Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Music keeps playing in background. IE keeps crashing


  • This topic is locked This topic is locked
14 replies to this topic

#1 Jay A.

Jay A.

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 08 September 2012 - 11:51 PM

For some reason, whenever I'm browsing music and commercials keep playing in the background. It's unrelated to what I'm looking at. I close all browsers but it still plays. I'm also having trouble with Internet Explorer. It keeps crashing. I tried to re-install it. I don't know if it's related. I tried Malwarebytes and it removed some malware but it doesn't look like it removed all of it. Please help.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35
Run by Dell at 21:34:45 on 2012-09-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2009 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\ytbb.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Winamp\winamp.exe
\\.\globalroot\systemroot\Installer\{678e0b4f-17c9-f768-10f6-97e8ee0ffbb1}\U
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie9
uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
mURLSearchHooks: Yahoo! Axis for IE: {035fdc10-9f1d-430e-87da-573ffbf5608d} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
mURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Yahoo! Axis for IE: {035fdc10-9f1d-430e-87da-573ffbf5608d} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: BHO Class: {8b3868b4-eba8-48fa-a19b-e1dfb99066fa} - D:\Dell\Flash Capture\fcbho.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll
TB: Yahoo! Axis for IE: {035fdc10-9f1d-430e-87da-573ffbf5608d} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [<NO NAME>]
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://D:\Dell\Flash Capture\fciext.dll/FCIEXT.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.winkflash.com/photo/loaders/ImageUploader5.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{4F5627FA-33CD-48A8-972C-D09D67B53C0B} : DhcpNameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{4F5627FA-33CD-48A8-972C-D09D67B53C0B}\2375942554636363 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4F5627FA-33CD-48A8-972C-D09D67B53C0B}\3596D6261613 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4F5627FA-33CD-48A8-972C-D09D67B53C0B}\75962756C6563737 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6F236DE3-E5AA-43A2-9732-55129218D2E7} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
BHO-X64: Yahoo! Axis for IE - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: BHO Class: {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - D:\Dell\Flash Capture\fcbho.dll
BHO-X64: FCBHOBHO Class - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.1\youtubedownloaderToolbarIE.dll
TB-X64: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun-x64: [(Default)]
mRun-x64: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://D:\Dell\Flash Capture\fciext.dll/FCIEXT.htm
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4b9xtrjk.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://elearning.berkeley.edu/default.asp
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyH2uZJNS&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 5611f8ee000000000000002637bd3942
FF - user.js: extensions.incredibar_i.instlDay - 15526
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:56:56
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyH2uZJNS
FF - user.js: extensions.incredibar_i.upn2n - 92261704153837120
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10665
FF - user.js: extensions.incredibar_i.ppd -
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-4 92160]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-7-19 792512]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-17 155648]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-12-14 60928]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-18 655944]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-4-15 793048]
R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-5-4 206064]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [2011-8-1 317328]
R2 WDFMEService;WDFMEService;C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-8-1 1978256]
R2 WDRulesService;WDRulesService;C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-8-1 1338256]
R2 YNanoService;Yahoo! NanoClient Service;C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe [2012-5-23 157016]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]
R3 pnetmdm;PdaNet Modem;C:\Windows\system32\DRIVERS\pnetmdm64.sys --> C:\Windows\system32\DRIVERS\pnetmdm64.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-8 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250568]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-8 135664]
S3 HtcUsbMdmV64;HTC Proprietary USB Driver;C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys --> C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys [?]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\system32\DRIVERS\HtcVComV64.sys --> C:\Windows\system32\DRIVERS\HtcVComV64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 114144]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-9-21 315664]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2012-09-05 22:49:50 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79651429-3CAC-4080-961C-DCA93D7C20A0}\mpengine.dll
2012-09-01 20:12:32 477168 -c--a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-08-30 23:37:25 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-08-18 22:31:24 -------- d-----w- C:\Program Files\iPod
2012-08-18 22:31:23 -------- d-----w- C:\Program Files\iTunes
2012-08-18 22:31:23 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-15 02:14:06 9826504 -c--a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-08-14 23:38:32 -------- d-----w- C:\Users\Dell\AppData\Local\Macromedia
.
==================== Find3M ====================
.
2012-09-01 20:12:26 473072 -c--a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-26 20:24:48 73416 -c--a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-26 20:24:48 696520 -c--a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-28 05:48:39 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-07-28 05:48:39 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-07-11 05:05:13 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 05:01:18 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-07-11 05:01:18 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-07-11 05:01:18 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-07-11 05:01:18 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-07-11 05:01:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-07-11 05:01:18 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-07-11 05:01:18 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-07-11 05:01:18 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-07-11 05:01:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-07-11 05:01:18 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-07-11 04:59:57 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-07-11 04:59:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-07-03 20:46:44 24904 -c--a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-14 05:05:56 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-14 05:05:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-14 05:05:56 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-14 05:02:26 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-14 05:02:14 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-14 05:02:13 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-14 05:02:13 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-14 05:01:49 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-14 05:01:39 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-14 05:01:39 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-14 05:01:27 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-14 05:01:27 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-14 05:01:27 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-14 05:01:27 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-14 05:01:27 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-14 05:01:27 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2010-05-28 01:12:12 8354440 ----a-w- C:\Program Files\Firefox Setup 3.6.3.exe
2010-05-23 17:47:11 2394408 ----a-w- C:\Program Files\mp3tagv246asetup.exe
2010-05-20 21:10:47 232704 ----a-w- C:\Program Files\yahoo_toolbar_install_helper.exe
2010-05-20 05:59:23 98435368 ----a-w- C:\Program Files\iTunes64Setup.exe
2010-05-20 04:34:47 12383736 ----a-w- C:\Program Files\picasa36-setup.exe
2009-07-10 20:39:00 350720 ----a-w- C:\Program Files\hjsplit.exe
.
============= FINISH: 21:36:46.89 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 09 September 2012 - 12:12 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Jay A.

Jay A.
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 09 September 2012 - 01:02 PM

My Internet Explorer keeps crashing. It's difficult to tell whether or not the music/commercials keep playing because it sometimes won't appear until hours after I turn on the computer. I had to run Combofix twice because for some reason, my computer just shut down. Here are the logs.


Security Check Log

Results of screen317's Security Check version 0.99.50
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 35
Java version out of Date!
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (15.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````


ComboFix 12-09-09.02 - Dell 09/09/2012 8:48.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2253 [GMT -7:00]
Running from: c:\users\Dell\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\pmt_0piot.pad
c:\programdata\ras_0oed.pad
c:\users\Dell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SMART_HDD.lnk
c:\users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD\SMART HDD.lnk
c:\users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD\Uninstall SMART HDD.lnk
c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-09 to 2012-09-09 )))))))))))))))))))))))))))))))
.
.
2012-09-09 16:12 . 2012-09-09 16:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-09-09 16:12 . 2012-09-09 16:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-09-09 16:12 . 2012-09-09 16:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-05 22:49 . 2012-07-16 09:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79651429-3CAC-4080-961C-DCA93D7C20A0}\mpengine.dll
2012-09-01 20:12 . 2012-09-01 20:12 477168 -c--a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-01 20:11 . 2012-09-01 20:11 -------- dc----w- c:\programdata\McAfee
2012-08-18 22:31 . 2012-08-18 22:31 -------- d-----w- c:\program files\iPod
2012-08-18 22:31 . 2012-08-18 22:31 -------- d-----w- c:\program files\iTunes
2012-08-18 22:31 . 2012-08-18 22:31 -------- d-----w- c:\program files (x86)\iTunes
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-08-18 22:19 . 2012-08-18 22:20 -------- d-----w- c:\program files (x86)\QuickTime
2012-08-14 23:38 . 2012-08-14 23:38 -------- d-----w- c:\users\Dell\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-01 20:12 . 2012-04-19 00:31 473072 -c--a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-26 20:24 . 2012-04-03 13:20 696520 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-26 20:24 . 2011-05-15 15:04 73416 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-28 05:48 . 2012-07-28 05:35 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-07-28 05:48 . 2012-07-28 05:35 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-07-11 05:05 . 2012-07-11 05:04 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 05:04 . 2012-07-11 02:09 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 05:04 . 2012-07-11 02:09 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 05:04 . 2012-07-11 02:09 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 05:04 . 2012-07-11 02:09 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 05:04 . 2012-07-11 02:09 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 05:04 . 2012-07-11 02:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 05:04 . 2012-07-11 02:09 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-11 05:04 . 2012-07-11 02:09 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-11 05:04 . 2012-07-11 02:09 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 05:04 . 2012-07-11 02:09 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 05:04 . 2012-07-11 02:09 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 05:04 . 2012-07-11 02:09 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 05:04 . 2012-07-11 02:09 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-11 05:04 . 2012-07-11 02:09 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-11 05:04 . 2012-07-11 02:09 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-11 05:04 . 2012-07-11 02:09 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 05:01 . 2010-01-12 06:37 59701280 -c--a-w- c:\windows\system32\MRT.exe
2012-07-11 05:01 . 2012-07-11 05:00 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-07-11 05:01 . 2012-07-11 05:00 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-07-11 05:01 . 2012-07-11 05:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-07-11 05:01 . 2012-07-11 05:00 237056 ----a-w- c:\windows\system32\url.dll
2012-07-11 05:01 . 2012-07-11 05:00 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-07-11 05:01 . 2012-07-11 05:00 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-07-11 05:01 . 2012-07-11 05:00 248320 ----a-w- c:\windows\system32\ieui.dll
2012-07-11 05:01 . 2012-07-11 05:00 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-07-11 05:01 . 2012-07-11 05:00 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-07-11 05:01 . 2012-07-11 05:00 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-07-11 05:01 . 2012-07-11 05:00 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-07-11 05:01 . 2012-07-11 05:00 818688 ----a-w- c:\windows\system32\jscript.dll
2012-07-11 05:01 . 2012-07-11 05:00 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-07-11 05:01 . 2012-07-11 05:00 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-07-11 05:01 . 2012-07-11 05:00 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-11 05:01 . 2012-07-11 05:00 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-07-11 05:01 . 2012-07-11 05:00 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-07-11 05:01 . 2012-07-11 05:00 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-07-11 05:01 . 2012-07-11 05:00 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-07-11 04:59 . 2012-07-11 02:09 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-07-11 04:59 . 2012-07-11 02:09 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-07-03 20:46 . 2010-02-13 15:07 24904 -c--a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 10:04 . 2012-07-28 05:46 9133488 -c--a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CE6D11C1-35EC-4A58-822F-9A5DA2F3737E}\mpengine.dll
2012-06-29 10:04 . 2012-07-28 05:46 9133488 -c----w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2012-06-14 05:05 . 2012-06-13 23:17 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 05:05 . 2012-06-13 23:17 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 05:05 . 2012-06-13 23:17 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 05:02 . 2012-06-13 23:17 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 05:02 . 2012-06-13 23:17 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 05:02 . 2012-06-13 23:17 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-14 05:02 . 2012-06-13 23:17 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 05:01 . 2012-06-13 23:17 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 05:01 . 2012-06-13 23:17 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-14 05:01 . 2012-06-13 23:17 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-14 05:01 . 2012-06-13 23:17 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 05:01 . 2012-06-13 23:17 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 05:01 . 2012-06-13 23:17 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-14 05:01 . 2012-06-13 23:17 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 05:01 . 2012-06-13 23:17 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-14 05:01 . 2012-06-13 23:17 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2010-05-28 01:12 . 2010-05-29 14:55 8354440 ----a-w- c:\program files\Firefox Setup 3.6.3.exe
2010-05-23 17:47 . 2010-05-29 14:55 2394408 ----a-w- c:\program files\mp3tagv246asetup.exe
2010-05-20 21:10 . 2010-05-29 14:55 232704 ----a-w- c:\program files\yahoo_toolbar_install_helper.exe
2010-05-20 05:59 . 2010-05-29 14:55 98435368 ----a-w- c:\program files\iTunes64Setup.exe
2010-05-20 04:34 . 2010-05-20 04:34 12383736 ----a-w- c:\program files\picasa36-setup.exe
2009-07-10 20:39 . 2010-07-03 22:21 350720 ----a-w- c:\program files\hjsplit.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-06-11 1524056]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{035FDC10-9F1D-430E-87DA-573FFBF5608D}]
2012-05-23 14:27 510296 ----a-w- c:\program files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{035FDC10-9F1D-430E-87DA-573FFBF5608D}"= "c:\program files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll" [2012-05-23 510296]
.
[HKEY_CLASSES_ROOT\clsid\{035fdc10-9f1d-430e-87da-573ffbf5608d}]
[HKEY_CLASSES_ROOT\YNanoClient.IE.1]
[HKEY_CLASSES_ROOT\TypeLib\{B5590E3C-C53C-4464-99BA-8AEF95C750ED}]
[HKEY_CLASSES_ROOT\YNanoClient.IE]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-03-22 74752]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-03-21 103896]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-07-19 1091976]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-29 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell DataSafe Online]
2009-07-07 02:23 1779952 ----a-w- c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
2009-06-24 08:21 409744 ------w- c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms]
2009-05-04 21:39 206064 ----a-w- c:\program files (x86)\Dell\DellComms\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 00:59 206064 ----a-w- c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2009-06-18 13:46 494064 ----a-w- c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 135664]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-26 250568]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 135664]
R3 HtcUsbMdmV64;HTC Proprietary USB Driver;c:\windows\system32\DRIVERS\HtcUsbMdmV64.sys [2010-03-08 121800]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 315664]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-10 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-07-23 18792]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-05 92160]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-07-19 792512]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-14 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]
S2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);c:\program files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-05-04 206064]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-08-01 317328]
S2 WDFMEService;WDFMEService;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-08-01 1978256]
S2 WDRulesService;WDRulesService;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-08-01 1338256]
S2 YNanoService;Yahoo! NanoClient Service;c:\program files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe [2012-05-23 157016]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-07-23 23912]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-25 233984]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-10-19 6956032]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [2010-09-03 15360]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 220672]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2009-10-15 36760]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 20:24]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 03:27]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 03:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-05 8123936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie9
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1 4.2.2.2
FF - ProfilePath - c:\users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4b9xtrjk.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://elearning.berkeley.edu/default.asp
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyH2uZJNS&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 5611f8ee000000000000002637bd3942
FF - user.js: extensions.incredibar_i.instlDay - 15526
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:56
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyH2uZJNS
FF - user.js: extensions.incredibar_i.upn2n - 92261704153837120
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10665
FF - user.js: extensions.incredibar_i.ppd -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
SafeBoot-MsMpSvc
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Registry Mechanic_is1 - c:\program files (x86)\PC Tools\PC Tools Registry Mechanic\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=hex:51,66,7a,6c,4c,1d,38,12,81,47,e9,
25,5f,79,3d,08,e4,19,c9,c9,d6,7c,d4,7c
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{F3FEE66E-E034-436A-86E4-9690573BEE8A}"=hex:51,66,7a,6c,4c,1d,38,12,00,e5,ed,
f7,06,ae,04,06,f9,f2,d5,d0,52,65,aa,9e
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{8B3868B4-EBA8-48FA-A19B-E1DFB99066FA}"=hex:51,66,7a,6c,4c,1d,38,12,da,6b,2b,
8f,9a,a5,94,0d,de,8d,a2,9f,bc,ce,22,ee
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}"=hex:51,66,7a,6c,4c,1d,38,12,ae,8e,49,
e5,24,cb,cf,07,fe,fc,9f,d4,e9,44,8b,04
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,09,02,
1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:32,6d,b0,bb,c9,19,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2012-09-09 09:23:33 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-09 16:23
.
Pre-Run: 22,844,878,848 bytes free
Post-Run: 26,895,372,288 bytes free
.
- - End Of File - - C0A22D5138124692EEF27F99661ED841

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 09 September 2012 - 01:12 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Jay A.

