
08:42:33.0424 6672 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:42:33.0674 6672 AppID - ok
08:42:33.0768 6672 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:42:33.0814 6672 AppIDSvc - ok
08:42:33.0846 6672 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:42:33.0908 6672 Appinfo - ok
08:42:34.0033 6672 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:42:34.0048 6672 Apple Mobile Device - ok
08:42:34.0111 6672 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:42:34.0142 6672 arc - ok
08:42:34.0158 6672 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:42:34.0189 6672 arcsas - ok
08:42:34.0329 6672 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:42:34.0407 6672 aspnet_state - ok
08:42:34.0438 6672 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:42:34.0516 6672 AsyncMac - ok
08:42:34.0594 6672 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:42:34.0626 6672 atapi - ok
08:42:34.0672 6672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:42:34.0797 6672 AudioEndpointBuilder - ok
08:42:34.0813 6672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:42:34.0844 6672 AudioSrv - ok
08:42:34.0922 6672 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:42:35.0031 6672 AxInstSV - ok
08:42:35.0125 6672 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:42:35.0218 6672 b06bdrv - ok
08:42:35.0296 6672 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:42:35.0343 6672 b57nd60a - ok
08:42:35.0468 6672 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
08:42:35.0515 6672 BBSvc - ok
08:42:35.0546 6672 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
08:42:35.0562 6672 BBUpdate - ok
08:42:35.0593 6672 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
08:42:35.0655 6672 BCM42RLY - ok
08:42:35.0764 6672 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:42:35.0842 6672 BCM43XX - ok
08:42:35.0967 6672 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:42:36.0045 6672 BDESVC - ok
08:42:36.0108 6672 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:42:36.0186 6672 Beep - ok
08:42:36.0264 6672 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:42:36.0373 6672 BFE - ok
08:42:36.0466 6672 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:42:36.0576 6672 BITS - ok
08:42:36.0638 6672 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:42:36.0669 6672 blbdrive - ok
08:42:36.0763 6672 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:42:36.0794 6672 Bonjour Service - ok
08:42:36.0856 6672 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:42:36.0919 6672 bowser - ok
08:42:36.0950 6672 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:42:37.0012 6672 BrFiltLo - ok
08:42:37.0044 6672 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:42:37.0059 6672 BrFiltUp - ok
08:42:37.0122 6672 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:42:37.0200 6672 BridgeMP - ok
08:42:37.0293 6672 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
08:42:37.0356 6672 Browser - ok
08:42:37.0418 6672 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:42:37.0465 6672 Brserid - ok
08:42:37.0527 6672 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:42:37.0558 6672 BrSerWdm - ok
08:42:37.0652 6672 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:42:37.0668 6672 BrUsbMdm - ok
08:42:37.0683 6672 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:42:37.0761 6672 BrUsbSer - ok
08:42:37.0808 6672 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:42:37.0886 6672 BthEnum - ok
08:42:37.0933 6672 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:42:37.0995 6672 BTHMODEM - ok
08:42:38.0042 6672 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:42:38.0104 6672 BthPan - ok
08:42:38.0167 6672 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:42:38.0198 6672 BTHPORT - ok
08:42:38.0245 6672 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:42:38.0323 6672 bthserv - ok
08:42:38.0354 6672 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:42:38.0385 6672 BTHUSB - ok
08:42:38.0463 6672 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
08:42:38.0510 6672 BTWAMPFL - ok
08:42:38.0557 6672 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:42:38.0572 6672 btwaudio - ok
08:42:38.0588 6672 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
08:42:38.0604 6672 btwavdt - ok
08:42:38.0697 6672 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:42:38.0728 6672 btwdins - ok
08:42:38.0744 6672 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:42:38.0744 6672 btwl2cap - ok
08:42:38.0760 6672 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:42:38.0775 6672 btwrchid - ok
08:42:38.0806 6672 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:42:38.0869 6672 cdfs - ok
08:42:38.0916 6672 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:42:38.0962 6672 cdrom - ok
08:42:39.0009 6672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:42:39.0087 6672 CertPropSvc - ok
08:42:39.0165 6672 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:42:39.0196 6672 cfwids - ok
08:42:39.0212 6672 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:42:39.0243 6672 circlass - ok
08:42:39.0274 6672 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:42:39.0321 6672 CLFS - ok
08:42:39.0399 6672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:42:39.0430 6672 clr_optimization_v2.0.50727_32 - ok
08:42:39.0462 6672 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:42:39.0493 6672 clr_optimization_v2.0.50727_64 - ok
08:42:39.0555 6672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:42:39.0618 6672 clr_optimization_v4.0.30319_32 - ok
08:42:39.0633 6672 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:42:39.0696 6672 clr_optimization_v4.0.30319_64 - ok
08:42:39.0711 6672 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:42:39.0742 6672 CmBatt - ok
08:42:39.0805 6672 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:42:39.0836 6672 cmdide - ok
08:42:39.0883 6672 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:42:39.0898 6672 CNG - ok
08:42:39.0930 6672 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:42:39.0945 6672 Compbatt - ok
08:42:39.0961 6672 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:42:39.0992 6672 CompositeBus - ok
08:42:40.0008 6672 COMSysApp - ok
08:42:40.0023 6672 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:42:40.0039 6672 crcdisk - ok
08:42:40.0070 6672 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:42:40.0117 6672 CryptSvc - ok
08:42:40.0164 6672 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:42:40.0242 6672 CtClsFlt - ok
08:42:40.0320 6672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:42:40.0413 6672 DcomLaunch - ok
08:42:40.0444 6672 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:42:40.0554 6672 defragsvc - ok
08:42:40.0647 6672 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
08:42:40.0678 6672 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
08:42:40.0678 6672 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
08:42:40.0710 6672 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:42:40.0803 6672 DfsC - ok
08:42:40.0850 6672 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:42:40.0959 6672 Dhcp - ok
08:42:40.0990 6672 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:42:41.0022 6672 discache - ok
08:42:41.0068 6672 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:42:41.0084 6672 Disk - ok
08:42:41.0100 6672 dlcq_device - ok
08:42:41.0131 6672 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:42:41.0193 6672 Dnscache - ok
08:42:41.0240 6672 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:42:41.0318 6672 dot3svc - ok
08:42:41.0334 6672 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:42:41.0396 6672 DPS - ok
08:42:41.0427 6672 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:42:41.0490 6672 drmkaud - ok
08:42:41.0568 6672 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:42:41.0614 6672 DXGKrnl - ok
08:42:41.0630 6672 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:42:41.0708 6672 EapHost - ok
08:42:41.0895 6672 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:42:41.0973 6672 ebdrv - ok
08:42:42.0036 6672 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:42:42.0114 6672 EFS - ok
08:42:42.0301 6672 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:42:42.0410 6672 ehRecvr - ok
08:42:42.0441 6672 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:42:42.0472 6672 ehSched - ok
08:42:42.0613 6672 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:42:42.0675 6672 elxstor - ok
08:42:42.0691 6672 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:42:42.0738 6672 ErrDev - ok
08:42:42.0831 6672 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:42:42.0894 6672 EventSystem - ok
08:42:42.0956 6672 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:42:43.0018 6672 exfat - ok
08:42:43.0050 6672 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:42:43.0112 6672 fastfat - ok
08:42:43.0190 6672 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:42:43.0268 6672 Fax - ok
08:42:43.0299 6672 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:42:43.0362 6672 fdc - ok
08:42:43.0377 6672 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:42:43.0408 6672 fdPHost - ok
08:42:43.0424 6672 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:42:43.0502 6672 FDResPub - ok
08:42:43.0533 6672 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:42:43.0549 6672 FileInfo - ok
08:42:43.0564 6672 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:42:43.0611 6672 Filetrace - ok
08:42:43.0642 6672 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:42:43.0658 6672 flpydisk - ok
08:42:43.0689 6672 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:42:43.0705 6672 FltMgr - ok
08:42:43.0767 6672 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:42:43.0830 6672 FontCache - ok
08:42:43.0876 6672 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:42:43.0908 6672 FontCache3.0.0.0 - ok
08:42:43.0923 6672 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:42:43.0939 6672 FsDepends - ok
08:42:43.0970 6672 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:42:43.0986 6672 fssfltr - ok
08:42:44.0110 6672 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:42:44.0157 6672 fsssvc - ok
08:42:44.0235 6672 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:42:44.0251 6672 Fs_Rec - ok
08:42:44.0313 6672 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:42:44.0360 6672 fvevol - ok
08:42:44.0391 6672 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:42:44.0422 6672 gagp30kx - ok
08:42:44.0532 6672 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:42:44.0578 6672 gpsvc - ok
08:42:44.0594 6672 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:42:44.0625 6672 hcw85cir - ok
08:42:44.0656 6672 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:42:44.0734 6672 HDAudBus - ok
08:42:44.0750 6672 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:42:44.0766 6672 HidBatt - ok
08:42:44.0797 6672 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:42:44.0844 6672 HidBth - ok
08:42:44.0890 6672 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:42:44.0922 6672 HidIr - ok
08:42:44.0953 6672 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:42:45.0031 6672 hidserv - ok
