Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZeroAccess and other trojans associated with it.


  • This topic is locked This topic is locked
26 replies to this topic

#1 Purplegill10

Purplegill10

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 07 August 2012 - 09:16 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Purplegill10 at 22:03:05 on 2012-08-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.6273 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.freerice.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624031939.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [EPSON Stylus Photo R280 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKA.EXE /FU "C:\Windows\TEMP\E_S3E09.tmp" /EF "HKCU"
uRun: [Facebook Update] "C:\Users\Purplegill10\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Apple Computer] rundll32.exe "C:\Users\Purplegill10\AppData\Local\Diagnostics\Apple Computer\pedswf.dll",DllRegisterServer
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\PURPLE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{BE98A667-621F-4BC5-B4EC-A82622373D4D} : DhcpNameServer = 168.94.0.14 168.94.0.15
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF} : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\0325F47543 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\2403230313437303 : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\36F6C6473343 : DhcpNameServer = 67.142.162.12 67.142.162.13
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\74452756E646 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\94D475D23463030375 : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-X64: StartNow Toolbar Helper - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624031939.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
EB-X64: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - No File
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-10-3 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-8-2 173056]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-25 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-25 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-25 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-10-2 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-10-2 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-2 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-2 2656280]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\system32\drivers\btmaud.sys --> C:\Windows\system32\drivers\btmaud.sys [?]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\Netwsw00.sys --> C:\Windows\system32\DRIVERS\Netwsw00.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/10/02 22:40:32;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-24 136176]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-25 249936]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-3 2009704]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe --> C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-24 136176]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-10-2 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-16 654408]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-25 249936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-05 21:41:06 -------- d-----w- C:\Users\Purplegill10\AppData\Local\Pinnacle
2012-08-05 21:27:43 70656 ----a-w- C:\Windows\System32\PCLECoInst64.dll
2012-08-05 21:27:42 6400 ----a-w- C:\Windows\System32\drivers\emFilter64.sys
2012-08-05 21:27:42 6144 ----a-w- C:\Windows\System32\drivers\emScan64.sys
2012-08-05 21:27:42 57344 ----a-w- C:\Windows\SysWow64\emVFW.dll
2012-08-05 21:27:42 32768 ----a-w- C:\Windows\SysWow64\emProp.ax
2012-08-05 21:27:42 215808 ----a-w- C:\Windows\System32\drivers\emDevice64.sys
2012-08-05 21:27:42 17808 ----a-w- C:\Windows\SysWow64\emYUV.dll
2012-08-05 21:27:42 13824 ----a-w- C:\Windows\System32\emUSD64.dll
2012-08-05 21:27:40 79872 ----a-w- C:\Windows\System32\drivers\emAudio64.sys
2012-08-05 21:26:58 -------- d-----w- C:\Program Files (x86)\Common Files\Pinnacle
2012-08-05 21:26:47 -------- d-----w- C:\Users\Purplegill10\AppData\Local\Downloaded Installations
2012-08-05 21:26:07 -------- d-----w- C:\ProgramData\Pinnacle Studio HD
2012-08-05 21:20:33 -------- d-----w- C:\Program Files (x86)\Common Files\Pegasus Imaging
2012-08-05 21:20:29 -------- d-----w- C:\ProgramData\Studio 14
2012-08-05 21:20:29 -------- d-----w- C:\ProgramData\Pinnacle Studio Plus
2012-08-05 21:20:29 -------- d-----w- C:\Program Files (x86)\Pinnacle
2012-08-05 21:20:29 -------- d-----w- C:\Program Files (x86)\Common Files\Yahoo!
2012-08-04 04:45:12 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2012-07-29 21:02:50 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Image-Line
2012-07-29 18:38:20 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{A10683DE-0A44-41AB-84D5-E4847638244E}
2012-07-29 18:37:59 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{4B03023B-D7DF-4237-9AA4-D8429412BF64}
2012-07-28 23:39:20 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{78167B99-7059-437E-92DE-4888533AFBCC}
2012-07-28 23:39:10 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{29DF2DF7-1AFD-4082-8675-E0D0321079A5}
2012-07-28 23:38:30 -------- d-----w- C:\Windows\en
2012-07-28 23:35:58 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\DSETUP.dll
2012-07-28 23:35:58 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\DXSETUP.exe
2012-07-28 23:35:58 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\dsetup32.dll
2012-07-28 23:35:58 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd6b7fad1cd6d1902\MeshBetaRemover.exe
2012-07-28 23:35:53 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{56F9C42C-3C60-4030-91BD-80AB95A70E25}
2012-07-28 23:35:32 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{8AE01781-E77D-4660-B13F-CB0B63541408}
2012-07-28 23:35:11 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{E4198772-9545-4D2A-9E58-2144EEA6BE0B}
2012-07-28 23:13:23 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{65F73A2A-A83C-4192-B944-FD33F5CEEBB9}
2012-07-28 21:39:06 172544 ----a-w- C:\Windows\SysWow64\RemoteControl.dll
2012-07-28 21:39:06 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Pamela
2012-07-28 21:39:04 -------- d-----w- C:\Program Files (x86)\Pamela
2012-07-28 17:27:47 -------- d--h--w- C:\Windows\System32\WLANProfiles
2012-07-28 17:26:25 -------- d-----w- C:\Program Files (x86)\Cisco
2012-07-27 21:59:51 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Need for Speed World
2012-07-27 21:06:13 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2012-07-27 20:54:55 1431552 ----a-w- C:\Windows\SysWow64\rewire.dll
2012-07-27 20:54:55 -------- d-----w- C:\Program Files (x86)\VstPlugins
2012-07-27 20:54:46 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2012-07-27 20:54:44 -------- d-----w- C:\Program Files (x86)\Outsim
2012-07-27 20:39:03 -------- d-----w- C:\Program Files (x86)\Image-Line
2012-07-27 05:40:31 -------- d-----w- C:\Users\Purplegill10\AppData\Local\Electronic_Arts_Inc
2012-07-27 05:39:36 -------- d-----w- C:\ProgramData\Electronic Arts
2012-07-25 19:55:05 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\MonoDevelop-Unity-2.8
2012-07-25 19:54:59 -------- d-----w- C:\Users\Purplegill10\AppData\Local\MonoDevelop-Unity-2.8
2012-07-25 19:39:02 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Unity
2012-07-25 19:37:37 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\PACE Anti-Piracy
2012-07-25 19:37:37 -------- d-----w- C:\Users\Purplegill10\AppData\Local\PACE Anti-Piracy
2012-07-25 19:37:37 -------- d-----w- C:\ProgramData\PACE Anti-Piracy
2012-07-25 19:32:28 -------- d-----w- C:\Program Files (x86)\Unity
2012-07-23 23:54:39 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-23 23:54:11 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-21 21:50:41 -------- d-----w- C:\Users\Purplegill10\ManiaPlanet
.
==================== Find3M ====================
.
2012-06-13 18:29:44 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 18:29:44 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 22:04:46.80 ===============
Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 AM

Posted 12 August 2012 - 09:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/464326 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 13 August 2012 - 12:04 AM

alright this is bad, just made a fairly large statement but my IE just cut out on me O_O, being quick (details in my other posts) Got hijacked links, got trojan warning, bleeping computer :thumbup2: , Bleepin' Gringo cut short by paranoia so I went to Geeksquad, no help, came back, here I am. Problems being internet cut outs mainly ruining my games and skype calls. I have my spare drivers and OS cd ready with me. Here is DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Purplegill10 at 0:45:59 on 2012-08-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.6505 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.freerice.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624031939.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [EPSON Stylus Photo R280 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKA.EXE /FU "C:\Windows\TEMP\E_S3E09.tmp" /EF "HKCU"
uRun: [Facebook Update] "C:\Users\Purplegill10\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Apple Computer] rundll32.exe "C:\Users\Purplegill10\AppData\Local\Diagnostics\Apple Computer\pedswf.dll",DllRegisterServer
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\PURPLE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{BE98A667-621F-4BC5-B4EC-A82622373D4D} : DhcpNameServer = 168.94.0.14 168.94.0.15
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF} : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\0325F47543 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\2403230313437303 : DhcpNameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\36F6C6473343 : DhcpNameServer = 67.142.162.12 67.142.162.13
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\74452756E646 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CDB2C215-7770-491F-9D0D-DF43099F03AF}\94D475D23463030375 : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-X64: StartNow Toolbar Helper - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120624031939.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
EB-X64: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - No File
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\system32\drivers\btmaud.sys --> C:\Windows\system32\drivers\btmaud.sys [?]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
.
=============== Created Last 30 ================
.
2012-08-05 21:41:06 -------- d-----w- C:\Users\Purplegill10\AppData\Local\Pinnacle
2012-08-05 21:27:43 70656 ----a-w- C:\Windows\System32\PCLECoInst64.dll
2012-08-05 21:27:42 6400 ----a-w- C:\Windows\System32\drivers\emFilter64.sys
2012-08-05 21:27:42 6144 ----a-w- C:\Windows\System32\drivers\emScan64.sys
2012-08-05 21:27:42 57344 ----a-w- C:\Windows\SysWow64\emVFW.dll
2012-08-05 21:27:42 32768 ----a-w- C:\Windows\SysWow64\emProp.ax
2012-08-05 21:27:42 215808 ----a-w- C:\Windows\System32\drivers\emDevice64.sys
2012-08-05 21:27:42 17808 ----a-w- C:\Windows\SysWow64\emYUV.dll
2012-08-05 21:27:42 13824 ----a-w- C:\Windows\System32\emUSD64.dll
2012-08-05 21:27:40 79872 ----a-w- C:\Windows\System32\drivers\emAudio64.sys
2012-08-05 21:26:58 -------- d-----w- C:\Program Files (x86)\Common Files\Pinnacle
2012-08-05 21:26:47 -------- d-----w- C:\Users\Purplegill10\AppData\Local\Downloaded Installations
2012-08-05 21:26:07 -------- d-----w- C:\ProgramData\Pinnacle Studio HD
2012-08-05 21:20:33 -------- d-----w- C:\Program Files (x86)\Common Files\Pegasus Imaging
2012-08-05 21:20:29 -------- d-----w- C:\ProgramData\Studio 14
2012-08-05 21:20:29 -------- d-----w- C:\ProgramData\Pinnacle Studio Plus
2012-08-05 21:20:29 -------- d-----w- C:\Program Files (x86)\Pinnacle
2012-08-05 21:20:29 -------- d-----w- C:\Program Files (x86)\Common Files\Yahoo!
2012-08-04 04:45:12 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2012-07-29 21:02:50 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Image-Line
2012-07-29 18:38:20 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{A10683DE-0A44-41AB-84D5-E4847638244E}
2012-07-29 18:37:59 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{4B03023B-D7DF-4237-9AA4-D8429412BF64}
2012-07-28 23:39:20 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{78167B99-7059-437E-92DE-4888533AFBCC}
2012-07-28 23:39:10 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{29DF2DF7-1AFD-4082-8675-E0D0321079A5}
2012-07-28 23:38:30 -------- d-----w- C:\Windows\en
2012-07-28 23:35:58 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\DSETUP.dll
2012-07-28 23:35:58 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\DXSETUP.exe
2012-07-28 23:35:58 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\dsetup32.dll
2012-07-28 23:35:58 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bd6b7fad1cd6d1902\MeshBetaRemover.exe
2012-07-28 23:35:53 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{56F9C42C-3C60-4030-91BD-80AB95A70E25}
2012-07-28 23:35:32 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{8AE01781-E77D-4660-B13F-CB0B63541408}
2012-07-28 23:35:11 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{E4198772-9545-4D2A-9E58-2144EEA6BE0B}
2012-07-28 23:13:23 -------- d-----w- C:\Users\Purplegill10\AppData\Local\{65F73A2A-A83C-4192-B944-FD33F5CEEBB9}
2012-07-28 21:39:06 172544 ----a-w- C:\Windows\SysWow64\RemoteControl.dll
2012-07-28 21:39:06 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Pamela
2012-07-28 21:39:04 -------- d-----w- C:\Program Files (x86)\Pamela
2012-07-28 17:27:47 -------- d--h--w- C:\Windows\System32\WLANProfiles
2012-07-28 17:26:25 -------- d-----w- C:\Program Files (x86)\Cisco
2012-07-27 21:59:51 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Need for Speed World
2012-07-27 21:06:13 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2012-07-27 20:54:55 1431552 ----a-w- C:\Windows\SysWow64\rewire.dll
2012-07-27 20:54:55 -------- d-----w- C:\Program Files (x86)\VstPlugins
2012-07-27 20:54:46 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2012-07-27 20:54:44 -------- d-----w- C:\Program Files (x86)\Outsim
2012-07-27 20:39:03 -------- d-----w- C:\Program Files (x86)\Image-Line
2012-07-27 05:40:31 -------- d-----w- C:\Users\Purplegill10\AppData\Local\Electronic_Arts_Inc
2012-07-27 05:39:36 -------- d-----w- C:\ProgramData\Electronic Arts
2012-07-25 19:55:05 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\MonoDevelop-Unity-2.8
2012-07-25 19:54:59 -------- d-----w- C:\Users\Purplegill10\AppData\Local\MonoDevelop-Unity-2.8
2012-07-25 19:39:02 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\Unity
2012-07-25 19:37:37 -------- d-----w- C:\Users\Purplegill10\AppData\Roaming\PACE Anti-Piracy
2012-07-25 19:37:37 -------- d-----w- C:\Users\Purplegill10\AppData\Local\PACE Anti-Piracy
2012-07-25 19:37:37 -------- d-----w- C:\ProgramData\PACE Anti-Piracy
2012-07-25 19:32:28 -------- d-----w- C:\Program Files (x86)\Unity
2012-07-23 23:54:39 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-23 23:54:11 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-21 21:50:41 -------- d-----w- C:\Users\Purplegill10\ManiaPlanet
.
==================== Find3M ====================
.
2012-06-13 18:29:44 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 18:29:44 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 0:48:11.89 ===============
Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:28 AM

Posted 13 August 2012 - 03:52 AM

Greetings and Welcome to The Forums!!


My name is Gringo and I'll be glad to help you with your computer problems.

