Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDSSKiller not running even after being renamed


  • Please log in to reply
14 replies to this topic

#1 NathanStl

NathanStl

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 17 October 2012 - 10:56 PM

Hello, I have been having problems with the Google redirect virus. I have a 32-bit Windows Vista operating system and have been unable to get TDSSkiller to run. I downloaded it and renamed it to a name ending with the .com extension but it still won’t run. When I click on it, I get asked if I want to run it, click “Run”, and nothing happens. Any help in solving this problem would be greatly appreciated. Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 18 October 2012 - 03:57 AM

launch TDSSkiller and post the log

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 20 October 2012 - 12:29 PM.


#3 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 18 October 2012 - 11:24 PM

I must be doing something simple wrong. When I download Root Repeal, it comes in as a zip file that I am not having success in running.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 18 October 2012 - 11:27 PM

.

Edited by narenxp, 23 October 2012 - 08:29 PM.


#5 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 20 October 2012 - 09:44 AM

TDSSKiller ran successfully.

17:56:19.0176 4980 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:56:21.0179 4980 ============================================================
17:56:21.0179 4980 Current date / time: 2012/10/19 17:56:21.0179
17:56:21.0179 4980 SystemInfo:
17:56:21.0179 4980
17:56:21.0179 4980 OS Version: 6.0.6002 ServicePack: 2.0
17:56:21.0179 4980 Product type: Workstation
17:56:21.0179 4980 ComputerName: NATHAN-PC
17:56:21.0180 4980 UserName: Nathan
17:56:21.0180 4980 Windows directory: C:\Windows
17:56:21.0180 4980 System windows directory: C:\Windows
17:56:21.0180 4980 Processor architecture: Intel x86
17:56:21.0180 4980 Number of processors: 2
17:56:21.0180 4980 Page size: 0x1000
17:56:21.0180 4980 Boot type: Normal boot
17:56:21.0180 4980 ============================================================
17:56:26.0856 4980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:56:27.0073 4980 ============================================================
17:56:27.0073 4980 \Device\Harddisk0\DR0:
17:56:27.0109 4980 MBR partitions:
17:56:27.0109 4980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
17:56:27.0109 4980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
17:56:27.0109 4980 ============================================================
17:56:27.0194 4980 C: <-> \Device\Harddisk0\DR0\Partition2
17:56:27.0273 4980 E: <-> \Device\Harddisk0\DR0\Partition1
17:56:27.0274 4980 ============================================================
17:56:27.0274 4980 Initialize success
17:56:27.0274 4980 ============================================================
17:56:35.0231 8908 ============================================================
17:56:35.0231 8908 Scan started
17:56:35.0231 8908 Mode: Manual;
17:56:35.0231 8908 ============================================================
17:56:36.0186 8908 ================ Scan system memory ========================
17:56:36.0186 8908 System memory - ok
17:56:36.0187 8908 ================ Scan services =============================
17:56:36.0426 8908 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:56:36.0569 8908 !SASCORE - ok
17:56:38.0248 8908 0267441243084857mcinstcleanup - ok
17:56:38.0601 8908 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:56:38.0607 8908 ACPI - ok
17:56:38.0742 8908 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:56:38.0745 8908 AdobeFlashPlayerUpdateSvc - ok
17:56:38.0827 8908 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:56:38.0835 8908 adp94xx - ok
17:56:38.0908 8908 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:56:38.0915 8908 adpahci - ok
17:56:38.0963 8908 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:56:38.0971 8908 adpu160m - ok
17:56:39.0042 8908 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:56:39.0045 8908 adpu320 - ok
17:56:39.0122 8908 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:56:39.0123 8908 AeLookupSvc - ok
17:56:39.0338 8908 [ 087B04CA45E2F059A55709B0B8F95EA9 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
17:56:39.0776 8908 AESTFilters - ok
17:56:40.0052 8908 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
17:56:40.0190 8908 AFD - ok
17:56:40.0288 8908 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:56:40.0299 8908 agp440 - ok
17:56:40.0710 8908 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:56:40.0757 8908 aic78xx - ok
17:56:40.0798 8908 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:56:40.0855 8908 ALG - ok
17:56:40.0923 8908 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
17:56:40.0937 8908 aliide - ok
17:56:41.0025 8908 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:56:41.0084 8908 amdagp - ok
17:56:41.0117 8908 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
17:56:41.0179 8908 amdide - ok
17:56:41.0238 8908 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:56:41.0240 8908 AmdK7 - ok
17:56:41.0335 8908 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:56:41.0337 8908 AmdK8 - ok
17:56:41.0574 8908 [ EA504A3E708A37CDA81D214D09B8A62F ] Apache2.2 C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
17:56:41.0575 8908 Apache2.2 - ok
17:56:41.0628 8908 [ B83F9DA84F7079451C1C6A4A2F140920 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
17:56:41.0632 8908 ApfiltrService - ok
17:56:41.0737 8908 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:56:41.0738 8908 Appinfo - ok
17:56:41.0882 8908 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:56:41.0883 8908 Apple Mobile Device - ok
17:56:41.0942 8908 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
17:56:41.0944 8908 arc - ok
17:56:42.0028 8908 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:56:42.0092 8908 arcsas - ok
17:56:42.0324 8908 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:56:42.0786 8908 aspnet_state - ok
17:56:42.0899 8908 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:56:42.0929 8908 AsyncMac - ok
17:56:43.0035 8908 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
17:56:43.0045 8908 atapi - ok