Jay A.
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 09 September 2012 - 02:08 PM

Nothing was found on TDSS Killer. Here are the logs.


11:16:08.0443 2228 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:16:08.0958 2228 ============================================================
11:16:08.0958 2228 Current date / time: 2012/09/09 11:16:08.0958
11:16:08.0958 2228 SystemInfo:
11:16:08.0958 2228
11:16:08.0958 2228 OS Version: 6.1.7601 ServicePack: 1.0
11:16:08.0958 2228 Product type: Workstation
11:16:08.0958 2228 ComputerName: DELL-PC
11:16:08.0958 2228 UserName: Dell
11:16:08.0958 2228 Windows directory: C:\Windows
11:16:08.0958 2228 System windows directory: C:\Windows
11:16:08.0958 2228 Running under WOW64
11:16:08.0958 2228 Processor architecture: Intel x64
11:16:08.0958 2228 Number of processors: 4
11:16:08.0958 2228 Page size: 0x1000
11:16:08.0958 2228 Boot type: Normal boot
11:16:08.0958 2228 ============================================================
11:16:09.0894 2228 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:16:09.0910 2228 Drive \Device\Harddisk1\DR1 - Size: 0x79280000 (1.89 Gb), SectorSize: 0x200, Cylinders: 0xF7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:16:09.0910 2228 ============================================================
11:16:09.0910 2228 \Device\Harddisk0\DR0:
11:16:09.0910 2228 MBR partitions:
11:16:09.0910 2228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1388000
11:16:09.0910 2228 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13BA800, BlocksNum 0x7530000
11:16:09.0925 2228 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x88EB000, BlocksNum 0x31A96030
11:16:09.0925 2228 \Device\Harddisk1\DR1:
11:16:09.0925 2228 MBR partitions:
11:16:09.0925 2228 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xF9, BlocksNum 0x3C8907
11:16:09.0925 2228 ============================================================
11:16:09.0972 2228 C: <-> \Device\Harddisk0\DR0\Partition2
11:16:10.0019 2228 D: <-> \Device\Harddisk0\DR0\Partition3
11:16:10.0019 2228 ============================================================
11:16:10.0019 2228 Initialize success
11:16:10.0019 2228 ============================================================
11:16:11.0516 3972 ============================================================
11:16:11.0516 3972 Scan started
11:16:11.0516 3972 Mode: Manual;
11:16:11.0516 3972 ============================================================
11:16:15.0167 3972 ================ Scan system memory ========================
11:16:15.0167 3972 System memory - ok
11:16:15.0167 3972 ================ Scan services =============================
11:16:15.0307 3972 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:16:15.0307 3972 1394ohci - ok
11:16:15.0354 3972 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
11:16:15.0354 3972 Acceler - ok
11:16:15.0370 3972 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:16:15.0385 3972 ACPI - ok
11:16:15.0401 3972 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:16:15.0401 3972 AcpiPmi - ok
11:16:15.0541 3972 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:16:15.0541 3972 AdobeARMservice - ok
11:16:15.0666 3972 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:16:15.0666 3972 AdobeFlashPlayerUpdateSvc - ok
11:16:15.0713 3972 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:16:15.0744 3972 adp94xx - ok
11:16:15.0775 3972 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:16:15.0791 3972 adpahci - ok
11:16:15.0822 3972 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:16:15.0822 3972 adpu320 - ok
11:16:15.0853 3972 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:16:15.0853 3972 AeLookupSvc - ok
11:16:15.0900 3972 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:16:15.0900 3972 AERTFilters - ok
11:16:15.0962 3972 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:16:15.0962 3972 AFD - ok
11:16:15.0994 3972 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:16:15.0994 3972 agp440 - ok
11:16:16.0009 3972 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:16:16.0009 3972 ALG - ok
11:16:16.0025 3972 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:16:16.0025 3972 aliide - ok
11:16:16.0040 3972 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:16:16.0040 3972 amdide - ok
11:16:16.0056 3972 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:16:16.0056 3972 AmdK8 - ok
11:16:16.0072 3972 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:16:16.0072 3972 AmdPPM - ok
11:16:16.0103 3972 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:16:16.0103 3972 amdsata - ok
11:16:16.0134 3972 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:16:16.0134 3972 amdsbs - ok
11:16:16.0165 3972 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:16:16.0165 3972 amdxata - ok
11:16:16.0196 3972 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:16:16.0196 3972 AppID - ok
11:16:16.0212 3972 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:16:16.0212 3972 AppIDSvc - ok
11:16:16.0243 3972 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:16:16.0243 3972 Appinfo - ok
11:16:16.0321 3972 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:16:16.0321 3972 Apple Mobile Device - ok
11:16:16.0399 3972 [ 295F7A66D6D50D3A3496FBF9098A1E1C ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
11:16:16.0399 3972 Application Updater - ok
11:16:16.0462 3972 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:16:16.0462 3972 arc - ok
11:16:16.0477 3972 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:16:16.0477 3972 arcsas - ok
11:16:16.0493 3972 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:16:16.0508 3972 AsyncMac - ok
11:16:16.0524 3972 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:16:16.0524 3972 atapi - ok
11:16:16.0571 3972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:16:16.0586 3972 AudioEndpointBuilder - ok
11:16:16.0602 3972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:16:16.0602 3972 AudioSrv - ok
11:16:16.0649 3972 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:16:16.0649 3972 AxInstSV - ok
11:16:16.0680 3972 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:16:16.0711 3972 b06bdrv - ok
11:16:16.0742 3972 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:16:16.0758 3972 b57nd60a - ok
11:16:16.0914 3972 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:16:16.0930 3972 BBSvc - ok
11:16:16.0992 3972 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:16:16.0992 3972 BBUpdate - ok
11:16:17.0023 3972 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:16:17.0023 3972 BDESVC - ok
11:16:17.0023 3972 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:16:17.0039 3972 Beep - ok
11:16:17.0086 3972 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:16:17.0101 3972 BFE - ok
11:16:17.0164 3972 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:16:17.0179 3972 BITS - ok
11:16:17.0179 3972 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:16:17.0195 3972 blbdrive - ok
11:16:17.0257 3972 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:16:17.0257 3972 Bonjour Service - ok
11:16:17.0288 3972 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:16:17.0288 3972 bowser - ok
11:16:17.0320 3972 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:16:17.0320 3972 BrFiltLo - ok
11:16:17.0320 3972 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:16:17.0320 3972 BrFiltUp - ok
11:16:17.0366 3972 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:16:17.0366 3972 BridgeMP - ok
11:16:17.0398 3972 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
11:16:17.0398 3972 Browser - ok
11:16:17.0413 3972 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:16:17.0413 3972 Brserid - ok
11:16:17.0429 3972 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:16:17.0429 3972 BrSerWdm - ok
11:16:17.0444 3972 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:16:17.0444 3972 BrUsbMdm - ok
11:16:17.0444 3972 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:16:17.0444 3972 BrUsbSer - ok
11:16:17.0476 3972 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
11:16:17.0476 3972 BthEnum - ok
11:16:17.0491 3972 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:16:17.0491 3972 BTHMODEM - ok
11:16:17.0507 3972 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:16:17.0507 3972 BthPan - ok
11:16:17.0522 3972 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:16:17.0538 3972 BTHPORT - ok
11:16:17.0569 3972 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:16:17.0569 3972 bthserv - ok
11:16:17.0585 3972 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:16:17.0585 3972 BTHUSB - ok
11:16:17.0616 3972 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
11:16:17.0616 3972 btusbflt - ok
11:16:17.0632 3972 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:16:17.0647 3972 btwaudio - ok
11:16:17.0647 3972 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
11:16:17.0647 3972 btwavdt - ok
11:16:17.0725 3972 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:16:17.0725 3972 btwdins - ok
11:16:17.0741 3972 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:16:17.0741 3972 btwl2cap - ok
11:16:17.0756 3972 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:16:17.0756 3972 btwrchid - ok
11:16:17.0788 3972 catchme - ok
11:16:17.0819 3972 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:16:17.0819 3972 cdfs - ok
11:16:17.0866 3972 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:16:17.0866 3972 cdrom - ok
11:16:17.0912 3972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:16:17.0912 3972 CertPropSvc - ok
11:16:17.0928 3972 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:16:17.0928 3972 circlass - ok
11:16:17.0959 3972 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:16:17.0975 3972 CLFS - ok
11:16:18.0037 3972 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:16:18.0037 3972 clr_optimization_v2.0.50727_32 - ok
11:16:18.0068 3972 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:16:18.0084 3972 clr_optimization_v2.0.50727_64 - ok
11:16:18.0146 3972 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:16:18.0162 3972 clr_optimization_v4.0.30319_32 - ok
11:16:18.0178 3972 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:16:18.0193 3972 clr_optimization_v4.0.30319_64 - ok
11:16:18.0209 3972 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:16:18.0209 3972 CmBatt - ok
11:16:18.0224 3972 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:16:18.0224 3972 cmdide - ok
11:16:18.0271 3972 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:16:18.0287 3972 CNG - ok
11:16:18.0302 3972 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:16:18.0318 3972 Compbatt - ok
11:16:18.0349 3972 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:16:18.0349 3972 CompositeBus - ok
11:16:18.0365 3972 COMSysApp - ok
11:16:18.0380 3972 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:16:18.0380 3972 crcdisk - ok
11:16:18.0412 3972 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:16:18.0412 3972 CryptSvc - ok
11:16:18.0458 3972 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:16:18.0474 3972 CtClsFlt - ok
11:16:18.0505 3972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:16:18.0521 3972 DcomLaunch - ok
11:16:18.0552 3972 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:16:18.0552 3972 defragsvc - ok
11:16:18.0583 3972 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:16:18.0583 3972 DfsC - ok
11:16:18.0599 3972 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:16:18.0599 3972 Dhcp - ok
11:16:18.0614 3972 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:16:18.0614 3972 discache - ok
11:16:18.0646 3972 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:16:18.0646 3972 Disk - ok
11:16:18.0677 3972 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:16:18.0692 3972 Dnscache - ok
11:16:18.0739 3972 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
11:16:18.0739 3972 DockLoginService - ok
11:16:18.0770 3972 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:16:18.0786 3972 dot3svc - ok
11:16:18.0817 3972 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:16:18.0833 3972 Dot4 - ok
11:16:18.0864 3972 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
11:16:18.0864 3972 Dot4Print - ok
11:16:18.0880 3972 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:16:18.0895 3972 dot4usb - ok
11:16:18.0911 3972 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:16:18.0911 3972 DPS - ok
11:16:18.0942 3972 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:16:18.0942 3972 drmkaud - ok
11:16:19.0004 3972 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:16:19.0004 3972 DXGKrnl - ok
11:16:19.0051 3972 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:16:19.0051 3972 EapHost - ok
11:16:19.0114 3972 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:16:19.0160 3972 ebdrv - ok
11:16:19.0192 3972 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:16:19.0192 3972 EFS - ok
11:16:19.0254 3972 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:16:19.0270 3972 ehRecvr - ok
11:16:19.0285 3972 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:16:19.0301 3972 ehSched - ok
11:16:19.0348 3972 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:16:19.0363 3972 elxstor - ok
11:16:19.0394 3972 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:16:19.0394 3972 ErrDev - ok
11:16:19.0441 3972 esgiguard - ok
11:16:19.0488 3972 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:16:19.0488 3972 EventSystem - ok
11:16:19.0582 3972 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:16:19.0597 3972 EvtEng - ok
11:16:19.0628 3972 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:16:19.0628 3972 exfat - ok
11:16:19.0644 3972 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:16:19.0644 3972 fastfat - ok
11:16:19.0691 3972 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:16:19.0706 3972 Fax - ok
11:16:19.0722 3972 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:16:19.0722 3972 fdc - ok
11:16:19.0738 3972 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:16:19.0738 3972 fdPHost - ok
11:16:19.0753 3972 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:16:19.0753 3972 FDResPub - ok
11:16:19.0769 3972 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:16:19.0769 3972 FileInfo - ok
11:16:19.0784 3972 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:16:19.0784 3972 Filetrace - ok
11:16:19.0784 3972 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:16:19.0784 3972 flpydisk - ok
11:16:19.0816 3972 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:16:19.0816 3972 FltMgr - ok
11:16:19.0862 3972 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:16:19.0894 3972 FontCache - ok
11:16:19.0987 3972 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:16:19.0987 3972 FontCache3.0.0.0 - ok
11:16:20.0003 3972 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:16:20.0003 3972 FsDepends - ok
11:16:20.0034 3972 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:16:20.0034 3972 Fs_Rec - ok
11:16:20.0065 3972 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:16:20.0065 3972 fvevol - ok
11:16:20.0096 3972 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:16:20.0112 3972 gagp30kx - ok
11:16:20.0174 3972 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
11:16:20.0174 3972 GameConsoleService - ok
11:16:20.0221 3972 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:16:20.0221 3972 GEARAspiWDM - ok
11:16:20.0252 3972 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
11:16:20.0268 3972 GoToAssist - ok
11:16:20.0299 3972 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:16:20.0315 3972 gpsvc - ok
11:16:20.0393 3972 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:16:20.0393 3972 gupdate - ok
11:16:20.0408 3972 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:16:20.0424 3972 gupdatem - ok
11:16:20.0440 3972 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:16:20.0440 3972 hcw85cir - ok
11:16:20.0486 3972 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:16:20.0486 3972 HdAudAddService - ok
11:16:20.0518 3972 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:16:20.0518 3972 HDAudBus - ok
11:16:20.0533 3972 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:16:20.0533 3972 HECIx64 - ok
11:16:20.0549 3972 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:16:20.0564 3972 HidBatt - ok
11:16:20.0580 3972 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:16:20.0596 3972 HidBth - ok
11:16:20.0596 3972 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:16:20.0596 3972 HidIr - ok
11:16:20.0627 3972 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:16:20.0627 3972 hidserv - ok
11:16:20.0658 3972 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:16:20.0658 3972 HidUsb - ok
11:16:20.0689 3972 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:16:20.0705 3972 hkmsvc - ok
11:16:20.0736 3972 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:16:20.0736 3972 HomeGroupListener - ok
11:16:20.0767 3972 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:16:20.0767 3972 HomeGroupProvider - ok
11:16:20.0830 3972 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:16:20.0845 3972 hpqcxs08 - ok
11:16:20.0861 3972 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:16:20.0861 3972 hpqddsvc - ok
11:16:20.0908 3972 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:16:20.0908 3972 HpSAMD - ok
11:16:20.0939 3972 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:16:20.0939 3972 HPSLPSVC - ok
11:16:20.0970 3972 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcUsbMdmV64 C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys
11:16:20.0970 3972 HtcUsbMdmV64 - ok
11:16:21.0001 3972 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
11:16:21.0001 3972 HtcVCom32 - ok
11:16:21.0048 3972 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:16:21.0064 3972 HTTP - ok
11:16:21.0095 3972 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:16:21.0095 3972 hwpolicy - ok
11:16:21.0126 3972 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:16:21.0126 3972 i8042prt - ok
11:16:21.0188 3972 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:16:21.0188 3972 iaStorV - ok
11:16:21.0220 3972 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:16:21.0235 3972 idsvc - ok
11:16:21.0391 3972 [ 0372C154226F7074CD150F475A4870A6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:16:21.0516 3972 igfx - ok
11:16:21.0547 3972 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:16:21.0563 3972 iirsp - ok
11:16:21.0610 3972 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:16:21.0641 3972 IKEEXT - ok
11:16:21.0672 3972 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
11:16:21.0672 3972 Impcd - ok
11:16:21.0719 3972 [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
11:16:21.0719 3972 InstallFilterService - ok
11:16:21.0797 3972 [ 9C1D5314D42B7F1BD6AD6FB1BA8870A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:16:21.0797 3972 IntcAzAudAddService - ok
11:16:21.0844 3972 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:16:21.0859 3972 IntcDAud - ok
11:16:21.0890 3972 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:16:21.0890 3972 intelide - ok
11:16:21.0906 3972 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:16:21.0906 3972 intelppm - ok
11:16:21.0937 3972 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:16:21.0937 3972 IPBusEnum - ok
11:16:21.0968 3972 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:16:21.0984 3972 IpFilterDriver - ok
11:16:22.0140 3972 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:16:22.0156 3972 iphlpsvc - ok
11:16:22.0171 3972 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:16:22.0171 3972 IPMIDRV - ok
11:16:22.0202 3972 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:16:22.0202 3972 IPNAT - ok
11:16:22.0249 3972 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:16:22.0265 3972 iPod Service - ok
11:16:22.0296 3972 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:16:22.0296 3972 IRENUM - ok
11:16:22.0296 3972 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:16:22.0312 3972 isapnp - ok
11:16:22.0327 3972 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:16:22.0327 3972 iScsiPrt - ok
11:16:22.0358 3972 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:16:22.0358 3972 kbdclass - ok
11:16:22.0374 3972 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:16:22.0374 3972 kbdhid - ok
11:16:22.0390 3972 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:16:22.0390 3972 KeyIso - ok
11:16:22.0421 3972 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:16:22.0421 3972 KSecDD - ok
11:16:22.0436 3972 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:16:22.0436 3972 KSecPkg - ok
11:16:22.0436 3972 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:16:22.0452 3972 ksthunk - ok
11:16:22.0483 3972 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:16:22.0483 3972 KtmRm - ok
11:16:22.0514 3972 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:16:22.0530 3972 LanmanServer - ok
11:16:22.0546 3972 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:16:22.0546 3972 LanmanWorkstation - ok
11:16:22.0577 3972 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:16:22.0577 3972 lltdio - ok
11:16:22.0608 3972 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:16:22.0608 3972 lltdsvc - ok
11:16:22.0624 3972 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:16:22.0624 3972 lmhosts - ok
11:16:22.0655 3972 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:16:22.0655 3972 LSI_FC - ok
11:16:22.0670 3972 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:16:22.0670 3972 LSI_SAS - ok
11:16:22.0686 3972 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:16:22.0686 3972 LSI_SAS2 - ok
11:16:22.0686 3972 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:16:22.0686 3972 LSI_SCSI - ok
11:16:22.0702 3972 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:16:22.0717 3972 luafv - ok
11:16:22.0733 3972 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:16:22.0733 3972 MBAMProtector - ok
11:16:22.0780 3972 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:16:22.0795 3972 MBAMService - ok
11:16:22.0842 3972 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:16:22.0842 3972 Mcx2Svc - ok
11:16:22.0858 3972 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:16:22.0858 3972 megasas - ok
11:16:22.0873 3972 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:16:22.0889 3972 MegaSR - ok
11:16:22.0936 3972 Microsoft SharePoint Workspace Audit Service - ok
11:16:22.0967 3972 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:16:22.0967 3972 MMCSS - ok
11:16:22.0982 3972 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:16:22.0982 3972 Modem - ok
11:16:22.0998 3972 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:16:22.0998 3972 monitor - ok
11:16:23.0029 3972 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:16:23.0029 3972 mouclass - ok
11:16:23.0060 3972 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:16:23.0060 3972 mouhid - ok
11:16:23.0076 3972 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:16:23.0076 3972 mountmgr - ok
11:16:23.0154 3972 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:16:23.0154 3972 MozillaMaintenance - ok
11:16:23.0201 3972 [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:16:23.0201 3972 MpFilter - ok
11:16:23.0216 3972 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:16:23.0216 3972 mpio - ok
11:16:23.0248 3972 [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys
11:16:23.0248 3972 MpNWMon - ok
11:16:23.0263 3972 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:16:23.0263 3972 mpsdrv - ok
11:16:23.0357 3972 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:16:23.0372 3972 MpsSvc - ok
11:16:23.0404 3972 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:16:23.0404 3972 MRxDAV - ok
11:16:23.0435 3972 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:16:23.0450 3972 mrxsmb - ok
11:16:23.0482 3972 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:16:23.0482 3972 mrxsmb10 - ok
11:16:23.0497 3972 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:16:23.0497 3972 mrxsmb20 - ok
11:16:23.0513 3972 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:16:23.0513 3972 msahci - ok
11:16:23.0528 3972 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:16:23.0544 3972 msdsm - ok
11:16:23.0560 3972 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:16:23.0560 3972 MSDTC - ok
11:16:23.0575 3972 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:16:23.0575 3972 Msfs - ok
11:16:23.0591 3972 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:16:23.0591 3972 mshidkmdf - ok
11:16:23.0606 3972 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:16:23.0606 3972 msisadrv - ok
11:16:23.0638 3972 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:16:23.0638 3972 MSiSCSI - ok