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

:multiple Anti Virus programs:

It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:

<insert av's>

Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

Please remove all but one of them.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 13 August 2012 - 05:07 PM

Hey gringo, I am having issues with my Mcafee. Oddly enough my firewall says it is disabled yet on the home page of the Mcafee Security Center it says it is on. This is interfereing with the combofix and I was wondering how I can disable it without removing the entire program from my pc.
Here is the security check:
Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
JavaFX 2.1.1
Java™ 7 Update 5
Google Chrome 21.0.1180.60
Google Chrome 21.0.1180.75
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 10%
````````````````````End of Log``````````````````````

EDIT: I have disabled it so it says "Never" and my real time scanning has been disabled but still the combofix would not work. It keeps trying to find a NIMBSK file or something and it will not run.

Edited by Purplegill10, 13 August 2012 - 05:08 PM.

Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:28 AM

Posted 13 August 2012 - 09:14 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 13 August 2012 - 10:21 PM

Hi Gringo, strange situation. Basically I turned on my computer to try and run combofix again when my internet shut out completely which I figured I would have no other choice but to delete mcafee. So I did that, ran combofix completely, and now it seems like my computer is running much faster and so far I've had no problems. Do you still want me to run the TDS killer or should I leave it be. Either way, thanks for being patient and helping me out.
Very thankful--Gilroy
Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:28 AM

Posted 14 August 2012 - 01:42 AM

go ahead and give me the combofix report


you can find it here C:\ComboFix.txt



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 14 August 2012 - 02:07 PM

gotcha, here it is
ComboFix 12-08-13.01 - Purplegill10 08/13/2012 21:39:13.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.6388 [GMT -4:00]
Running from: c:\users\Purplegill10\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\protect\index.html
c:\program files (x86)\StartNow Toolbar\Resources\protect\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\SearchProtectIcon.png
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.js
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\index.html
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\LeftImage.png
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.js
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\programdata\PCDr\5907\Downloads\f0fc9c9c-10ba-435b-8365-dadb523644ff.dll
c:\programdata\Roaming
c:\users\Purplegill10\AppData\Roaming\Love
c:\users\Purplegill10\AppData\Roaming\Love\not_tetris_2\highscoresA.txt
c:\users\Purplegill10\AppData\Roaming\Love\not_tetris_2\highscoresB.txt
c:\users\Purplegill10\AppData\Roaming\Love\not_tetris_2\options.txt
c:\windows\SysWow64\tmp2434.tmp
c:\windows\SysWow64\tmp24F0.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Files Created from 2012-07-14 to 2012-08-14 )))))))))))))))))))))))))))))))
.
.
2012-08-05 21:41 . 2012-08-05 21:41 -------- d-----w- c:\users\Purplegill10\AppData\Local\Pinnacle
2012-08-05 21:27 . 2007-03-05 20:36 70656 ----a-w- c:\windows\system32\PCLECoInst64.dll
2012-08-05 21:27 . 2007-06-21 21:51 215808 ----a-w- c:\windows\system32\drivers\emDevice64.sys
2012-08-05 21:27 . 2007-06-21 21:51 6400 ----a-w- c:\windows\system32\drivers\emFilter64.sys
2012-08-05 21:27 . 2007-06-21 21:51 6144 ----a-w- c:\windows\system32\drivers\emScan64.sys
2012-08-05 21:27 . 2007-06-21 20:21 13824 ----a-w- c:\windows\system32\emUSD64.dll
2012-08-05 21:27 . 2006-07-19 22:12 57344 ----a-w- c:\windows\SysWow64\emVFW.dll
2012-08-05 21:27 . 2006-07-19 22:12 32768 ----a-w- c:\windows\SysWow64\emProp.ax
2012-08-05 21:27 . 2004-09-14 23:25 17808 ----a-w- c:\windows\SysWow64\emYUV.dll
2012-08-05 21:27 . 2007-08-31 18:15 79872 ----a-w- c:\windows\system32\drivers\emAudio64.sys
2012-08-05 21:26 . 2012-08-05 21:26 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2012-08-05 21:26 . 2012-08-05 21:26 -------- d-----w- c:\users\Purplegill10\AppData\Local\Downloaded Installations
2012-08-05 21:26 . 2012-08-05 21:26 -------- d-----w- c:\programdata\Pinnacle Studio HD
2012-08-05 21:20 . 2012-08-05 21:20 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2012-08-05 21:20 . 2012-08-05 21:20 -------- d-----w- c:\programdata\Studio 14
2012-08-05 21:20 . 2012-08-05 21:20 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2012-08-05 21:20 . 2012-08-05 21:20 -------- d-----w- c:\program files (x86)\Pinnacle
2012-08-05 21:20 . 2012-08-05 21:20 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2012-08-05 21:03 . 2012-08-05 21:25 -------- d-----w- c:\programdata\Pinnacle
2012-08-04 04:45 . 2012-08-04 04:45 -------- d-----w- c:\program files (x86)\Dell Digital Delivery
2012-07-29 21:02 . 2012-07-29 21:02 -------- d-----w- c:\users\Purplegill10\AppData\Roaming\Image-Line
2012-07-28 23:38 . 2012-07-28 23:38 -------- d-----w- c:\windows\en
2012-07-28 23:35 . 2012-07-28 23:35 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\DSETUP.dll
2012-07-28 23:35 . 2012-07-28 23:35 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\DXSETUP.exe
2012-07-28 23:35 . 2012-07-28 23:35 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bd2f602c1cd6d1901\dsetup32.dll
2012-07-28 23:35 . 2012-07-28 23:35 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bd6b7fad1cd6d1902\MeshBetaRemover.exe
2012-07-28 21:39 . 2012-07-29 01:57 -------- d-----w- c:\users\Purplegill10\AppData\Roaming\Pamela
2012-07-28 21:39 . 2012-07-28 21:39 172544 ----a-w- c:\windows\SysWow64\RemoteControl.dll
2012-07-28 21:39 . 2012-07-28 21:39 -------- d-----w- c:\program files (x86)\Pamela
2012-07-28 17:27 . 2012-07-28 17:27 -------- d--h--w- c:\windows\system32\WLANProfiles
2012-07-28 17:27 . 2012-07-28 17:27 -------- d-----w- c:\programdata\Intel
2012-07-28 17:26 . 2012-07-28 17:26 -------- d-----w- c:\program files (x86)\Cisco
2012-07-27 21:59 . 2012-07-27 21:59 -------- d-----w- c:\users\Purplegill10\AppData\Roaming\Need for Speed World
2012-07-27 21:06 . 2012-07-27 21:06 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2012-07-27 20:54 . 2012-07-27 20:54 -------- d-----w- c:\program files (x86)\VstPlugins
2012-07-27 20:54 . 2011-10-11 14:45 1431552 ----a-w- c:\windows\SysWow64\rewire.dll
2012-07-27 20:54 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2012-07-27 20:54 . 2012-07-27 20:54 -------- d-----w- c:\program files (x86)\Outsim
2012-07-27 20:39 . 2012-07-27 20:54 -------- d-----w- c:\program files (x86)\Image-Line
2012-07-27 05:40 . 2012-07-27 05:40 -------- d-----w- c:\users\Purplegill10\AppData\Local\Electronic_Arts_Inc
2012-07-27 05:39 . 2012-07-27 05:39 -------- d-----w- c:\programdata\Electronic Arts
2012-07-27 05:39 . 2012-07-27 05:39 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-07-25 19:55 . 2012-07-25 19:55 -------- d-----w- c:\users\Purplegill10\AppData\Roaming\MonoDevelop-Unity-2.8
2012-07-25 19:54 . 2012-07-25 19:55 -------- d-----w- c:\users\Purplegill10\AppData\Local\MonoDevelop-Unity-2.8
2012-07-25 19:39 . 2012-07-25 19:42 -------- d-----w- c:\users\Purplegill10\AppData\Roaming\Unity
2012-07-25 19:37 . 2012-07-25 19:38 -------- d-----w- c:\users\Purplegill10\AppData\Roaming\PACE Anti-Piracy
2012-07-25 19:37 . 2012-07-25 19:38 -------- d-----w- c:\programdata\PACE Anti-Piracy
2012-07-25 19:37 . 2012-07-25 19:37 -------- d-----w- c:\users\Purplegill10\AppData\Local\PACE Anti-Piracy
2012-07-25 19:32 . 2012-07-25 19:36 -------- d-----w- c:\program files (x86)\Unity
2012-07-23 23:55 . 2012-07-23 23:55 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-23 23:54 . 2012-07-23 23:54 -------- d-----w- c:\program files (x86)\Oracle
2012-07-23 23:54 . 2012-07-06 02:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-21 21:50 . 2012-07-21 21:50 -------- d-----w- c:\users\Purplegill10\ManiaPlanet
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-13 18:29 . 2012-04-24 23:52 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-13 18:29 . 2011-10-03 02:56 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-02 22:19 . 2012-06-22 04:07 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 04:07 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 04:07 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 04:07 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 04:07 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 04:07 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 04:07 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-22 04:07 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-22 04:07 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-18 02:47 . 2012-06-13 15:22 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-05-18 02:16 . 2012-06-13 15:22 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-05-18 02:06 . 2012-06-13 15:22 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-05-18 01:59 . 2012-06-13 15:22 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-05-18 01:59 . 2012-06-13 15:22 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-05-18 01:58 . 2012-06-13 15:22 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-18 01:58 . 2012-06-13 15:22 237056 ----a-w- c:\windows\system32\url.dll
2012-05-18 01:56 . 2012-06-13 15:22 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-18 01:55 . 2012-06-13 15:22 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-18 01:55 . 2012-06-13 15:22 818688 ----a-w- c:\windows\system32\jscript.dll
2012-05-18 01:54 . 2012-06-13 15:22 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-05-18 01:51 . 2012-06-13 15:22 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-05-18 01:51 . 2012-06-13 15:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-18 01:47 . 2012-06-13 15:22 248320 ----a-w- c:\windows\system32\ieui.dll
2012-05-17 22:45 . 2012-06-13 15:22 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-05-17 22:35 . 2012-06-13 15:22 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-17 22:35 . 2012-06-13 15:22 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29 . 2012-06-13 15:22 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24 . 2012-06-13 15:22 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Purplegill10\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-04 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-29 75048]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-29 885760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\users\Purplegill10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/10/02 22:40;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 136176]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-03-01 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 1335360]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-05-19 53248]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 282624]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 136176]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-19 59904]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-04-26 34200]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 273168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-17 1255736]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-04-22 25960]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 921664]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 995392]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-08-02 173056]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-07-08 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-22 378472]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-04-17 2671376]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-04-26 25496]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-117972741-3128202334-202084677-1001Core.job
- c:\users\Purplegill10\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-13 18:45]
.
2012-08-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-117972741-3128202334-202084677-1001UA.job
- c:\users\Purplegill10\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-13 18:45]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 01:59]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 01:59]
.
2012-08-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-08-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-11 4500640]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-29 2055016]
"combofix"="c:\combofix\CF9584.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.freerice.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-Apple Computer - c:\users\Purplegill10\AppData\Local\Diagnostics\Apple Computer\pedswf.dll
Wow6432Node-HKLM-Run-StartNowToolbarHelper - c:\program files (x86)\StartNow Toolbar\ToolbarHelper.exe
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EpicPlay - c:\program files (x86)\EpicPlay\epicRemoval.exe
AddRemove-StartNow Toolbar - c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
AddRemove-UnityWebPlayer - c:\users\Purplegill10\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-08-13 21:56:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-14 01:56
.
Pre-Run: 408,332,869,632 bytes free
Post-Run: 418,069,483,520 bytes free
.
- - End Of File - - 7D999727063DCCCCD9B9DA53F3DA2480
Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:28 AM

Posted 14 August 2012 - 07:38 PM

Greetings

Thanks for getting me the reports and now I do want you to run TDsSkiller and aswMBR




tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 15 August 2012 - 02:38 PM

Here is the TDSSkiller


15:30:50.0802 9596 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
15:30:51.0461 9596 ============================================================
15:30:51.0461 9596 Current date / time: 2012/08/15 15:30:51.0461
15:30:51.0461 9596 SystemInfo:
15:30:51.0461 9596
15:30:51.0461 9596 OS Version: 6.1.7601 ServicePack: 1.0
15:30:51.0461 9596 Product type: Workstation
15:30:51.0461 9596 ComputerName: PURPLEGILL10-PC
15:30:51.0461 9596 UserName: Purplegill10
15:30:51.0461 9596 Windows directory: C:\Windows
15:30:51.0461 9596 System windows directory: C:\Windows
15:30:51.0461 9596 Running under WOW64
15:30:51.0461 9596 Processor architecture: Intel x64
15:30:51.0461 9596 Number of processors: 8
15:30:51.0461 9596 Page size: 0x1000
15:30:51.0461 9596 Boot type: Normal boot
15:30:51.0461 9596 ============================================================
15:30:52.0116 9596 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:30:52.0116 9596 ============================================================
15:30:52.0116 9596 \Device\Harddisk0\DR0:
15:30:52.0116 9596 MBR partitions:
15:30:52.0116 9596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
15:30:52.0116 9596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x48113AB0
15:30:52.0116 9596 ============================================================
15:30:52.0147 9596 C: <-> \Device\Harddisk0\DR0\Partition2
15:30:52.0147 9596 ============================================================
15:30:52.0147 9596 Initialize success
15:30:52.0147 9596 ============================================================
15:30:53.0819 7092 ============================================================
15:30:53.0819 7092 Scan started
15:30:53.0819 7092 Mode: Manual;
15:30:53.0819 7092 ============================================================
15:30:54.0303 7092 ================ Scan services =============================
15:30:54.0677 7092 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:30:54.0724 7092 1394ohci - ok
15:30:54.0771 7092 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:30:54.0786 7092 ACPI - ok
15:30:54.0802 7092 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:30:54.0849 7092 AcpiPmi - ok
15:30:54.0896 7092 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:30:54.0927 7092 adp94xx - ok
15:30:54.0974 7092 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:30:54.0989 7092 adpahci - ok
15:30:55.0036 7092 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:30:55.0036 7092 adpu320 - ok
15:30:55.0083 7092 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:30:55.0098 7092 AeLookupSvc - ok
15:30:55.0176 7092 [ d1e343bc00136ce03c4d403194d06a80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:30:55.0223 7092 AERTFilters - ok
15:30:55.0286 7092 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:30:55.0286 7092 AFD - ok
15:30:55.0348 7092 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:30:55.0348 7092 agp440 - ok
15:30:55.0379 7092 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
15:30:55.0379 7092 ALG - ok
15:30:55.0410 7092 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:30:55.0410 7092 aliide - ok
15:30:55.0426 7092 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
15:30:55.0426 7092 amdide - ok
15:30:55.0426 7092 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:30:55.0442 7092 AmdK8 - ok
15:30:55.0442 7092 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:30:55.0442 7092 AmdPPM - ok
15:30:55.0504 7092 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:30:55.0535 7092 amdsata - ok
15:30:55.0598 7092 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:30:55.0613 7092 amdsbs - ok
15:30:55.0629 7092 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:30:55.0629 7092 amdxata - ok
15:30:55.0676 7092 [ b147910d07f862f1f5b7b80bf5d800bf ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:30:55.0707 7092 AMPPAL - ok
15:30:55.0785 7092 [ b147910d07f862f1f5b7b80bf5d800bf ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:30:55.0785 7092 AMPPALP - ok
15:30:55.0847 7092 [ 86dc20ff914596983023e9e4544667ee ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:30:55.0847 7092 AMPPALR3 - ok
15:30:55.0910 7092 [ 24ed0eb2b2558970176ecee680f8f806 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:30:55.0956 7092 ApfiltrService - ok