17:56:43.0278 8908 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:56:43.0356 8908 AudioEndpointBuilder - ok
17:56:43.0407 8908 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:56:43.0410 8908 Audiosrv - ok
17:56:43.0723 8908 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
17:56:44.0114 8908 BBSvc - ok
17:56:44.0322 8908 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
17:56:44.0395 8908 BBUpdate - ok
17:56:44.0535 8908 [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
17:56:44.0585 8908 BCM42RLY - ok
17:56:44.0762 8908 [ 41A70777E892C3DEA606758366566A77 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
17:56:44.0788 8908 BCM43XX - ok
17:56:44.0940 8908 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:56:44.0941 8908 Beep - ok
17:56:45.0039 8908 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
17:56:45.0061 8908 BFE - ok
17:56:45.0099 8908 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:56:45.0101 8908 blbdrive - ok
17:56:45.0303 8908 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:56:45.0337 8908 Bonjour Service - ok
17:56:45.0395 8908 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:56:45.0398 8908 bowser - ok
17:56:45.0463 8908 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:56:45.0464 8908 BrFiltLo - ok
17:56:45.0492 8908 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:56:46.0235 8908 BrFiltUp - ok
17:56:46.0375 8908 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:56:46.0407 8908 Browser - ok
17:56:46.0523 8908 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:56:46.0556 8908 Brserid - ok
17:56:46.0608 8908 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:56:46.0706 8908 BrSerWdm - ok
17:56:46.0788 8908 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:56:46.0806 8908 BrUsbMdm - ok
17:56:46.0864 8908 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:56:46.0883 8908 BrUsbSer - ok
17:56:46.0976 8908 [ C9AFF970593E598B896F22898D768105 ] BSecACFltr C:\Windows\system32\DRIVERS\BSecACFltr.sys
17:56:47.0000 8908 BSecACFltr - ok
17:56:47.0248 8908 [ 80505B18392A04486C681FE3D659F2CC ] Bsecure C:\Program Files\Bsecure\InetCtrl.exe
17:56:47.0311 8908 Bsecure - ok
17:56:47.0424 8908 [ 986887D63B4DD32256A638AD964A5906 ] BsecureAV C:\Program Files\Bsecure\BsecAV.exe
17:56:47.0480 8908 BsecureAV - ok
17:56:47.0554 8908 [ 0A00FD8D22ECF4031964414F699B7BBD ] BsecureFilter C:\Windows\system32\drivers\BsecFltr.sys
17:56:47.0596 8908 BsecureFilter - ok
17:56:47.0677 8908 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:56:47.0679 8908 BTHMODEM - ok
17:56:47.0750 8908 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:56:47.0752 8908 cdfs - ok
17:56:47.0829 8908 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:56:47.0831 8908 cdrom - ok
17:56:47.0898 8908 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
17:56:47.0899 8908 CertPropSvc - ok
17:56:47.0928 8908 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
17:56:47.0974 8908 circlass - ok
17:56:48.0019 8908 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
17:56:48.0024 8908 CLFS - ok
17:56:48.0219 8908 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:56:48.0221 8908 clr_optimization_v2.0.50727_32 - ok
17:56:48.0302 8908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:56:48.0357 8908 clr_optimization_v4.0.30319_32 - ok
17:56:48.0431 8908 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:56:48.0432 8908 CmBatt - ok
17:56:48.0513 8908 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:56:48.0514 8908 cmdide - ok
17:56:48.0602 8908 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:56:48.0615 8908 Compbatt - ok
17:56:48.0624 8908 COMSysApp - ok
17:56:48.0662 8908 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:56:48.0695 8908 crcdisk - ok
17:56:48.0732 8908 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:56:48.0734 8908 Crusoe - ok
17:56:48.0805 8908 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:56:48.0815 8908 CryptSvc - ok
17:56:48.0908 8908 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
17:56:48.0910 8908 ctxusbm - ok
17:56:49.0009 8908 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:56:49.0062 8908 DcomLaunch - ok
17:56:49.0109 8908 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:56:49.0136 8908 DfsC - ok
17:56:49.0424 8908 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
17:56:49.0890 8908 DFSR - ok
17:56:49.0970 8908 [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:56:49.0991 8908 dg_ssudbus - ok
17:56:50.0093 8908 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:56:50.0098 8908 Dhcp - ok
17:56:50.0179 8908 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
17:56:50.0204 8908 disk - ok
17:56:50.0639 8908 [ 8B35F7D18721CA4282D34904B0EEBF61 ] DMDefragService C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
17:56:51.0734 8908 DMDefragService - ok
17:56:52.0006 8908 [ 211AB1D8D0D9695F230C624A778F3B22 ] DMRepairService C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
17:56:53.0130 8908 DMRepairService - ok
17:56:53.0230 8908 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:56:53.0246 8908 Dnscache - ok
17:56:53.0502 8908 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
17:56:53.0506 8908 DockLoginService - ok
17:56:53.0629 8908 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:56:53.0732 8908 dot3svc - ok
17:56:53.0813 8908 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:56:53.0840 8908 DPS - ok
17:56:53.0944 8908 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:56:54.0019 8908 drmkaud - ok
17:56:55.0206 8908 [ 0BB913F9F02677BD4AE96D4967CACFEE ] dsl-db C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
17:56:56.0692 8908 dsl-db - ok
17:56:56.0847 8908 [ CDEF1D195EA938CCC49B8F288404DAE5 ] dsl-fs-sync C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
17:56:56.0848 8908 dsl-fs-sync - ok
17:56:57.0096 8908 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:56:57.0243 8908 DXGKrnl - ok
17:56:57.0417 8908 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
17:56:57.0444 8908 e1express - ok
17:56:57.0525 8908 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:56:57.0551 8908 E1G60 - ok
17:56:58.0008 8908 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:56:58.0084 8908 EapHost - ok
17:56:58.0283 8908 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:56:58.0372 8908 Ecache - ok