08:42:45.0109 6672 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:42:45.0140 6672 HidUsb - ok
08:42:45.0171 6672 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:42:45.0234 6672 hkmsvc - ok
08:42:45.0280 6672 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:42:45.0358 6672 HomeGroupListener - ok
08:42:45.0390 6672 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:42:45.0452 6672 HomeGroupProvider - ok
08:42:45.0546 6672 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:42:45.0592 6672 HpSAMD - ok
08:42:45.0624 6672 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:42:45.0686 6672 HTCAND64 - ok
08:42:45.0748 6672 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
08:42:45.0780 6672 htcnprot - ok
08:42:45.0826 6672 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:42:45.0920 6672 HTTP - ok
08:42:45.0936 6672 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:42:45.0951 6672 hwpolicy - ok
08:42:45.0998 6672 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:42:46.0029 6672 i8042prt - ok
08:42:46.0107 6672 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:42:46.0154 6672 iaStor - ok
08:42:46.0185 6672 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:42:46.0216 6672 iaStorV - ok
08:42:46.0357 6672 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:42:46.0404 6672 idsvc - ok
08:42:46.0778 6672 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:42:47.0137 6672 igfx - ok
08:42:47.0184 6672 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:42:47.0199 6672 iirsp - ok
08:42:47.0246 6672 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:42:47.0324 6672 IKEEXT - ok
08:42:47.0371 6672 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
08:42:47.0433 6672 Impcd - ok
08:42:47.0527 6672 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:42:47.0589 6672 IntcAzAudAddService - ok
08:42:47.0636 6672 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:42:47.0698 6672 IntcDAud - ok
08:42:47.0730 6672 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:42:47.0745 6672 intelide - ok
08:42:47.0792 6672 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:42:47.0839 6672 intelppm - ok
08:42:47.0870 6672 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:42:47.0948 6672 IPBusEnum - ok
08:42:47.0979 6672 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:42:48.0057 6672 IpFilterDriver - ok
08:42:48.0104 6672 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:42:48.0166 6672 iphlpsvc - ok
08:42:48.0198 6672 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:42:48.0213 6672 IPMIDRV - ok
08:42:48.0276 6672 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:42:48.0338 6672 IPNAT - ok
08:42:48.0354 6672 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:42:48.0385 6672 IRENUM - ok
08:42:48.0400 6672 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:42:48.0400 6672 isapnp - ok
08:42:48.0463 6672 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:42:48.0494 6672 iScsiPrt - ok
08:42:48.0525 6672 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:42:48.0541 6672 kbdclass - ok
08:42:48.0572 6672 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:42:48.0603 6672 kbdhid - ok
08:42:48.0619 6672 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:42:48.0634 6672 KeyIso - ok
08:42:48.0666 6672 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:42:48.0697 6672 KSecDD - ok
08:42:48.0728 6672 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:42:48.0759 6672 KSecPkg - ok
08:42:48.0759 6672 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:42:48.0822 6672 ksthunk - ok
08:42:48.0868 6672 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:42:48.0946 6672 KtmRm - ok
08:42:48.0993 6672 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:42:49.0102 6672 LanmanServer - ok
08:42:49.0118 6672 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:42:49.0196 6672 LanmanWorkstation - ok
08:42:49.0243 6672 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:42:49.0336 6672 lltdio - ok
08:42:49.0368 6672 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:42:49.0477 6672 lltdsvc - ok
08:42:49.0508 6672 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:42:49.0555 6672 lmhosts - ok
08:42:49.0648 6672 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:42:49.0695 6672 LMS - ok
08:42:49.0711 6672 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:42:49.0726 6672 LSI_FC - ok
08:42:49.0758 6672 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:42:49.0804 6672 LSI_SAS - ok
08:42:49.0820 6672 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:42:49.0836 6672 LSI_SAS2 - ok
08:42:49.0851 6672 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:42:49.0867 6672 LSI_SCSI - ok
08:42:49.0882 6672 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:42:49.0945 6672 luafv - ok
08:42:50.0007 6672 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:42:50.0038 6672 MBAMProtector - ok
08:42:50.0101 6672 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:42:50.0148 6672 MBAMService - ok
08:42:50.0241 6672 [ F69B3AD25321B672A417C24FE6688B6F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
08:42:50.0288 6672 McAWFwk ( UnsignedFile.Multi.Generic ) - warning
08:42:50.0288 6672 McAWFwk - detected UnsignedFile.Multi.Generic (1)
08:42:50.0366 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:42:50.0413 6672 McMPFSvc - ok
08:42:50.0428 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0444 6672 mcmscsvc - ok
08:42:50.0460 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0475 6672 McNaiAnn - ok
08:42:50.0491 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0506 6672 McNASvc - ok
08:42:50.0584 6672 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
08:42:50.0631 6672 McODS - ok
08:42:50.0647 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0662 6672 McOobeSv - ok
08:42:50.0678 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:42:50.0694 6672 McProxy - ok
08:42:50.0725 6672 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:42:50.0740 6672 McShield - ok
08:42:50.0772 6672 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:42:50.0818 6672 Mcx2Svc - ok
08:42:50.0850 6672 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:42:50.0865 6672 megasas - ok
08:42:50.0928 6672 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:42:50.0959 6672 MegaSR - ok
08:42:51.0006 6672 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:42:51.0021 6672 MEIx64 - ok
08:42:51.0052 6672 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
08:42:51.0099 6672 mfeapfk - ok
08:42:51.0146 6672 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
08:42:51.0193 6672 mfeavfk - ok
08:42:51.0240 6672 mfeavfk01 - ok
08:42:51.0271 6672 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:42:51.0302 6672 mfefire - ok
08:42:51.0333 6672 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
08:42:51.0349 6672 mfefirek - ok
08:42:51.0396 6672 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
08:42:51.0427 6672 mfehidk - ok
08:42:51.0474 6672 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
08:42:51.0489 6672 mfenlfk - ok
08:42:51.0536 6672 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
08:42:51.0567 6672 mferkdet - ok
08:42:51.0614 6672 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
08:42:51.0645 6672 mfevtp - ok
08:42:51.0676 6672 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
08:42:51.0708 6672 mfewfpk - ok
08:42:51.0739 6672 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:42:51.0786 6672 MMCSS - ok
08:42:51.0801 6672 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:42:51.0832 6672 Modem - ok
08:42:51.0864 6672 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:42:51.0926 6672 monitor - ok
08:42:51.0942 6672 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:42:51.0957 6672 mouclass - ok
08:42:51.0973 6672 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
08:42:51.0988 6672 mouhid - ok
08:42:52.0020 6672 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:42:52.0035 6672 mountmgr - ok
08:42:52.0051 6672 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:42:52.0066 6672 mpio - ok
08:42:52.0098 6672 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:42:52.0129 6672 mpsdrv - ok
08:42:52.0207 6672 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:42:52.0316 6672 MpsSvc - ok
08:42:52.0378 6672 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:42:52.0457 6672 MRxDAV - ok
08:42:52.0566 6672 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:42:52.0597 6672 mrxsmb - ok
08:42:52.0613 6672 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:42:52.0628 6672 mrxsmb10 - ok
08:42:52.0644 6672 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:42:52.0659 6672 mrxsmb20 - ok
08:42:52.0691 6672 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:42:52.0722 6672 msahci - ok
08:42:52.0737 6672 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:42:52.0769 6672 msdsm - ok
08:42:52.0800 6672 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:42:52.0847 6672 MSDTC - ok
08:42:52.0862 6672 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:42:52.0893 6672 Msfs - ok
08:42:52.0925 6672 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:42:52.0987 6672 mshidkmdf - ok
08:42:53.0003 6672 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:42:53.0018 6672 msisadrv - ok
08:42:53.0049 6672 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:42:53.0127 6672 MSiSCSI - ok
08:42:53.0127 6672 msiserver - ok
08:42:53.0143 6672 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:42:53.0159 6672 MSK80Service - ok
08:42:53.0190 6672 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:42:53.0252 6672 MSKSSRV - ok
08:42:53.0268 6672 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:42:53.0299 6672 MSPCLOCK - ok
08:42:53.0315 6672 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:42:53.0377 6672 MSPQM - ok
08:42:53.0455 6672 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:42:53.0502 6672 MsRPC - ok
08:42:53.0517 6672 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:42:53.0533 6672 mssmbios - ok
08:42:53.0533 6672 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:42:53.0564 6672 MSTEE - ok
08:42:53.0595 6672 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:42:53.0611 6672 MTConfig - ok
08:42:53.0611 6672 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:42:53.0627 6672 Mup - ok
08:42:53.0658 6672 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:42:53.0705 6672 napagent - ok
08:42:53.0720 6672 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:42:53.0783 6672 NativeWifiP - ok
08:42:53.0845 6672 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:42:53.0923 6672 NDIS - ok
08:42:53.0939 6672 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:42:53.0985 6672 NdisCap - ok
08:42:54.0048 6672 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:42:54.0095 6672 NdisTapi - ok
08:42:54.0141 6672 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:42:54.0204 6672 Ndisuio - ok
08:42:54.0235 6672 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:42:54.0297 6672 NdisWan - ok
08:42:54.0329 6672 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:42:54.0360 6672 NDProxy - ok
08:42:54.0375 6672 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:42:54.0453 6672 NetBIOS - ok