15:30:56.0034 7092 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
15:30:56.0081 7092 AppID - ok
15:30:56.0112 7092 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:30:56.0112 7092 AppIDSvc - ok
15:30:56.0159 7092 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:30:56.0159 7092 Appinfo - ok
15:30:56.0348 7092 [ 7ef47644b74ebe721cc32211d3c35e76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:30:56.0391 7092 Apple Mobile Device - ok
15:30:56.0491 7092 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
15:30:56.0491 7092 arc - ok
15:30:56.0491 7092 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:30:56.0491 7092 arcsas - ok
15:30:56.0631 7092 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:30:56.0662 7092 aspnet_state - ok
15:30:56.0725 7092 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:30:56.0740 7092 AsyncMac - ok
15:30:56.0787 7092 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
15:30:56.0787 7092 atapi - ok
15:30:56.0865 7092 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:30:56.0865 7092 AudioEndpointBuilder - ok
15:30:56.0896 7092 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:30:56.0896 7092 AudioSrv - ok
15:30:56.0959 7092 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:30:56.0959 7092 AxInstSV - ok
15:30:57.0021 7092 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:30:57.0021 7092 b06bdrv - ok
15:30:57.0115 7092 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:30:57.0130 7092 b57nd60a - ok
15:30:57.0177 7092 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:30:57.0177 7092 BDESVC - ok
15:30:57.0227 7092 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:30:57.0231 7092 Beep - ok
15:30:57.0313 7092 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
15:30:57.0319 7092 BFE - ok
15:30:57.0349 7092 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll
15:30:57.0356 7092 BITS - ok
15:30:57.0399 7092 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:30:57.0403 7092 blbdrive - ok
15:30:57.0521 7092 [ 5ff7b9916a10e8e69e7c0d16f0b4787a ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:30:57.0537 7092 Bluetooth Device Monitor - ok
15:30:57.0568 7092 [ e43d73caf1023976efba1d0f0e69e271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:30:57.0583 7092 Bluetooth Media Service - ok
15:30:57.0646 7092 [ 20427929646784a482df34ef8c4fed23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
15:30:57.0646 7092 Bluetooth OBEX Service - ok
15:30:57.0724 7092 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:30:57.0771 7092 Bonjour Service - ok
15:30:57.0817 7092 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:30:57.0833 7092 bowser - ok
15:30:57.0864 7092 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:30:57.0864 7092 BrFiltLo - ok
15:30:57.0880 7092 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:30:57.0895 7092 BrFiltUp - ok
15:30:57.0958 7092 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:30:57.0973 7092 BridgeMP - ok
15:30:58.0020 7092 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
15:30:58.0020 7092 Browser - ok
15:30:58.0020 7092 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:30:58.0036 7092 Brserid - ok
15:30:58.0051 7092 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:30:58.0051 7092 BrSerWdm - ok
15:30:58.0067 7092 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:30:58.0067 7092 BrUsbMdm - ok
15:30:58.0067 7092 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:30:58.0067 7092 BrUsbSer - ok
15:30:58.0114 7092 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:30:58.0114 7092 BthEnum - ok
15:30:58.0145 7092 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:30:58.0145 7092 BTHMODEM - ok
15:30:58.0192 7092 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:30:58.0192 7092 BthPan - ok
15:30:58.0254 7092 [ 64c198198501f7560ee41d8d1efa7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:30:58.0270 7092 BTHPORT - ok
15:30:58.0301 7092 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
15:30:58.0301 7092 bthserv - ok
15:30:58.0332 7092 [ 34c60d1f16d8fe67277dbb9d7e59f89d ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:30:58.0379 7092 BTHSSecurityMgr - ok
15:30:58.0426 7092 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:30:58.0426 7092 BTHUSB - ok
15:30:58.0504 7092 [ 274e47bd9c1367bdbfa9df10c2e6c544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
15:30:58.0504 7092 btmaudio - ok
15:30:58.0519 7092 [ 75eab5aaf6e9f83739249ce60b4b9c39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
15:30:58.0519 7092 btmaux - ok
15:30:58.0566 7092 [ 0b1cc2221dc5990e4557a78ce9afad4f ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
15:30:58.0582 7092 btmhsf - ok
15:30:58.0644 7092 catchme - ok
15:30:58.0691 7092 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:30:58.0707 7092 cdfs - ok
15:30:58.0753 7092 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:30:58.0785 7092 cdrom - ok
15:30:58.0847 7092 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
15:30:58.0847 7092 CertPropSvc - ok
15:30:58.0925 7092 [ 45b5a89dc41577282e5bf41b1165ea71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
15:30:58.0956 7092 cfwids - ok
15:30:59.0019 7092 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
15:30:59.0019 7092 circlass - ok
15:30:59.0034 7092 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
15:30:59.0050 7092 CLFS - ok
15:30:59.0128 7092 [ 730bf325e4cc1e3935b81943ac6da216 ] CLKMSVC10_9EC60124 c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
15:31:00.0748 7092 CLKMSVC10_9EC60124 - ok
15:31:00.0826 7092 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:00.0826 7092 clr_optimization_v2.0.50727_32 - ok
15:31:00.0873 7092 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:00.0873 7092 clr_optimization_v2.0.50727_64 - ok
15:31:00.0966 7092 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:00.0998 7092 clr_optimization_v4.0.30319_32 - ok
15:31:01.0044 7092 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:01.0091 7092 clr_optimization_v4.0.30319_64 - ok
15:31:01.0154 7092 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:01.0169 7092 CmBatt - ok
15:31:01.0200 7092 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:31:01.0200 7092 cmdide - ok
15:31:01.0263 7092 [ c4943b6c962e4b82197542447ad599f4 ] CNG C:\Windows\system32\Drivers\cng.sys
15:31:01.0278 7092 CNG - ok
15:31:01.0341 7092 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:31:01.0341 7092 Compbatt - ok
15:31:01.0395 7092 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:31:01.0433 7092 CompositeBus - ok
15:31:01.0466 7092 COMSysApp - ok
15:31:01.0497 7092 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:31:01.0500 7092 crcdisk - ok
15:31:01.0532 7092 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:31:01.0533 7092 CryptSvc - ok
15:31:01.0595 7092 [ bc3d4f90978cd7c8eabd1baf3bf7873a ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:31:01.0632 7092 CtClsFlt - ok
15:31:01.0749 7092 [ 72794d112cbaff3bc0c29bf7350d4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:31:01.0765 7092 cvhsvc - ok
15:31:01.0812 7092 [ b1c55a95006d621d04fe4a23f86c0a54 ] DCamUSBEMPIA C:\Windows\system32\DRIVERS\emDevice64.sys
15:31:01.0858 7092 DCamUSBEMPIA - ok
15:31:01.0890 7092 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:31:01.0905 7092 DcomLaunch - ok
15:31:01.0936 7092 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
15:31:01.0936 7092 defragsvc - ok
15:31:02.0014 7092 [ 88d5fe2109f1a52cf69ba410082a833a ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
15:31:02.0030 7092 DellDigitalDelivery - ok
15:31:02.0061 7092 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:31:02.0061 7092 DfsC - ok
15:31:02.0108 7092 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
15:31:02.0108 7092 Dhcp - ok
15:31:02.0155 7092 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
15:31:02.0155 7092 discache - ok
15:31:02.0202 7092 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
15:31:02.0202 7092 Disk - ok
15:31:02.0217 7092 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:31:02.0248 7092 Dnscache - ok
15:31:02.0280 7092 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:31:02.0295 7092 dot3svc - ok
15:31:02.0311 7092 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
15:31:02.0311 7092 DPS - ok
15:31:02.0358 7092 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:31:02.0358 7092 drmkaud - ok
15:31:02.0408 7092 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:31:02.0458 7092 DXGKrnl - ok
15:31:02.0505 7092 EagleX64 - ok
15:31:02.0537 7092 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:31:02.0539 7092 EapHost - ok
15:31:02.0621 7092 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:31:02.0717 7092 ebdrv - ok
15:31:02.0748 7092 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
15:31:02.0780 7092 EFS - ok
15:31:02.0842 7092 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:31:02.0858 7092 ehRecvr - ok
15:31:02.0858 7092 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
15:31:02.0873 7092 ehSched - ok
15:31:02.0889 7092 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:31:02.0904 7092 elxstor - ok
15:31:02.0967 7092 [ 8543bb84cd5872cd1619183f5cbbe3f9 ] emAudio C:\Windows\system32\drivers\emAudio64.sys
15:31:02.0998 7092 emAudio - ok
15:31:03.0154 7092 [ 1e345f2a2d95da3190596e691cde9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
15:31:03.0201 7092 EPSON_PM_RPCV4_01 - ok
15:31:03.0201 7092 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:31:03.0201 7092 ErrDev - ok
15:31:03.0248 7092 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
15:31:03.0248 7092 EventSystem - ok
15:31:03.0372 7092 [ 3a65d4af876f6cd47b22aa93a31e4646 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:31:03.0424 7092 EvtEng - ok
15:31:03.0477 7092 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
15:31:03.0484 7092 exfat - ok
15:31:03.0518 7092 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:31:03.0521 7092 fastfat - ok
15:31:03.0570 7092 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
15:31:03.0612 7092 Fax - ok
15:31:03.0639 7092 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
15:31:03.0642 7092 fdc - ok
15:31:03.0670 7092 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:31:03.0670 7092 fdPHost - ok
15:31:03.0685 7092 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:31:03.0685 7092 FDResPub - ok
15:31:03.0701 7092 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:31:03.0701 7092 FileInfo - ok
15:31:03.0716 7092 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:31:03.0716 7092 Filetrace - ok
15:31:03.0795 7092 [ 73fbb50c4d92adc30a9d57a269489a0b ] FiltUSBEMPIA C:\Windows\system32\DRIVERS\emFilter64.sys
15:31:03.0827 7092 FiltUSBEMPIA - ok
15:31:03.0842 7092 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:31:03.0842 7092 flpydisk - ok
15:31:03.0873 7092 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:31:03.0889 7092 FltMgr - ok
15:31:03.0920 7092 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
15:31:03.0936 7092 FontCache - ok
15:31:03.0983 7092 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:04.0029 7092 FontCache3.0.0.0 - ok
15:31:04.0045 7092 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:31:04.0045 7092 FsDepends - ok
15:31:04.0076 7092 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:31:04.0123 7092 Fs_Rec - ok
15:31:04.0170 7092 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:31:04.0170 7092 fvevol - ok
15:31:04.0201 7092 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:31:04.0201 7092 gagp30kx - ok
15:31:04.0263 7092 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:31:04.0295 7092 GEARAspiWDM - ok
15:31:04.0423 7092 [ d3316f6e3c011435f36e3d6e49b3196c ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
15:31:04.0463 7092 GoToAssist - ok
15:31:04.0505 7092 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
15:31:04.0513 7092 gpsvc - ok
15:31:04.0612 7092 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:04.0613 7092 gupdate - ok
15:31:04.0617 7092 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:04.0619 7092 gupdatem - ok
15:31:04.0647 7092 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:31:04.0650 7092 hcw85cir - ok
15:31:04.0684 7092 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:04.0684 7092 HDAudBus - ok
15:31:04.0684 7092 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:31:04.0684 7092 HidBatt - ok
15:31:04.0716 7092 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:31:04.0716 7092 HidBth - ok
15:31:04.0747 7092 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:31:04.0747 7092 HidIr - ok
15:31:04.0762 7092 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
15:31:04.0762 7092 hidserv - ok
15:31:04.0794 7092 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:31:04.0825 7092 HidUsb - ok
15:31:04.0934 7092 [ a894fb2cae6a29f5d9c8eda47b074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
15:31:04.0965 7092 HipShieldK - ok
15:31:04.0996 7092 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:31:04.0996 7092 hkmsvc - ok
15:31:05.0043 7092 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:31:05.0043 7092 HomeGroupListener - ok
15:31:05.0106 7092 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:31:05.0106 7092 HomeGroupProvider - ok
15:31:05.0106 7092 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:31:05.0152 7092 HpSAMD - ok
15:31:05.0199 7092 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:31:05.0215 7092 HTTP - ok
15:31:05.0215 7092 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:31:05.0215 7092 hwpolicy - ok
15:31:05.0277 7092 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:05.0277 7092 i8042prt - ok
15:31:05.0308 7092 [ d469b77687e12fe43e344806740b624d ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:31:05.0324 7092 iaStor - ok
15:31:05.0371 7092 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:31:05.0427 7092 iaStorV - ok
15:31:05.0445 7092 [ 8a4ec1c3f10385181b1066120c610ae5 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
15:31:05.0445 7092 iBtFltCoex - ok
15:31:05.0503 7092 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:05.0562 7092 idsvc - ok
15:31:05.0887 7092 [ a47d902f5c0c43dcf5ee2cae02bf39a8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:31:06.0028 7092 igfx - ok
15:31:06.0059 7092 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:31:06.0059 7092 iirsp - ok
15:31:06.0121 7092 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
15:31:06.0121 7092 IKEEXT - ok
15:31:06.0184 7092 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
15:31:06.0215 7092 Impcd - ok
15:31:06.0293 7092 [ caddf0927dac63edae48f5c35a61d87d ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:31:06.0324 7092 intaud_WaveExtensible - ok
15:31:06.0437 7092 [ 8fed6428fde53d7f4c105095f22524be ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:31:06.0517 7092 IntcAzAudAddService - ok
15:31:06.0572 7092 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
15:31:06.0575 7092 intelide - ok
15:31:06.0609 7092 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:31:06.0610 7092 intelppm - ok
15:31:06.0636 7092 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:31:06.0638 7092 IPBusEnum - ok
15:31:06.0651 7092 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:06.0685 7092 IpFilterDriver - ok
15:31:06.0763 7092 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:31:06.0778 7092 iphlpsvc - ok
15:31:06.0778 7092 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:31:06.0810 7092 IPMIDRV - ok
15:31:06.0856 7092 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:31:06.0856 7092 IPNAT - ok
15:31:06.0934 7092 [ 50d6ccc6ff5561f9f56946b3e6164fb8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:31:06.0981 7092 iPod Service - ok
15:31:07.0012 7092 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:31:07.0012 7092 IRENUM - ok
15:31:07.0044 7092 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:31:07.0044 7092 isapnp - ok
15:31:07.0075 7092 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:31:07.0106 7092 iScsiPrt - ok
15:31:07.0168 7092 [ 716f66336f10885d935b08174dc54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
15:31:07.0200 7092 iwdbus - ok
15:31:07.0215 7092 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:07.0215 7092 kbdclass - ok
15:31:07.0231 7092 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:31:07.0278 7092 kbdhid - ok
15:31:07.0293 7092 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
15:31:07.0293 7092 KeyIso - ok
15:31:07.0356 7092 [ da1e991a61cfdd755a589e206b97644b ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:31:07.0356 7092 KSecDD - ok
15:31:07.0371 7092 [ 7e33198d956943a4f11a5474c1e9106f ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:31:07.0371 7092 KSecPkg - ok
15:31:07.0387 7092 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:31:07.0402 7092 ksthunk - ok
15:31:07.0463 7092 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
15:31:07.0473 7092 KtmRm - ok
15:31:07.0532 7092 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:31:07.0534 7092 LanmanServer - ok
15:31:07.0566 7092 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:31:07.0568 7092 LanmanWorkstation - ok
15:31:07.0622 7092 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:31:07.0626 7092 lltdio - ok
15:31:07.0663 7092 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:31:07.0670 7092 lltdsvc - ok
15:31:07.0701 7092 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:31:07.0701 7092 lmhosts - ok
15:31:07.0779 7092 [ 7f32d4c47a50e7223491e8fb9359907d ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:31:07.0841 7092 LMS - ok
15:31:07.0904 7092 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:31:07.0904 7092 LSI_FC - ok
15:31:07.0904 7092 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:31:07.0919 7092 LSI_SAS - ok
15:31:07.0919 7092 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:31:07.0919 7092 LSI_SAS2 - ok