17:56:58.0536 8908 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:56:58.0567 8908 ehRecvr - ok
17:56:58.0601 8908 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:56:58.0604 8908 ehSched - ok
17:56:58.0627 8908 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:56:58.0628 8908 ehstart - ok
17:56:58.0713 8908 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:56:58.0721 8908 elxstor - ok
17:56:58.0814 8908 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:56:58.0825 8908 EMDMgmt - ok
17:56:58.0901 8908 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:56:58.0902 8908 ErrDev - ok
17:56:59.0004 8908 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
17:56:59.0010 8908 EventSystem - ok
17:56:59.0103 8908 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
17:56:59.0107 8908 exfat - ok
17:56:59.0165 8908 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:56:59.0169 8908 fastfat - ok
17:56:59.0202 8908 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:56:59.0203 8908 fdc - ok
17:56:59.0250 8908 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:56:59.0252 8908 fdPHost - ok
17:56:59.0284 8908 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:56:59.0286 8908 FDResPub - ok
17:56:59.0342 8908 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:56:59.0359 8908 FileInfo - ok
17:56:59.0389 8908 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:56:59.0390 8908 Filetrace - ok
17:56:59.0436 8908 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:56:59.0452 8908 flpydisk - ok
17:56:59.0501 8908 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:56:59.0507 8908 FltMgr - ok
17:56:59.0612 8908 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
17:56:59.0649 8908 FontCache - ok
17:56:59.0842 8908 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:56:59.0844 8908 FontCache3.0.0.0 - ok
17:56:59.0896 8908 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:56:59.0917 8908 Fs_Rec - ok
17:56:59.0956 8908 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:56:59.0958 8908 gagp30kx - ok
17:57:00.0149 8908 [ 37331304E89A773B1A86FE681FCA150D ] GameConsoleService C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:57:00.0154 8908 GameConsoleService - ok
17:57:00.0282 8908 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:57:00.0284 8908 GEARAspiWDM - ok
17:57:00.0333 8908 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
17:57:00.0335 8908 GoToAssist - ok
17:57:00.0437 8908 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
17:57:00.0467 8908 gpsvc - ok
17:57:00.0590 8908 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:57:00.0601 8908 gupdate - ok
17:57:00.0623 8908 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:57:00.0625 8908 gupdatem - ok
17:57:00.0669 8908 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:57:00.0700 8908 gusvc - ok
17:57:00.0890 8908 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:57:00.0902 8908 HDAudBus - ok
17:57:00.0961 8908 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:57:00.0964 8908 HidBth - ok
17:57:00.0981 8908 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:57:00.0993 8908 HidIr - ok
17:57:01.0053 8908 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
17:57:01.0087 8908 hidserv - ok
17:57:01.0179 8908 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:57:01.0201 8908 HidUsb - ok
17:57:01.0246 8908 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:57:01.0249 8908 hkmsvc - ok
17:57:01.0354 8908 [ 26018AFA49F03032CCD3C26EAA384A4C ] hnmsvc c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
17:57:01.0369 8908 hnmsvc - ok
17:57:01.0430 8908 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:57:01.0432 8908 HpCISSs - ok
17:57:01.0483 8908 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:57:01.0492 8908 HTTP - ok
17:57:01.0520 8908 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:57:01.0552 8908 i2omp - ok
17:57:01.0654 8908 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:57:01.0684 8908 i8042prt - ok
17:57:01.0804 8908 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:57:01.0807 8908 IAANTMON - ok
17:57:01.0896 8908 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\drivers\iastor.sys
17:57:01.0899 8908 iaStor - ok
17:57:01.0956 8908 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:57:01.0962 8908 iaStorV - ok
17:57:02.0051 8908 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:57:02.0054 8908 IDriverT - ok
17:57:02.0170 8908 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:57:02.0186 8908 idsvc - ok
17:57:02.0413 8908 [ 8DAD27DD28A4274866767C89C0BF154F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:57:02.0458 8908 igfx - ok
17:57:02.0486 8908 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:57:02.0487 8908 iirsp - ok
17:57:02.0522 8908 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
17:57:02.0556 8908 IKEEXT - ok
17:57:02.0650 8908 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
17:57:02.0692 8908 intelide - ok
17:57:02.0743 8908 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:57:02.0748 8908 intelppm - ok
17:57:02.0802 8908 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:57:02.0806 8908 IPBusEnum - ok
17:57:02.0873 8908 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:57:02.0905 8908 IpFilterDriver - ok
17:57:02.0969 8908 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:57:02.0975 8908 iphlpsvc - ok
17:57:02.0991 8908 IpInIp - ok
17:57:03.0070 8908 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:57:03.0072 8908 IPMIDRV - ok
17:57:03.0114 8908 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:57:03.0117 8908 IPNAT - ok
17:57:03.0235 8908 [ 6E0FAEA90E71C5F1B9F3BC71B4CCA2FA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:57:03.0481 8908 iPod Service - ok
17:57:03.0511 8908 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:57:03.0512 8908 IRENUM - ok
17:57:03.0551 8908 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:57:03.0572 8908 isapnp - ok
17:57:03.0707 8908 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:57:03.0711 8908 iScsiPrt - ok
17:57:03.0753 8908 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:57:03.0754 8908 iteatapi - ok
17:57:03.0805 8908 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:57:03.0847 8908 iteraid - ok