11:16:23.0653 3972 msiserver - ok
11:16:23.0669 3972 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:16:23.0684 3972 MSKSSRV - ok
11:16:23.0684 3972 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:16:23.0700 3972 MSPCLOCK - ok
11:16:23.0700 3972 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:16:23.0700 3972 MSPQM - ok
11:16:23.0731 3972 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:16:23.0747 3972 MsRPC - ok
11:16:23.0762 3972 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:16:23.0762 3972 mssmbios - ok
11:16:23.0778 3972 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:16:23.0778 3972 MSTEE - ok
11:16:23.0778 3972 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:16:23.0794 3972 MTConfig - ok
11:16:23.0809 3972 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:16:23.0809 3972 Mup - ok
11:16:23.0856 3972 [ D285D0539016BE299A55FF997B44DA33 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:16:23.0856 3972 MyWiFiDHCPDNS - ok
11:16:23.0887 3972 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:16:23.0903 3972 napagent - ok
11:16:23.0918 3972 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:16:23.0934 3972 NativeWifiP - ok
11:16:23.0965 3972 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
11:16:23.0981 3972 NDIS - ok
11:16:23.0996 3972 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:16:23.0996 3972 NdisCap - ok
11:16:24.0028 3972 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:16:24.0028 3972 NdisTapi - ok
11:16:24.0043 3972 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:16:24.0059 3972 Ndisuio - ok
11:16:24.0074 3972 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:16:24.0090 3972 NdisWan - ok
11:16:24.0106 3972 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:16:24.0121 3972 NDProxy - ok
11:16:24.0152 3972 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:16:24.0152 3972 Net Driver HPZ12 - ok
11:16:24.0168 3972 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:16:24.0168 3972 NetBIOS - ok
11:16:24.0199 3972 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:16:24.0199 3972 NetBT - ok
11:16:24.0215 3972 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:16:24.0230 3972 Netlogon - ok
11:16:24.0277 3972 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:16:24.0277 3972 Netman - ok
11:16:24.0293 3972 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:16:24.0308 3972 netprofm - ok
11:16:24.0340 3972 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:16:24.0340 3972 NetTcpPortSharing - ok
11:16:24.0480 3972 [ 981736527B6384BD594B45B2C852432F ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
11:16:24.0589 3972 NETw5s64 - ok
11:16:24.0620 3972 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:16:24.0636 3972 nfrd960 - ok
11:16:24.0683 3972 [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:16:24.0683 3972 NisDrv - ok
11:16:24.0745 3972 [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:16:24.0761 3972 NisSrv - ok
11:16:24.0792 3972 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:16:24.0808 3972 NlaSvc - ok
11:16:24.0808 3972 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:16:24.0808 3972 Npfs - ok
11:16:24.0839 3972 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:16:24.0839 3972 nsi - ok
11:16:24.0854 3972 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:16:24.0854 3972 nsiproxy - ok
11:16:24.0901 3972 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:16:24.0948 3972 Ntfs - ok
11:16:24.0948 3972 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:16:24.0964 3972 Null - ok
11:16:24.0979 3972 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:16:24.0979 3972 nvraid - ok
11:16:25.0010 3972 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:16:25.0010 3972 nvstor - ok
11:16:25.0042 3972 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:16:25.0057 3972 nv_agp - ok
11:16:25.0073 3972 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:16:25.0073 3972 ohci1394 - ok
11:16:25.0135 3972 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:16:25.0135 3972 ose - ok
11:16:25.0322 3972 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:16:25.0416 3972 osppsvc - ok
11:16:25.0447 3972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:16:25.0447 3972 p2pimsvc - ok
11:16:25.0463 3972 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:16:25.0478 3972 p2psvc - ok
11:16:25.0510 3972 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:16:25.0510 3972 Parport - ok
11:16:25.0525 3972 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:16:25.0541 3972 partmgr - ok
11:16:25.0541 3972 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:16:25.0556 3972 PcaSvc - ok
11:16:25.0572 3972 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:16:25.0572 3972 pci - ok
11:16:25.0603 3972 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:16:25.0603 3972 pciide - ok
11:16:25.0619 3972 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:16:25.0634 3972 pcmcia - ok
11:16:25.0697 3972 [ 0AEA7303E97C02DAD9245EBDFBD4D253 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
11:16:25.0712 3972 PCToolsSSDMonitorSvc - ok
11:16:25.0728 3972 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:16:25.0728 3972 pcw - ok
11:16:25.0744 3972 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:16:25.0775 3972 PEAUTH - ok
11:16:25.0837 3972 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:16:25.0837 3972 PerfHost - ok
11:16:25.0900 3972 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:16:25.0931 3972 pla - ok
11:16:25.0962 3972 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:16:25.0978 3972 PlugPlay - ok
11:16:26.0009 3972 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:16:26.0009 3972 Pml Driver HPZ12 - ok
11:16:26.0040 3972 [ FE74BA87CDAA80AC9261F49167F0608A ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
11:16:26.0040 3972 pneteth - ok
11:16:26.0087 3972 [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm C:\Windows\system32\DRIVERS\pnetmdm64.sys
11:16:26.0087 3972 pnetmdm - ok
11:16:26.0087 3972 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:16:26.0102 3972 PNRPAutoReg - ok
11:16:26.0118 3972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:16:26.0118 3972 PNRPsvc - ok
11:16:26.0149 3972 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:16:26.0149 3972 PolicyAgent - ok
11:16:26.0180 3972 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:16:26.0196 3972 Power - ok
11:16:26.0227 3972 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:16:26.0227 3972 PptpMiniport - ok
11:16:26.0258 3972 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:16:26.0274 3972 Processor - ok
11:16:26.0305 3972 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:16:26.0305 3972 ProfSvc - ok
11:16:26.0321 3972 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:16:26.0321 3972 ProtectedStorage - ok
11:16:26.0352 3972 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:16:26.0352 3972 Psched - ok
11:16:26.0368 3972 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:16:26.0368 3972 PxHlpa64 - ok
11:16:26.0430 3972 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:16:26.0461 3972 ql2300 - ok
11:16:26.0492 3972 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:16:26.0492 3972 ql40xx - ok
11:16:26.0508 3972 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:16:26.0508 3972 QWAVE - ok
11:16:26.0524 3972 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:16:26.0524 3972 QWAVEdrv - ok
11:16:26.0539 3972 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:16:26.0539 3972 RasAcd - ok
11:16:26.0570 3972 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:16:26.0570 3972 RasAgileVpn - ok
11:16:26.0586 3972 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:16:26.0586 3972 RasAuto - ok
11:16:26.0617 3972 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:16:26.0617 3972 Rasl2tp - ok
11:16:26.0648 3972 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:16:26.0648 3972 RasMan - ok
11:16:26.0664 3972 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:16:26.0664 3972 RasPppoe - ok
11:16:26.0680 3972 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:16:26.0680 3972 RasSstp - ok
11:16:26.0695 3972 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:16:26.0711 3972 rdbss - ok
11:16:26.0726 3972 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:16:26.0726 3972 rdpbus - ok
11:16:26.0726 3972 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:16:26.0742 3972 RDPCDD - ok
11:16:26.0758 3972 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:16:26.0758 3972 RDPENCDD - ok
11:16:26.0773 3972 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:16:26.0773 3972 RDPREFMP - ok
11:16:26.0804 3972 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:16:26.0820 3972 RDPWD - ok
11:16:26.0851 3972 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:16:26.0851 3972 rdyboost - ok
11:16:26.0929 3972 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:16:26.0929 3972 RegSrvc - ok
11:16:26.0976 3972 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:16:26.0976 3972 RemoteAccess - ok
11:16:26.0992 3972 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:16:27.0007 3972 RemoteRegistry - ok
11:16:27.0038 3972 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:16:27.0054 3972 RFCOMM - ok
11:16:27.0085 3972 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
11:16:27.0085 3972 ROOTMODEM - ok
11:16:27.0101 3972 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:16:27.0116 3972 RpcEptMapper - ok
11:16:27.0132 3972 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:16:27.0148 3972 RpcLocator - ok
11:16:27.0194 3972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:16:27.0194 3972 RpcSs - ok
11:16:27.0226 3972 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:16:27.0226 3972 rspndr - ok
11:16:27.0272 3972 [ 502B316947EA887CDDD325D4745EB7D0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:16:27.0288 3972 RSUSBSTOR - ok
11:16:27.0319 3972 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:16:27.0335 3972 RTL8167 - ok
11:16:27.0335 3972 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:16:27.0335 3972 SamSs - ok
11:16:27.0366 3972 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:16:27.0382 3972 sbp2port - ok
11:16:27.0413 3972 SBRE - ok
11:16:27.0428 3972 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:16:27.0444 3972 SCardSvr - ok
11:16:27.0460 3972 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:16:27.0460 3972 scfilter - ok
11:16:27.0522 3972 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:16:27.0538 3972 Schedule - ok
11:16:27.0569 3972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:16:27.0569 3972 SCPolicySvc - ok
11:16:27.0584 3972 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:16:27.0600 3972 SDRSVC - ok
11:16:27.0631 3972 [ 3EA8A16169C26AFBEB544E0E48421186 ] SecDrv C:\Windows\system32\drivers\SECDRV.SYS
11:16:27.0631 3972 SecDrv - ok
11:16:27.0631 3972 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:16:27.0631 3972 seclogon - ok
11:16:27.0662 3972 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:16:27.0662 3972 SENS - ok
11:16:27.0678 3972 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:16:27.0678 3972 SensrSvc - ok
11:16:27.0694 3972 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:16:27.0694 3972 Serenum - ok
11:16:27.0709 3972 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:16:27.0709 3972 Serial - ok
11:16:27.0756 3972 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:16:27.0756 3972 sermouse - ok
11:16:27.0787 3972 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:16:27.0787 3972 SessionEnv - ok
11:16:27.0803 3972 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:16:27.0803 3972 sffdisk - ok
11:16:27.0818 3972 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:16:27.0818 3972 sffp_mmc - ok
11:16:27.0834 3972 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:16:27.0834 3972 sffp_sd - ok
11:16:27.0850 3972 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:16:27.0850 3972 sfloppy - ok
11:16:27.0912 3972 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:16:27.0912 3972 SharedAccess - ok
11:16:27.0943 3972 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:16:27.0943 3972 ShellHWDetection - ok
11:16:27.0959 3972 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:16:27.0959 3972 SiSRaid2 - ok
11:16:27.0974 3972 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:16:27.0974 3972 SiSRaid4 - ok
11:16:27.0990 3972 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:16:28.0006 3972 Smb - ok
11:16:28.0037 3972 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:16:28.0037 3972 SNMPTRAP - ok
11:16:28.0052 3972 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:16:28.0052 3972 spldr - ok
11:16:28.0068 3972 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
11:16:28.0068 3972 Spooler - ok
11:16:28.0162 3972 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:16:28.0193 3972 sppsvc - ok
11:16:28.0208 3972 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:16:28.0208 3972 sppuinotify - ok
11:16:28.0255 3972 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
11:16:28.0255 3972 sprtsvc_DellComms - ok
11:16:28.0318 3972 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
11:16:28.0318 3972 sprtsvc_DellSupportCenter - ok
11:16:28.0349 3972 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:16:28.0349 3972 srv - ok
11:16:28.0380 3972 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:16:28.0380 3972 srv2 - ok
11:16:28.0396 3972 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:16:28.0396 3972 srvnet - ok
11:16:28.0427 3972 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:16:28.0427 3972 SSDPSRV - ok
11:16:28.0442 3972 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:16:28.0458 3972 SstpSvc - ok
11:16:28.0474 3972 [ C48E0745D33897C7A73394214F2B9B4F ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
11:16:28.0474 3972 stdflt - ok
11:16:28.0505 3972 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:16:28.0505 3972 stexstor - ok
11:16:28.0552 3972 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:16:28.0567 3972 stisvc - ok
11:16:28.0598 3972 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:16:28.0598 3972 swenum - ok
11:16:28.0630 3972 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:16:28.0645 3972 swprv - ok
11:16:28.0692 3972 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:16:28.0692 3972 SynTP - ok
11:16:28.0754 3972 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:16:28.0817 3972 SysMain - ok
11:16:28.0832 3972 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:16:28.0848 3972 TabletInputService - ok
11:16:28.0864 3972 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:16:28.0879 3972 TapiSrv - ok
11:16:28.0895 3972 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:16:28.0895 3972 TBS - ok
11:16:28.0957 3972 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:16:29.0004 3972 Tcpip - ok
11:16:29.0051 3972 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:16:29.0082 3972 TCPIP6 - ok
11:16:29.0098 3972 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:16:29.0098 3972 tcpipreg - ok
11:16:29.0129 3972 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:16:29.0129 3972 TDPIPE - ok
11:16:29.0144 3972 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:16:29.0144 3972 TDTCP - ok
11:16:29.0176 3972 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:16:29.0191 3972 tdx - ok
11:16:29.0222 3972 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:16:29.0222 3972 TermDD - ok
11:16:29.0238 3972 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:16:29.0269 3972 TermService - ok
11:16:29.0285 3972 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:16:29.0285 3972 Themes - ok
11:16:29.0300 3972 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:16:29.0300 3972 THREADORDER - ok
11:16:29.0332 3972 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:16:29.0332 3972 TrkWks - ok
11:16:29.0378 3972 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:16:29.0378 3972 TrustedInstaller - ok
11:16:29.0410 3972 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:16:29.0410 3972 tssecsrv - ok
11:16:29.0441 3972 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:16:29.0441 3972 TsUsbFlt - ok
11:16:29.0488 3972 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:16:29.0488 3972 tunnel - ok
11:16:29.0519 3972 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:16:29.0519 3972 uagp35 - ok
11:16:29.0535 3972 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:16:29.0550 3972 udfs - ok
11:16:29.0566 3972 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:16:29.0566 3972 UI0Detect - ok
11:16:29.0581 3972 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:16:29.0581 3972 uliagpkx - ok
11:16:29.0613 3972 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:16:29.0613 3972 umbus - ok
11:16:29.0613 3972 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:16:29.0628 3972 UmPass - ok
11:16:29.0628 3972 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:16:29.0644 3972 upnphost - ok
11:16:29.0659 3972 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:16:29.0675 3972 usbccgp - ok
11:16:29.0706 3972 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:16:29.0706 3972 usbcir - ok
11:16:29.0722 3972 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:16:29.0722 3972 usbehci - ok
11:16:29.0737 3972 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:16:29.0753 3972 usbhub - ok
11:16:29.0769 3972 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:16:29.0769 3972 usbohci - ok
11:16:29.0784 3972 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:16:29.0784 3972 usbprint - ok
11:16:29.0831 3972 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:16:29.0831 3972 usbscan - ok
11:16:29.0847 3972 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:16:29.0847 3972 USBSTOR - ok
11:16:29.0878 3972 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:16:29.0878 3972 usbuhci - ok
11:16:29.0909 3972 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:16:29.0909 3972 usbvideo - ok
11:16:29.0925 3972 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:16:29.0925 3972 UxSms - ok
11:16:29.0940 3972 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:16:29.0940 3972 VaultSvc - ok
11:16:29.0956 3972 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:16:29.0956 3972 vdrvroot - ok
11:16:30.0003 3972 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:16:30.0018 3972 vds - ok
11:16:30.0034 3972 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:16:30.0034 3972 vga - ok
11:16:30.0049 3972 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:16:30.0049 3972 VgaSave - ok
11:16:30.0081 3972 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:16:30.0081 3972 vhdmp - ok
11:16:30.0096 3972 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:16:30.0096 3972 viaide - ok
11:16:30.0112 3972 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:16:30.0112 3972 volmgr - ok
11:16:30.0143 3972 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:16:30.0143 3972 volmgrx - ok
11:16:30.0174 3972 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:16:30.0190 3972 volsnap - ok
11:16:30.0221 3972 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:16:30.0221 3972 vsmraid - ok
11:16:30.0283 3972 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:16:30.0315 3972 VSS - ok
11:16:30.0330 3972 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:16:30.0330 3972 vwifibus - ok
11:16:30.0346 3972 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:16:30.0346 3972 vwififlt - ok
11:16:30.0361 3972 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:16:30.0361 3972 vwifimp - ok
11:16:30.0393 3972 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:16:30.0408 3972 W32Time - ok
11:16:30.0424 3972 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:16:30.0424 3972 WacomPen - ok
11:16:30.0439 3972 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:16:30.0439 3972 WANARP - ok
11:16:30.0455 3972 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:16:30.0455 3972 Wanarpv6 - ok
11:16:30.0533 3972 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:16:30.0564 3972 WatAdminSvc - ok
11:16:30.0611 3972 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:16:30.0658 3972 wbengine - ok
11:16:30.0673 3972 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:16:30.0689 3972 WbioSrvc - ok
11:16:30.0705 3972 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:16:30.0705 3972 wcncsvc - ok
11:16:30.0736 3972 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:16:30.0736 3972 WcsPlugInService - ok
11:16:30.0751 3972 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:16:30.0751 3972 Wd - ok
11:16:30.0783 3972 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
11:16:30.0783 3972 WDC_SAM - ok
11:16:30.0861 3972 [ 20442A908FE6D3BC687A5B5DF4D5868C ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
11:16:30.0861 3972 WDDMService - ok
11:16:30.0892 3972 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:16:30.0907 3972 Wdf01000 - ok
11:16:30.0970 3972 [ BB9D012A82F66E08D2E235A53B0EBA40 ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
11:16:30.0985 3972 WDFMEService - ok
11:16:31.0001 3972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:16:31.0001 3972 WdiServiceHost - ok
11:16:31.0001 3972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:16:31.0001 3972 WdiSystemHost - ok
11:16:31.0032 3972 [ ADCB28896D433D68103A1670FA3D5EE5 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
11:16:31.0032 3972 wdkmd - ok
11:16:31.0063 3972 [ D878C31511169DE535852FC6D15570E8 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
11:16:31.0063 3972 WDRulesService - ok
11:16:31.0110 3972 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:16:31.0126 3972 WebClient - ok
11:16:31.0141 3972 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:16:31.0157 3972 Wecsvc - ok
11:16:31.0173 3972 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:16:31.0173 3972 wercplsupport - ok
11:16:31.0188 3972 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:16:31.0188 3972 WerSvc - ok
11:16:31.0219 3972 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:16:31.0219 3972 WfpLwf - ok
11:16:31.0235 3972 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:16:31.0235 3972 WIMMount - ok
11:16:31.0266 3972 WinDefend - ok
11:16:31.0282 3972 WinHttpAutoProxySvc - ok
11:16:31.0329 3972 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:16:31.0329 3972 Winmgmt - ok
11:16:31.0375 3972 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:16:31.0438 3972 WinRM - ok
11:16:31.0485 3972 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:16:31.0485 3972 WinUsb - ok
11:16:31.0516 3972 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:16:31.0531 3972 Wlansvc - ok
11:16:31.0547 3972 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:16:31.0547 3972 WmiAcpi - ok
11:16:31.0578 3972 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:16:31.0594 3972 wmiApSrv - ok
11:16:31.0609 3972 WMPNetworkSvc - ok
11:16:31.0625 3972 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:16:31.0625 3972 WPCSvc - ok
11:16:31.0656 3972 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:16:31.0656 3972 WPDBusEnum - ok
11:16:31.0687 3972 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:16:31.0687 3972 ws2ifsl - ok
11:16:31.0734 3972 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:16:31.0734 3972 wscsvc - ok
11:16:31.0734 3972 WSearch - ok
11:16:31.0828 3972 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:16:31.0890 3972 wuauserv - ok
11:16:31.0921 3972 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:16:31.0921 3972 WudfPf - ok
11:16:31.0968 3972 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:16:31.0984 3972 WUDFRd - ok
11:16:31.0984 3972 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:16:31.0999 3972 wudfsvc - ok
11:16:32.0015 3972 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:16:32.0015 3972 WwanSvc - ok
11:16:32.0109 3972 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:16:32.0109 3972 YahooAUService - ok
11:16:32.0280 3972 [ 83EBBCF8435F90D5D6256E58A003BF0B ] YNanoService C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe
11:16:32.0296 3972 YNanoService - ok
11:16:32.0374 3972 ================ Scan global ===============================
11:16:32.0389 3972 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:16:32.0421 3972 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:16:32.0421 3972 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:16:32.0452 3972 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:16:32.0483 3972 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:16:32.0514 3972 [Global] - ok
11:16:32.0514 3972 ================ Scan MBR ==================================