08:42:54.0485 6672 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:42:54.0547 6672 NetBT - ok
08:42:54.0547 6672 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:42:54.0563 6672 Netlogon - ok
08:42:54.0609 6672 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:42:54.0719 6672 Netman - ok
08:42:54.0765 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0828 6672 NetMsmqActivator - ok
08:42:54.0828 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0843 6672 NetPipeActivator - ok
08:42:54.0875 6672 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:42:54.0968 6672 netprofm - ok
08:42:54.0968 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0984 6672 NetTcpActivator - ok
08:42:54.0984 6672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:42:54.0999 6672 NetTcpPortSharing - ok
08:42:55.0046 6672 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:42:55.0046 6672 nfrd960 - ok
08:42:55.0093 6672 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:42:55.0155 6672 NlaSvc - ok
08:42:55.0296 6672 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
08:42:55.0421 6672 NOBU - ok
08:42:55.0436 6672 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:42:55.0467 6672 Npfs - ok
08:42:55.0483 6672 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:42:55.0530 6672 nsi - ok
08:42:55.0561 6672 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:42:55.0623 6672 nsiproxy - ok
08:42:55.0701 6672 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:42:55.0764 6672 Ntfs - ok
08:42:55.0779 6672 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:42:55.0811 6672 Null - ok
08:42:55.0842 6672 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
08:42:55.0889 6672 nusb3hub - ok
08:42:55.0920 6672 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:42:55.0982 6672 nusb3xhc - ok
08:42:56.0013 6672 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:42:56.0045 6672 nvraid - ok
08:42:56.0091 6672 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:42:56.0123 6672 nvstor - ok
08:42:56.0154 6672 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:42:56.0169 6672 nv_agp - ok
08:42:56.0169 6672 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:42:56.0201 6672 ohci1394 - ok
08:42:56.0263 6672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:42:56.0294 6672 ose - ok
08:42:56.0481 6672 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:42:56.0575 6672 osppsvc - ok
08:42:56.0606 6672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:42:56.0684 6672 p2pimsvc - ok
08:42:56.0700 6672 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:42:56.0747 6672 p2psvc - ok
08:42:56.0778 6672 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:42:56.0793 6672 Parport - ok
08:42:56.0825 6672 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:42:56.0856 6672 partmgr - ok
 
08:42:56.0918 6672 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:42:56.0934 6672 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
08:42:56.0934 6672 PassThru Service - detected UnsignedFile.Multi.Generic (1)
08:42:56.0965 6672 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:42:57.0043 6672 PcaSvc - ok
08:42:57.0074 6672 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:42:57.0105 6672 pci - ok
08:42:57.0152 6672 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:42:57.0183 6672 pciide - ok
08:42:57.0215 6672 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:42:57.0230 6672 pcmcia - ok
08:42:57.0246 6672 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:42:57.0261 6672 pcw - ok
08:42:57.0277 6672 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:42:57.0355 6672 PEAUTH - ok
08:42:57.0464 6672 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:42:57.0511 6672 PerfHost - ok
08:42:57.0573 6672 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:42:57.0683 6672 pla - ok
08:42:57.0745 6672 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:42:57.0792 6672 PlugPlay - ok
08:42:57.0823 6672 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:42:57.0854 6672 PNRPAutoReg - ok
08:42:57.0885 6672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:42:57.0917 6672 PNRPsvc - ok
08:42:57.0948 6672 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:42:58.0010 6672 PolicyAgent - ok
08:42:58.0057 6672 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:42:58.0119 6672 Power - ok
08:42:58.0166 6672 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:42:58.0213 6672 PptpMiniport - ok
08:42:58.0244 6672 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:42:58.0307 6672 Processor - ok
08:42:58.0322 6672 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:42:58.0385 6672 ProfSvc - ok
08:42:58.0416 6672 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:42:58.0431 6672 ProtectedStorage - ok
08:42:58.0463 6672 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:42:58.0525 6672 Psched - ok
08:42:58.0556 6672 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:42:58.0572 6672 PxHlpa64 - ok
08:42:58.0619 6672 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:42:58.0681 6672 ql2300 - ok
08:42:58.0712 6672 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:42:58.0743 6672 ql40xx - ok
08:42:58.0775 6672 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:42:58.0790 6672 QWAVE - ok
08:42:58.0806 6672 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:42:58.0853 6672 QWAVEdrv - ok
08:42:58.0868 6672 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:42:58.0899 6672 RasAcd - ok
08:42:58.0946 6672 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:42:58.0977 6672 RasAgileVpn - ok
08:42:59.0009 6672 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:42:59.0055 6672 RasAuto - ok
08:42:59.0071 6672 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:42:59.0118 6672 Rasl2tp - ok
08:42:59.0133 6672 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:42:59.0180 6672 RasMan - ok
08:42:59.0211 6672 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:42:59.0243 6672 RasPppoe - ok
08:42:59.0258 6672 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:42:59.0305 6672 RasSstp - ok
08:42:59.0336 6672 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:42:59.0383 6672 rdbss - ok
08:42:59.0399 6672 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:42:59.0414 6672 rdpbus - ok
08:42:59.0445 6672 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:42:59.0492 6672 RDPCDD - ok
08:42:59.0523 6672 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:42:59.0570 6672 RDPENCDD - ok
08:42:59.0601 6672 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:42:59.0633 6672 RDPREFMP - ok
08:42:59.0664 6672 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:42:59.0695 6672 RDPWD - ok
08:42:59.0711 6672 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:42:59.0742 6672 rdyboost - ok
08:42:59.0773 6672 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:42:59.0835 6672 RemoteAccess - ok
08:42:59.0867 6672 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:42:59.0913 6672 RemoteRegistry - ok
08:42:59.0960 6672 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:42:59.0991 6672 RFCOMM - ok
08:43:00.0101 6672 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
08:43:00.0147 6672 RoxMediaDB12OEM - ok
08:43:00.0179 6672 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
08:43:00.0194 6672 RoxWatch12 - ok
08:43:00.0210 6672 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:43:00.0272 6672 RpcEptMapper - ok
08:43:00.0303 6672 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:43:00.0319 6672 RpcLocator - ok
08:43:00.0350 6672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:43:00.0381 6672 RpcSs - ok
08:43:00.0428 6672 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:43:00.0491 6672 rspndr - ok
08:43:00.0537 6672 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
08:43:00.0553 6672 RSUSBSTOR - ok
08:43:00.0600 6672 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:43:00.0615 6672 RTL8167 - ok
08:43:00.0631 6672 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:43:00.0647 6672 SamSs - ok
08:43:00.0662 6672 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:43:00.0693 6672 sbp2port - ok
08:43:00.0803 6672 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:43:00.0865 6672 SBSDWSCService - ok
08:43:00.0896 6672 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:43:00.0959 6672 SCardSvr - ok
08:43:00.0974 6672 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:43:01.0052 6672 scfilter - ok
08:43:01.0083 6672 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:43:01.0208 6672 Schedule - ok
08:43:01.0239 6672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:43:01.0286 6672 SCPolicySvc - ok
08:43:01.0302 6672 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:43:01.0349 6672 SDRSVC - ok
08:43:01.0395 6672 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:43:01.0473 6672 secdrv - ok
08:43:01.0489 6672 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:43:01.0536 6672 seclogon - ok
08:43:01.0551 6672 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:43:01.0629 6672 SENS - ok
08:43:01.0645 6672 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:43:01.0676 6672 SensrSvc - ok
08:43:01.0707 6672 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:43:01.0754 6672 Serenum - ok
08:43:01.0770 6672 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:43:01.0817 6672 Serial - ok
08:43:01.0832 6672 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:43:01.0879 6672 sermouse - ok
08:43:01.0895 6672 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:43:01.0941 6672 SessionEnv - ok
08:43:01.0973 6672 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:43:01.0988 6672 sffdisk - ok
08:43:02.0051 6672 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:43:02.0113 6672 sffp_mmc - ok
08:43:02.0144 6672 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:43:02.0207 6672 sffp_sd - ok
08:43:02.0222 6672 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:43:02.0269 6672 sfloppy - ok
08:43:02.0378 6672 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:43:02.0456 6672 SftService - ok
08:43:02.0519 6672 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:43:02.0565 6672 SharedAccess - ok
08:43:02.0597 6672 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:43:02.0675 6672 ShellHWDetection - ok
08:43:02.0706 6672 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:43:02.0721 6672 SiSRaid2 - ok
08:43:02.0753 6672 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:43:02.0799 6672 SiSRaid4 - ok
08:43:02.0815 6672 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:43:02.0893 6672 Smb - ok
08:43:02.0924 6672 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:43:02.0971 6672 SNMPTRAP - ok
08:43:03.0002 6672 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:43:03.0018 6672 spldr - ok
08:43:03.0033 6672 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
08:43:03.0080 6672 Spooler - ok
08:43:03.0158 6672 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:43:03.0330 6672 sppsvc - ok
08:43:03.0361 6672 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:43:03.0392 6672 sppuinotify - ok
08:43:03.0423 6672 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:43:03.0486 6672 srv - ok