17:57:03.0871 8908 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:57:03.0911 8908 kbdclass - ok
17:57:03.0950 8908 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:57:03.0954 8908 kbdhid - ok
17:57:04.0042 8908 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
17:57:04.0075 8908 KeyIso - ok
17:57:04.0299 8908 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:57:04.0715 8908 KSecDD - ok
17:57:04.0844 8908 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:57:04.0910 8908 KtmRm - ok
17:57:04.0971 8908 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
17:57:04.0976 8908 LanmanServer - ok
17:57:05.0037 8908 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:57:05.0043 8908 LanmanWorkstation - ok
17:57:05.0126 8908 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:57:05.0127 8908 lltdio - ok
17:57:05.0193 8908 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:57:05.0216 8908 lltdsvc - ok
17:57:05.0243 8908 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:57:05.0245 8908 lmhosts - ok
17:57:05.0281 8908 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:57:05.0331 8908 LSI_FC - ok
17:57:05.0396 8908 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:57:05.0441 8908 LSI_SAS - ok
17:57:05.0507 8908 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:57:05.0520 8908 LSI_SCSI - ok
17:57:05.0598 8908 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:57:05.0600 8908 luafv - ok
17:57:05.0711 8908 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:57:05.0749 8908 MBAMProtector - ok
17:57:05.0905 8908 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:57:05.0926 8908 MBAMScheduler - ok
17:57:06.0054 8908 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:57:06.0101 8908 MBAMService - ok
17:57:06.0226 8908 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
17:57:06.0230 8908 McComponentHostService - ok
17:57:06.0737 8908 [ 5F2E238661F79CC2D0347F0265BF0063 ] mcmscsvc C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
17:57:06.0817 8908 mcmscsvc - ok
17:57:07.0142 8908 [ AA490BFB95998686AF46FDCD8093443B ] McNASvc c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
17:57:07.0285 8908 McNASvc - ok
17:57:07.0603 8908 [ A56DDC19C16A0D9B67F43DC092539C7F ] McODS C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
17:57:07.0633 8908 McODS - ok
17:57:07.0740 8908 [ 5A8D1ACD2070B8261236D5484AE63721 ] McProxy c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
17:57:07.0743 8908 McProxy - ok
17:57:07.0788 8908 [ 0C53EFC1DD2318A235EC628A41E05312 ] McShield C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
17:57:07.0789 8908 McShield - ok
17:57:07.0881 8908 [ 9C2BA4C40B94D049539AD99235715A9A ] McSysmon C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
17:57:07.0975 8908 McSysmon - ok
17:57:08.0022 8908 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:57:08.0038 8908 Mcx2Svc - ok
17:57:08.0127 8908 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
17:57:08.0129 8908 megasas - ok
17:57:08.0166 8908 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:57:08.0231 8908 MegaSR - ok
17:57:08.0275 8908 [ 26653763D99EA717FC9E069F6BE6771E ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:57:08.0298 8908 mfeavfk - ok
17:57:08.0353 8908 [ E65CE1279F2C1FD9BD81184CEB7F5468 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
17:57:08.0354 8908 mfebopk - ok
17:57:08.0385 8908 [ F817BFCA67475CF04925ECE4FCF9C3C0 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:57:08.0415 8908 mfehidk - ok
17:57:08.0471 8908 [ FE03BE0B990983A08A33389C00636175 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
17:57:08.0472 8908 mferkdk - ok
17:57:08.0499 8908 [ 9C73ACA963AD8883B9FC44B410E70B71 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
17:57:08.0501 8908 mfesmfk - ok
17:57:08.0641 8908 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:57:08.0643 8908 Microsoft Office Groove Audit Service - ok
17:57:08.0692 8908 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:57:08.0695 8908 MMCSS - ok
17:57:08.0755 8908 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:57:08.0775 8908 Modem - ok
17:57:08.0888 8908 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:57:08.0889 8908 monitor - ok
17:57:08.0903 8908 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:57:08.0905 8908 mouclass - ok
17:57:08.0921 8908 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:57:08.0922 8908 mouhid - ok
17:57:08.0943 8908 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:57:08.0946 8908 MountMgr - ok
17:57:08.0969 8908 [ 447D50511A7AAC23D4CBBE527E1FF1F2 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
17:57:08.0991 8908 MPFP - ok
17:57:09.0072 8908 [ DE51C0969EE26777D2D10C5CF70538FA ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe
17:57:09.0079 8908 MpfService - ok
17:57:09.0214 8908 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
17:57:09.0217 8908 mpio - ok
17:57:09.0246 8908 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:57:09.0248 8908 mpsdrv - ok
17:57:09.0362 8908 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
17:57:09.0398 8908 MpsSvc - ok
17:57:09.0492 8908 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:57:09.0494 8908 Mraid35x - ok
17:57:09.0567 8908 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:57:09.0570 8908 MRxDAV - ok
17:57:09.0633 8908 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:57:09.0635 8908 mrxsmb - ok
17:57:09.0722 8908 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:57:09.0727 8908 mrxsmb10 - ok
17:57:09.0767 8908 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:57:09.0769 8908 mrxsmb20 - ok
17:57:09.0852 8908 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
17:57:09.0854 8908 msahci - ok
17:57:09.0879 8908 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:57:09.0938 8908 msdsm - ok
17:57:09.0978 8908 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:57:09.0982 8908 MSDTC - ok
17:57:10.0017 8908 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:57:10.0018 8908 Msfs - ok
17:57:10.0068 8908 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:57:10.0091 8908 msisadrv - ok
17:57:10.0165 8908 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:57:10.0169 8908 MSiSCSI - ok
17:57:10.0179 8908 msiserver - ok