11:16:32.0530 3972 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:16:32.0826 3972 \Device\Harddisk0\DR0 - ok
11:16:32.0842 3972 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:16:32.0889 3972 \Device\Harddisk1\DR1 - ok
11:16:32.0889 3972 ================ Scan VBR ==================================
11:16:32.0904 3972 [ 7ABF2C9B870E936C3AB869EEE24BD3A4 ] \Device\Harddisk0\DR0\Partition1
11:16:32.0904 3972 \Device\Harddisk0\DR0\Partition1 - ok
11:16:32.0920 3972 [ 5FBEEC304255B89F9F44BFBC42EA0A09 ] \Device\Harddisk0\DR0\Partition2
11:16:32.0920 3972 \Device\Harddisk0\DR0\Partition2 - ok
11:16:32.0935 3972 [ 8DCD222CA7598A543BCEC53E018419B7 ] \Device\Harddisk0\DR0\Partition3
11:16:32.0935 3972 \Device\Harddisk0\DR0\Partition3 - ok
11:16:32.0935 3972 [ A9C6427FFFD0800BE93075EFDE4C14DB ] \Device\Harddisk1\DR1\Partition1
11:16:32.0951 3972 \Device\Harddisk1\DR1\Partition1 - ok
11:16:32.0951 3972 ============================================================
11:16:32.0951 3972 Scan finished
11:16:32.0951 3972 ============================================================
11:16:32.0951 3668 Detected object count: 0
11:16:32.0951 3668 Actual detected object count: 0
11:17:13.0199 4472 ============================================================
11:17:13.0199 4472 Scan started
11:17:13.0215 4472 Mode: Manual;
11:17:13.0215 4472 ============================================================
11:17:13.0417 4472 ================ Scan system memory ========================
11:17:13.0417 4472 System memory - ok
11:17:13.0417 4472 ================ Scan services =============================
11:17:13.0558 4472 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:17:13.0558 4472 1394ohci - ok
11:17:13.0589 4472 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
11:17:13.0589 4472 Acceler - ok
11:17:13.0605 4472 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:17:13.0620 4472 ACPI - ok
11:17:13.0651 4472 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:17:13.0651 4472 AcpiPmi - ok
11:17:13.0714 4472 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:17:13.0714 4472 AdobeARMservice - ok
11:17:13.0823 4472 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:17:13.0823 4472 AdobeFlashPlayerUpdateSvc - ok
11:17:13.0870 4472 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:17:13.0870 4472 adp94xx - ok
11:17:13.0901 4472 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:17:13.0901 4472 adpahci - ok
11:17:13.0917 4472 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:17:13.0917 4472 adpu320 - ok
11:17:13.0948 4472 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:17:13.0948 4472 AeLookupSvc - ok
11:17:13.0995 4472 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:17:13.0995 4472 AERTFilters - ok
11:17:14.0026 4472 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:17:14.0041 4472 AFD - ok
11:17:14.0057 4472 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:17:14.0057 4472 agp440 - ok
11:17:14.0073 4472 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:17:14.0073 4472 ALG - ok
11:17:14.0088 4472 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:17:14.0088 4472 aliide - ok
11:17:14.0104 4472 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:17:14.0104 4472 amdide - ok
11:17:14.0119 4472 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:17:14.0119 4472 AmdK8 - ok
11:17:14.0119 4472 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:17:14.0135 4472 AmdPPM - ok
11:17:14.0166 4472 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:17:14.0166 4472 amdsata - ok
11:17:14.0182 4472 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:17:14.0182 4472 amdsbs - ok
11:17:14.0213 4472 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:17:14.0213 4472 amdxata - ok
11:17:14.0244 4472 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:17:14.0244 4472 AppID - ok
11:17:14.0260 4472 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:17:14.0260 4472 AppIDSvc - ok
11:17:14.0291 4472 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:17:14.0291 4472 Appinfo - ok
11:17:14.0338 4472 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:17:14.0338 4472 Apple Mobile Device - ok
11:17:14.0369 4472 [ 295F7A66D6D50D3A3496FBF9098A1E1C ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
11:17:14.0385 4472 Application Updater - ok
11:17:14.0385 4472 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:17:14.0385 4472 arc - ok
11:17:14.0400 4472 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:17:14.0400 4472 arcsas - ok
11:17:14.0416 4472 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:17:14.0416 4472 AsyncMac - ok
11:17:14.0463 4472 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:17:14.0463 4472 atapi - ok
11:17:14.0494 4472 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:17:14.0509 4472 AudioEndpointBuilder - ok
11:17:14.0525 4472 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:17:14.0541 4472 AudioSrv - ok
11:17:14.0556 4472 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:17:14.0572 4472 AxInstSV - ok
11:17:14.0587 4472 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:17:14.0587 4472 b06bdrv - ok
11:17:14.0603 4472 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:17:14.0603 4472 b57nd60a - ok
11:17:14.0650 4472 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:17:14.0650 4472 BBSvc - ok
11:17:14.0681 4472 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:17:14.0681 4472 BBUpdate - ok
11:17:14.0712 4472 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:17:14.0712 4472 BDESVC - ok
11:17:14.0712 4472 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:17:14.0712 4472 Beep - ok
11:17:14.0759 4472 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:17:14.0775 4472 BFE - ok
11:17:14.0790 4472 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:17:14.0806 4472 BITS - ok
11:17:14.0821 4472 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:17:14.0821 4472 blbdrive - ok
11:17:14.0853 4472 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:17:14.0868 4472 Bonjour Service - ok
11:17:14.0884 4472 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:17:14.0884 4472 bowser - ok
11:17:14.0899 4472 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:17:14.0899 4472 BrFiltLo - ok
11:17:14.0899 4472 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:17:14.0899 4472 BrFiltUp - ok
11:17:14.0915 4472 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:17:14.0915 4472 BridgeMP - ok
11:17:14.0962 4472 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
11:17:14.0962 4472 Browser - ok
11:17:14.0977 4472 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:17:14.0977 4472 Brserid - ok
11:17:14.0993 4472 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:14.0993 4472 BrSerWdm - ok
11:17:15.0009 4472 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:15.0009 4472 BrUsbMdm - ok
11:17:15.0009 4472 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:15.0009 4472 BrUsbSer - ok
11:17:15.0024 4472 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
11:17:15.0024 4472 BthEnum - ok
11:17:15.0040 4472 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:17:15.0040 4472 BTHMODEM - ok
11:17:15.0055 4472 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:17:15.0055 4472 BthPan - ok
11:17:15.0071 4472 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:17:15.0071 4472 BTHPORT - ok
11:17:15.0102 4472 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:17:15.0102 4472 bthserv - ok
11:17:15.0118 4472 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:17:15.0118 4472 BTHUSB - ok
11:17:15.0133 4472 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
11:17:15.0133 4472 btusbflt - ok
11:17:15.0149 4472 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:17:15.0149 4472 btwaudio - ok
11:17:15.0180 4472 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
11:17:15.0180 4472 btwavdt - ok
11:17:15.0243 4472 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:17:15.0258 4472 btwdins - ok
11:17:15.0274 4472 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:17:15.0274 4472 btwl2cap - ok
11:17:15.0289 4472 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:17:15.0289 4472 btwrchid - ok
11:17:15.0289 4472 catchme - ok
11:17:15.0321 4472 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:17:15.0321 4472 cdfs - ok
11:17:15.0352 4472 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:17:15.0352 4472 cdrom - ok
11:17:15.0367 4472 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:17:15.0383 4472 CertPropSvc - ok
11:17:15.0383 4472 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:17:15.0399 4472 circlass - ok
11:17:15.0430 4472 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:17:15.0430 4472 CLFS - ok
11:17:15.0508 4472 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:15.0508 4472 clr_optimization_v2.0.50727_32 - ok
11:17:15.0539 4472 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:17:15.0539 4472 clr_optimization_v2.0.50727_64 - ok
11:17:15.0586 4472 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:15.0586 4472 clr_optimization_v4.0.30319_32 - ok
11:17:15.0617 4472 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:17:15.0617 4472 clr_optimization_v4.0.30319_64 - ok
11:17:15.0633 4472 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:17:15.0633 4472 CmBatt - ok
11:17:15.0633 4472 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:17:15.0633 4472 cmdide - ok
11:17:15.0679 4472 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:17:15.0679 4472 CNG - ok
11:17:15.0695 4472 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:17:15.0695 4472 Compbatt - ok
11:17:15.0726 4472 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:17:15.0726 4472 CompositeBus - ok
11:17:15.0742 4472 COMSysApp - ok
11:17:15.0757 4472 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:17:15.0757 4472 crcdisk - ok
11:17:15.0773 4472 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:17:15.0789 4472 CryptSvc - ok
11:17:15.0820 4472 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:17:15.0820 4472 CtClsFlt - ok
11:17:15.0851 4472 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:17:15.0851 4472 DcomLaunch - ok
11:17:15.0882 4472 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:17:15.0882 4472 defragsvc - ok
11:17:15.0913 4472 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:17:15.0913 4472 DfsC - ok
11:17:15.0945 4472 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:17:15.0945 4472 Dhcp - ok
11:17:15.0960 4472 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:17:15.0960 4472 discache - ok
11:17:15.0976 4472 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:17:15.0976 4472 Disk - ok
11:17:16.0007 4472 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:17:16.0007 4472 Dnscache - ok
11:17:16.0054 4472 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
11:17:16.0054 4472 DockLoginService - ok
11:17:16.0101 4472 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:17:16.0101 4472 dot3svc - ok
11:17:16.0132 4472 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:17:16.0132 4472 Dot4 - ok
11:17:16.0163 4472 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
11:17:16.0163 4472 Dot4Print - ok
11:17:16.0179 4472 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:17:16.0179 4472 dot4usb - ok
11:17:16.0194 4472 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:17:16.0194 4472 DPS - ok
11:17:16.0225 4472 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:17:16.0225 4472 drmkaud - ok
11:17:16.0257 4472 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:17:16.0272 4472 DXGKrnl - ok
11:17:16.0303 4472 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:17:16.0303 4472 EapHost - ok
11:17:16.0381 4472 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:17:16.0397 4472 ebdrv - ok
11:17:16.0428 4472 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:17:16.0428 4472 EFS - ok
11:17:16.0475 4472 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:17:16.0491 4472 ehRecvr - ok
11:17:16.0506 4472 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:17:16.0506 4472 ehSched - ok
11:17:16.0553 4472 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:17:16.0553 4472 elxstor - ok
11:17:16.0569 4472 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:17:16.0569 4472 ErrDev - ok
11:17:16.0600 4472 esgiguard - ok
11:17:16.0631 4472 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:17:16.0631 4472 EventSystem - ok
11:17:16.0709 4472 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:17:16.0725 4472 EvtEng - ok
11:17:16.0740 4472 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:17:16.0740 4472 exfat - ok
11:17:16.0756 4472 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:17:16.0756 4472 fastfat - ok
11:17:16.0787 4472 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:17:16.0787 4472 Fax - ok
11:17:16.0803 4472 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:17:16.0803 4472 fdc - ok
11:17:16.0818 4472 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:17:16.0818 4472 fdPHost - ok
11:17:16.0834 4472 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:17:16.0834 4472 FDResPub - ok
11:17:16.0865 4472 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:17:16.0865 4472 FileInfo - ok
11:17:16.0881 4472 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:17:16.0881 4472 Filetrace - ok
11:17:16.0881 4472 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:17:16.0881 4472 flpydisk - ok
11:17:16.0912 4472 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:17:16.0912 4472 FltMgr - ok
11:17:16.0959 4472 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:17:16.0974 4472 FontCache - ok
11:17:17.0021 4472 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:17.0021 4472 FontCache3.0.0.0 - ok
11:17:17.0037 4472 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:17:17.0037 4472 FsDepends - ok
11:17:17.0083 4472 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:17:17.0083 4472 Fs_Rec - ok
11:17:17.0115 4472 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:17:17.0115 4472 fvevol - ok
11:17:17.0130 4472 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:17:17.0130 4472 gagp30kx - ok
11:17:17.0193 4472 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
11:17:17.0193 4472 GameConsoleService - ok
11:17:17.0224 4472 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:17:17.0224 4472 GEARAspiWDM - ok
11:17:17.0239 4472 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
11:17:17.0239 4472 GoToAssist - ok
11:17:17.0302 4472 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:17:17.0302 4472 gpsvc - ok
11:17:17.0364 4472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:17:17.0364 4472 gupdate - ok
11:17:17.0364 4472 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:17:17.0364 4472 gupdatem - ok
11:17:17.0395 4472 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:17:17.0395 4472 hcw85cir - ok
11:17:17.0427 4472 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:17.0427 4472 HdAudAddService - ok
11:17:17.0442 4472 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:17:17.0458 4472 HDAudBus - ok
11:17:17.0473 4472 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:17:17.0473 4472 HECIx64 - ok
11:17:17.0489 4472 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:17:17.0489 4472 HidBatt - ok
11:17:17.0505 4472 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:17:17.0505 4472 HidBth - ok
11:17:17.0505 4472 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:17:17.0505 4472 HidIr - ok
11:17:17.0536 4472 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:17:17.0536 4472 hidserv - ok
11:17:17.0567 4472 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:17:17.0567 4472 HidUsb - ok
11:17:17.0598 4472 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:17:17.0598 4472 hkmsvc - ok
11:17:17.0629 4472 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:17.0629 4472 HomeGroupListener - ok
11:17:17.0661 4472 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:17.0661 4472 HomeGroupProvider - ok
11:17:17.0739 4472 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:17:17.0739 4472 hpqcxs08 - ok
11:17:17.0754 4472 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:17:17.0754 4472 hpqddsvc - ok
11:17:17.0785 4472 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:17:17.0785 4472 HpSAMD - ok
11:17:17.0817 4472 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:17:17.0832 4472 HPSLPSVC - ok
11:17:17.0848 4472 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcUsbMdmV64 C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys
11:17:17.0848 4472 HtcUsbMdmV64 - ok
11:17:17.0863 4472 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
11:17:17.0863 4472 HtcVCom32 - ok
11:17:17.0910 4472 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:17:17.0910 4472 HTTP - ok
11:17:17.0941 4472 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:17:17.0941 4472 hwpolicy - ok
11:17:17.0957 4472 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:17:17.0957 4472 i8042prt - ok
11:17:18.0004 4472 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:17:18.0004 4472 iaStorV - ok
11:17:18.0035 4472 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:18.0051 4472 idsvc - ok
11:17:18.0207 4472 [ 0372C154226F7074CD150F475A4870A6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:17:18.0238 4472 igfx - ok
11:17:18.0269 4472 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:17:18.0269 4472 iirsp - ok
11:17:18.0300 4472 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:17:18.0300 4472 IKEEXT - ok
11:17:18.0331 4472 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
11:17:18.0331 4472 Impcd - ok
11:17:18.0347 4472 [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
11:17:18.0347 4472 InstallFilterService - ok
11:17:18.0409 4472 [ 9C1D5314D42B7F1BD6AD6FB1BA8870A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:17:18.0409 4472 IntcAzAudAddService - ok
11:17:18.0441 4472 [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:17:18.0441 4472 IntcDAud - ok
11:17:18.0472 4472 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:17:18.0472 4472 intelide - ok
11:17:18.0472 4472 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:17:18.0472 4472 intelppm - ok
11:17:18.0503 4472 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:17:18.0503 4472 IPBusEnum - ok
11:17:18.0534 4472 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:18.0534 4472 IpFilterDriver - ok
11:17:18.0550 4472 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:17:18.0565 4472 iphlpsvc - ok
11:17:18.0565 4472 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:17:18.0565 4472 IPMIDRV - ok
11:17:18.0581 4472 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:17:18.0581 4472 IPNAT - ok
11:17:18.0612 4472 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:17:18.0628 4472 iPod Service - ok
11:17:18.0643 4472 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:17:18.0643 4472 IRENUM - ok
11:17:18.0659 4472 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:17:18.0659 4472 isapnp - ok
11:17:18.0675 4472 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:17:18.0675 4472 iScsiPrt - ok
11:17:18.0706 4472 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:18.0706 4472 kbdclass - ok
11:17:18.0721 4472 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:17:18.0721 4472 kbdhid - ok
11:17:18.0721 4472 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:17:18.0721 4472 KeyIso - ok
11:17:18.0753 4472 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:17:18.0753 4472 KSecDD - ok
11:17:18.0768 4472 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:17:18.0768 4472 KSecPkg - ok
11:17:18.0784 4472 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:17:18.0784 4472 ksthunk - ok
11:17:18.0815 4472 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:17:18.0815 4472 KtmRm - ok
11:17:18.0846 4472 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:17:18.0846 4472 LanmanServer - ok
11:17:18.0877 4472 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:18.0877 4472 LanmanWorkstation - ok
11:17:18.0893 4472 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:17:18.0893 4472 lltdio - ok
11:17:18.0924 4472 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:17:18.0940 4472 lltdsvc - ok
11:17:18.0940 4472 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:17:18.0955 4472 lmhosts - ok
11:17:18.0955 4472 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:17:18.0971 4472 LSI_FC - ok
11:17:18.0971 4472 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:17:18.0971 4472 LSI_SAS - ok
11:17:18.0987 4472 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:17:18.0987 4472 LSI_SAS2 - ok
11:17:19.0002 4472 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:17:19.0002 4472 LSI_SCSI - ok
11:17:19.0002 4472 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:17:19.0018 4472 luafv - ok
11:17:19.0033 4472 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:17:19.0033 4472 MBAMProtector - ok
11:17:19.0080 4472 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:17:19.0096 4472 MBAMService - ok
11:17:19.0111 4472 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:17:19.0111 4472 Mcx2Svc - ok
11:17:19.0127 4472 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:17:19.0143 4472 megasas - ok
11:17:19.0158 4472 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:17:19.0158 4472 MegaSR - ok
11:17:19.0205 4472 Microsoft SharePoint Workspace Audit Service - ok
11:17:19.0221 4472 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:17:19.0221 4472 MMCSS - ok
11:17:19.0236 4472 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:17:19.0236 4472 Modem - ok
11:17:19.0252 4472 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:17:19.0252 4472 monitor - ok
11:17:19.0267 4472 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:17:19.0267 4472 mouclass - ok
11:17:19.0283 4472 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:17:19.0283 4472 mouhid - ok
11:17:19.0314 4472 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:17:19.0314 4472 mountmgr - ok
11:17:19.0361 4472 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:17:19.0361 4472 MozillaMaintenance - ok
11:17:19.0408 4472 [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:17:19.0408 4472 MpFilter - ok
11:17:19.0423 4472 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:17:19.0423 4472 mpio - ok
11:17:19.0439 4472 [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys
11:17:19.0439 4472 MpNWMon - ok
11:17:19.0455 4472 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:17:19.0455 4472 mpsdrv - ok
11:17:19.0501 4472 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:17:19.0501 4472 MpsSvc - ok
11:17:19.0533 4472 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:17:19.0533 4472 MRxDAV - ok
11:17:19.0564 4472 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:19.0579 4472 mrxsmb - ok
11:17:19.0611 4472 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:19.0611 4472 mrxsmb10 - ok
11:17:19.0626 4472 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:19.0626 4472 mrxsmb20 - ok
11:17:19.0642 4472 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:17:19.0642 4472 msahci - ok
11:17:19.0673 4472 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:17:19.0689 4472 msdsm - ok
11:17:19.0704 4472 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:17:19.0704 4472 MSDTC - ok
11:17:19.0720 4472 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:17:19.0720 4472 Msfs - ok
11:17:19.0735 4472 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:17:19.0735 4472 mshidkmdf - ok
11:17:19.0751 4472 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:17:19.0751 4472 msisadrv - ok
11:17:19.0782 4472 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:17:19.0782 4472 MSiSCSI - ok
11:17:19.0782 4472 msiserver - ok
11:17:19.0798 4472 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:17:19.0798 4472 MSKSSRV - ok
11:17:19.0813 4472 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:19.0813 4472 MSPCLOCK - ok
11:17:19.0813 4472 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:17:19.0813 4472 MSPQM - ok
11:17:19.0845 4472 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:17:19.0845 4472 MsRPC - ok
11:17:19.0860 4472 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:17:19.0860 4472 mssmbios - ok
11:17:19.0876 4472 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:17:19.0876 4472 MSTEE - ok
11:17:19.0876 4472 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:17:19.0876 4472 MTConfig - ok
11:17:19.0891 4472 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:17:19.0891 4472 Mup - ok
11:17:19.0923 4472 [ D285D0539016BE299A55FF997B44DA33 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:17:19.0923 4472 MyWiFiDHCPDNS - ok
11:17:20.0016 4472 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:17:20.0032 4472 napagent - ok