08:43:03.0517 6672 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:43:03.0564 6672 srv2 - ok
08:43:03.0579 6672 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:43:03.0611 6672 srvnet - ok
08:43:03.0626 6672 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:43:03.0720 6672 SSDPSRV - ok
08:43:03.0735 6672 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:43:03.0782 6672 SstpSvc - ok
08:43:03.0798 6672 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:43:03.0813 6672 stexstor - ok
08:43:03.0860 6672 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:43:03.0907 6672 stisvc - ok
08:43:03.0938 6672 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:43:03.0969 6672 stllssvr - ok
08:43:03.0985 6672 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:43:04.0001 6672 swenum - ok
08:43:04.0032 6672 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:43:04.0110 6672 swprv - ok
08:43:04.0203 6672 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:43:04.0250 6672 SynTP - ok
08:43:04.0297 6672 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:43:04.0422 6672 SysMain - ok
08:43:04.0437 6672 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:43:04.0469 6672 TabletInputService - ok
08:43:04.0500 6672 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:43:04.0562 6672 TapiSrv - ok
08:43:04.0578 6672 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:43:04.0625 6672 TBS - ok
08:43:04.0703 6672 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:43:04.0796 6672 Tcpip - ok
08:43:04.0874 6672 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:43:04.0905 6672 TCPIP6 - ok
08:43:04.0937 6672 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:43:04.0968 6672 tcpipreg - ok
08:43:04.0983 6672 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:43:05.0015 6672 TDPIPE - ok
08:43:05.0046 6672 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:43:05.0093 6672 TDTCP - ok
08:43:05.0124 6672 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:43:05.0186 6672 tdx - ok
08:43:05.0202 6672 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:43:05.0217 6672 TermDD - ok
08:43:05.0249 6672 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:43:05.0311 6672 TermService - ok
08:43:05.0327 6672 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:43:05.0389 6672 Themes - ok
08:43:05.0420 6672 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:43:05.0467 6672 THREADORDER - ok
08:43:05.0483 6672 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:43:05.0607 6672 TrkWks - ok
08:43:05.0670 6672 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:43:05.0732 6672 TrustedInstaller - ok
08:43:05.0748 6672 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:43:05.0826 6672 tssecsrv - ok
08:43:05.0857 6672 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:43:05.0888 6672 TsUsbFlt - ok
08:43:05.0919 6672 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:43:05.0935 6672 TsUsbGD - ok
08:43:05.0966 6672 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:43:06.0029 6672 tunnel - ok
08:43:06.0060 6672 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:43:06.0075 6672 uagp35 - ok
08:43:06.0107 6672 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:43:06.0185 6672 udfs - ok
08:43:06.0216 6672 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:43:06.0231 6672 UI0Detect - ok
08:43:06.0263 6672 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:43:06.0278 6672 uliagpkx - ok
08:43:06.0294 6672 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:43:06.0325 6672 umbus - ok
08:43:06.0356 6672 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:43:06.0419 6672 UmPass - ok
08:43:06.0543 6672 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:43:06.0606 6672 UNS - ok
08:43:06.0621 6672 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:43:06.0684 6672 upnphost - ok
08:43:06.0731 6672 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:43:06.0793 6672 usbccgp - ok
08:43:06.0840 6672 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:43:06.0887 6672 usbcir - ok
08:43:06.0902 6672 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:43:06.0933 6672 usbehci - ok
08:43:06.0965 6672 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:43:07.0011 6672 usbhub - ok
08:43:07.0027 6672 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:43:07.0074 6672 usbohci - ok
08:43:07.0105 6672 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:43:07.0167 6672 usbprint - ok
08:43:07.0214 6672 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:43:07.0245 6672 usbscan - ok
08:43:07.0261 6672 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:43:07.0323 6672 USBSTOR - ok
08:43:07.0370 6672 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:43:07.0401 6672 usbuhci - ok
08:43:07.0448 6672 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:43:07.0495 6672 usbvideo - ok
08:43:07.0526 6672 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:43:07.0557 6672 UxSms - ok
08:43:07.0589 6672 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:43:07.0604 6672 VaultSvc - ok
08:43:07.0635 6672 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:43:07.0635 6672 vdrvroot - ok
08:43:07.0667 6672 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:43:07.0713 6672 vds - ok
08:43:07.0729 6672 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:43:07.0760 6672 vga - ok
08:43:07.0776 6672 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:43:07.0854 6672 VgaSave - ok
08:43:07.0869 6672 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:43:07.0885 6672 vhdmp - ok
08:43:07.0916 6672 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:43:07.0947 6672 viaide - ok
08:43:07.0979 6672 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:43:07.0979 6672 volmgr - ok
08:43:08.0010 6672 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:43:08.0025 6672 volmgrx - ok
08:43:08.0041 6672 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:43:08.0057 6672 volsnap - ok
08:43:08.0088 6672 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:43:08.0103 6672 vsmraid - ok
08:43:08.0166 6672 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:43:08.0259 6672 VSS - ok
08:43:08.0275 6672 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:43:08.0322 6672 vwifibus - ok
08:43:08.0353 6672 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:43:08.0415 6672 vwififlt - ok
08:43:08.0431 6672 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:43:08.0478 6672 vwifimp - ok
08:43:08.0493 6672 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:43:08.0540 6672 W32Time - ok
08:43:08.0556 6672 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:43:08.0571 6672 WacomPen - ok
08:43:08.0603 6672 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:43:08.0681 6672 WANARP - ok
08:43:08.0696 6672 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:43:08.0727 6672 Wanarpv6 - ok
08:43:08.0805 6672 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:43:08.0883 6672 WatAdminSvc - ok
08:43:08.0946 6672 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:43:09.0055 6672 wbengine - ok
08:43:09.0086 6672 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:43:09.0102 6672 WbioSrvc - ok
08:43:09.0117 6672 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:43:09.0164 6672 wcncsvc - ok
08:43:09.0180 6672 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:43:09.0211 6672 WcsPlugInService - ok
08:43:09.0242 6672 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:43:09.0273 6672 Wd - ok
08:43:09.0305 6672 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:43:09.0320 6672 Wdf01000 - ok
08:43:09.0336 6672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:43:09.0445 6672 WdiServiceHost - ok
08:43:09.0461 6672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:43:09.0476 6672 WdiSystemHost - ok
08:43:09.0492 6672 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:43:09.0554 6672 WebClient - ok
08:43:09.0585 6672 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:43:09.0648 6672 Wecsvc - ok
08:43:09.0679 6672 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:43:09.0741 6672 wercplsupport - ok
08:43:09.0773 6672 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:43:09.0835 6672 WerSvc - ok
08:43:09.0851 6672 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:43:09.0882 6672 WfpLwf - ok
08:43:09.0913 6672 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:43:09.0929 6672 WimFltr - ok
08:43:09.0944 6672 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:43:09.0960 6672 WIMMount - ok
08:43:10.0007 6672 WinDefend - ok
08:43:10.0022 6672 WinHttpAutoProxySvc - ok
08:43:10.0085 6672 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:43:10.0147 6672 Winmgmt - ok
08:43:10.0241 6672 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:43:10.0350 6672 WinRM - ok
08:43:10.0412 6672 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:43:10.0490 6672 Wlansvc - ok
08:43:10.0553 6672 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:43:10.0584 6672 wlcrasvc - ok
08:43:10.0709 6672 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:43:10.0755 6672 wlidsvc - ok
08:43:10.0802 6672 [ BCA22B2B27417FA7C8D824D5DE4DC03C ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
08:43:10.0818 6672 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
08:43:10.0818 6672 wltrysvc - detected UnsignedFile.Multi.Generic (1)
08:43:10.0849 6672 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:43:10.0896 6672 WmiAcpi - ok
08:43:10.0927 6672 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:43:10.0974 6672 wmiApSrv - ok
08:43:11.0005 6672 WMPNetworkSvc - ok
08:43:11.0036 6672 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:43:11.0099 6672 WPCSvc - ok
08:43:11.0114 6672 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:43:11.0130 6672 WPDBusEnum - ok
08:43:11.0161 6672 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:43:11.0192 6672 ws2ifsl - ok
08:43:11.0255 6672 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:43:11.0317 6672 wscsvc - ok
08:43:11.0333 6672 WSearch - ok
08:43:11.0426 6672 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:43:11.0520 6672 wuauserv - ok
08:43:11.0535 6672 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:43:11.0582 6672 WudfPf - ok
08:43:11.0645 6672 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:43:11.0707 6672 WUDFRd - ok
08:43:11.0738 6672 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:43:11.0785 6672 wudfsvc - ok
08:43:11.0816 6672 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:43:11.0863 6672 WwanSvc - ok
08:43:11.0894 6672 ================ Scan global ===============================
08:43:11.0910 6672 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:43:11.0925 6672 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:43:11.0941 6672 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:43:11.0957 6672 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:43:12.0003 6672 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:43:12.0003 6672 [Global] - ok
08:43:12.0003 6672 ================ Scan MBR ==================================