17:57:10.0294 8908 [ 9A55CFA5F970BB407C7F639D19578A89 ] MSK80Service C:\Program Files\McAfee\MSK\MskSrver.exe
17:57:10.0295 8908 MSK80Service - ok
17:57:10.0415 8908 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:57:10.0447 8908 MSKSSRV - ok
17:57:10.0488 8908 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:57:10.0490 8908 MSPCLOCK - ok
17:57:10.0526 8908 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:57:10.0527 8908 MSPQM - ok
17:57:10.0577 8908 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:57:10.0624 8908 MsRPC - ok
17:57:10.0722 8908 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:57:10.0723 8908 mssmbios - ok
17:57:10.0885 8908 MSSQL$SQLEXPRESS - ok
17:57:11.0027 8908 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:57:11.0029 8908 MSSQLServerADHelper100 - ok
17:57:11.0069 8908 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:57:11.0070 8908 MSTEE - ok
17:57:11.0113 8908 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
17:57:11.0140 8908 Mup - ok
17:57:11.0232 8908 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
17:57:11.0240 8908 napagent - ok
17:57:11.0318 8908 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:57:11.0330 8908 NativeWifiP - ok
17:57:11.0414 8908 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:57:11.0425 8908 NDIS - ok
17:57:11.0479 8908 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:57:11.0493 8908 NdisTapi - ok
17:57:11.0516 8908 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:57:11.0527 8908 Ndisuio - ok
17:57:12.0001 8908 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:57:12.0266 8908 NdisWan - ok
17:57:12.0500 8908 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:57:12.0573 8908 NDProxy - ok
17:57:12.0859 8908 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:57:13.0050 8908 NetBIOS - ok
17:57:13.0292 8908 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:57:13.0680 8908 netbt - ok
17:57:13.0855 8908 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
17:57:13.0974 8908 Netlogon - ok
17:57:14.0464 8908 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:57:14.0861 8908 Netman - ok
17:57:14.0906 8908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:57:14.0909 8908 NetMsmqActivator - ok
17:57:14.0922 8908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:57:14.0924 8908 NetPipeActivator - ok
17:57:14.0985 8908 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:57:14.0993 8908 netprofm - ok
17:57:15.0001 8908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:57:15.0002 8908 NetTcpActivator - ok
17:57:15.0012 8908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:57:15.0014 8908 NetTcpPortSharing - ok
17:57:15.0105 8908 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:57:15.0126 8908 nfrd960 - ok
17:57:15.0209 8908 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:57:15.0215 8908 NlaSvc - ok
17:57:15.0241 8908 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:57:15.0287 8908 Npfs - ok
17:57:15.0398 8908 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:57:15.0401 8908 nsi - ok
17:57:15.0442 8908 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:57:15.0443 8908 nsiproxy - ok
17:57:15.0549 8908 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:57:15.0607 8908 Ntfs - ok
17:57:15.0652 8908 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:57:15.0654 8908 ntrigdigi - ok
17:57:15.0675 8908 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:57:15.0676 8908 Null - ok
17:57:15.0709 8908 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:57:15.0712 8908 nvraid - ok
17:57:15.0728 8908 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:57:15.0730 8908 nvstor - ok
17:57:15.0784 8908 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:57:15.0807 8908 nv_agp - ok
17:57:15.0815 8908 NwlnkFlt - ok
17:57:15.0833 8908 NwlnkFwd - ok
17:57:15.0937 8908 [ A015DD2BA6009C8BDD00A6C431302D06 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
17:57:15.0941 8908 OA009Ufd - ok
17:57:15.0993 8908 [ D4E1F63A07C58563A73FD5AA20DCFB65 ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
17:57:15.0999 8908 OA009Vid - ok
17:57:16.0143 8908 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:57:16.0152 8908 odserv - ok
17:57:16.0193 8908 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:57:16.0195 8908 ohci1394 - ok
17:57:16.0289 8908 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:57:16.0311 8908 ose - ok
17:57:16.0441 8908 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:57:16.0471 8908 p2pimsvc - ok
17:57:16.0524 8908 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
17:57:16.0531 8908 p2psvc - ok
17:57:16.0581 8908 [ 9D80E0BE979C3EDAF2863F23B88F4DE6 ] Packet C:\Windows\system32\DRIVERS\packet.sys
17:57:16.0582 8908 Packet - ok
17:57:16.0622 8908 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:57:16.0624 8908 Parport - ok
17:57:16.0677 8908 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:57:16.0679 8908 partmgr - ok
17:57:16.0711 8908 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:57:16.0713 8908 Parvdm - ok
17:57:16.0753 8908 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:57:16.0777 8908 PcaSvc - ok
17:57:17.0061 8908 [ 42EDE7D217325FF56CB8A9983CD7F73B ] PCD5SRVC{3F6A8B78-EC003E00-05040104} C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
17:57:17.0106 8908 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
17:57:17.0180 8908 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
17:57:17.0184 8908 pci - ok
17:57:17.0230 8908 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
17:57:17.0231 8908 pciide - ok
17:57:17.0242 8908 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:57:17.0246 8908 pcmcia - ok
17:57:17.0333 8908 [ 927AAA8E65F9B7E5F95B53A92E65EC98 ] PCTDMDefrag C:\Windows\system32\drivers\PCTDMDefrag.sys
17:57:17.0379 8908 PCTDMDefrag - ok
17:57:17.0413 8908 [ 2D3B87BAE5ADBFE1831176C01FB7FBEE ] PCTDSMon C:\Windows\system32\drivers\PCTDSMon.sys
17:57:17.0430 8908 PCTDSMon - ok
17:57:17.0499 8908 [ F85B41F5968B3CA8001E91DE48CA0740 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:57:17.0513 8908 PCToolsSSDMonitorSvc - ok
17:57:17.0600 8908 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:57:17.0615 8908 PEAUTH - ok
17:57:17.0791 8908 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:57:17.0849 8908 pla - ok