11:17:20.0047 4472 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:17:20.0047 4472 NativeWifiP - ok
11:17:20.0079 4472 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
11:17:20.0094 4472 NDIS - ok
11:17:20.0125 4472 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:20.0125 4472 NdisCap - ok
11:17:20.0141 4472 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:20.0141 4472 NdisTapi - ok
11:17:20.0157 4472 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:20.0157 4472 Ndisuio - ok
11:17:20.0235 4472 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:20.0235 4472 NdisWan - ok
11:17:20.0266 4472 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:17:20.0266 4472 NDProxy - ok
11:17:20.0281 4472 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:17:20.0281 4472 Net Driver HPZ12 - ok
11:17:20.0313 4472 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:17:20.0313 4472 NetBIOS - ok
11:17:20.0344 4472 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:17:20.0344 4472 NetBT - ok
11:17:20.0344 4472 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:17:20.0359 4472 Netlogon - ok
11:17:20.0391 4472 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:17:20.0391 4472 Netman - ok
11:17:20.0422 4472 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:17:20.0422 4472 netprofm - ok
11:17:20.0453 4472 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:17:20.0453 4472 NetTcpPortSharing - ok
11:17:20.0609 4472 [ 981736527B6384BD594B45B2C852432F ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
11:17:20.0640 4472 NETw5s64 - ok
11:17:20.0671 4472 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:17:20.0671 4472 nfrd960 - ok
11:17:20.0687 4472 [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:17:20.0687 4472 NisDrv - ok
11:17:20.0734 4472 [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:17:20.0734 4472 NisSrv - ok
11:17:20.0765 4472 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:17:20.0765 4472 NlaSvc - ok
11:17:20.0781 4472 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:17:20.0781 4472 Npfs - ok
11:17:20.0796 4472 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:17:20.0796 4472 nsi - ok
11:17:20.0812 4472 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:17:20.0812 4472 nsiproxy - ok
11:17:20.0874 4472 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:17:20.0890 4472 Ntfs - ok
11:17:20.0890 4472 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:17:20.0890 4472 Null - ok
11:17:20.0921 4472 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:17:20.0937 4472 nvraid - ok
11:17:20.0968 4472 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:17:20.0968 4472 nvstor - ok
11:17:20.0983 4472 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:17:20.0983 4472 nv_agp - ok
11:17:21.0015 4472 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:17:21.0015 4472 ohci1394 - ok
11:17:21.0077 4472 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:17:21.0077 4472 ose - ok
11:17:21.0217 4472 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:17:21.0249 4472 osppsvc - ok
11:17:21.0280 4472 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:17:21.0280 4472 p2pimsvc - ok
11:17:21.0311 4472 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:17:21.0311 4472 p2psvc - ok
11:17:21.0327 4472 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:17:21.0342 4472 Parport - ok
11:17:21.0358 4472 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:17:21.0358 4472 partmgr - ok
11:17:21.0373 4472 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:17:21.0373 4472 PcaSvc - ok
11:17:21.0389 4472 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:17:21.0389 4472 pci - ok
11:17:21.0420 4472 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:17:21.0420 4472 pciide - ok
11:17:21.0436 4472 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:17:21.0436 4472 pcmcia - ok
11:17:21.0514 4472 [ 0AEA7303E97C02DAD9245EBDFBD4D253 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
11:17:21.0529 4472 PCToolsSSDMonitorSvc - ok
11:17:21.0545 4472 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:17:21.0545 4472 pcw - ok
11:17:21.0561 4472 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:17:21.0576 4472 PEAUTH - ok
11:17:21.0639 4472 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:17:21.0639 4472 PerfHost - ok
11:17:21.0701 4472 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:17:21.0717 4472 pla - ok
11:17:21.0748 4472 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:17:21.0748 4472 PlugPlay - ok
11:17:21.0779 4472 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:17:21.0779 4472 Pml Driver HPZ12 - ok
11:17:21.0810 4472 [ FE74BA87CDAA80AC9261F49167F0608A ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
11:17:21.0810 4472 pneteth - ok
11:17:21.0826 4472 [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm C:\Windows\system32\DRIVERS\pnetmdm64.sys
11:17:21.0826 4472 pnetmdm - ok
11:17:21.0841 4472 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:17:21.0841 4472 PNRPAutoReg - ok
11:17:21.0857 4472 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:17:21.0857 4472 PNRPsvc - ok
11:17:21.0888 4472 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:17:21.0888 4472 PolicyAgent - ok
11:17:21.0919 4472 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:17:21.0919 4472 Power - ok
11:17:21.0951 4472 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:17:21.0951 4472 PptpMiniport - ok
11:17:21.0966 4472 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:17:21.0966 4472 Processor - ok
11:17:21.0997 4472 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:17:21.0997 4472 ProfSvc - ok
11:17:22.0013 4472 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:22.0013 4472 ProtectedStorage - ok
11:17:22.0044 4472 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:17:22.0044 4472 Psched - ok
11:17:22.0060 4472 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:17:22.0060 4472 PxHlpa64 - ok
11:17:22.0107 4472 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:17:22.0107 4472 ql2300 - ok
11:17:22.0122 4472 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:17:22.0122 4472 ql40xx - ok
11:17:22.0153 4472 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:17:22.0153 4472 QWAVE - ok
11:17:22.0169 4472 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:17:22.0169 4472 QWAVEdrv - ok
11:17:22.0185 4472 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:17:22.0185 4472 RasAcd - ok
11:17:22.0216 4472 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:22.0216 4472 RasAgileVpn - ok
11:17:22.0216 4472 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:17:22.0231 4472 RasAuto - ok
11:17:22.0247 4472 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:22.0263 4472 Rasl2tp - ok
11:17:22.0278 4472 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:17:22.0278 4472 RasMan - ok
11:17:22.0294 4472 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:22.0294 4472 RasPppoe - ok
11:17:22.0294 4472 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:17:22.0294 4472 RasSstp - ok
11:17:22.0325 4472 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:17:22.0341 4472 rdbss - ok
11:17:22.0341 4472 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:17:22.0341 4472 rdpbus - ok
11:17:22.0356 4472 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:22.0356 4472 RDPCDD - ok
11:17:22.0372 4472 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:17:22.0372 4472 RDPENCDD - ok
11:17:22.0387 4472 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:17:22.0387 4472 RDPREFMP - ok
11:17:22.0403 4472 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:17:22.0403 4472 RDPWD - ok
11:17:22.0434 4472 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:17:22.0434 4472 rdyboost - ok
11:17:22.0497 4472 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:17:22.0512 4472 RegSrvc - ok
11:17:22.0528 4472 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:17:22.0528 4472 RemoteAccess - ok
11:17:22.0543 4472 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:17:22.0543 4472 RemoteRegistry - ok
11:17:22.0575 4472 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:17:22.0575 4472 RFCOMM - ok
11:17:22.0606 4472 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
11:17:22.0606 4472 ROOTMODEM - ok
11:17:22.0621 4472 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:17:22.0621 4472 RpcEptMapper - ok
11:17:22.0653 4472 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:17:22.0653 4472 RpcLocator - ok
11:17:22.0684 4472 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:17:22.0684 4472 RpcSs - ok
11:17:22.0699 4472 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:17:22.0699 4472 rspndr - ok
11:17:22.0746 4472 [ 502B316947EA887CDDD325D4745EB7D0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:17:22.0746 4472 RSUSBSTOR - ok
11:17:22.0777 4472 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:22.0777 4472 RTL8167 - ok
11:17:22.0793 4472 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:17:22.0793 4472 SamSs - ok
11:17:22.0824 4472 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:17:22.0824 4472 sbp2port - ok
11:17:22.0824 4472 SBRE - ok
11:17:22.0840 4472 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:17:22.0840 4472 SCardSvr - ok
11:17:22.0871 4472 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:17:22.0871 4472 scfilter - ok
11:17:22.0887 4472 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:17:22.0902 4472 Schedule - ok
11:17:22.0918 4472 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:17:22.0918 4472 SCPolicySvc - ok
11:17:22.0949 4472 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:17:22.0949 4472 SDRSVC - ok
11:17:22.0965 4472 [ 3EA8A16169C26AFBEB544E0E48421186 ] SecDrv C:\Windows\system32\drivers\SECDRV.SYS
11:17:22.0965 4472 SecDrv - ok
11:17:22.0996 4472 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:17:22.0996 4472 seclogon - ok
11:17:23.0011 4472 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:17:23.0011 4472 SENS - ok
11:17:23.0027 4472 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:17:23.0027 4472 SensrSvc - ok
11:17:23.0043 4472 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:17:23.0043 4472 Serenum - ok
11:17:23.0058 4472 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:17:23.0058 4472 Serial - ok
11:17:23.0074 4472 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:17:23.0074 4472 sermouse - ok
11:17:23.0105 4472 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:17:23.0105 4472 SessionEnv - ok
11:17:23.0121 4472 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:17:23.0121 4472 sffdisk - ok
11:17:23.0121 4472 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:17:23.0121 4472 sffp_mmc - ok
11:17:23.0121 4472 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:17:23.0136 4472 sffp_sd - ok
11:17:23.0136 4472 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:17:23.0136 4472 sfloppy - ok
11:17:23.0167 4472 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:17:23.0167 4472 SharedAccess - ok
11:17:23.0199 4472 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:17:23.0199 4472 ShellHWDetection - ok
11:17:23.0199 4472 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:17:23.0199 4472 SiSRaid2 - ok
11:17:23.0214 4472 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:17:23.0214 4472 SiSRaid4 - ok
11:17:23.0230 4472 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:17:23.0230 4472 Smb - ok
11:17:23.0261 4472 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:17:23.0261 4472 SNMPTRAP - ok
11:17:23.0277 4472 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:17:23.0277 4472 spldr - ok
11:17:23.0292 4472 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
11:17:23.0292 4472 Spooler - ok
11:17:23.0386 4472 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:17:23.0401 4472 sppsvc - ok
11:17:23.0417 4472 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:17:23.0433 4472 sppuinotify - ok
11:17:23.0479 4472 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
11:17:23.0479 4472 sprtsvc_DellComms - ok
11:17:23.0511 4472 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
11:17:23.0511 4472 sprtsvc_DellSupportCenter - ok
11:17:23.0542 4472 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:17:23.0557 4472 srv - ok
11:17:23.0573 4472 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:17:23.0573 4472 srv2 - ok
11:17:23.0589 4472 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:17:23.0604 4472 srvnet - ok
11:17:23.0620 4472 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:17:23.0620 4472 SSDPSRV - ok
11:17:23.0635 4472 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:17:23.0635 4472 SstpSvc - ok
11:17:23.0667 4472 [ C48E0745D33897C7A73394214F2B9B4F ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
11:17:23.0667 4472 stdflt - ok
11:17:23.0698 4472 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:17:23.0698 4472 stexstor - ok
11:17:23.0729 4472 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:17:23.0745 4472 stisvc - ok
11:17:23.0776 4472 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:17:23.0776 4472 swenum - ok
11:17:23.0791 4472 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:17:23.0791 4472 swprv - ok
11:17:23.0823 4472 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:17:23.0823 4472 SynTP - ok
11:17:23.0885 4472 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:17:23.0901 4472 SysMain - ok
11:17:23.0932 4472 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:17:23.0932 4472 TabletInputService - ok
11:17:23.0963 4472 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:17:23.0963 4472 TapiSrv - ok
11:17:23.0963 4472 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:17:23.0963 4472 TBS - ok
11:17:24.0025 4472 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:17:24.0041 4472 Tcpip - ok
11:17:24.0088 4472 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:17:24.0103 4472 TCPIP6 - ok
11:17:24.0135 4472 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:17:24.0135 4472 tcpipreg - ok
11:17:24.0166 4472 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:17:24.0166 4472 TDPIPE - ok
11:17:24.0181 4472 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:17:24.0197 4472 TDTCP - ok
11:17:24.0213 4472 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:17:24.0213 4472 tdx - ok
11:17:24.0244 4472 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:17:24.0244 4472 TermDD - ok
11:17:24.0259 4472 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:17:24.0275 4472 TermService - ok
11:17:24.0291 4472 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:17:24.0291 4472 Themes - ok
11:17:24.0306 4472 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:17:24.0306 4472 THREADORDER - ok
11:17:24.0322 4472 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:17:24.0322 4472 TrkWks - ok
11:17:24.0369 4472 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:17:24.0369 4472 TrustedInstaller - ok
11:17:24.0400 4472 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:24.0400 4472 tssecsrv - ok
11:17:24.0431 4472 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:17:24.0431 4472 TsUsbFlt - ok
11:17:24.0447 4472 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:17:24.0447 4472 tunnel - ok
11:17:24.0478 4472 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:17:24.0478 4472 uagp35 - ok
11:17:24.0509 4472 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:17:24.0509 4472 udfs - ok
11:17:24.0525 4472 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:17:24.0525 4472 UI0Detect - ok
11:17:24.0540 4472 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:17:24.0540 4472 uliagpkx - ok
11:17:24.0556 4472 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:17:24.0556 4472 umbus - ok
11:17:24.0571 4472 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:17:24.0571 4472 UmPass - ok
11:17:24.0587 4472 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:17:24.0587 4472 upnphost - ok
11:17:24.0618 4472 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:24.0618 4472 usbccgp - ok
11:17:24.0634 4472 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:17:24.0634 4472 usbcir - ok
11:17:24.0649 4472 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:17:24.0649 4472 usbehci - ok
11:17:24.0665 4472 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:17:24.0665 4472 usbhub - ok
11:17:24.0681 4472 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:17:24.0681 4472 usbohci - ok
11:17:24.0696 4472 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:17:24.0696 4472 usbprint - ok
11:17:24.0727 4472 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:17:24.0727 4472 usbscan - ok
11:17:24.0743 4472 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:24.0743 4472 USBSTOR - ok
11:17:24.0774 4472 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:17:24.0774 4472 usbuhci - ok
11:17:24.0790 4472 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:17:24.0790 4472 usbvideo - ok
11:17:24.0805 4472 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:17:24.0805 4472 UxSms - ok
11:17:24.0821 4472 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:17:24.0821 4472 VaultSvc - ok
11:17:24.0821 4472 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:17:24.0821 4472 vdrvroot - ok
11:17:24.0868 4472 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:17:24.0868 4472 vds - ok
11:17:24.0868 4472 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:24.0868 4472 vga - ok
11:17:24.0883 4472 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:17:24.0883 4472 VgaSave - ok
11:17:24.0915 4472 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:17:24.0915 4472 vhdmp - ok
11:17:24.0930 4472 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:17:24.0930 4472 viaide - ok
11:17:24.0946 4472 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:17:24.0946 4472 volmgr - ok
11:17:24.0977 4472 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:17:24.0977 4472 volmgrx - ok
11:17:24.0993 4472 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:17:24.0993 4472 volsnap - ok
11:17:25.0008 4472 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:17:25.0024 4472 vsmraid - ok
11:17:25.0071 4472 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:17:25.0071 4472 VSS - ok
11:17:25.0086 4472 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:17:25.0086 4472 vwifibus - ok
11:17:25.0102 4472 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:17:25.0102 4472 vwififlt - ok
11:17:25.0117 4472 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:17:25.0117 4472 vwifimp - ok
11:17:25.0149 4472 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:17:25.0149 4472 W32Time - ok
11:17:25.0164 4472 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:17:25.0164 4472 WacomPen - ok
11:17:25.0180 4472 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:17:25.0180 4472 WANARP - ok
11:17:25.0180 4472 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:17:25.0180 4472 Wanarpv6 - ok
11:17:25.0227 4472 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:17:25.0242 4472 WatAdminSvc - ok
11:17:25.0273 4472 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:17:25.0289 4472 wbengine - ok
11:17:25.0305 4472 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:17:25.0320 4472 WbioSrvc - ok
11:17:25.0336 4472 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:17:25.0351 4472 wcncsvc - ok
11:17:25.0351 4472 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:17:25.0367 4472 WcsPlugInService - ok
11:17:25.0367 4472 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:17:25.0367 4472 Wd - ok
11:17:25.0398 4472 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
11:17:25.0398 4472 WDC_SAM - ok
11:17:25.0445 4472 [ 20442A908FE6D3BC687A5B5DF4D5868C ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
11:17:25.0461 4472 WDDMService - ok
11:17:25.0476 4472 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:17:25.0492 4472 Wdf01000 - ok
11:17:25.0554 4472 [ BB9D012A82F66E08D2E235A53B0EBA40 ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
11:17:25.0570 4472 WDFMEService - ok
11:17:25.0585 4472 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:17:25.0585 4472 WdiServiceHost - ok
11:17:25.0585 4472 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:17:25.0601 4472 WdiSystemHost - ok
11:17:25.0617 4472 [ ADCB28896D433D68103A1670FA3D5EE5 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
11:17:25.0617 4472 wdkmd - ok
11:17:25.0648 4472 [ D878C31511169DE535852FC6D15570E8 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
11:17:25.0663 4472 WDRulesService - ok
11:17:25.0695 4472 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:17:25.0695 4472 WebClient - ok
11:17:25.0710 4472 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:17:25.0726 4472 Wecsvc - ok
11:17:25.0741 4472 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:17:25.0741 4472 wercplsupport - ok
11:17:25.0757 4472 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:17:25.0757 4472 WerSvc - ok
11:17:25.0773 4472 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:17:25.0773 4472 WfpLwf - ok
11:17:25.0804 4472 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:17:25.0804 4472 WIMMount - ok
11:17:25.0819 4472 WinDefend - ok
11:17:25.0819 4472 WinHttpAutoProxySvc - ok
11:17:25.0866 4472 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:17:25.0866 4472 Winmgmt - ok
11:17:25.0929 4472 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:17:25.0944 4472 WinRM - ok
11:17:25.0975 4472 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:17:25.0975 4472 WinUsb - ok
11:17:26.0007 4472 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:17:26.0007 4472 Wlansvc - ok
11:17:26.0022 4472 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:17:26.0022 4472 WmiAcpi - ok
11:17:26.0053 4472 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:17:26.0053 4472 wmiApSrv - ok
11:17:26.0069 4472 WMPNetworkSvc - ok
11:17:26.0085 4472 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:17:26.0085 4472 WPCSvc - ok
11:17:26.0100 4472 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:17:26.0100 4472 WPDBusEnum - ok
11:17:26.0131 4472 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:17:26.0131 4472 ws2ifsl - ok
11:17:26.0147 4472 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:17:26.0147 4472 wscsvc - ok
11:17:26.0147 4472 WSearch - ok
11:17:26.0225 4472 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:17:26.0241 4472 wuauserv - ok
11:17:26.0256 4472 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:17:26.0256 4472 WudfPf - ok
11:17:26.0272 4472 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:26.0287 4472 WUDFRd - ok
11:17:26.0303 4472 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:17:26.0303 4472 wudfsvc - ok
11:17:26.0319 4472 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:17:26.0319 4472 WwanSvc - ok
11:17:26.0381 4472 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:17:26.0381 4472 YahooAUService - ok
11:17:26.0412 4472 [ 83EBBCF8435F90D5D6256E58A003BF0B ] YNanoService C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe
11:17:26.0412 4472 YNanoService - ok
11:17:26.0428 4472 ================ Scan global ===============================
11:17:26.0443 4472 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:17:26.0475 4472 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:17:26.0475 4472 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:17:26.0506 4472 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:17:26.0537 4472 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:17:26.0537 4472 [Global] - ok
11:17:26.0537 4472 ================ Scan MBR ==================================
11:17:26.0553 4472 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:17:26.0833 4472 \Device\Harddisk0\DR0 - ok
11:17:26.0849 4472 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:17:26.0880 4472 \Device\Harddisk1\DR1 - ok
11:17:26.0880 4472 ================ Scan VBR ==================================
11:17:26.0896 4472 [ 7ABF2C9B870E936C3AB869EEE24BD3A4 ] \Device\Harddisk0\DR0\Partition1
11:17:26.0896 4472 \Device\Harddisk0\DR0\Partition1 - ok
11:17:26.0911 4472 [ 5FBEEC304255B89F9F44BFBC42EA0A09 ] \Device\Harddisk0\DR0\Partition2
11:17:26.0911 4472 \Device\Harddisk0\DR0\Partition2 - ok
11:17:26.0927 4472 [ 8DCD222CA7598A543BCEC53E018419B7 ] \Device\Harddisk0\DR0\Partition3
11:17:26.0927 4472 \Device\Harddisk0\DR0\Partition3 - ok
11:17:26.0927 4472 [ A9C6427FFFD0800BE93075EFDE4C14DB ] \Device\Harddisk1\DR1\Partition1
11:17:26.0943 4472 \Device\Harddisk1\DR1\Partition1 - ok
11:17:26.0943 4472 ============================================================
11:17:26.0943 4472 Scan finished
11:17:26.0943 4472 ============================================================
11:17:26.0943 4072 Detected object count: 0
11:17:26.0943 4072 Actual detected object count: 0