15:31:07.0919 7092 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:31:07.0935 7092 LSI_SCSI - ok
15:31:07.0950 7092 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
15:31:07.0950 7092 luafv - ok
15:31:08.0013 7092 [ 024da28053d57e9e32bee52600576bbb ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
15:31:08.0013 7092 MarvinBus - ok
15:31:08.0138 7092 [ b891e3920f24ff1a3bead6cd2b42ed99 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
15:31:08.0169 7092 McAfee SiteAdvisor Service - ok
15:31:08.0278 7092 [ c121367d21599367f2adb9c11b7babaa ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:08.0278 7092 McMPFSvc - ok
15:31:08.0340 7092 [ c121367d21599367f2adb9c11b7babaa ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:08.0340 7092 mcmscsvc - ok
15:31:08.0340 7092 [ c121367d21599367f2adb9c11b7babaa ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:08.0340 7092 McNaiAnn - ok
15:31:08.0372 7092 [ c121367d21599367f2adb9c11b7babaa ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:08.0372 7092 McNASvc - ok
15:31:08.0529 7092 [ 3fcd6f2c6d8502402b716143bd57bcba ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
15:31:08.0534 7092 McODS - ok
15:31:08.0564 7092 [ c121367d21599367f2adb9c11b7babaa ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:08.0565 7092 McProxy - ok
15:31:08.0630 7092 [ 837072909ad6e3fba4b0c9334fdad580 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
15:31:08.0631 7092 McPvDrv - ok
15:31:08.0701 7092 [ 4dec9b5bedaa97b1ff6a3923e1c4f58a ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:31:08.0732 7092 McShield - ok
15:31:08.0779 7092 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:31:08.0810 7092 Mcx2Svc - ok
15:31:08.0826 7092 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:31:08.0841 7092 megasas - ok
15:31:08.0873 7092 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:31:08.0888 7092 MegaSR - ok
15:31:08.0935 7092 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:31:08.0966 7092 MEIx64 - ok
15:31:09.0060 7092 [ b574522827d94126c03975fd53f0b26b ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
15:31:09.0060 7092 mfeapfk - ok
15:31:09.0107 7092 [ b393753ece9a9e2307cb1984acf3da9d ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
15:31:09.0153 7092 mfeavfk - ok
15:31:09.0200 7092 mfeavfk01 - ok
15:31:09.0247 7092 [ 97c398750c8e80a48eb63999546f796e ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:31:09.0278 7092 mfefire - ok
15:31:09.0309 7092 [ c52a1abf03dd219375ea0f6a8be941c3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
15:31:09.0356 7092 mfefirek - ok
15:31:09.0433 7092 [ 7092a6c6158fc4f5aa39ebeb9d5af03d ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
15:31:09.0442 7092 mfehidk - ok
15:31:09.0476 7092 [ d2a941c82a0a9227cd6f47ad40a40f69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
15:31:09.0514 7092 mferkdet - ok
15:31:09.0546 7092 [ 04d48692eff181da46dd8ea8be9ffb2b ] mfevtp C:\Windows\system32\mfevtps.exe
15:31:09.0585 7092 mfevtp - ok
15:31:09.0624 7092 [ 1631e2da6c4b47d97eca94842836592e ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
15:31:09.0628 7092 mfewfpk - ok
15:31:09.0651 7092 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
15:31:09.0652 7092 MMCSS - ok
15:31:09.0763 7092 [ 8cc001c65c31633171991fa72a551d43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
15:31:09.0794 7092 MOBKbackup - ok
15:31:09.0825 7092 [ 3800c23d0d90c59aafcdefdc82b5c4af ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
15:31:09.0825 7092 MOBKFilter - ok
15:31:09.0856 7092 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:31:09.0856 7092 Modem - ok
15:31:09.0903 7092 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:31:09.0903 7092 monitor - ok
15:31:09.0965 7092 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:31:09.0965 7092 mouclass - ok
15:31:09.0997 7092 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
15:31:09.0997 7092 mouhid - ok
15:31:10.0028 7092 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:31:10.0028 7092 mountmgr - ok
15:31:10.0043 7092 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:31:10.0075 7092 mpio - ok
15:31:10.0106 7092 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:31:10.0106 7092 mpsdrv - ok
15:31:10.0199 7092 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:31:10.0246 7092 MpsSvc - ok
15:31:10.0246 7092 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:31:10.0293 7092 MRxDAV - ok
15:31:10.0340 7092 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:10.0340 7092 mrxsmb - ok
15:31:10.0371 7092 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:10.0371 7092 mrxsmb10 - ok
15:31:10.0387 7092 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:10.0387 7092 mrxsmb20 - ok
15:31:10.0418 7092 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:31:10.0449 7092 msahci - ok
15:31:10.0480 7092 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:31:10.0511 7092 msdsm - ok
15:31:10.0527 7092 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
15:31:10.0527 7092 MSDTC - ok
15:31:10.0543 7092 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:31:10.0543 7092 Msfs - ok
15:31:10.0558 7092 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:31:10.0558 7092 mshidkmdf - ok
15:31:10.0574 7092 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:31:10.0574 7092 msisadrv - ok
15:31:10.0636 7092 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:31:10.0636 7092 MSiSCSI - ok
15:31:10.0652 7092 msiserver - ok
15:31:10.0730 7092 [ c121367d21599367f2adb9c11b7babaa ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:10.0730 7092 MSK80Service - ok
15:31:10.0761 7092 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:31:10.0761 7092 MSKSSRV - ok
15:31:10.0777 7092 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:10.0777 7092 MSPCLOCK - ok
15:31:10.0792 7092 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:31:10.0792 7092 MSPQM - ok
15:31:10.0808 7092 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:31:10.0823 7092 MsRPC - ok
15:31:10.0839 7092 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:10.0839 7092 mssmbios - ok
15:31:10.0839 7092 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:31:10.0855 7092 MSTEE - ok
15:31:10.0855 7092 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:31:10.0855 7092 MTConfig - ok
15:31:10.0870 7092 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:31:10.0870 7092 Mup - ok
15:31:10.0964 7092 [ 22299bbed2fd0dffc0fa1d46496c6d19 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:31:11.0011 7092 MyWiFiDHCPDNS - ok
15:31:11.0042 7092 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
15:31:11.0057 7092 napagent - ok
15:31:11.0104 7092 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:31:11.0120 7092 NativeWifiP - ok
15:31:11.0198 7092 [ c38b8ae57f78915905064a9a24dc1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:31:11.0213 7092 NDIS - ok
15:31:11.0245 7092 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:31:11.0260 7092 NdisCap - ok
15:31:11.0291 7092 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:11.0291 7092 NdisTapi - ok
15:31:11.0338 7092 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:11.0369 7092 Ndisuio - ok
15:31:11.0385 7092 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:11.0416 7092 NdisWan - ok
15:31:11.0447 7092 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:31:11.0479 7092 NDProxy - ok
15:31:11.0525 7092 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:31:11.0525 7092 NetBIOS - ok
15:31:11.0541 7092 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:31:11.0541 7092 NetBT - ok
15:31:11.0557 7092 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
15:31:11.0557 7092 Netlogon - ok
15:31:11.0619 7092 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
15:31:11.0635 7092 Netman - ok
15:31:11.0650 7092 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:11.0697 7092 NetMsmqActivator - ok
15:31:11.0697 7092 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:11.0697 7092 NetPipeActivator - ok
15:31:11.0713 7092 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
15:31:11.0713 7092 netprofm - ok
15:31:11.0728 7092 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:11.0728 7092 NetTcpActivator - ok
15:31:11.0728 7092 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:11.0728 7092 NetTcpPortSharing - ok
15:31:12.0103 7092 [ 262225f08b891fd7f16b3b93a3177c1f ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
15:31:12.0259 7092 NETwNs64 - ok
15:31:12.0290 7092 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:31:12.0290 7092 nfrd960 - ok
15:31:12.0352 7092 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:31:12.0352 7092 NlaSvc - ok
15:31:12.0488 7092 [ b9b72faaaa41d59b73b88fe3dd737ed1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:31:12.0510 7092 NOBU - ok
15:31:12.0525 7092 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:31:12.0526 7092 Npfs - ok
15:31:12.0538 7092 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:31:12.0539 7092 nsi - ok
15:31:12.0557 7092 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:31:12.0558 7092 nsiproxy - ok
15:31:12.0621 7092 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:31:12.0658 7092 Ntfs - ok
15:31:12.0672 7092 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
15:31:12.0676 7092 Null - ok
15:31:12.0729 7092 [ 0ebc9d13cd96c15b1b18d8678a609e4b ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
15:31:12.0761 7092 nusb3hub - ok
15:31:12.0807 7092 [ 7bdec000d56d485021d9c1e63c2f81ca ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:31:12.0854 7092 nusb3xhc - ok
15:31:13.0182 7092 [ 573b0941a37aebee96085d56a103f57b ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:31:13.0338 7092 nvlddmkm - ok
15:31:13.0353 7092 [ 43af7ebeac2ab623468e32caddcb61a4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
15:31:13.0369 7092 nvpciflt - ok
15:31:13.0400 7092 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:31:13.0447 7092 nvraid - ok
15:31:13.0509 7092 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:31:13.0556 7092 nvstor - ok
15:31:13.0587 7092 [ c500760572c6059918fb0c960967695b ] NVSvc C:\Windows\system32\nvvsvc.exe
15:31:13.0603 7092 NVSvc - ok
15:31:13.0681 7092 [ f28169a7adf7b41809cf92d369e744f0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:31:13.0806 7092 nvUpdatusService - ok
15:31:13.0837 7092 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:31:13.0853 7092 nv_agp - ok
15:31:13.0853 7092 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:31:13.0868 7092 ohci1394 - ok
15:31:13.0931 7092 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:13.0977 7092 ose - ok
15:31:14.0133 7092 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:31:14.0367 7092 osppsvc - ok
15:31:14.0399 7092 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:31:14.0399 7092 p2pimsvc - ok
15:31:14.0430 7092 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:31:14.0445 7092 p2psvc - ok
15:31:14.0472 7092 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:31:14.0477 7092 Parport - ok
15:31:14.0508 7092 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:31:14.0510 7092 partmgr - ok
15:31:14.0523 7092 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:31:14.0525 7092 PcaSvc - ok
15:31:14.0555 7092 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
15:31:14.0558 7092 pci - ok
15:31:14.0576 7092 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
15:31:14.0580 7092 pciide - ok
15:31:14.0596 7092 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:31:14.0602 7092 pcmcia - ok
15:31:14.0612 7092 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:31:14.0613 7092 pcw - ok
15:31:14.0632 7092 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:31:14.0642 7092 PEAUTH - ok
15:31:14.0722 7092 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:31:14.0723 7092 PerfHost - ok
15:31:14.0776 7092 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
15:31:14.0776 7092 pla - ok
15:31:14.0807 7092 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:31:14.0807 7092 PlugPlay - ok
15:31:14.0823 7092 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:31:14.0823 7092 PNRPAutoReg - ok
15:31:14.0838 7092 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:31:14.0854 7092 PNRPsvc - ok
15:31:14.0885 7092 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:31:14.0916 7092 PolicyAgent - ok
15:31:14.0963 7092 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
15:31:14.0963 7092 Power - ok
15:31:15.0025 7092 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:31:15.0057 7092 PptpMiniport - ok
15:31:15.0072 7092 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
15:31:15.0072 7092 Processor - ok
15:31:15.0119 7092 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:31:15.0119 7092 ProfSvc - ok
15:31:15.0135 7092 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:15.0135 7092 ProtectedStorage - ok
15:31:15.0181 7092 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:31:15.0181 7092 Psched - ok
15:31:15.0228 7092 [ 87b04878a6d59d6c79251dc960c674c1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:31:15.0228 7092 PxHlpa64 - ok
15:31:15.0306 7092 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:31:15.0337 7092 ql2300 - ok
15:31:15.0337 7092 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:31:15.0353 7092 ql40xx - ok
15:31:15.0415 7092 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
15:31:15.0431 7092 QWAVE - ok
15:31:15.0447 7092 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:31:15.0447 7092 QWAVEdrv - ok
15:31:15.0447 7092 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:31:15.0447 7092 RasAcd - ok
15:31:15.0509 7092 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:31:15.0509 7092 RasAgileVpn - ok
15:31:15.0525 7092 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
15:31:15.0525 7092 RasAuto - ok
15:31:15.0540 7092 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:15.0571 7092 Rasl2tp - ok
15:31:15.0571 7092 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
15:31:15.0587 7092 RasMan - ok
15:31:15.0587 7092 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:15.0603 7092 RasPppoe - ok
15:31:15.0649 7092 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:31:15.0665 7092 RasSstp - ok
15:31:15.0681 7092 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:31:15.0681 7092 rdbss - ok
15:31:15.0696 7092 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:31:15.0696 7092 rdpbus - ok
15:31:15.0743 7092 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:15.0743 7092 RDPCDD - ok
15:31:15.0743 7092 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:31:15.0743 7092 RDPENCDD - ok
15:31:15.0805 7092 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:31:15.0805 7092 RDPREFMP - ok
15:31:15.0837 7092 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:31:15.0868 7092 RDPWD - ok
15:31:15.0883 7092 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:31:15.0883 7092 rdyboost - ok
15:31:15.0993 7092 [ b29f5bd169cddee1049015255e7e3fbd ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:31:15.0993 7092 RegSrvc - ok
15:31:16.0055 7092 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:31:16.0055 7092 RemoteAccess - ok
15:31:16.0086 7092 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:31:16.0086 7092 RemoteRegistry - ok
15:31:16.0149 7092 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:31:16.0149 7092 RFCOMM - ok
15:31:16.0258 7092 [ 3c957189b31c34d3ad21967b12b6aed7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:31:16.0320 7092 RoxMediaDB12OEM - ok
15:31:16.0367 7092 [ 2b73088cc2ca757a172b425c9398e5bc ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:31:16.0414 7092 RoxWatch12 - ok
15:31:16.0429 7092 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:31:16.0429 7092 RpcEptMapper - ok
15:31:16.0445 7092 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
15:31:16.0445 7092 RpcLocator - ok
15:31:16.0476 7092 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
15:31:16.0476 7092 RpcSs - ok
15:31:16.0539 7092 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:31:16.0539 7092 rspndr - ok
15:31:16.0585 7092 [ 135a64530d7699ad48f29d73a658dd11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:31:16.0585 7092 RSUSBSTOR - ok
15:31:16.0648 7092 [ a73ed14670220307874ad6bc2f279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:31:16.0695 7092 RTL8167 - ok
15:31:16.0710 7092 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
15:31:16.0710 7092 SamSs - ok
15:31:16.0726 7092 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:31:16.0757 7092 sbp2port - ok
15:31:16.0804 7092 [ eecbbf7d76300e5558d316983961ffc1 ] ScanUSBEMPIA C:\Windows\system32\DRIVERS\emScan64.sys
15:31:16.0835 7092 ScanUSBEMPIA - ok
15:31:16.0851 7092 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:31:16.0851 7092 SCardSvr - ok
15:31:16.0866 7092 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:31:16.0866 7092 scfilter - ok
15:31:16.0913 7092 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
15:31:16.0913 7092 Schedule - ok
15:31:16.0960 7092 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
15:31:16.0960 7092 SCPolicySvc - ok
15:31:16.0975 7092 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:31:16.0991 7092 SDRSVC - ok
15:31:17.0038 7092 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:31:17.0038 7092 secdrv - ok
15:31:17.0053 7092 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
15:31:17.0053 7092 seclogon - ok
15:31:17.0069 7092 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
15:31:17.0069 7092 SENS - ok
15:31:17.0116 7092 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:31:17.0116 7092 SensrSvc - ok
15:31:17.0178 7092 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
15:31:17.0178 7092 Serenum - ok
15:31:17.0194 7092 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
15:31:17.0194 7092 Serial - ok
15:31:17.0225 7092 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:31:17.0225 7092 sermouse - ok