08:43:12.0035 6672 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:43:12.0456 6672 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:43:12.0456 6672 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:43:12.0456 6672 ================ Scan VBR ==================================
08:43:12.0456 6672 [ 119EC4FD4956138ED61A44A1279D8C5D ] \Device\Harddisk0\DR0\Partition1
08:43:12.0471 6672 \Device\Harddisk0\DR0\Partition1 - ok
08:43:12.0503 6672 [ 22BE3A84ED3753349F9ACEB9525DE59B ] \Device\Harddisk0\DR0\Partition2
08:43:12.0503 6672 \Device\Harddisk0\DR0\Partition2 - ok
08:43:12.0503 6672 ============================================================
08:43:12.0503 6672 Scan finished
08:43:12.0503 6672 ============================================================
08:43:12.0534 6740 Detected object count: 5
08:43:12.0534 6740 Actual detected object count: 5
08:43:50.0863 6740 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 McAWFwk ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 McAWFwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:43:50.0863 6740 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:50.0863 6740 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:43:50.0863 6740 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:54:48.0265 2632 ============================================================
08:54:48.0265 2632 Scan started
08:54:48.0265 2632 Mode: Manual; SigCheck; TDLFS;
08:54:48.0265 2632 ============================================================
08:54:48.0452 2632 ================ Scan system memory ========================
08:54:48.0452 2632 System memory - ok
08:54:48.0452 2632 ================ Scan services =============================
08:54:48.0686 2632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:54:48.0733 2632 1394ohci - ok
08:54:48.0764 2632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:54:48.0780 2632 ACPI - ok
08:54:48.0811 2632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:54:48.0826 2632 AcpiPmi - ok
08:54:48.0936 2632 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:54:48.0951 2632 AdobeARMservice - ok
08:54:49.0076 2632 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:54:49.0092 2632 AdobeFlashPlayerUpdateSvc - ok
08:54:49.0138 2632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:54:49.0154 2632 adp94xx - ok
08:54:49.0170 2632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:54:49.0185 2632 adpahci - ok
08:54:49.0201 2632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:54:49.0216 2632 adpu320 - ok
08:54:49.0248 2632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:54:49.0294 2632 AeLookupSvc - ok
08:54:49.0372 2632 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:54:49.0388 2632 AERTFilters - ok
08:54:49.0419 2632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:54:49.0450 2632 AFD - ok
08:54:49.0482 2632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:54:49.0497 2632 agp440 - ok
08:54:49.0513 2632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:54:49.0544 2632 ALG - ok
08:54:49.0560 2632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:54:49.0575 2632 aliide - ok
08:54:49.0591 2632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:54:49.0591 2632 amdide - ok
08:54:49.0622 2632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:54:49.0638 2632 AmdK8 - ok
08:54:49.0638 2632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:54:49.0653 2632 AmdPPM - ok
08:54:49.0700 2632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:54:49.0731 2632 amdsata - ok
08:54:49.0747 2632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:54:49.0778 2632 amdsbs - ok
08:54:49.0794 2632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:54:49.0809 2632 amdxata - ok
08:54:49.0825 2632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:54:49.0856 2632 AppID - ok
08:54:49.0887 2632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:54:49.0918 2632 AppIDSvc - ok
08:54:49.0934 2632 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:54:49.0981 2632 Appinfo - ok
08:54:50.0074 2632 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:54:50.0106 2632 Apple Mobile Device - ok
08:54:50.0121 2632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:54:50.0137 2632 arc - ok
08:54:50.0152 2632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:54:50.0168 2632 arcsas - ok
08:54:50.0277 2632 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:54:50.0308 2632 aspnet_state - ok
08:54:50.0324 2632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:54:50.0355 2632 AsyncMac - ok
08:54:50.0386 2632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:54:50.0402 2632 atapi - ok
08:54:50.0433 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:54:50.0496 2632 AudioEndpointBuilder - ok
08:54:50.0527 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:54:50.0574 2632 AudioSrv - ok
08:54:50.0589 2632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:54:50.0605 2632 AxInstSV - ok
08:54:50.0636 2632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:54:50.0683 2632 b06bdrv - ok
08:54:50.0698 2632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:54:50.0745 2632 b57nd60a - ok
08:54:50.0808 2632 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
08:54:50.0854 2632 BBSvc - ok
08:54:50.0870 2632 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
08:54:50.0886 2632 BBUpdate - ok
08:54:50.0917 2632 [ 436806506E83AA8755A523147E191B7B ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
08:54:50.0948 2632 BCM42RLY - ok
08:54:51.0073 2632 [ B5D54119CE0BB77872C33A717CB76386 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:54:51.0151 2632 BCM43XX - ok
08:54:51.0182 2632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:54:51.0213 2632 BDESVC - ok
08:54:51.0229 2632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:54:51.0276 2632 Beep - ok
08:54:51.0307 2632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:54:51.0338 2632 BFE - ok
08:54:51.0385 2632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:54:51.0478 2632 BITS - ok
08:54:51.0478 2632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:54:51.0494 2632 blbdrive - ok
08:54:51.0541 2632 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:54:51.0572 2632 Bonjour Service - ok
08:54:51.0603 2632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:54:51.0619 2632 bowser - ok
08:54:51.0634 2632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:54:51.0650 2632 BrFiltLo - ok
08:54:51.0666 2632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:54:51.0681 2632 BrFiltUp - ok
08:54:51.0697 2632 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:54:51.0744 2632 BridgeMP - ok
08:54:51.0775 2632 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
08:54:51.0837 2632 Browser - ok
08:54:51.0853 2632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:54:51.0884 2632 Brserid - ok
08:54:51.0884 2632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:54:51.0915 2632 BrSerWdm - ok
08:54:51.0931 2632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:54:51.0946 2632 BrUsbMdm - ok
08:54:51.0962 2632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:54:51.0978 2632 BrUsbSer - ok
08:54:52.0009 2632 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:54:52.0040 2632 BthEnum - ok
08:54:52.0056 2632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:54:52.0071 2632 BTHMODEM - ok
08:54:52.0087 2632 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:54:52.0118 2632 BthPan - ok
08:54:52.0149 2632 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:54:52.0165 2632 BTHPORT - ok
08:54:52.0196 2632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:54:52.0258 2632 bthserv - ok
08:54:52.0274 2632 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:54:52.0290 2632 BTHUSB - ok
08:54:52.0336 2632 [ 72CC5DCC4E67E7927F94801166CFDCDA ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
08:54:52.0368 2632 BTWAMPFL - ok
08:54:52.0383 2632 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:54:52.0399 2632 btwaudio - ok
08:54:52.0414 2632 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
08:54:52.0414 2632 btwavdt - ok
08:54:52.0492 2632 [ F0AF04A96CA48B869284B5DC4CDB8CBB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:54:52.0524 2632 btwdins - ok
08:54:52.0539 2632 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:54:52.0555 2632 btwl2cap - ok
08:54:52.0570 2632 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:54:52.0586 2632 btwrchid - ok
08:54:52.0617 2632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:54:52.0680 2632 cdfs - ok
08:54:52.0695 2632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:54:52.0711 2632 cdrom - ok
08:54:52.0726 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:54:52.0773 2632 CertPropSvc - ok
08:54:52.0789 2632 [ ED0263B2EB24F0F4E3898036FA1D28A1 ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:54:52.0804 2632 cfwids - ok
08:54:52.0820 2632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:54:52.0836 2632 circlass - ok
08:54:52.0867 2632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:54:52.0882 2632 CLFS - ok
08:54:52.0945 2632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:54:52.0976 2632 clr_optimization_v2.0.50727_32 - ok
08:54:53.0007 2632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:54:53.0023 2632 clr_optimization_v2.0.50727_64 - ok
08:54:53.0070 2632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:54:53.0085 2632 clr_optimization_v4.0.30319_32 - ok
08:54:53.0116 2632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:54:53.0132 2632 clr_optimization_v4.0.30319_64 - ok
08:54:53.0148 2632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:54:53.0163 2632 CmBatt - ok
08:54:53.0194 2632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:54:53.0194 2632 cmdide - ok
08:54:53.0241 2632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:54:53.0288 2632 CNG - ok
08:54:53.0304 2632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:54:53.0319 2632 Compbatt - ok
08:54:53.0335 2632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:54:53.0350 2632 CompositeBus - ok
08:54:53.0350 2632 COMSysApp - ok
08:54:53.0366 2632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:54:53.0382 2632 crcdisk - ok
08:54:53.0413 2632 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:54:53.0444 2632 CryptSvc - ok
08:54:53.0475 2632 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:54:53.0506 2632 CtClsFlt - ok
08:54:53.0538 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:54:53.0600 2632 DcomLaunch - ok
08:54:53.0631 2632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:54:53.0678 2632 defragsvc - ok
08:54:53.0740 2632 [ 88D5FE2109F1A52CF69BA410082A833A ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
08:54:53.0756 2632 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
08:54:53.0756 2632 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
08:54:53.0772 2632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:54:53.0803 2632 DfsC - ok
08:54:53.0850 2632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:54:53.0881 2632 Dhcp - ok
08:54:53.0912 2632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:54:53.0943 2632 discache - ok
08:54:53.0974 2632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:54:53.0990 2632 Disk - ok
08:54:54.0006 2632 dlcq_device - ok
08:54:54.0068 2632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:54:54.0099 2632 Dnscache - ok