17:57:17.0898 8908 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:57:17.0907 8908 PlugPlay - ok
17:57:17.0995 8908 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:57:18.0003 8908 PNRPAutoReg - ok
17:57:18.0022 8908 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:57:18.0030 8908 PNRPsvc - ok
17:57:18.0080 8908 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:57:18.0103 8908 PolicyAgent - ok
17:57:18.0215 8908 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:57:18.0240 8908 PptpMiniport - ok
17:57:18.0286 8908 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
17:57:18.0324 8908 Processor - ok
17:57:18.0410 8908 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
17:57:18.0417 8908 ProfSvc - ok
17:57:18.0463 8908 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:57:18.0483 8908 ProtectedStorage - ok
17:57:18.0519 8908 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:57:18.0560 8908 PSched - ok
17:57:18.0630 8908 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:57:18.0672 8908 PxHelp20 - ok
17:57:18.0913 8908 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:57:18.0933 8908 ql2300 - ok
17:57:18.0943 8908 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:57:18.0945 8908 ql40xx - ok
17:57:19.0033 8908 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:57:19.0064 8908 QWAVE - ok
17:57:19.0094 8908 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:57:19.0123 8908 QWAVEdrv - ok
17:57:19.0254 8908 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
17:57:19.0365 8908 R300 - ok
17:57:19.0398 8908 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:57:19.0399 8908 RasAcd - ok
17:57:19.0432 8908 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:57:19.0462 8908 RasAuto - ok
17:57:19.0494 8908 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:57:19.0497 8908 Rasl2tp - ok
17:57:19.0614 8908 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
17:57:19.0621 8908 RasMan - ok
17:57:19.0648 8908 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:57:19.0650 8908 RasPppoe - ok
17:57:19.0677 8908 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:57:19.0682 8908 RasSstp - ok
17:57:19.0760 8908 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:57:19.0784 8908 rdbss - ok
17:57:19.0837 8908 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:57:19.0856 8908 RDPCDD - ok
17:57:19.0940 8908 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:57:19.0967 8908 rdpdr - ok
17:57:19.0978 8908 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:57:20.0001 8908 RDPENCDD - ok
17:57:20.0117 8908 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:57:20.0121 8908 RDPWD - ok
17:57:20.0194 8908 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:57:20.0198 8908 RemoteAccess - ok
17:57:20.0254 8908 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:57:20.0290 8908 RemoteRegistry - ok
17:57:20.0318 8908 rootrepeal - ok
17:57:20.0353 8908 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:57:20.0379 8908 RpcLocator - ok
17:57:20.0439 8908 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
17:57:20.0446 8908 RpcSs - ok
17:57:20.0518 8908 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
17:57:20.0523 8908 RsFx0103 - ok
17:57:20.0589 8908 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:57:20.0591 8908 rspndr - ok
17:57:20.0674 8908 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
17:57:20.0708 8908 RTSTOR - ok
17:57:20.0774 8908 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
17:57:20.0776 8908 SamSs - ok
17:57:20.0872 8908 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:57:20.0915 8908 SASDIFSV - ok
17:57:20.0944 8908 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:57:20.0946 8908 SASKUTIL - ok
17:57:20.0982 8908 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:57:21.0003 8908 sbp2port - ok
17:57:21.0059 8908 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:57:21.0077 8908 SCardSvr - ok
17:57:21.0124 8908 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
17:57:21.0137 8908 Schedule - ok
17:57:21.0183 8908 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:57:21.0185 8908 SCPolicySvc - ok
17:57:21.0231 8908 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:57:21.0236 8908 SDRSVC - ok
17:57:21.0284 8908 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:57:21.0286 8908 secdrv - ok
17:57:21.0376 8908 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:57:21.0379 8908 seclogon - ok
17:57:21.0396 8908 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
17:57:21.0668 8908 SENS - ok
17:57:21.0733 8908 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:57:21.0752 8908 Serenum - ok
17:57:21.0798 8908 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:57:21.0835 8908 Serial - ok
17:57:21.0852 8908 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:57:21.0853 8908 sermouse - ok
17:57:21.0924 8908 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:57:21.0979 8908 SessionEnv - ok
17:57:22.0049 8908 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:57:22.0060 8908 sffdisk - ok
17:57:22.0083 8908 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:57:22.0115 8908 sffp_mmc - ok
17:57:22.0164 8908 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:57:22.0166 8908 sffp_sd - ok
17:57:22.0224 8908 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:57:22.0248 8908 sfloppy - ok
17:57:22.0601 8908 [ 89C8CE6971A3E571176348E237018C0A ] SftService C:\Windows\sminst\sftservice.EXE
17:57:23.0141 8908 SftService - ok
17:57:23.0191 8908 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:57:23.0561 8908 SharedAccess - ok
17:57:23.0726 8908 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:57:23.0806 8908 ShellHWDetection - ok
17:57:23.0833 8908 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:57:23.0851 8908 sisagp - ok
17:57:23.0914 8908 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:57:23.0916 8908 SiSRaid2 - ok
17:57:23.0929 8908 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:57:23.0945 8908 SiSRaid4 - ok
17:57:24.0152 8908 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:57:24.0245 8908 SkypeUpdate - ok
17:57:24.0687 8908 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
17:57:27.0057 8908 slsvc - ok
17:57:27.0181 8908 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:57:27.0202 8908 SLUINotify - ok