15:31:17.0256 7092 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:31:17.0256 7092 SessionEnv - ok
15:31:17.0256 7092 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:31:17.0256 7092 sffdisk - ok
15:31:17.0272 7092 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:31:17.0272 7092 sffp_mmc - ok
15:31:17.0272 7092 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:31:17.0303 7092 sffp_sd - ok
15:31:17.0334 7092 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:31:17.0334 7092 sfloppy - ok
15:31:17.0397 7092 [ c6cc9297bd53e5229653303e556aa539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:31:17.0443 7092 Sftfs - ok
15:31:17.0537 7092 [ 13693b6354dd6e72dc5131da7d764b90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:31:17.0584 7092 sftlist - ok
15:31:17.0599 7092 [ 390aa7bc52cee43f6790cdea1e776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:31:17.0646 7092 Sftplay - ok
15:31:17.0693 7092 [ 617e29a0b0a2807466560d4c4e338d3e ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:31:17.0693 7092 Sftredir - ok
15:31:17.0771 7092 [ 1968e6ebbeecf61d5f7d8603467e2ad0 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:31:17.0818 7092 SftService - ok
15:31:17.0833 7092 [ 8f571f016fa1976f445147e9e6c8ae9b ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:31:17.0865 7092 Sftvol - ok
15:31:17.0911 7092 [ c3cddd18f43d44ab713cf8c4916f7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:31:17.0943 7092 sftvsa - ok
15:31:18.0036 7092 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:31:18.0036 7092 SharedAccess - ok
15:31:18.0083 7092 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:31:18.0083 7092 ShellHWDetection - ok
15:31:18.0099 7092 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:31:18.0099 7092 SiSRaid2 - ok
15:31:18.0130 7092 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:31:18.0130 7092 SiSRaid4 - ok
15:31:18.0130 7092 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:31:18.0145 7092 Smb - ok
15:31:18.0177 7092 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:31:18.0177 7092 SNMPTRAP - ok
15:31:18.0192 7092 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:31:18.0192 7092 spldr - ok
15:31:18.0223 7092 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
15:31:18.0223 7092 Spooler - ok
15:31:18.0301 7092 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
15:31:18.0317 7092 sppsvc - ok
15:31:18.0379 7092 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:31:18.0379 7092 sppuinotify - ok
15:31:18.0411 7092 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
15:31:18.0411 7092 srv - ok
15:31:18.0426 7092 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:31:18.0442 7092 srv2 - ok
15:31:18.0457 7092 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:31:18.0457 7092 srvnet - ok
15:31:18.0504 7092 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:31:18.0506 7092 SSDPSRV - ok
15:31:18.0524 7092 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:31:18.0526 7092 SstpSvc - ok
15:31:18.0588 7092 Steam Client Service - ok
15:31:18.0639 7092 [ 0683504bbb3ffc0a73d9d217b63dd0e0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:31:18.0687 7092 Stereo Service - ok
15:31:18.0710 7092 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:31:18.0713 7092 stexstor - ok
15:31:18.0761 7092 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
15:31:18.0766 7092 stisvc - ok
15:31:18.0804 7092 [ 7731f46ec0d687a931cba063e8f90ef0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:31:18.0851 7092 stllssvr - ok
15:31:18.0867 7092 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:31:18.0867 7092 swenum - ok
15:31:18.0898 7092 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
15:31:18.0898 7092 swprv - ok
15:31:18.0976 7092 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
15:31:19.0007 7092 SysMain - ok
15:31:19.0023 7092 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:31:19.0023 7092 TabletInputService - ok
15:31:19.0038 7092 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:31:19.0038 7092 TapiSrv - ok
15:31:19.0070 7092 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
15:31:19.0070 7092 TBS - ok
15:31:19.0148 7092 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:31:19.0194 7092 Tcpip - ok
15:31:19.0272 7092 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:31:19.0272 7092 TCPIP6 - ok
15:31:19.0304 7092 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:31:19.0335 7092 tcpipreg - ok
15:31:19.0350 7092 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:31:19.0350 7092 TDPIPE - ok
15:31:19.0382 7092 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:31:19.0428 7092 TDTCP - ok
15:31:19.0444 7092 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:31:19.0475 7092 tdx - ok
15:31:19.0526 7092 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:31:19.0554 7092 TermDD - ok
15:31:19.0586 7092 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
15:31:19.0591 7092 TermService - ok
15:31:19.0608 7092 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
15:31:19.0610 7092 Themes - ok
15:31:19.0628 7092 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
15:31:19.0630 7092 THREADORDER - ok
15:31:19.0649 7092 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
15:31:19.0651 7092 TrkWks - ok
15:31:19.0695 7092 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:31:19.0697 7092 TrustedInstaller - ok
15:31:19.0717 7092 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:19.0718 7092 tssecsrv - ok
15:31:19.0775 7092 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:31:19.0776 7092 TsUsbFlt - ok
15:31:19.0779 7092 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:31:19.0804 7092 TsUsbGD - ok
15:31:19.0835 7092 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:31:19.0850 7092 tunnel - ok
15:31:19.0914 7092 [ fd24f98d2898be093fe926604be7db99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:31:19.0945 7092 TurboB - ok
15:31:19.0992 7092 [ 600b406a04d90f577fea8a88d7379f08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:31:20.0023 7092 TurboBoost - ok
15:31:20.0023 7092 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:31:20.0039 7092 uagp35 - ok
15:31:20.0054 7092 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:31:20.0085 7092 udfs - ok
15:31:20.0117 7092 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:31:20.0117 7092 UI0Detect - ok
15:31:20.0163 7092 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:31:20.0163 7092 uliagpkx - ok
15:31:20.0210 7092 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:31:20.0241 7092 umbus - ok
15:31:20.0273 7092 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
15:31:20.0273 7092 UmPass - ok
15:31:20.0382 7092 [ 2c16648a12999ae69a9ebf41974b0ba2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:31:20.0475 7092 UNS - ok
15:31:20.0543 7092 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
15:31:20.0547 7092 upnphost - ok
15:31:20.0608 7092 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:31:20.0644 7092 USBAAPL64 - ok
15:31:20.0676 7092 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:31:20.0712 7092 usbaudio - ok
15:31:20.0737 7092 [ 19ad7990c0b67e48dac5b26f99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:20.0772 7092 usbccgp - ok
15:31:20.0776 7092 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:31:20.0780 7092 usbcir - ok
15:31:20.0794 7092 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:31:20.0820 7092 usbehci - ok
15:31:20.0882 7092 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:31:20.0913 7092 usbhub - ok
15:31:20.0929 7092 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:31:20.0976 7092 usbohci - ok
15:31:21.0023 7092 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:31:21.0023 7092 usbprint - ok
15:31:21.0038 7092 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:21.0069 7092 USBSTOR - ok
15:31:21.0101 7092 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:31:21.0147 7092 usbuhci - ok
15:31:21.0194 7092 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:31:21.0225 7092 usbvideo - ok
15:31:21.0257 7092 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
15:31:21.0257 7092 UxSms - ok
15:31:21.0272 7092 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
15:31:21.0272 7092 VaultSvc - ok
15:31:21.0335 7092 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:31:21.0335 7092 vdrvroot - ok
15:31:21.0366 7092 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
15:31:21.0366 7092 vds - ok
15:31:21.0413 7092 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:21.0413 7092 vga - ok
15:31:21.0444 7092 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
15:31:21.0444 7092 VgaSave - ok
15:31:21.0444 7092 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:31:21.0491 7092 vhdmp - ok
15:31:21.0491 7092 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:31:21.0491 7092 viaide - ok
15:31:21.0545 7092 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:31:21.0546 7092 volmgr - ok
15:31:21.0567 7092 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:31:21.0571 7092 volmgrx - ok
15:31:21.0587 7092 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:31:21.0591 7092 volsnap - ok
15:31:21.0607 7092 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:31:21.0613 7092 vsmraid - ok
15:31:21.0660 7092 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
15:31:21.0671 7092 VSS - ok
15:31:21.0674 7092 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:31:21.0676 7092 vwifibus - ok
15:31:21.0688 7092 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:31:21.0696 7092 vwififlt - ok
15:31:21.0741 7092 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:31:21.0746 7092 vwifimp - ok
15:31:21.0800 7092 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
15:31:21.0803 7092 W32Time - ok
15:31:21.0803 7092 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:31:21.0803 7092 WacomPen - ok
15:31:21.0850 7092 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:31:21.0881 7092 WANARP - ok
15:31:21.0913 7092 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:31:21.0913 7092 Wanarpv6 - ok
15:31:22.0006 7092 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:31:22.0084 7092 WatAdminSvc - ok
15:31:22.0131 7092 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
15:31:22.0131 7092 wbengine - ok
15:31:22.0147 7092 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:31:22.0147 7092 WbioSrvc - ok
15:31:22.0162 7092 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:31:22.0178 7092 wcncsvc - ok
15:31:22.0178 7092 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:31:22.0178 7092 WcsPlugInService - ok
15:31:22.0209 7092 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
15:31:22.0225 7092 Wd - ok
15:31:22.0287 7092 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:31:22.0303 7092 Wdf01000 - ok
15:31:22.0318 7092 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:31:22.0318 7092 WdiServiceHost - ok
15:31:22.0318 7092 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:31:22.0334 7092 WdiSystemHost - ok
15:31:22.0349 7092 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:31:22.0349 7092 WebClient - ok
15:31:22.0365 7092 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:31:22.0365 7092 Wecsvc - ok
15:31:22.0381 7092 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:31:22.0381 7092 wercplsupport - ok
15:31:22.0427 7092 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:31:22.0427 7092 WerSvc - ok
15:31:22.0490 7092 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:31:22.0490 7092 WfpLwf - ok
15:31:22.0557 7092 [ b14ef15bd757fa488f9c970eee9c0d35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:31:22.0596 7092 WimFltr - ok
15:31:22.0620 7092 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:31:22.0623 7092 WIMMount - ok
15:31:22.0696 7092 WinDefend - ok
15:31:22.0701 7092 WinHttpAutoProxySvc - ok
15:31:22.0755 7092 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:31:22.0757 7092 Winmgmt - ok
15:31:22.0816 7092 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
15:31:22.0850 7092 WinRM - ok
15:31:22.0928 7092 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:31:22.0960 7092 WinUsb - ok
15:31:23.0022 7092 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
15:31:23.0022 7092 Wlansvc - ok
15:31:23.0084 7092 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:31:23.0116 7092 wlcrasvc - ok
15:31:23.0256 7092 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:31:23.0303 7092 wlidsvc - ok
15:31:23.0350 7092 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:31:23.0350 7092 WmiAcpi - ok
15:31:23.0365 7092 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:31:23.0365 7092 wmiApSrv - ok
15:31:23.0428 7092 WMPNetworkSvc - ok
15:31:23.0459 7092 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:31:23.0459 7092 WPCSvc - ok
15:31:23.0474 7092 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:31:23.0474 7092 WPDBusEnum - ok
15:31:23.0506 7092 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:31:23.0506 7092 ws2ifsl - ok
15:31:23.0568 7092 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll
15:31:23.0568 7092 wscsvc - ok
15:31:23.0584 7092 WSearch - ok
15:31:23.0646 7092 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:31:23.0662 7092 wuauserv - ok
15:31:23.0693 7092 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:31:23.0724 7092 WudfPf - ok
15:31:23.0771 7092 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:23.0818 7092 WUDFRd - ok
15:31:23.0833 7092 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:31:23.0833 7092 wudfsvc - ok
15:31:23.0849 7092 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
15:31:23.0849 7092 WwanSvc - ok
15:31:23.0989 7092 [ 9e35c40b0952f27e3f57e8f1d449f0a0 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:31:24.0036 7092 ZeroConfigService - ok
15:31:24.0052 7092 ================ Scan global ===============================
15:31:24.0083 7092 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
15:31:24.0114 7092 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
15:31:24.0161 7092 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
15:31:24.0176 7092 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
15:31:24.0208 7092 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
15:31:24.0208 7092 [Global] - ok
15:31:24.0208 7092 ================ Scan MBR ==================================
15:31:24.0223 7092 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:31:24.0601 7092 \Device\Harddisk0\DR0 - ok
15:31:24.0601 7092 ================ Scan VBR ==================================
15:31:24.0603 7092 Boot (0x1200) (0a915e7c292a520ca8abc32f78b2988d) \Device\Harddisk0\DR0\Partition1
15:31:24.0604 7092 \Device\Harddisk0\DR0\Partition1 - ok
15:31:24.0629 7092 Boot (0x1200) (6fe66090d9e96e0d99773981cebdaf3a) \Device\Harddisk0\DR0\Partition2
15:31:24.0631 7092 \Device\Harddisk0\DR0\Partition2 - ok
15:31:24.0631 7092 ============================================================
15:31:24.0631 7092 Scan finished
15:31:24.0631 7092 ============================================================
15:31:24.0636 7248 Detected object count: 0
15:31:24.0636 7248 Actual detected object count: 0
15:31:40.0137 8320 ============================================================
15:31:40.0137 8320 Scan started
15:31:40.0137 8320 Mode: Manual;
15:31:40.0137 8320 ============================================================
15:31:40.0512 8320 ================ Scan services =============================
15:31:40.0761 8320 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:31:40.0761 8320 1394ohci - ok
15:31:40.0792 8320 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:31:40.0792 8320 ACPI - ok
15:31:40.0792 8320 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:31:40.0792 8320 AcpiPmi - ok
15:31:40.0808 8320 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:31:40.0808 8320 adp94xx - ok
15:31:40.0824 8320 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:31:40.0824 8320 adpahci - ok
15:31:40.0824 8320 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:31:40.0824 8320 adpu320 - ok
15:31:40.0855 8320 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:31:40.0855 8320 AeLookupSvc - ok
15:31:40.0917 8320 [ d1e343bc00136ce03c4d403194d06a80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:31:40.0917 8320 AERTFilters - ok
15:31:40.0948 8320 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:31:40.0948 8320 AFD - ok
15:31:40.0964 8320 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:31:40.0964 8320 agp440 - ok
15:31:40.0995 8320 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
15:31:40.0995 8320 ALG - ok
15:31:40.0995 8320 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:31:40.0995 8320 aliide - ok
15:31:40.0995 8320 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
15:31:40.0995 8320 amdide - ok
15:31:40.0995 8320 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:31:40.0995 8320 AmdK8 - ok
15:31:41.0011 8320 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:31:41.0011 8320 AmdPPM - ok
15:31:41.0042 8320 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:31:41.0042 8320 amdsata - ok
15:31:41.0073 8320 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:31:41.0073 8320 amdsbs - ok
15:31:41.0089 8320 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:31:41.0089 8320 amdxata - ok
15:31:41.0120 8320 [ b147910d07f862f1f5b7b80bf5d800bf ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:31:41.0120 8320 AMPPAL - ok
15:31:41.0136 8320 [ b147910d07f862f1f5b7b80bf5d800bf ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:31:41.0136 8320 AMPPALP - ok
15:31:41.0198 8320 [ 86dc20ff914596983023e9e4544667ee ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:31:41.0198 8320 AMPPALR3 - ok
15:31:41.0229 8320 [ 24ed0eb2b2558970176ecee680f8f806 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:31:41.0245 8320 ApfiltrService - ok
15:31:41.0245 8320 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
15:31:41.0245 8320 AppID - ok