08:54:54.0115 2632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:54:54.0146 2632 dot3svc - ok
08:54:54.0162 2632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:54:54.0208 2632 DPS - ok
08:54:54.0224 2632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:54:54.0255 2632 drmkaud - ok
08:54:54.0271 2632 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:54:54.0302 2632 DXGKrnl - ok
08:54:54.0318 2632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:54:54.0349 2632 EapHost - ok
08:54:54.0442 2632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:54:54.0489 2632 ebdrv - ok
08:54:54.0520 2632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:54:54.0536 2632 EFS - ok
08:54:54.0614 2632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:54:54.0645 2632 ehRecvr - ok
08:54:54.0661 2632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:54:54.0692 2632 ehSched - ok
08:54:54.0708 2632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:54:54.0739 2632 elxstor - ok
08:54:54.0754 2632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:54:54.0770 2632 ErrDev - ok
08:54:54.0801 2632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:54:54.0864 2632 EventSystem - ok
08:54:54.0879 2632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:54:54.0926 2632 exfat - ok
08:54:54.0942 2632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:54:54.0973 2632 fastfat - ok
08:54:54.0988 2632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:54:55.0020 2632 Fax - ok
08:54:55.0035 2632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:54:55.0051 2632 fdc - ok
08:54:55.0066 2632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:54:55.0098 2632 fdPHost - ok
08:54:55.0113 2632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:54:55.0144 2632 FDResPub - ok
08:54:55.0160 2632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:54:55.0176 2632 FileInfo - ok
08:54:55.0191 2632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:54:55.0238 2632 Filetrace - ok
08:54:55.0254 2632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:54:55.0269 2632 flpydisk - ok
08:54:55.0285 2632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:54:55.0300 2632 FltMgr - ok
08:54:55.0347 2632 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:54:55.0363 2632 FontCache - ok
08:54:55.0410 2632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:54:55.0441 2632 FontCache3.0.0.0 - ok
08:54:55.0441 2632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:54:55.0456 2632 FsDepends - ok
08:54:55.0488 2632 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
08:54:55.0503 2632 fssfltr - ok
08:54:55.0581 2632 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
08:54:55.0628 2632 fsssvc - ok
08:54:55.0675 2632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:54:55.0706 2632 Fs_Rec - ok
08:54:55.0768 2632 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:54:55.0815 2632 fvevol - ok
08:54:55.0831 2632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:54:55.0846 2632 gagp30kx - ok
08:54:55.0878 2632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:54:55.0956 2632 gpsvc - ok
08:54:55.0971 2632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:54:55.0971 2632 hcw85cir - ok
08:54:55.0987 2632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:54:56.0018 2632 HDAudBus - ok
08:54:56.0018 2632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:54:56.0034 2632 HidBatt - ok
08:54:56.0065 2632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:54:56.0080 2632 HidBth - ok
08:54:56.0080 2632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:54:56.0096 2632 HidIr - ok
08:54:56.0112 2632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:54:56.0158 2632 hidserv - ok
08:54:56.0190 2632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:54:56.0221 2632 HidUsb - ok
08:54:56.0252 2632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:54:56.0314 2632 hkmsvc - ok
08:54:56.0330 2632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:54:56.0346 2632 HomeGroupListener - ok
08:54:56.0377 2632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:54:56.0408 2632 HomeGroupProvider - ok
08:54:56.0424 2632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:54:56.0439 2632 HpSAMD - ok
08:54:56.0470 2632 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:54:56.0502 2632 HTCAND64 - ok
08:54:56.0533 2632 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
08:54:56.0564 2632 htcnprot - ok
08:54:56.0580 2632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:54:56.0642 2632 HTTP - ok
08:54:56.0658 2632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:54:56.0673 2632 hwpolicy - ok
08:54:56.0704 2632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:54:56.0736 2632 i8042prt - ok
08:54:56.0767 2632 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:54:56.0798 2632 iaStor - ok
08:54:56.0814 2632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:54:56.0845 2632 iaStorV - ok
08:54:56.0907 2632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:54:56.0954 2632 idsvc - ok
08:54:57.0219 2632 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:54:57.0360 2632 igfx - ok
08:54:57.0391 2632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:54:57.0406 2632 iirsp - ok
08:54:57.0469 2632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:54:57.0531 2632 IKEEXT - ok
08:54:57.0562 2632 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
08:54:57.0594 2632 Impcd - ok
08:54:57.0672 2632 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:54:57.0750 2632 IntcAzAudAddService - ok
08:54:57.0781 2632 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:54:57.0796 2632 IntcDAud - ok
08:54:57.0828 2632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:54:57.0859 2632 intelide - ok
08:54:57.0874 2632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:54:57.0906 2632 intelppm - ok
08:54:57.0921 2632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:54:57.0968 2632 IPBusEnum - ok
08:54:57.0984 2632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:54:58.0015 2632 IpFilterDriver - ok
08:54:58.0046 2632 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:54:58.0093 2632 iphlpsvc - ok
08:54:58.0108 2632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:54:58.0124 2632 IPMIDRV - ok
08:54:58.0124 2632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:54:58.0171 2632 IPNAT - ok
08:54:58.0186 2632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:54:58.0202 2632 IRENUM - ok
08:54:58.0218 2632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:54:58.0233 2632 isapnp - ok
08:54:58.0249 2632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:54:58.0264 2632 iScsiPrt - ok
08:54:58.0280 2632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:54:58.0296 2632 kbdclass - ok
08:54:58.0311 2632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:54:58.0327 2632 kbdhid - ok
08:54:58.0358 2632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:54:58.0374 2632 KeyIso - ok
08:54:58.0405 2632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:54:58.0420 2632 KSecDD - ok
08:54:58.0467 2632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:54:58.0498 2632 KSecPkg - ok
08:54:58.0514 2632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:54:58.0545 2632 ksthunk - ok
08:54:58.0592 2632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:54:58.0654 2632 KtmRm - ok
08:54:58.0686 2632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:54:58.0748 2632 LanmanServer - ok
08:54:58.0764 2632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:54:58.0826 2632 LanmanWorkstation - ok
08:54:58.0842 2632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:54:58.0888 2632 lltdio - ok
08:54:58.0920 2632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:54:58.0982 2632 lltdsvc - ok
08:54:58.0998 2632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:54:59.0060 2632 lmhosts - ok
08:54:59.0122 2632 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:54:59.0138 2632 LMS - ok
08:54:59.0169 2632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:54:59.0169 2632 LSI_FC - ok
08:54:59.0216 2632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:54:59.0232 2632 LSI_SAS - ok
08:54:59.0247 2632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:54:59.0278 2632 LSI_SAS2 - ok
08:54:59.0310 2632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:54:59.0325 2632 LSI_SCSI - ok
08:54:59.0341 2632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:54:59.0403 2632 luafv - ok
08:54:59.0434 2632 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:54:59.0450 2632 MBAMProtector - ok
08:54:59.0512 2632 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:54:59.0528 2632 MBAMService - ok
08:54:59.0622 2632 [ F69B3AD25321B672A417C24FE6688B6F ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
08:54:59.0653 2632 McAWFwk ( UnsignedFile.Multi.Generic ) - warning
08:54:59.0653 2632 McAWFwk - detected UnsignedFile.Multi.Generic (1)
08:54:59.0731 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:54:59.0762 2632 McMPFSvc - ok
08:54:59.0778 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0793 2632 mcmscsvc - ok
08:54:59.0809 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0824 2632 McNaiAnn - ok
08:54:59.0824 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0840 2632 McNASvc - ok
08:54:59.0902 2632 [ B3914A7C97A81ACB1E9BEFE07E4C387F ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
08:54:59.0934 2632 McODS - ok
08:54:59.0934 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0949 2632 McOobeSv - ok
08:54:59.0965 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:54:59.0980 2632 McProxy - ok
 
08:55:00.0012 2632 [ 4A463D645B48BB487CA7DF12BA5D1602 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:55:00.0043 2632 McShield - ok
08:55:00.0105 2632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:55:00.0136 2632 Mcx2Svc - ok
08:55:00.0168 2632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:55:00.0183 2632 megasas - ok
08:55:00.0214 2632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:55:00.0261 2632 MegaSR - ok
08:55:00.0277 2632 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:55:00.0308 2632 MEIx64 - ok
08:55:00.0355 2632 [ EF3ACFB7E3F82D5F7CDE9EF5F0A4E2E2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
08:55:00.0386 2632 mfeapfk - ok
08:55:00.0402 2632 [ E7A60BDB4365B561D896019B82FB7DD0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
08:55:00.0417 2632 mfeavfk - ok
08:55:00.0433 2632 mfeavfk01 - ok
08:55:00.0448 2632 [ C53B7ABA204D9F7E9568EC147A1485C5 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:55:00.0464 2632 mfefire - ok
08:55:00.0480 2632 [ 670DFFE55E2F9AB99D9169C428BCECE9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
08:55:00.0526 2632 mfefirek - ok
08:55:00.0542 2632 [ 1892616B7F9291FD77C3FA0A5811FE9F ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
08:55:00.0558 2632 mfehidk - ok
08:55:00.0573 2632 [ 1721261C77F6E7A9E0CB51B7D9F31B60 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
08:55:00.0589 2632 mfenlfk - ok
08:55:00.0620 2632 [ 65776BD8029E409935B90DE30BF99526 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
08:55:00.0651 2632 mferkdet - ok
08:55:00.0682 2632 [ 8F3B3C3625E3AAA11D6D4DB8423E1721 ] mfevtp C:\Windows\system32\mfevtps.exe