17:57:27.0275 8908 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:57:27.0329 8908 Smb - ok
17:57:27.0394 8908 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:57:27.0406 8908 SNMPTRAP - ok
17:57:27.0469 8908 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:57:27.0515 8908 spldr - ok
17:57:27.0561 8908 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
17:57:27.0576 8908 Spooler - ok
17:57:27.0668 8908 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
17:57:27.0680 8908 sprtsvc_DellSupportCenter - ok
17:57:28.0139 8908 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:57:28.0236 8908 SQLAgent$SQLEXPRESS - ok
17:57:28.0455 8908 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:57:29.0099 8908 SQLBrowser - ok
17:57:29.0172 8908 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:57:29.0173 8908 SQLWriter - ok
17:57:29.0284 8908 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:57:29.0341 8908 srv - ok
17:57:29.0448 8908 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:57:29.0477 8908 srv2 - ok
17:57:29.0537 8908 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:57:29.0555 8908 srvnet - ok
17:57:29.0633 8908 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:57:29.0694 8908 SSDPSRV - ok
17:57:29.0796 8908 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:57:29.0822 8908 SstpSvc - ok
17:57:30.0000 8908 [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:57:30.0004 8908 ssudmdm - ok
17:57:30.0316 8908 [ CB2449150A5EA17CAA0B94363D9440CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
17:57:30.0428 8908 STacSV - ok
17:57:30.0631 8908 [ 14A9AD287FDA70A06463E09C4328C1F2 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
17:57:30.0733 8908 STHDA - ok
17:57:30.0841 8908 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
17:57:30.0979 8908 stisvc - ok
17:57:31.0192 8908 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:57:31.0227 8908 stllssvr - ok
17:57:31.0274 8908 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:57:31.0284 8908 swenum - ok
17:57:31.0387 8908 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
17:57:31.0829 8908 swprv - ok
17:57:31.0877 8908 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:57:31.0879 8908 Symc8xx - ok
17:57:31.0896 8908 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:57:31.0898 8908 Sym_hi - ok
17:57:31.0906 8908 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:57:31.0945 8908 Sym_u3 - ok
17:57:32.0007 8908 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
17:57:32.0020 8908 SysMain - ok
17:57:32.0065 8908 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:57:32.0069 8908 TabletInputService - ok
17:57:32.0116 8908 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:57:32.0123 8908 TapiSrv - ok
17:57:32.0154 8908 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:57:32.0160 8908 TBS - ok
17:57:32.0224 8908 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:57:32.0241 8908 Tcpip - ok
17:57:32.0265 8908 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:57:32.0272 8908 Tcpip6 - ok
17:57:32.0335 8908 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:57:32.0359 8908 tcpipreg - ok
17:57:32.0410 8908 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:57:32.0462 8908 TDPIPE - ok
17:57:32.0474 8908 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:57:32.0478 8908 TDTCP - ok
17:57:32.0532 8908 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:57:32.0594 8908 tdx - ok
17:57:32.0653 8908 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:57:32.0679 8908 TermDD - ok
17:57:32.0817 8908 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
17:57:32.0827 8908 TermService - ok
17:57:32.0875 8908 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
17:57:32.0883 8908 Themes - ok
17:57:32.0946 8908 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:57:32.0965 8908 THREADORDER - ok
17:57:32.0991 8908 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:57:32.0996 8908 TrkWks - ok
17:57:33.0091 8908 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:57:33.0143 8908 TrustedInstaller - ok
17:57:33.0249 8908 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:57:33.0280 8908 tssecsrv - ok
17:57:33.0316 8908 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:57:33.0317 8908 tunmp - ok
17:57:33.0372 8908 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:57:33.0373 8908 tunnel - ok
17:57:33.0409 8908 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:57:33.0411 8908 uagp35 - ok
17:57:33.0454 8908 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:57:33.0460 8908 udfs - ok
17:57:33.0528 8908 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:57:33.0554 8908 UI0Detect - ok
17:57:33.0596 8908 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:57:33.0598 8908 uliagpkx - ok
17:57:33.0618 8908 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:57:33.0624 8908 uliahci - ok
17:57:33.0636 8908 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:57:33.0639 8908 UlSata - ok
17:57:33.0658 8908 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:57:33.0660 8908 ulsata2 - ok
17:57:33.0690 8908 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:57:33.0692 8908 umbus - ok
17:57:33.0732 8908 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:57:33.0743 8908 upnphost - ok
17:57:33.0828 8908 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:57:33.0830 8908 USBAAPL - ok
17:57:33.0900 8908 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:57:33.0925 8908 usbccgp - ok
17:57:33.0980 8908 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:57:33.0983 8908 usbcir - ok
17:57:34.0094 8908 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:57:34.0095 8908 usbehci - ok
17:57:34.0162 8908 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:57:34.0167 8908 usbhub - ok
17:57:34.0221 8908 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:57:34.0223 8908 usbohci - ok
17:57:34.0308 8908 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:57:34.0310 8908 usbprint - ok
17:57:34.0367 8908 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:57:34.0387 8908 USBSTOR - ok
17:57:34.0410 8908 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:57:34.0413 8908 usbuhci - ok
17:57:34.0517 8908 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