15:31:41.0276 8320 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:31:41.0276 8320 AppIDSvc - ok
15:31:41.0292 8320 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:31:41.0292 8320 Appinfo - ok
15:31:41.0432 8320 [ 7ef47644b74ebe721cc32211d3c35e76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:41.0432 8320 Apple Mobile Device - ok
15:31:41.0463 8320 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
15:31:41.0463 8320 arc - ok
15:31:41.0463 8320 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:31:41.0463 8320 arcsas - ok
15:31:41.0572 8320 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:31:41.0572 8320 aspnet_state - ok
15:31:41.0588 8320 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:41.0588 8320 AsyncMac - ok
15:31:41.0619 8320 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
15:31:41.0619 8320 atapi - ok
15:31:41.0666 8320 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:31:41.0666 8320 AudioEndpointBuilder - ok
15:31:41.0697 8320 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:31:41.0697 8320 AudioSrv - ok
15:31:41.0728 8320 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:31:41.0728 8320 AxInstSV - ok
15:31:41.0744 8320 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:31:41.0744 8320 b06bdrv - ok
15:31:41.0760 8320 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:31:41.0760 8320 b57nd60a - ok
15:31:41.0791 8320 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:31:41.0791 8320 BDESVC - ok
15:31:41.0791 8320 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:31:41.0791 8320 Beep - ok
15:31:41.0822 8320 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
15:31:41.0838 8320 BFE - ok
15:31:41.0869 8320 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll
15:31:41.0869 8320 BITS - ok
15:31:41.0884 8320 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:31:41.0884 8320 blbdrive - ok
15:31:41.0962 8320 [ 5ff7b9916a10e8e69e7c0d16f0b4787a ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:31:41.0962 8320 Bluetooth Device Monitor - ok
15:31:41.0994 8320 [ e43d73caf1023976efba1d0f0e69e271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:31:42.0009 8320 Bluetooth Media Service - ok
15:31:42.0025 8320 [ 20427929646784a482df34ef8c4fed23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
15:31:42.0040 8320 Bluetooth OBEX Service - ok
15:31:42.0056 8320 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:31:42.0056 8320 Bonjour Service - ok
15:31:42.0072 8320 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:31:42.0087 8320 bowser - ok
15:31:42.0103 8320 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:31:42.0103 8320 BrFiltLo - ok
15:31:42.0118 8320 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:31:42.0118 8320 BrFiltUp - ok
15:31:42.0118 8320 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:31:42.0118 8320 BridgeMP - ok
15:31:42.0134 8320 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
15:31:42.0150 8320 Browser - ok
15:31:42.0165 8320 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:31:42.0165 8320 Brserid - ok
15:31:42.0165 8320 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:31:42.0165 8320 BrSerWdm - ok
15:31:42.0181 8320 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:31:42.0181 8320 BrUsbMdm - ok
15:31:42.0181 8320 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:31:42.0181 8320 BrUsbSer - ok
15:31:42.0212 8320 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:31:42.0212 8320 BthEnum - ok
15:31:42.0212 8320 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:31:42.0212 8320 BTHMODEM - ok
15:31:42.0228 8320 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:31:42.0228 8320 BthPan - ok
15:31:42.0259 8320 [ 64c198198501f7560ee41d8d1efa7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:31:42.0259 8320 BTHPORT - ok
15:31:42.0274 8320 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
15:31:42.0274 8320 bthserv - ok
15:31:42.0306 8320 [ 34c60d1f16d8fe67277dbb9d7e59f89d ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:31:42.0306 8320 BTHSSecurityMgr - ok
15:31:42.0321 8320 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:31:42.0321 8320 BTHUSB - ok
15:31:42.0352 8320 [ 274e47bd9c1367bdbfa9df10c2e6c544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
15:31:42.0352 8320 btmaudio - ok
15:31:42.0368 8320 [ 75eab5aaf6e9f83739249ce60b4b9c39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
15:31:42.0368 8320 btmaux - ok
15:31:42.0399 8320 [ 0b1cc2221dc5990e4557a78ce9afad4f ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
15:31:42.0399 8320 btmhsf - ok
15:31:42.0399 8320 catchme - ok
15:31:42.0430 8320 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:31:42.0430 8320 cdfs - ok
15:31:42.0462 8320 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:31:42.0462 8320 cdrom - ok
15:31:42.0477 8320 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
15:31:42.0477 8320 CertPropSvc - ok
15:31:42.0493 8320 [ 45b5a89dc41577282e5bf41b1165ea71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
15:31:42.0508 8320 cfwids - ok
15:31:42.0524 8320 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
15:31:42.0524 8320 circlass - ok
15:31:42.0540 8320 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
15:31:42.0540 8320 CLFS - ok
15:31:42.0602 8320 [ 730bf325e4cc1e3935b81943ac6da216 ] CLKMSVC10_9EC60124 c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
15:31:42.0602 8320 CLKMSVC10_9EC60124 - ok
15:31:42.0664 8320 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:42.0664 8320 clr_optimization_v2.0.50727_32 - ok
15:31:42.0711 8320 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:42.0711 8320 clr_optimization_v2.0.50727_64 - ok
15:31:42.0758 8320 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:42.0758 8320 clr_optimization_v4.0.30319_32 - ok
15:31:42.0789 8320 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:42.0805 8320 clr_optimization_v4.0.30319_64 - ok
15:31:42.0820 8320 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:42.0820 8320 CmBatt - ok
15:31:42.0836 8320 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:31:42.0836 8320 cmdide - ok
15:31:42.0867 8320 [ c4943b6c962e4b82197542447ad599f4 ] CNG C:\Windows\system32\Drivers\cng.sys
15:31:42.0867 8320 CNG - ok
15:31:42.0883 8320 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:31:42.0883 8320 Compbatt - ok
15:31:42.0898 8320 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:31:42.0898 8320 CompositeBus - ok
15:31:42.0898 8320 COMSysApp - ok
15:31:42.0930 8320 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:31:42.0930 8320 crcdisk - ok
15:31:42.0961 8320 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:31:42.0961 8320 CryptSvc - ok
15:31:42.0976 8320 [ bc3d4f90978cd7c8eabd1baf3bf7873a ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:31:42.0976 8320 CtClsFlt - ok
15:31:43.0054 8320 [ 72794d112cbaff3bc0c29bf7350d4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:31:43.0054 8320 cvhsvc - ok
15:31:43.0101 8320 [ b1c55a95006d621d04fe4a23f86c0a54 ] DCamUSBEMPIA C:\Windows\system32\DRIVERS\emDevice64.sys
15:31:43.0101 8320 DCamUSBEMPIA - ok
15:31:43.0132 8320 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:31:43.0132 8320 DcomLaunch - ok
15:31:43.0179 8320 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
15:31:43.0179 8320 defragsvc - ok
15:31:43.0242 8320 [ 88d5fe2109f1a52cf69ba410082a833a ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
15:31:43.0242 8320 DellDigitalDelivery - ok
15:31:43.0273 8320 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:31:43.0273 8320 DfsC - ok
15:31:43.0288 8320 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
15:31:43.0288 8320 Dhcp - ok
15:31:43.0304 8320 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
15:31:43.0304 8320 discache - ok
15:31:43.0320 8320 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
15:31:43.0320 8320 Disk - ok
15:31:43.0351 8320 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:31:43.0351 8320 Dnscache - ok
15:31:43.0366 8320 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:31:43.0382 8320 dot3svc - ok
15:31:43.0382 8320 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
15:31:43.0398 8320 DPS - ok
15:31:43.0413 8320 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:31:43.0413 8320 drmkaud - ok
15:31:43.0444 8320 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:31:43.0460 8320 DXGKrnl - ok
15:31:43.0460 8320 EagleX64 - ok
15:31:43.0476 8320 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:31:43.0476 8320 EapHost - ok
15:31:43.0554 8320 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:31:43.0569 8320 ebdrv - ok
15:31:43.0600 8320 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
15:31:43.0600 8320 EFS - ok
15:31:43.0663 8320 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:31:43.0663 8320 ehRecvr - ok
15:31:43.0678 8320 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
15:31:43.0678 8320 ehSched - ok
15:31:43.0710 8320 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:31:43.0710 8320 elxstor - ok
15:31:43.0741 8320 [ 8543bb84cd5872cd1619183f5cbbe3f9 ] emAudio C:\Windows\system32\drivers\emAudio64.sys
15:31:43.0756 8320 emAudio - ok
15:31:43.0875 8320 [ 1e345f2a2d95da3190596e691cde9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
15:31:43.0876 8320 EPSON_PM_RPCV4_01 - ok
15:31:43.0878 8320 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:31:43.0879 8320 ErrDev - ok
15:31:43.0914 8320 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
15:31:43.0916 8320 EventSystem - ok
15:31:44.0011 8320 [ 3a65d4af876f6cd47b22aa93a31e4646 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:31:44.0014 8320 EvtEng - ok
15:31:44.0032 8320 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
15:31:44.0033 8320 exfat - ok
15:31:44.0062 8320 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:31:44.0063 8320 fastfat - ok
15:31:44.0088 8320 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
15:31:44.0088 8320 Fax - ok
15:31:44.0088 8320 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
15:31:44.0088 8320 fdc - ok
15:31:44.0119 8320 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:31:44.0119 8320 fdPHost - ok
15:31:44.0119 8320 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:31:44.0135 8320 FDResPub - ok
15:31:44.0135 8320 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:31:44.0135 8320 FileInfo - ok
15:31:44.0150 8320 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:31:44.0150 8320 Filetrace - ok
15:31:44.0166 8320 [ 73fbb50c4d92adc30a9d57a269489a0b ] FiltUSBEMPIA C:\Windows\system32\DRIVERS\emFilter64.sys
15:31:44.0166 8320 FiltUSBEMPIA - ok
15:31:44.0197 8320 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:31:44.0197 8320 flpydisk - ok
15:31:44.0213 8320 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:31:44.0228 8320 FltMgr - ok
15:31:44.0259 8320 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
15:31:44.0275 8320 FontCache - ok
15:31:44.0322 8320 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:44.0337 8320 FontCache3.0.0.0 - ok
15:31:44.0353 8320 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:31:44.0353 8320 FsDepends - ok
15:31:44.0369 8320 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:31:44.0369 8320 Fs_Rec - ok
15:31:44.0384 8320 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:31:44.0384 8320 fvevol - ok
15:31:44.0400 8320 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:31:44.0400 8320 gagp30kx - ok
15:31:44.0431 8320 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:31:44.0431 8320 GEARAspiWDM - ok
15:31:44.0493 8320 [ d3316f6e3c011435f36e3d6e49b3196c ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
15:31:44.0493 8320 GoToAssist - ok
15:31:44.0525 8320 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
15:31:44.0540 8320 gpsvc - ok
15:31:44.0587 8320 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:44.0587 8320 gupdate - ok
15:31:44.0603 8320 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:31:44.0603 8320 gupdatem - ok
15:31:44.0634 8320 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:31:44.0634 8320 hcw85cir - ok
15:31:44.0649 8320 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:44.0649 8320 HDAudBus - ok
15:31:44.0649 8320 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:31:44.0649 8320 HidBatt - ok
15:31:44.0665 8320 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:31:44.0665 8320 HidBth - ok
15:31:44.0665 8320 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:31:44.0681 8320 HidIr - ok
15:31:44.0681 8320 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll
15:31:44.0696 8320 hidserv - ok
15:31:44.0696 8320 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:31:44.0696 8320 HidUsb - ok
15:31:44.0759 8320 [ a894fb2cae6a29f5d9c8eda47b074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
15:31:44.0759 8320 HipShieldK - ok
15:31:44.0774 8320 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:31:44.0774 8320 hkmsvc - ok
15:31:44.0790 8320 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:31:44.0790 8320 HomeGroupListener - ok
15:31:44.0832 8320 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:31:44.0834 8320 HomeGroupProvider - ok
15:31:44.0838 8320 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:31:44.0839 8320 HpSAMD - ok
15:31:44.0864 8320 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:31:44.0868 8320 HTTP - ok
15:31:44.0877 8320 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:31:44.0878 8320 hwpolicy - ok
15:31:44.0895 8320 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:44.0896 8320 i8042prt - ok
15:31:44.0933 8320 [ d469b77687e12fe43e344806740b624d ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:31:44.0936 8320 iaStor - ok
15:31:44.0970 8320 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:31:44.0972 8320 iaStorV - ok
15:31:44.0988 8320 [ 8a4ec1c3f10385181b1066120c610ae5 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
15:31:44.0989 8320 iBtFltCoex - ok
15:31:45.0046 8320 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:45.0050 8320 idsvc - ok
15:31:45.0323 8320 [ a47d902f5c0c43dcf5ee2cae02bf39a8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:31:45.0432 8320 igfx - ok
15:31:45.0495 8320 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:31:45.0495 8320 iirsp - ok
15:31:45.0526 8320 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
15:31:45.0541 8320 IKEEXT - ok
15:31:45.0573 8320 [ dd587a55390ed2295bce6d36ad567da9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
15:31:45.0573 8320 Impcd - ok
15:31:45.0604 8320 [ caddf0927dac63edae48f5c35a61d87d ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:31:45.0604 8320 intaud_WaveExtensible - ok
15:31:45.0666 8320 [ 8fed6428fde53d7f4c105095f22524be ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:31:45.0682 8320 IntcAzAudAddService - ok
15:31:45.0729 8320 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
15:31:45.0729 8320 intelide - ok
15:31:45.0744 8320 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:31:45.0744 8320 intelppm - ok
15:31:45.0760 8320 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:31:45.0760 8320 IPBusEnum - ok
15:31:45.0760 8320 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:45.0760 8320 IpFilterDriver - ok
15:31:45.0791 8320 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:31:45.0791 8320 iphlpsvc - ok
15:31:45.0791 8320 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:31:45.0791 8320 IPMIDRV - ok
15:31:45.0807 8320 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:31:45.0807 8320 IPNAT - ok
15:31:45.0862 8320 [ 50d6ccc6ff5561f9f56946b3e6164fb8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:31:45.0869 8320 iPod Service - ok
15:31:45.0880 8320 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:31:45.0880 8320 IRENUM - ok
15:31:45.0883 8320 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:31:45.0884 8320 isapnp - ok
15:31:45.0901 8320 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:31:45.0902 8320 iScsiPrt - ok
15:31:45.0932 8320 [ 716f66336f10885d935b08174dc54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
15:31:45.0933 8320 iwdbus - ok
15:31:45.0940 8320 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:45.0940 8320 kbdclass - ok
15:31:45.0958 8320 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:31:45.0958 8320 kbdhid - ok
15:31:45.0979 8320 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
15:31:45.0980 8320 KeyIso - ok
15:31:46.0017 8320 [ da1e991a61cfdd755a589e206b97644b ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:31:46.0018 8320 KSecDD - ok
15:31:46.0035 8320 [ 7e33198d956943a4f11a5474c1e9106f ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:31:46.0036 8320 KSecPkg - ok
15:31:46.0043 8320 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:31:46.0043 8320 ksthunk - ok
15:31:46.0074 8320 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
15:31:46.0077 8320 KtmRm - ok
15:31:46.0104 8320 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:31:46.0104 8320 LanmanServer - ok
15:31:46.0135 8320 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:31:46.0135 8320 LanmanWorkstation - ok
15:31:46.0151 8320 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:31:46.0151 8320 lltdio - ok
15:31:46.0182 8320 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:31:46.0182 8320 lltdsvc - ok
15:31:46.0197 8320 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:31:46.0197 8320 lmhosts - ok
15:31:46.0244 8320 [ 7f32d4c47a50e7223491e8fb9359907d ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:31:46.0244 8320 LMS - ok
15:31:46.0260 8320 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:31:46.0260 8320 LSI_FC - ok
15:31:46.0260 8320 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:31:46.0260 8320 LSI_SAS - ok
15:31:46.0260 8320 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:31:46.0260 8320 LSI_SAS2 - ok
15:31:46.0275 8320 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:31:46.0275 8320 LSI_SCSI - ok
15:31:46.0291 8320 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