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 11:19:14
-----------------------------
11:19:14.527 OS Version: Windows x64 6.1.7601 Service Pack 1
11:19:14.542 Number of processors: 4 586 0x2502
11:19:14.542 ComputerName: DELL-PC UserName: Dell
11:19:15.369 Initialize success
11:28:59.391 AVAST engine defs: 12090900
11:30:38.740 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
11:30:38.740 Disk 0 Vendor: ST9500420AS 0003SDM1 Size: 476940MB BusType: 11
11:30:38.740 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000079
11:30:38.750 Disk 1 Vendor: Size: 476940MB BusType: 0
11:30:38.800 Disk 0 MBR read successfully
11:30:38.800 Disk 0 MBR scan
11:30:38.810 Disk 0 Windows 7 default MBR code
11:30:38.820 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
11:30:38.830 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10000 MB offset 206848
11:30:38.850 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 60000 MB offset 20686848
11:30:38.860 Disk 0 Partition - 00 0F Extended LBA 406838 MB offset 143566848
11:30:38.880 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 406828 MB offset 143568896
11:30:38.930 Disk 0 scanning C:\Windows\system32\drivers
11:30:48.893 Service scanning
11:31:11.445 Modules scanning
11:31:11.455 Disk 0 trace - called modules:
11:31:11.495 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:31:11.505 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bf3060]
11:31:11.515 3 CLASSPNP.SYS[fffff880019c743f] -> nt!IofCallDriver -> [0xfffffa8004a8ab20]
11:31:11.515 5 stdflt.sys[fffff88001912a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa800491e680]
11:31:14.046 AVAST engine scan C:\Windows
11:31:16.056 AVAST engine scan C:\Windows\system32
11:33:55.220 AVAST engine scan C:\Windows\system32\drivers
11:34:06.401 AVAST engine scan C:\Users\Dell
11:42:35.662 AVAST engine scan C:\ProgramData
11:44:49.156 Scan finished successfully
12:06:38.296 Disk 0 MBR has been saved successfully to "C:\Users\Dell\Desktop\MBR.dat"
12:06:38.300 The log file has been saved successfully to "C:\Users\Dell\Desktop\aswMBR.txt"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 09 September 2012 - 02:17 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Jay A.