08:55:00.0729 2632 mfevtp - ok
08:55:00.0745 2632 [ 4F17D8B85B903D96EF7033BB6EF50516 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
08:55:00.0760 2632 mfewfpk - ok
08:55:00.0776 2632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:55:00.0838 2632 MMCSS - ok
08:55:00.0854 2632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:55:00.0901 2632 Modem - ok
08:55:00.0916 2632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:55:00.0932 2632 monitor - ok
08:55:00.0963 2632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:55:00.0979 2632 mouclass - ok
08:55:00.0994 2632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
08:55:01.0010 2632 mouhid - ok
08:55:01.0026 2632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:55:01.0041 2632 mountmgr - ok
08:55:01.0057 2632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:55:01.0088 2632 mpio - ok
08:55:01.0104 2632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:55:01.0150 2632 mpsdrv - ok
08:55:01.0182 2632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:55:01.0228 2632 MpsSvc - ok
08:55:01.0244 2632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:55:01.0275 2632 MRxDAV - ok
08:55:01.0291 2632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:55:01.0322 2632 mrxsmb - ok
08:55:01.0353 2632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:55:01.0369 2632 mrxsmb10 - ok
08:55:01.0384 2632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:55:01.0400 2632 mrxsmb20 - ok
08:55:01.0416 2632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:55:01.0447 2632 msahci - ok
08:55:01.0494 2632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:55:01.0525 2632 msdsm - ok
08:55:01.0540 2632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:55:01.0556 2632 MSDTC - ok
08:55:01.0587 2632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:55:01.0618 2632 Msfs - ok
08:55:01.0634 2632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:55:01.0665 2632 mshidkmdf - ok
08:55:01.0681 2632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:55:01.0696 2632 msisadrv - ok
08:55:01.0728 2632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:55:01.0759 2632 MSiSCSI - ok
08:55:01.0774 2632 msiserver - ok
08:55:01.0790 2632 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:55:01.0806 2632 MSK80Service - ok
08:55:01.0821 2632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:55:01.0868 2632 MSKSSRV - ok
08:55:01.0868 2632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:55:01.0915 2632 MSPCLOCK - ok
08:55:01.0930 2632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:55:01.0962 2632 MSPQM - ok
08:55:01.0993 2632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:55:02.0008 2632 MsRPC - ok
08:55:02.0024 2632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:55:02.0040 2632 mssmbios - ok
08:55:02.0040 2632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:55:02.0086 2632 MSTEE - ok
08:55:02.0102 2632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:55:02.0118 2632 MTConfig - ok
08:55:02.0133 2632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:55:02.0149 2632 Mup - ok
08:55:02.0196 2632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:55:02.0227 2632 napagent - ok
08:55:02.0242 2632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:55:02.0274 2632 NativeWifiP - ok
08:55:02.0336 2632 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:55:02.0367 2632 NDIS - ok
08:55:02.0383 2632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:55:02.0414 2632 NdisCap - ok
08:55:02.0430 2632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:55:02.0476 2632 NdisTapi - ok
08:55:02.0476 2632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:55:02.0523 2632 Ndisuio - ok
08:55:02.0523 2632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:55:02.0570 2632 NdisWan - ok
08:55:02.0586 2632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:55:02.0617 2632 NDProxy - ok
08:55:02.0632 2632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:55:02.0664 2632 NetBIOS - ok
08:55:02.0679 2632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:55:02.0710 2632 NetBT - ok
08:55:02.0726 2632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:55:02.0742 2632 Netlogon - ok
08:55:02.0788 2632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:55:02.0835 2632 Netman - ok
08:55:02.0851 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:02.0866 2632 NetMsmqActivator - ok
08:55:02.0866 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:02.0882 2632 NetPipeActivator - ok
08:55:02.0913 2632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:55:02.0976 2632 netprofm - ok
08:55:02.0976 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:02.0991 2632 NetTcpActivator - ok
08:55:02.0991 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:03.0007 2632 NetTcpPortSharing - ok
08:55:03.0038 2632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:55:03.0069 2632 nfrd960 - ok
08:55:03.0085 2632 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:55:03.0116 2632 NlaSvc - ok
08:55:03.0225 2632 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
08:55:03.0288 2632 NOBU - ok
08:55:03.0303 2632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:55:03.0334 2632 Npfs - ok
08:55:03.0350 2632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:55:03.0397 2632 nsi - ok
08:55:03.0397 2632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:55:03.0444 2632 nsiproxy - ok
08:55:03.0506 2632 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:55:03.0568 2632 Ntfs - ok
08:55:03.0584 2632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:55:03.0631 2632 Null - ok
08:55:03.0662 2632 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
08:55:03.0678 2632 nusb3hub - ok
08:55:03.0709 2632 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:55:03.0740 2632 nusb3xhc - ok
08:55:03.0771 2632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:55:03.0802 2632 nvraid - ok
08:55:03.0818 2632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:55:03.0849 2632 nvstor - ok
08:55:03.0865 2632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:55:03.0880 2632 nv_agp - ok
08:55:03.0896 2632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:55:03.0912 2632 ohci1394 - ok
08:55:03.0974 2632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:55:04.0005 2632 ose - ok
08:55:04.0192 2632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:55:04.0270 2632 osppsvc - ok
08:55:04.0302 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:55:04.0317 2632 p2pimsvc - ok
08:55:04.0348 2632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:55:04.0364 2632 p2psvc - ok
08:55:04.0380 2632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:55:04.0395 2632 Parport - ok
08:55:04.0411 2632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:55:04.0458 2632 partmgr - ok
08:55:04.0504 2632 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:55:04.0520 2632 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
08:55:04.0520 2632 PassThru Service - detected UnsignedFile.Multi.Generic (1)
08:55:04.0536 2632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:55:04.0567 2632 PcaSvc - ok
08:55:04.0598 2632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:55:04.0629 2632 pci - ok
08:55:04.0645 2632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:55:04.0676 2632 pciide - ok
08:55:04.0692 2632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:55:04.0707 2632 pcmcia - ok
08:55:04.0723 2632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:55:04.0738 2632 pcw - ok
08:55:04.0754 2632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:55:04.0801 2632 PEAUTH - ok
08:55:04.0894 2632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:55:04.0926 2632 PerfHost - ok
08:55:04.0988 2632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:55:05.0035 2632 pla - ok
08:55:05.0066 2632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:55:05.0113 2632 PlugPlay - ok
08:55:05.0128 2632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:55:05.0160 2632 PNRPAutoReg - ok
08:55:05.0191 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:55:05.0206 2632 PNRPsvc - ok
08:55:05.0253 2632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:55:05.0300 2632 PolicyAgent - ok
08:55:05.0331 2632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:55:05.0394 2632 Power - ok
08:55:05.0425 2632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:55:05.0487 2632 PptpMiniport - ok
08:55:05.0503 2632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:55:05.0518 2632 Processor - ok
08:55:05.0550 2632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:55:05.0581 2632 ProfSvc - ok
08:55:05.0596 2632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:55:05.0612 2632 ProtectedStorage - ok
08:55:05.0628 2632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:55:05.0659 2632 Psched - ok
08:55:05.0690 2632 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:55:05.0706 2632 PxHlpa64 - ok
08:55:05.0752 2632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:55:05.0799 2632 ql2300 - ok
08:55:05.0815 2632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:55:05.0830 2632 ql40xx - ok
08:55:05.0862 2632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:55:05.0893 2632 QWAVE - ok
08:55:05.0893 2632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:55:05.0924 2632 QWAVEdrv - ok
08:55:05.0940 2632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:55:05.0971 2632 RasAcd - ok
08:55:06.0002 2632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:55:06.0064 2632 RasAgileVpn - ok
08:55:06.0080 2632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:55:06.0127 2632 RasAuto - ok
08:55:06.0142 2632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:55:06.0174 2632 Rasl2tp - ok
08:55:06.0189 2632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:55:06.0236 2632 RasMan - ok
08:55:06.0252 2632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:55:06.0298 2632 RasPppoe - ok
08:55:06.0298 2632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:55:06.0345 2632 RasSstp - ok
08:55:06.0361 2632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:55:06.0408 2632 rdbss - ok
08:55:06.0423 2632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:55:06.0439 2632 rdpbus - ok
08:55:06.0454 2632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:55:06.0486 2632 RDPCDD - ok
08:55:06.0501 2632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:55:06.0548 2632 RDPENCDD - ok
08:55:06.0564 2632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:55:06.0610 2632 RDPREFMP - ok
08:55:06.0642 2632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:55:06.0673 2632 RDPWD - ok
08:55:06.0688 2632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:55:06.0704 2632 rdyboost - ok
08:55:06.0735 2632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:55:06.0782 2632 RemoteAccess - ok
08:55:06.0829 2632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:55:06.0876 2632 RemoteRegistry - ok
08:55:06.0922 2632 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:55:06.0938 2632 RFCOMM - ok
08:55:07.0063 2632 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
08:55:07.0110 2632 RoxMediaDB12OEM - ok