15:31:46.0291 8320 luafv - ok
15:31:46.0322 8320 [ 024da28053d57e9e32bee52600576bbb ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
15:31:46.0322 8320 MarvinBus - ok
15:31:46.0416 8320 [ b891e3920f24ff1a3bead6cd2b42ed99 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
15:31:46.0416 8320 McAfee SiteAdvisor Service - ok
15:31:46.0525 8320 [ c121367d21599367f2adb9c11b7babaa ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:46.0525 8320 McMPFSvc - ok
15:31:46.0541 8320 [ c121367d21599367f2adb9c11b7babaa ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:46.0541 8320 mcmscsvc - ok
15:31:46.0541 8320 [ c121367d21599367f2adb9c11b7babaa ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:46.0541 8320 McNaiAnn - ok
15:31:46.0541 8320 [ c121367d21599367f2adb9c11b7babaa ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:46.0541 8320 McNASvc - ok
15:31:46.0712 8320 [ 3fcd6f2c6d8502402b716143bd57bcba ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
15:31:46.0712 8320 McODS - ok
15:31:46.0728 8320 [ c121367d21599367f2adb9c11b7babaa ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:46.0728 8320 McProxy - ok
15:31:46.0775 8320 [ 837072909ad6e3fba4b0c9334fdad580 ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
15:31:46.0775 8320 McPvDrv - ok
15:31:46.0837 8320 [ 4dec9b5bedaa97b1ff6a3923e1c4f58a ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:31:46.0839 8320 McShield - ok
15:31:46.0885 8320 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:31:46.0886 8320 Mcx2Svc - ok
15:31:46.0894 8320 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:31:46.0895 8320 megasas - ok
15:31:46.0934 8320 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:31:46.0936 8320 MegaSR - ok
15:31:46.0958 8320 [ a6518dcc42f7a6e999bb3bea8fd87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:31:46.0958 8320 MEIx64 - ok
15:31:46.0988 8320 [ b574522827d94126c03975fd53f0b26b ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
15:31:46.0989 8320 mfeapfk - ok
15:31:47.0011 8320 [ b393753ece9a9e2307cb1984acf3da9d ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
15:31:47.0013 8320 mfeavfk - ok
15:31:47.0015 8320 mfeavfk01 - ok
15:31:47.0038 8320 [ 97c398750c8e80a48eb63999546f796e ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:31:47.0039 8320 mfefire - ok
15:31:47.0066 8320 [ c52a1abf03dd219375ea0f6a8be941c3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
15:31:47.0069 8320 mfefirek - ok
15:31:47.0098 8320 [ 7092a6c6158fc4f5aa39ebeb9d5af03d ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
15:31:47.0102 8320 mfehidk - ok
15:31:47.0119 8320 [ d2a941c82a0a9227cd6f47ad40a40f69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
15:31:47.0119 8320 mferkdet - ok
15:31:47.0151 8320 [ 04d48692eff181da46dd8ea8be9ffb2b ] mfevtp C:\Windows\system32\mfevtps.exe
15:31:47.0151 8320 mfevtp - ok
15:31:47.0198 8320 [ 1631e2da6c4b47d97eca94842836592e ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
15:31:47.0198 8320 mfewfpk - ok
15:31:47.0213 8320 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
15:31:47.0229 8320 MMCSS - ok
15:31:47.0276 8320 [ 8cc001c65c31633171991fa72a551d43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
15:31:47.0276 8320 MOBKbackup - ok
15:31:47.0291 8320 [ 3800c23d0d90c59aafcdefdc82b5c4af ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
15:31:47.0291 8320 MOBKFilter - ok
15:31:47.0322 8320 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:31:47.0322 8320 Modem - ok
15:31:47.0338 8320 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:31:47.0338 8320 monitor - ok
15:31:47.0354 8320 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:31:47.0354 8320 mouclass - ok
15:31:47.0354 8320 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
15:31:47.0354 8320 mouhid - ok
15:31:47.0369 8320 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:31:47.0369 8320 mountmgr - ok
15:31:47.0385 8320 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:31:47.0385 8320 mpio - ok
15:31:47.0400 8320 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:31:47.0400 8320 mpsdrv - ok
15:31:47.0432 8320 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:31:47.0432 8320 MpsSvc - ok
15:31:47.0432 8320 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:31:47.0432 8320 MRxDAV - ok
15:31:47.0463 8320 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:47.0463 8320 mrxsmb - ok
15:31:47.0494 8320 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:47.0494 8320 mrxsmb10 - ok
15:31:47.0525 8320 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:47.0525 8320 mrxsmb20 - ok
15:31:47.0541 8320 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:31:47.0541 8320 msahci - ok
15:31:47.0556 8320 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:31:47.0556 8320 msdsm - ok
15:31:47.0588 8320 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
15:31:47.0588 8320 MSDTC - ok
15:31:47.0603 8320 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:31:47.0603 8320 Msfs - ok
15:31:47.0619 8320 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:31:47.0619 8320 mshidkmdf - ok
15:31:47.0634 8320 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:31:47.0634 8320 msisadrv - ok
15:31:47.0650 8320 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:31:47.0650 8320 MSiSCSI - ok
15:31:47.0666 8320 msiserver - ok
15:31:47.0697 8320 [ c121367d21599367f2adb9c11b7babaa ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:31:47.0712 8320 MSK80Service - ok
15:31:47.0728 8320 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:31:47.0728 8320 MSKSSRV - ok
15:31:47.0728 8320 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:47.0728 8320 MSPCLOCK - ok
15:31:47.0728 8320 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:31:47.0728 8320 MSPQM - ok
15:31:47.0759 8320 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:31:47.0759 8320 MsRPC - ok
15:31:47.0775 8320 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:47.0775 8320 mssmbios - ok
15:31:47.0775 8320 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:31:47.0775 8320 MSTEE - ok
15:31:47.0790 8320 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:31:47.0790 8320 MTConfig - ok
15:31:47.0806 8320 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:31:47.0806 8320 Mup - ok
15:31:47.0843 8320 [ 22299bbed2fd0dffc0fa1d46496c6d19 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:31:47.0845 8320 MyWiFiDHCPDNS - ok
15:31:47.0880 8320 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
15:31:47.0883 8320 napagent - ok
15:31:47.0900 8320 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:31:47.0902 8320 NativeWifiP - ok
15:31:47.0935 8320 [ c38b8ae57f78915905064a9a24dc1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:31:47.0941 8320 NDIS - ok
15:31:47.0954 8320 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:31:47.0955 8320 NdisCap - ok
15:31:47.0966 8320 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:47.0967 8320 NdisTapi - ok
15:31:47.0982 8320 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:47.0983 8320 Ndisuio - ok
15:31:47.0996 8320 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:47.0997 8320 NdisWan - ok
15:31:48.0016 8320 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:31:48.0017 8320 NDProxy - ok
15:31:48.0032 8320 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:31:48.0033 8320 NetBIOS - ok
15:31:48.0050 8320 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:31:48.0052 8320 NetBT - ok
15:31:48.0067 8320 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
15:31:48.0069 8320 Netlogon - ok
15:31:48.0103 8320 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
15:31:48.0103 8320 Netman - ok
15:31:48.0134 8320 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:48.0134 8320 NetMsmqActivator - ok
15:31:48.0134 8320 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:48.0134 8320 NetPipeActivator - ok
15:31:48.0150 8320 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
15:31:48.0166 8320 netprofm - ok
15:31:48.0166 8320 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:48.0166 8320 NetTcpActivator - ok
15:31:48.0166 8320 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:48.0166 8320 NetTcpPortSharing - ok
15:31:48.0509 8320 [ 262225f08b891fd7f16b3b93a3177c1f ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
15:31:48.0665 8320 NETwNs64 - ok
15:31:48.0680 8320 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:31:48.0680 8320 nfrd960 - ok
15:31:48.0696 8320 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:31:48.0712 8320 NlaSvc - ok
15:31:48.0805 8320 [ b9b72faaaa41d59b73b88fe3dd737ed1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
15:31:48.0821 8320 NOBU - ok
15:31:48.0836 8320 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:31:48.0836 8320 Npfs - ok
15:31:48.0852 8320 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:31:48.0852 8320 nsi - ok
15:31:48.0868 8320 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:31:48.0868 8320 nsiproxy - ok
15:31:48.0942 8320 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:31:48.0955 8320 Ntfs - ok
15:31:48.0971 8320 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
15:31:48.0971 8320 Null - ok
15:31:48.0994 8320 [ 0ebc9d13cd96c15b1b18d8678a609e4b ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
15:31:48.0995 8320 nusb3hub - ok
15:31:49.0008 8320 [ 7bdec000d56d485021d9c1e63c2f81ca ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:31:49.0010 8320 nusb3xhc - ok
15:31:49.0320 8320 [ 573b0941a37aebee96085d56a103f57b ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:31:49.0476 8320 nvlddmkm - ok
15:31:49.0507 8320 [ 43af7ebeac2ab623468e32caddcb61a4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
15:31:49.0507 8320 nvpciflt - ok
15:31:49.0523 8320 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:31:49.0523 8320 nvraid - ok
15:31:49.0569 8320 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:31:49.0569 8320 nvstor - ok
15:31:49.0616 8320 [ c500760572c6059918fb0c960967695b ] NVSvc C:\Windows\system32\nvvsvc.exe
15:31:49.0616 8320 NVSvc - ok
15:31:49.0694 8320 [ f28169a7adf7b41809cf92d369e744f0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:31:49.0725 8320 nvUpdatusService - ok
15:31:49.0725 8320 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:31:49.0725 8320 nv_agp - ok
15:31:49.0741 8320 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:31:49.0741 8320 ohci1394 - ok
15:31:49.0757 8320 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:49.0757 8320 ose - ok
15:31:49.0924 8320 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:31:49.0984 8320 osppsvc - ok
15:31:50.0019 8320 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:31:50.0021 8320 p2pimsvc - ok
15:31:50.0053 8320 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:31:50.0056 8320 p2psvc - ok
15:31:50.0082 8320 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:31:50.0083 8320 Parport - ok
15:31:50.0118 8320 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:31:50.0119 8320 partmgr - ok
15:31:50.0133 8320 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:31:50.0135 8320 PcaSvc - ok
15:31:50.0163 8320 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
15:31:50.0163 8320 pci - ok
15:31:50.0179 8320 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
15:31:50.0179 8320 pciide - ok
15:31:50.0194 8320 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:31:50.0194 8320 pcmcia - ok
15:31:50.0210 8320 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:31:50.0210 8320 pcw - ok
15:31:50.0241 8320 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:31:50.0241 8320 PEAUTH - ok
15:31:50.0397 8320 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:31:50.0397 8320 PerfHost - ok
15:31:50.0459 8320 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
15:31:50.0475 8320 pla - ok
15:31:50.0506 8320 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:31:50.0506 8320 PlugPlay - ok
15:31:50.0522 8320 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:31:50.0522 8320 PNRPAutoReg - ok
15:31:50.0537 8320 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:31:50.0553 8320 PNRPsvc - ok
15:31:50.0584 8320 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:31:50.0584 8320 PolicyAgent - ok
15:31:50.0600 8320 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
15:31:50.0615 8320 Power - ok
15:31:50.0631 8320 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:31:50.0631 8320 PptpMiniport - ok
15:31:50.0647 8320 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
15:31:50.0647 8320 Processor - ok
15:31:50.0678 8320 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:31:50.0678 8320 ProfSvc - ok
15:31:50.0693 8320 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:50.0693 8320 ProtectedStorage - ok
15:31:50.0709 8320 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:31:50.0709 8320 Psched - ok
15:31:50.0725 8320 [ 87b04878a6d59d6c79251dc960c674c1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:31:50.0725 8320 PxHlpa64 - ok
15:31:50.0771 8320 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:31:50.0787 8320 ql2300 - ok
15:31:50.0787 8320 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:31:50.0787 8320 ql40xx - ok
15:31:50.0818 8320 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
15:31:50.0818 8320 QWAVE - ok
15:31:50.0834 8320 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:31:50.0834 8320 QWAVEdrv - ok
15:31:50.0834 8320 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:31:50.0834 8320 RasAcd - ok
15:31:50.0865 8320 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:31:50.0865 8320 RasAgileVpn - ok
15:31:50.0881 8320 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
15:31:50.0881 8320 RasAuto - ok
15:31:50.0896 8320 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:50.0896 8320 Rasl2tp - ok
15:31:50.0896 8320 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
15:31:50.0913 8320 RasMan - ok
15:31:50.0923 8320 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:50.0924 8320 RasPppoe - ok
15:31:50.0940 8320 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:31:50.0941 8320 RasSstp - ok
15:31:50.0956 8320 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:31:50.0960 8320 rdbss - ok
15:31:50.0981 8320 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:31:50.0982 8320 rdpbus - ok
15:31:50.0998 8320 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:50.0998 8320 RDPCDD - ok
15:31:51.0012 8320 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:31:51.0012 8320 RDPENCDD - ok
15:31:51.0028 8320 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:31:51.0028 8320 RDPREFMP - ok
15:31:51.0059 8320 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:31:51.0061 8320 RDPWD - ok
15:31:51.0081 8320 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:31:51.0082 8320 rdyboost - ok
15:31:51.0147 8320 [ b29f5bd169cddee1049015255e7e3fbd ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:31:51.0149 8320 RegSrvc - ok
15:31:51.0178 8320 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:31:51.0178 8320 RemoteAccess - ok
15:31:51.0209 8320 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:31:51.0209 8320 RemoteRegistry - ok
15:31:51.0225 8320 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:31:51.0225 8320 RFCOMM - ok
15:31:51.0303 8320 [ 3c957189b31c34d3ad21967b12b6aed7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:31:51.0318 8320 RoxMediaDB12OEM - ok
15:31:51.0349 8320 [ 2b73088cc2ca757a172b425c9398e5bc ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:31:51.0349 8320 RoxWatch12 - ok
15:31:51.0365 8320 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:31:51.0365 8320 RpcEptMapper - ok
15:31:51.0396 8320 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
15:31:51.0396 8320 RpcLocator - ok
15:31:51.0412 8320 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
15:31:51.0427 8320 RpcSs - ok
15:31:51.0443 8320 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:31:51.0443 8320 rspndr - ok
15:31:51.0474 8320 [ 135a64530d7699ad48f29d73a658dd11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:31:51.0474 8320 RSUSBSTOR - ok
15:31:51.0521 8320 [ a73ed14670220307874ad6bc2f279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:31:51.0521 8320 RTL8167 - ok
15:31:51.0537 8320 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
15:31:51.0537 8320 SamSs - ok
15:31:51.0552 8320 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:31:51.0552 8320 sbp2port - ok
15:31:51.0583 8320 [ eecbbf7d76300e5558d316983961ffc1 ] ScanUSBEMPIA C:\Windows\system32\DRIVERS\emScan64.sys
15:31:51.0583 8320 ScanUSBEMPIA - ok
15:31:51.0615 8320 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:31:51.0615 8320 SCardSvr - ok
15:31:51.0630 8320 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:31:51.0630 8320 scfilter - ok
15:31:51.0661 8320 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
15:31:51.0677 8320 Schedule - ok
15:31:51.0693 8320 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
15:31:51.0693 8320 SCPolicySvc - ok
15:31:51.0724 8320 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:31:51.0724 8320 SDRSVC - ok
15:31:51.0739 8320 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:31:51.0739 8320 secdrv - ok
15:31:51.0755 8320 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
15:31:51.0755 8320 seclogon - ok
15:31:51.0786 8320 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll
15:31:51.0786 8320 SENS - ok
15:31:51.0802 8320 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:31:51.0802 8320 SensrSvc - ok
15:31:51.0817 8320 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys
15:31:51.0817 8320 Serenum - ok
15:31:51.0833 8320 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys
15:31:51.0833 8320 Serial - ok
15:31:51.0833 8320 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:31:51.0833 8320 sermouse - ok
15:31:51.0849 8320 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:31:51.0849 8320 SessionEnv - ok
15:31:51.0864 8320 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:31:51.0864 8320 sffdisk - ok