Jay A.
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 09 September 2012 - 02:38 PM

So far, so good. My IE hasn't crashed yet. As for the music/commercial problem. That remains to be seen. I won't know for a while because it just randomly comes up after a few hours. I'm hoping this has solved the problem! I'll let you know if the problem reappears. Thanks a lot!


ComboFix 12-09-09.02 - Dell 09/09/2012 12:25:57.7.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2274 [GMT -7:00]
Running from: c:\users\Dell\Desktop\ComboFix.exe
Command switches used :: c:\users\Dell\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-08-09 to 2012-09-09 )))))))))))))))))))))))))))))))
.
.
2012-09-09 19:30 . 2012-09-09 19:30 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-09-09 19:30 . 2012-09-09 19:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-09-09 19:30 . 2012-09-09 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-09 19:06 . 2012-09-09 19:06 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79651429-3CAC-4080-961C-DCA93D7C20A0}\offreg.dll
2012-09-05 22:49 . 2012-07-16 09:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79651429-3CAC-4080-961C-DCA93D7C20A0}\mpengine.dll
2012-09-01 20:12 . 2012-09-01 20:12 477168 -c--a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-01 20:11 . 2012-09-01 20:11 -------- dc----w- c:\programdata\McAfee
2012-08-18 22:31 . 2012-08-18 22:31 -------- d-----w- c:\program files\iPod
2012-08-18 22:31 . 2012-08-18 22:31 -------- d-----w- c:\program files\iTunes
2012-08-18 22:31 . 2012-08-18 22:31 -------- d-----w- c:\program files (x86)\iTunes
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-08-18 22:20 . 2012-08-18 22:20 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-08-18 22:19 . 2012-08-18 22:20 -------- d-----w- c:\program files (x86)\QuickTime
2012-08-14 23:38 . 2012-08-14 23:38 -------- d-----w- c:\users\Dell\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-01 20:12 . 2012-04-19 00:31 473072 -c--a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-26 20:24 . 2012-04-03 13:20 696520 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-26 20:24 . 2011-05-15 15:04 73416 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-28 05:48 . 2012-07-28 05:35 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-07-28 05:48 . 2012-07-28 05:35 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-07-11 05:05 . 2012-07-11 05:04 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 05:04 . 2012-07-11 02:09 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 05:04 . 2012-07-11 02:09 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 05:04 . 2012-07-11 02:09 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 05:04 . 2012-07-11 02:09 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 05:04 . 2012-07-11 02:09 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 05:04 . 2012-07-11 02:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 05:04 . 2012-07-11 02:09 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-11 05:04 . 2012-07-11 02:09 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-11 05:04 . 2012-07-11 02:09 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 05:04 . 2012-07-11 02:09 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 05:04 . 2012-07-11 02:09 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 05:04 . 2012-07-11 02:09 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 05:04 . 2012-07-11 02:09 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-11 05:04 . 2012-07-11 02:09 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-11 05:04 . 2012-07-11 02:09 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-11 05:04 . 2012-07-11 02:09 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 05:01 . 2010-01-12 06:37 59701280 -c--a-w- c:\windows\system32\MRT.exe
2012-07-11 05:01 . 2012-07-11 05:00 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-07-11 05:01 . 2012-07-11 05:00 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-07-11 05:01 . 2012-07-11 05:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-07-11 05:01 . 2012-07-11 05:00 237056 ----a-w- c:\windows\system32\url.dll
2012-07-11 05:01 . 2012-07-11 05:00 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-07-11 05:01 . 2012-07-11 05:00 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-07-11 05:01 . 2012-07-11 05:00 248320 ----a-w- c:\windows\system32\ieui.dll
2012-07-11 05:01 . 2012-07-11 05:00 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-07-11 05:01 . 2012-07-11 05:00 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-07-11 05:01 . 2012-07-11 05:00 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-07-11 05:01 . 2012-07-11 05:00 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-07-11 05:01 . 2012-07-11 05:00 818688 ----a-w- c:\windows\system32\jscript.dll
2012-07-11 05:01 . 2012-07-11 05:00 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-07-11 05:01 . 2012-07-11 05:00 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-07-11 05:01 . 2012-07-11 05:00 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-11 05:01 . 2012-07-11 05:00 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-07-11 05:01 . 2012-07-11 05:00 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-07-11 05:01 . 2012-07-11 05:00 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-07-11 05:01 . 2012-07-11 05:00 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-07-11 04:59 . 2012-07-11 02:09 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-07-11 04:59 . 2012-07-11 02:09 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-07-03 20:46 . 2010-02-13 15:07 24904 -c--a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 10:04 . 2012-07-28 05:46 9133488 -c--a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CE6D11C1-35EC-4A58-822F-9A5DA2F3737E}\mpengine.dll
2012-06-29 10:04 . 2012-07-28 05:46 9133488 -c----w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2012-06-14 05:05 . 2012-06-13 23:17 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 05:05 . 2012-06-13 23:17 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 05:05 . 2012-06-13 23:17 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 05:02 . 2012-06-13 23:17 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 05:02 . 2012-06-13 23:17 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 05:02 . 2012-06-13 23:17 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-14 05:02 . 2012-06-13 23:17 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 05:01 . 2012-06-13 23:17 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 05:01 . 2012-06-13 23:17 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-14 05:01 . 2012-06-13 23:17 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-14 05:01 . 2012-06-13 23:17 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 05:01 . 2012-06-13 23:17 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 05:01 . 2012-06-13 23:17 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-14 05:01 . 2012-06-13 23:17 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 05:01 . 2012-06-13 23:17 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-14 05:01 . 2012-06-13 23:17 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2010-05-28 01:12 . 2010-05-29 14:55 8354440 ----a-w- c:\program files\Firefox Setup 3.6.3.exe
2010-05-23 17:47 . 2010-05-29 14:55 2394408 ----a-w- c:\program files\mp3tagv246asetup.exe
2010-05-20 21:10 . 2010-05-29 14:55 232704 ----a-w- c:\program files\yahoo_toolbar_install_helper.exe
2010-05-20 05:59 . 2010-05-29 14:55 98435368 ----a-w- c:\program files\iTunes64Setup.exe
2010-05-20 04:34 . 2010-05-20 04:34 12383736 ----a-w- c:\program files\picasa36-setup.exe
2009-07-10 20:39 . 2010-07-03 22:21 350720 ----a-w- c:\program files\hjsplit.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-09_16.18.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-14 11:25 . 2012-09-09 17:31 74920 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-09 17:31 37826 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-09-09 15:41 37826 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-12 06:45 . 2012-09-09 17:31 25526 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3991066933-4123389269-316651398-1000_UserData.bin
+ 2009-12-14 11:25 . 2012-09-09 17:31 74920 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-09-09 15:41 37826 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-09 17:31 37826 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-12 06:45 . 2012-09-09 17:31 25526 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3991066933-4123389269-316651398-1000_UserData.bin
- 2012-09-09 16:17 . 2012-09-09 16:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-09 17:29 . 2012-09-09 17:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-09-09 16:17 . 2012-09-09 16:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-09 17:29 . 2012-09-09 17:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-09-09 16:27 409292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-09-09 16:16 409292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-05-12 04:14 . 2012-09-09 15:39 9306112 c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2010-05-12 04:14 . 2012-09-09 17:29 9306112 c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2010-05-12 04:14 . 2012-09-09 15:39 1048576 c:\windows\Temp\Cookies\index.dat
+ 2010-05-12 04:14 . 2012-09-09 17:29 1048576 c:\windows\Temp\Cookies\index.dat
+ 2010-05-12 04:14 . 2012-09-09 17:29 16187392 c:\windows\Temp\History\History.IE5\index.dat
- 2010-05-12 04:14 . 2012-09-09 15:39 16187392 c:\windows\Temp\History\History.IE5\index.dat
- 2011-04-27 05:29 . 2012-09-09 16:16 34561184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3991066933-4123389269-316651398-1000-8192.dat
+ 2011-04-27 05:29 . 2012-09-09 16:27 34561184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3991066933-4123389269-316651398-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-06-11 1524056]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{035FDC10-9F1D-430E-87DA-573FFBF5608D}]
2012-05-23 14:27 510296 ----a-w- c:\program files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{035FDC10-9F1D-430E-87DA-573FFBF5608D}"= "c:\program files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll" [2012-05-23 510296]
.
[HKEY_CLASSES_ROOT\clsid\{035fdc10-9f1d-430e-87da-573ffbf5608d}]
[HKEY_CLASSES_ROOT\YNanoClient.IE.1]
[HKEY_CLASSES_ROOT\TypeLib\{B5590E3C-C53C-4464-99BA-8AEF95C750ED}]
[HKEY_CLASSES_ROOT\YNanoClient.IE]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-03-22 74752]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-03-21 103896]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-07-19 1091976]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-29 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell DataSafe Online]
2009-07-07 02:23 1779952 ----a-w- c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
2009-06-24 08:21 409744 ------w- c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms]
2009-05-04 21:39 206064 ----a-w- c:\program files (x86)\Dell\DellComms\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 00:59 206064 ----a-w- c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2009-06-18 13:46 494064 ----a-w- c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 135664]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-26 250568]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 135664]
R3 HtcUsbMdmV64;HTC Proprietary USB Driver;c:\windows\system32\DRIVERS\HtcUsbMdmV64.sys [2010-03-08 121800]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 315664]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-10 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-07 14464]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-07-23 18792]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-05 92160]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-07-19 792512]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-14 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]
S2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);c:\program files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-05-04 206064]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-08-01 317328]
S2 WDFMEService;WDFMEService;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-08-01 1978256]
S2 WDRulesService;WDRulesService;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-08-01 1338256]
S2 YNanoService;Yahoo! NanoClient Service;c:\program files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe [2012-05-23 157016]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-07-23 23912]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-02 35104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-25 233984]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-10-19 6956032]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [2010-09-03 15360]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 220672]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2009-10-15 36760]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 70444620
*Deregistered* - 70444620
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 20:24]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 03:27]
.
2012-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 03:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-05 8123936]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie9
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1 4.2.2.2
FF - ProfilePath - c:\users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\4b9xtrjk.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://elearning.berkeley.edu/default.asp
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyH2uZJNS&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 5611f8ee000000000000002637bd3942
FF - user.js: extensions.incredibar_i.instlDay - 15526
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:56
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyH2uZJNS
FF - user.js: extensions.incredibar_i.upn2n - 92261704153837120
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10665
FF - user.js: extensions.incredibar_i.ppd -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=hex:51,66,7a,6c,4c,1d,38,12,81,47,e9,
25,5f,79,3d,08,e4,19,c9,c9,d6,7c,d4,7c
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{F3FEE66E-E034-436A-86E4-9690573BEE8A}"=hex:51,66,7a,6c,4c,1d,38,12,00,e5,ed,
f7,06,ae,04,06,f9,f2,d5,d0,52,65,aa,9e
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{8B3868B4-EBA8-48FA-A19B-E1DFB99066FA}"=hex:51,66,7a,6c,4c,1d,38,12,da,6b,2b,
8f,9a,a5,94,0d,de,8d,a2,9f,bc,ce,22,ee
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}"=hex:51,66,7a,6c,4c,1d,38,12,ae,8e,49,
e5,24,cb,cf,07,fe,fc,9f,d4,e9,44,8b,04
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,09,02,
1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:32,6d,b0,bb,c9,19,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-09 12:33:45
ComboFix-quarantined-files.txt 2012-09-09 19:33
ComboFix2.txt 2012-09-09 16:23
.
Pre-Run: 26,390,179,840 bytes free
Post-Run: 26,602,192,896 bytes free
.
- - End Of File - - 3D8634A9B54188CB2EA8EE4BD9C50242