08:55:07.0141 2632 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
08:55:07.0172 2632 RoxWatch12 - ok
08:55:07.0188 2632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:55:07.0250 2632 RpcEptMapper - ok
08:55:07.0266 2632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:55:07.0297 2632 RpcLocator - ok
08:55:07.0328 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:55:07.0375 2632 RpcSs - ok
08:55:07.0406 2632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:55:07.0437 2632 rspndr - ok
08:55:07.0468 2632 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
08:55:07.0500 2632 RSUSBSTOR - ok
08:55:07.0531 2632 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:55:07.0562 2632 RTL8167 - ok
08:55:07.0578 2632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:55:07.0593 2632 SamSs - ok
08:55:07.0609 2632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:55:07.0624 2632 sbp2port - ok
08:55:07.0702 2632 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:55:07.0734 2632 SBSDWSCService - ok
08:55:07.0765 2632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:55:07.0827 2632 SCardSvr - ok
08:55:07.0843 2632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:55:07.0890 2632 scfilter - ok
08:55:07.0921 2632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:55:07.0968 2632 Schedule - ok
08:55:07.0999 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:55:08.0046 2632 SCPolicySvc - ok
08:55:08.0061 2632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:55:08.0077 2632 SDRSVC - ok
08:55:08.0092 2632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:55:08.0124 2632 secdrv - ok
08:55:08.0139 2632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:55:08.0186 2632 seclogon - ok
08:55:08.0186 2632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:55:08.0233 2632 SENS - ok
08:55:08.0248 2632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:55:08.0264 2632 SensrSvc - ok
08:55:08.0280 2632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:55:08.0295 2632 Serenum - ok
08:55:08.0311 2632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:55:08.0326 2632 Serial - ok
08:55:08.0342 2632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:55:08.0358 2632 sermouse - ok
08:55:08.0389 2632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:55:08.0420 2632 SessionEnv - ok
08:55:08.0482 2632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:55:08.0514 2632 sffdisk - ok
08:55:08.0529 2632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:55:08.0545 2632 sffp_mmc - ok
08:55:08.0560 2632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:55:08.0576 2632 sffp_sd - ok
08:55:08.0592 2632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:55:08.0607 2632 sfloppy - ok
08:55:08.0716 2632 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:55:08.0748 2632 SftService - ok
08:55:08.0794 2632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:55:08.0857 2632 SharedAccess - ok
08:55:08.0919 2632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:55:08.0982 2632 ShellHWDetection - ok
08:55:08.0997 2632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:55:09.0013 2632 SiSRaid2 - ok
08:55:09.0028 2632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:55:09.0044 2632 SiSRaid4 - ok
08:55:09.0060 2632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:55:09.0122 2632 Smb - ok
08:55:09.0138 2632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:55:09.0153 2632 SNMPTRAP - ok
08:55:09.0184 2632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:55:09.0200 2632 spldr - ok
08:55:09.0247 2632 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
08:55:09.0294 2632 Spooler - ok
08:55:09.0403 2632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:55:09.0481 2632 sppsvc - ok
08:55:09.0496 2632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:55:09.0543 2632 sppuinotify - ok
08:55:09.0574 2632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:55:09.0590 2632 srv - ok
08:55:09.0606 2632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:55:09.0637 2632 srv2 - ok
08:55:09.0637 2632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:55:09.0652 2632 srvnet - ok
08:55:09.0684 2632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:55:09.0715 2632 SSDPSRV - ok
08:55:09.0762 2632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:55:09.0824 2632 SstpSvc - ok
08:55:09.0855 2632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:55:09.0886 2632 stexstor - ok
08:55:09.0918 2632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:55:09.0964 2632 stisvc - ok
08:55:10.0074 2632 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:55:10.0089 2632 stllssvr - ok
08:55:10.0120 2632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:55:10.0136 2632 swenum - ok
08:55:10.0152 2632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:55:10.0198 2632 swprv - ok
08:55:10.0261 2632 [ BCD5B4AB94DA436F083FCD0C636D00F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:55:10.0308 2632 SynTP - ok
08:55:10.0354 2632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:55:10.0417 2632 SysMain - ok
08:55:10.0432 2632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:55:10.0479 2632 TabletInputService - ok
08:55:10.0526 2632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:55:10.0588 2632 TapiSrv - ok
08:55:10.0620 2632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:55:10.0682 2632 TBS - ok
08:55:10.0760 2632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:55:10.0791 2632 Tcpip - ok
08:55:10.0854 2632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:55:10.0932 2632 TCPIP6 - ok
08:55:10.0963 2632 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:55:10.0994 2632 tcpipreg - ok
08:55:11.0010 2632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:55:11.0025 2632 TDPIPE - ok
08:55:11.0056 2632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:55:11.0072 2632 TDTCP - ok
08:55:11.0088 2632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:55:11.0119 2632 tdx - ok
08:55:11.0150 2632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:55:11.0166 2632 TermDD - ok
08:55:11.0197 2632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:55:11.0244 2632 TermService - ok
08:55:11.0259 2632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:55:11.0275 2632 Themes - ok
08:55:11.0306 2632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:55:11.0353 2632 THREADORDER - ok
08:55:11.0368 2632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:55:11.0415 2632 TrkWks - ok
08:55:11.0478 2632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:55:11.0524 2632 TrustedInstaller - ok
08:55:11.0540 2632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:55:11.0587 2632 tssecsrv - ok
08:55:11.0602 2632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:55:11.0618 2632 TsUsbFlt - ok
08:55:11.0649 2632 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:55:11.0680 2632 TsUsbGD - ok
08:55:11.0696 2632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:55:11.0743 2632 tunnel - ok
08:55:11.0758 2632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:55:11.0774 2632 uagp35 - ok
08:55:11.0790 2632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:55:11.0836 2632 udfs - ok
08:55:11.0868 2632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:55:11.0883 2632 UI0Detect - ok
08:55:11.0914 2632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:55:11.0914 2632 uliagpkx - ok
08:55:11.0946 2632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:55:11.0961 2632 umbus - ok
08:55:11.0992 2632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:55:12.0024 2632 UmPass - ok
08:55:12.0164 2632 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:55:12.0211 2632 UNS - ok
08:55:12.0242 2632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:55:12.0273 2632 upnphost - ok
08:55:12.0304 2632 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:55:12.0351 2632 usbccgp - ok
08:55:12.0367 2632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:55:12.0398 2632 usbcir - ok
08:55:12.0398 2632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:55:12.0414 2632 usbehci - ok
08:55:12.0445 2632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:55:12.0460 2632 usbhub - ok
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ================ Scan global ===============================
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ================ Scan MBR ==================================
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ================ Scan VBR ==================================
08:55:12.0460 2632 Scan interrupted by user!
08:55:12.0460 2632 ============================================================
08:55:12.0460 2632 Scan finished
08:55:12.0460 2632 ============================================================
08:55:12.0476 1836 Detected object count: 3
08:55:12.0476 1836 Actual detected object count: 3
08:55:28.0107 1836 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
08:55:28.0107 1836 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:55:28.0107 1836 McAWFwk ( UnsignedFile.Multi.Generic ) - skipped by user
08:55:28.0107 1836 McAWFwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:55:28.0107 1836 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:55:28.0123 1836 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:55:38.0232 3716 Deinitialize success
 
All processes killed
========== SERVICES/DRIVERS ==========
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Scriven
->Temp folder emptied: 1184039 bytes
->Temporary Internet Files folder emptied: 1328015266 bytes
->Java cache emptied: 32109404 bytes
->Flash cache emptied: 68479 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1824 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,298.00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 08292012_090533

Files\Folders moved on Reboot...
C:\Users\Scriven\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Scriven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Scriven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8SUI7XZD\showthread[1].htm moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Scriven :: SCRIVEN-PC [administrator]

Protection: Enabled

8/29/2012 9:42:19 AM
mbam-log-2012-08-29 (09-42-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203725
Time elapsed: 2 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
ESETScan

C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Users\Scriven\AppData\Local\Temp\IWantThis.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\Installer\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\services.exe Win64/Patched.B.Gen trojan deleted - quarantined
C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.AD trojan deleted - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0006.dta Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0007.dta Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0008.dta Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\26.08.2012_20.50.11\zasubsys0000\zafs0000\tsk0009.dta a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\08282012_104545\C_Windows\SysWOW64\config\systemprofile\AppData\Local\{792f4199-0b73-e2f4-7b46-706eb422a6b8}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
 
Status
Not open for further replies.
Back
Top