15:31:51.0864 8320 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:31:51.0864 8320 sffp_mmc - ok
15:31:51.0864 8320 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:31:51.0864 8320 sffp_sd - ok
15:31:51.0864 8320 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:31:51.0864 8320 sfloppy - ok
15:31:51.0940 8320 [ c6cc9297bd53e5229653303e556aa539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:31:51.0944 8320 Sftfs - ok
15:31:52.0005 8320 [ 13693b6354dd6e72dc5131da7d764b90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:31:52.0007 8320 sftlist - ok
15:31:52.0022 8320 [ 390aa7bc52cee43f6790cdea1e776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:31:52.0023 8320 Sftplay - ok
15:31:52.0040 8320 [ 617e29a0b0a2807466560d4c4e338d3e ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:31:52.0041 8320 Sftredir - ok
15:31:52.0093 8320 [ 1968e6ebbeecf61d5f7d8603467e2ad0 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:31:52.0105 8320 SftService - ok
15:31:52.0116 8320 [ 8f571f016fa1976f445147e9e6c8ae9b ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:31:52.0117 8320 Sftvol - ok
15:31:52.0133 8320 [ c3cddd18f43d44ab713cf8c4916f7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:31:52.0134 8320 sftvsa - ok
15:31:52.0162 8320 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:31:52.0165 8320 SharedAccess - ok
15:31:52.0194 8320 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:31:52.0194 8320 ShellHWDetection - ok
15:31:52.0209 8320 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:31:52.0209 8320 SiSRaid2 - ok
15:31:52.0225 8320 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:31:52.0225 8320 SiSRaid4 - ok
15:31:52.0225 8320 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:31:52.0225 8320 Smb - ok
15:31:52.0240 8320 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:31:52.0256 8320 SNMPTRAP - ok
15:31:52.0256 8320 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:31:52.0256 8320 spldr - ok
15:31:52.0287 8320 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
15:31:52.0287 8320 Spooler - ok
15:31:52.0365 8320 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
15:31:52.0412 8320 sppsvc - ok
15:31:52.0428 8320 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:31:52.0428 8320 sppuinotify - ok
15:31:52.0459 8320 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
15:31:52.0459 8320 srv - ok
15:31:52.0490 8320 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:31:52.0490 8320 srv2 - ok
15:31:52.0506 8320 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:31:52.0506 8320 srvnet - ok
15:31:52.0521 8320 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:31:52.0537 8320 SSDPSRV - ok
15:31:52.0552 8320 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:31:52.0552 8320 SstpSvc - ok
15:31:52.0584 8320 Steam Client Service - ok
15:31:52.0630 8320 [ 0683504bbb3ffc0a73d9d217b63dd0e0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:31:52.0630 8320 Stereo Service - ok
15:31:52.0662 8320 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:31:52.0662 8320 stexstor - ok
15:31:52.0693 8320 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
15:31:52.0693 8320 stisvc - ok
15:31:52.0740 8320 [ 7731f46ec0d687a931cba063e8f90ef0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:31:52.0740 8320 stllssvr - ok
15:31:52.0755 8320 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:31:52.0755 8320 swenum - ok
15:31:52.0786 8320 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
15:31:52.0786 8320 swprv - ok
15:31:52.0833 8320 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
15:31:52.0864 8320 SysMain - ok
15:31:52.0880 8320 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:31:52.0880 8320 TabletInputService - ok
15:31:52.0896 8320 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:31:52.0896 8320 TapiSrv - ok
15:31:52.0911 8320 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
15:31:52.0911 8320 TBS - ok
15:31:52.0989 8320 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:31:53.0005 8320 Tcpip - ok
15:31:53.0036 8320 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:31:53.0052 8320 TCPIP6 - ok
15:31:53.0067 8320 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:31:53.0083 8320 tcpipreg - ok
15:31:53.0098 8320 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:31:53.0098 8320 TDPIPE - ok
15:31:53.0114 8320 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:31:53.0114 8320 TDTCP - ok
15:31:53.0130 8320 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:31:53.0130 8320 tdx - ok
15:31:53.0145 8320 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:31:53.0145 8320 TermDD - ok
15:31:53.0161 8320 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
15:31:53.0176 8320 TermService - ok
15:31:53.0192 8320 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
15:31:53.0192 8320 Themes - ok
15:31:53.0208 8320 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
15:31:53.0208 8320 THREADORDER - ok
15:31:53.0223 8320 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
15:31:53.0239 8320 TrkWks - ok
15:31:53.0270 8320 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:31:53.0286 8320 TrustedInstaller - ok
15:31:53.0301 8320 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:53.0301 8320 tssecsrv - ok
15:31:53.0317 8320 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:31:53.0317 8320 TsUsbFlt - ok
15:31:53.0332 8320 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:31:53.0332 8320 TsUsbGD - ok
15:31:53.0348 8320 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:31:53.0348 8320 tunnel - ok
15:31:53.0379 8320 [ fd24f98d2898be093fe926604be7db99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:31:53.0379 8320 TurboB - ok
15:31:53.0410 8320 [ 600b406a04d90f577fea8a88d7379f08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:31:53.0410 8320 TurboBoost - ok
15:31:53.0410 8320 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:31:53.0410 8320 uagp35 - ok
15:31:53.0442 8320 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:31:53.0442 8320 udfs - ok
15:31:53.0473 8320 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:31:53.0473 8320 UI0Detect - ok
15:31:53.0488 8320 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:31:53.0488 8320 uliagpkx - ok
15:31:53.0504 8320 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:31:53.0504 8320 umbus - ok
15:31:53.0504 8320 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
15:31:53.0504 8320 UmPass - ok
15:31:53.0598 8320 [ 2c16648a12999ae69a9ebf41974b0ba2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:31:53.0629 8320 UNS - ok
15:31:53.0644 8320 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
15:31:53.0644 8320 upnphost - ok
15:31:53.0676 8320 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:31:53.0676 8320 USBAAPL64 - ok
15:31:53.0707 8320 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:31:53.0707 8320 usbaudio - ok
15:31:53.0722 8320 [ 19ad7990c0b67e48dac5b26f99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:53.0738 8320 usbccgp - ok
15:31:53.0738 8320 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:31:53.0738 8320 usbcir - ok
15:31:53.0769 8320 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:31:53.0769 8320 usbehci - ok
15:31:53.0800 8320 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:31:53.0800 8320 usbhub - ok
15:31:53.0816 8320 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:31:53.0816 8320 usbohci - ok
15:31:53.0832 8320 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:31:53.0832 8320 usbprint - ok
15:31:53.0847 8320 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:53.0847 8320 USBSTOR - ok
15:31:53.0878 8320 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:31:53.0878 8320 usbuhci - ok
15:31:53.0894 8320 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:31:53.0910 8320 usbvideo - ok
15:31:53.0925 8320 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
15:31:53.0925 8320 UxSms - ok
15:31:53.0956 8320 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
15:31:53.0956 8320 VaultSvc - ok
15:31:53.0956 8320 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:31:53.0956 8320 vdrvroot - ok
15:31:53.0988 8320 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
15:31:54.0003 8320 vds - ok
15:31:54.0019 8320 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:54.0019 8320 vga - ok
15:31:54.0034 8320 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
15:31:54.0034 8320 VgaSave - ok
15:31:54.0034 8320 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:31:54.0050 8320 vhdmp - ok
15:31:54.0066 8320 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:31:54.0066 8320 viaide - ok
15:31:54.0081 8320 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:31:54.0081 8320 volmgr - ok
15:31:54.0097 8320 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:31:54.0112 8320 volmgrx - ok
15:31:54.0128 8320 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:31:54.0128 8320 volsnap - ok
15:31:54.0144 8320 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:31:54.0144 8320 vsmraid - ok
15:31:54.0206 8320 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
15:31:54.0206 8320 VSS - ok
15:31:54.0222 8320 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:31:54.0222 8320 vwifibus - ok
15:31:54.0222 8320 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:31:54.0222 8320 vwififlt - ok
15:31:54.0237 8320 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:31:54.0237 8320 vwifimp - ok
15:31:54.0253 8320 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
15:31:54.0253 8320 W32Time - ok
15:31:54.0253 8320 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:31:54.0253 8320 WacomPen - ok
15:31:54.0268 8320 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:31:54.0268 8320 WANARP - ok
15:31:54.0284 8320 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:31:54.0284 8320 Wanarpv6 - ok
15:31:54.0346 8320 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:31:54.0346 8320 WatAdminSvc - ok
15:31:54.0393 8320 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
15:31:54.0393 8320 wbengine - ok
15:31:54.0409 8320 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:31:54.0424 8320 WbioSrvc - ok
15:31:54.0440 8320 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:31:54.0440 8320 wcncsvc - ok
15:31:54.0456 8320 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:31:54.0456 8320 WcsPlugInService - ok
15:31:54.0471 8320 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
15:31:54.0471 8320 Wd - ok
15:31:54.0487 8320 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:31:54.0502 8320 Wdf01000 - ok
15:31:54.0502 8320 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:31:54.0502 8320 WdiServiceHost - ok
15:31:54.0518 8320 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:31:54.0518 8320 WdiSystemHost - ok
15:31:54.0534 8320 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:31:54.0534 8320 WebClient - ok
15:31:54.0549 8320 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:31:54.0565 8320 Wecsvc - ok
15:31:54.0565 8320 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:31:54.0580 8320 wercplsupport - ok
15:31:54.0580 8320 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:31:54.0580 8320 WerSvc - ok
15:31:54.0596 8320 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:31:54.0596 8320 WfpLwf - ok
15:31:54.0627 8320 [ b14ef15bd757fa488f9c970eee9c0d35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:31:54.0627 8320 WimFltr - ok
15:31:54.0643 8320 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:31:54.0643 8320 WIMMount - ok
15:31:54.0658 8320 WinDefend - ok
15:31:54.0674 8320 WinHttpAutoProxySvc - ok
15:31:54.0721 8320 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:31:54.0721 8320 Winmgmt - ok
15:31:54.0783 8320 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
15:31:54.0799 8320 WinRM - ok
15:31:54.0861 8320 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:31:54.0861 8320 WinUsb - ok
15:31:54.0908 8320 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
15:31:54.0908 8320 Wlansvc - ok
15:31:54.0955 8320 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:31:54.0955 8320 wlcrasvc - ok
15:31:55.0048 8320 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:31:55.0064 8320 wlidsvc - ok
15:31:55.0080 8320 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:31:55.0080 8320 WmiAcpi - ok
15:31:55.0095 8320 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:31:55.0111 8320 wmiApSrv - ok
15:31:55.0126 8320 WMPNetworkSvc - ok
15:31:55.0158 8320 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:31:55.0158 8320 WPCSvc - ok
15:31:55.0173 8320 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:31:55.0173 8320 WPDBusEnum - ok
15:31:55.0204 8320 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:31:55.0204 8320 ws2ifsl - ok
15:31:55.0236 8320 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll
15:31:55.0236 8320 wscsvc - ok
15:31:55.0236 8320 WSearch - ok
15:31:55.0314 8320 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:31:55.0329 8320 wuauserv - ok
15:31:55.0345 8320 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:31:55.0345 8320 WudfPf - ok
15:31:55.0360 8320 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:55.0360 8320 WUDFRd - ok
15:31:55.0376 8320 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:31:55.0376 8320 wudfsvc - ok
15:31:55.0407 8320 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
15:31:55.0407 8320 WwanSvc - ok
15:31:55.0532 8320 [ 9e35c40b0952f27e3f57e8f1d449f0a0 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:31:55.0548 8320 ZeroConfigService - ok
15:31:55.0563 8320 ================ Scan global ===============================
15:31:55.0594 8320 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
15:31:55.0626 8320 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
15:31:55.0626 8320 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
15:31:55.0657 8320 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
15:31:55.0688 8320 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
15:31:55.0688 8320 [Global] - ok
15:31:55.0688 8320 ================ Scan MBR ==================================
15:31:55.0704 8320 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:31:56.0024 8320 \Device\Harddisk0\DR0 - ok
15:31:56.0024 8320 ================ Scan VBR ==================================
15:31:56.0026 8320 Boot (0x1200) (0a915e7c292a520ca8abc32f78b2988d) \Device\Harddisk0\DR0\Partition1
15:31:56.0028 8320 \Device\Harddisk0\DR0\Partition1 - ok
15:31:56.0039 8320 Boot (0x1200) (6fe66090d9e96e0d99773981cebdaf3a) \Device\Harddisk0\DR0\Partition2
15:31:56.0041 8320 \Device\Harddisk0\DR0\Partition2 - ok
15:31:56.0042 8320 ============================================================
15:31:56.0042 8320 Scan finished
15:31:56.0042 8320 ============================================================
15:31:56.0048 8184 Detected object count: 0
15:31:56.0048 8184 Actual detected object count: 0
Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:28 AM

Posted 15 August 2012 - 02:52 PM

did you run the aswMBR report?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 15 August 2012 - 02:57 PM

Yes I have tried to use it but it appears to have stalled, I sent the first one when I got it but it seems the MBR may be either done or stalled because the screen is completely frozen. Should I redo the scan?

EDIT: Nevermind it appears to be working again (my processor started kicking in again and it's going)

Edited by Purplegill10, 15 August 2012 - 02:58 PM.

Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#14 Purplegill10

Purplegill10
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in the 4th wall
  • Local time:11:28 AM

Posted 15 August 2012 - 03:25 PM

ok terribly sorry about the wait but here is the log, and many thanks in advance :thumbsup2:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-15 15:34:12
-----------------------------
15:34:12.326 OS Version: Windows x64 6.1.7601 Service Pack 1
15:34:12.326 Number of processors: 8 586 0x2A07
15:34:12.326 ComputerName: PURPLEGILL10-PC UserName: Purplegill10
15:34:14.469 Initialize success
15:35:07.794 AVAST engine defs: 12081503
15:41:12.211 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:41:12.211 Disk 0 Vendor: WDC_WD64 03.0 Size: 610480MB BusType: 3
15:41:12.242 Disk 0 MBR read successfully
15:41:12.242 Disk 0 MBR scan
15:41:12.242 Disk 0 Windows VISTA default MBR code
15:41:12.242 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
15:41:12.258 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
15:41:12.289 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 590375 MB offset 41172992
15:41:12.320 Disk 0 scanning C:\Windows\system32\drivers
15:41:21.001 Service scanning
15:41:44.352 Modules scanning
15:41:44.352 Disk 0 trace - called modules:
15:41:44.368 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:41:44.867 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80096fa060]
15:41:44.867 3 CLASSPNP.SYS[fffff8800168c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007a9f050]
15:41:46.630 AVAST engine scan C:\Windows
15:41:52.540 AVAST engine scan C:\Windows\system32
15:45:19.030 AVAST engine scan C:\Windows\system32\drivers
15:45:33.805 AVAST engine scan C:\Users\Purplegill10
16:12:18.731 AVAST engine scan C:\ProgramData
16:23:14.465 Scan finished successfully
16:23:56.575 Disk 0 MBR has been saved successfully to "C:\Users\Purplegill10\Desktop\MBR.dat"
16:23:56.591 The log file has been saved successfully to "C:\Users\Purplegill10\Desktop\aswMBR.txt"
Even if you are a minority of one, the truth is the truth.
If I had no sense of humor, I would long ago have committed suicide.
Justice that love gives is a surrender, justice that law gives is a punishment.
-Mahatma Gandhi

Gandhi was freakin' awesome

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:28 AM

Posted 15 August 2012 - 04:40 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users