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 09 September 2012 - 02:53 PM

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Bing Bar
Java™ 6 Update 35
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.



Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Jay A.

Jay A.
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 09 September 2012 - 04:36 PM

I deleted and re-installed what was recommended. Here are the latest logs. My IE still crashed during the process. Now I don't know if it's malware or something else.


www.malwarebytes.org

Database version: v2012.09.09.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dell :: DELL-PC [administrator]

9/9/2012 2:20:13 PM
mbam-log-2012-09-09 (14-20-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207145
Time elapsed: 2 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:29:45 PM, on 9/9/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Dell\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Yahoo! Axis for IE - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - D:\Dell\Flash Capture\fcbho.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: Yahoo! Axis for IE - {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - D:\Dell\Flash Capture\fciext.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.winkflash.com/photo/loaders/ImageUploader5.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellComms) (sprtsvc_DellComms) - SupportSoft, Inc. - C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WDFMEService - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRulesService - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Yahoo! NanoClient Service (YNanoService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe

--
End of file - 14920 bytes

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 09 September 2012 - 05:33 PM

Greetings,

first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737


Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart IE


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Jay A.

Jay A.
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 09 September 2012 - 06:02 PM

I couldn't run Microsoft fix it. I got this message "There is a problem with this Windows Installer package. A script required for this to install to complete could not be run. Contact your support personnel or package vendor. There is a problem with this Windows Installer package."

I did delete my settings for Internet Explorer and restarted it. It looks like everything is in order. No IE crashes.

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 09 September 2012 - 06:23 PM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
      O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
      O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
      O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
      O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 11 September 2012 - 11:31 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 15 September 2012 - 06:38 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:22 AM

Posted 18 September 2012 - 12:11 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users