17:57:34.0537 8908 UxSms - ok
17:57:34.0601 8908 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
17:57:34.0611 8908 vds - ok
17:57:34.0714 8908 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:57:34.0715 8908 vga - ok
17:57:34.0743 8908 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:57:34.0746 8908 VgaSave - ok
17:57:34.0758 8908 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:57:34.0789 8908 viaagp - ok
17:57:34.0802 8908 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:57:34.0803 8908 ViaC7 - ok
17:57:34.0814 8908 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
17:57:34.0816 8908 viaide - ok
17:57:34.0850 8908 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:57:34.0852 8908 volmgr - ok
17:57:34.0899 8908 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:57:34.0907 8908 volmgrx - ok
17:57:34.0951 8908 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:57:34.0960 8908 volsnap - ok
17:57:35.0018 8908 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:57:35.0082 8908 vsmraid - ok
17:57:35.0351 8908 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
17:57:35.0413 8908 VSS - ok
17:57:35.0509 8908 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
17:57:35.0517 8908 W32Time - ok
17:57:35.0585 8908 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:57:35.0586 8908 WacomPen - ok
17:57:35.0610 8908 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:57:35.0612 8908 Wanarp - ok
17:57:35.0621 8908 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:57:35.0622 8908 Wanarpv6 - ok
17:57:35.0676 8908 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:57:35.0710 8908 wcncsvc - ok
17:57:35.0761 8908 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:57:35.0780 8908 WcsPlugInService - ok
17:57:35.0795 8908 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
17:57:35.0796 8908 Wd - ok
17:57:35.0849 8908 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:57:35.0911 8908 Wdf01000 - ok
17:57:35.0970 8908 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:57:35.0974 8908 WdiServiceHost - ok
17:57:35.0988 8908 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:57:35.0991 8908 WdiSystemHost - ok
17:57:36.0064 8908 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
17:57:36.0083 8908 WebClient - ok
17:57:36.0182 8908 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:57:36.0191 8908 Wecsvc - ok
17:57:36.0257 8908 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:57:36.0262 8908 wercplsupport - ok
17:57:36.0347 8908 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
17:57:36.0378 8908 WerSvc - ok
17:57:36.0543 8908 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:57:36.0549 8908 WinDefend - ok
17:57:36.0576 8908 WinHttpAutoProxySvc - ok
17:57:36.0698 8908 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:57:36.0723 8908 Winmgmt - ok
17:57:36.0916 8908 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:57:36.0962 8908 WinRM - ok
17:57:37.0111 8908 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:57:37.0126 8908 Wlansvc - ok
17:57:37.0141 8908 wltrysvc - ok
17:57:37.0213 8908 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:57:37.0227 8908 WmiAcpi - ok
17:57:37.0296 8908 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:57:37.0316 8908 wmiApSrv - ok
17:57:37.0408 8908 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:57:37.0420 8908 WMPNetworkSvc - ok
17:57:37.0476 8908 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:57:37.0482 8908 WPCSvc - ok
17:57:37.0541 8908 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:57:37.0563 8908 WPDBusEnum - ok
17:57:37.0672 8908 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:57:37.0711 8908 WpdUsb - ok
17:57:38.0008 8908 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:57:38.0023 8908 WPFFontCache_v0400 - ok
17:57:38.0098 8908 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:57:38.0107 8908 ws2ifsl - ok
17:57:38.0142 8908 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
17:57:38.0171 8908 wscsvc - ok
17:57:38.0184 8908 WSearch - ok
17:57:38.0227 8908 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:57:38.0242 8908 WUDFRd - ok
17:57:38.0306 8908 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:57:38.0311 8908 wudfsvc - ok
17:57:38.0382 8908 yksvc - ok
17:57:38.0529 8908 [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
17:57:38.0539 8908 yukonwlh - ok
17:57:38.0593 8908 ================ Scan global ===============================
17:57:38.0649 8908 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:57:38.0707 8908 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:57:38.0724 8908 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:57:38.0785 8908 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
17:57:38.0790 8908 [Global] - ok
17:57:38.0790 8908 ================ Scan MBR ==================================
17:57:38.0815 8908 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:57:38.0843 8908 Suspicious mbr (Forged): \Device\Harddisk0\DR0
17:57:38.0913 8908 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
17:57:38.0914 8908 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
17:57:38.0914 8908 ================ Scan VBR ==================================
17:57:38.0964 8908 [ 05FDC1787582D2D0FBA3A56C37E378A0 ] \Device\Harddisk0\DR0\Partition1
17:57:39.0052 8908 \Device\Harddisk0\DR0\Partition1 - ok
17:57:39.0095 8908 [ ED15DC63EA27F24E5D1BD0523D8E1F2C ] \Device\Harddisk0\DR0\Partition2
17:57:39.0120 8908 \Device\Harddisk0\DR0\Partition2 - ok
17:57:39.0124 8908 ============================================================
17:57:39.0124 8908 Scan finished
17:57:39.0124 8908 ============================================================
17:57:39.0148 6036 Detected object count: 1
17:57:39.0148 6036 Actual detected object count: 1
17:58:09.0121 6036 \Device\Harddisk0\DR0\# - copied to quarantine
17:58:09.0128 6036 \Device\Harddisk0\DR0 - copied to quarantine
17:58:09.0398 6036 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
17:58:09.0403 6036 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
17:58:09.0408 6036 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
17:58:09.0413 6036 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
17:58:09.0421 6036 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
17:58:09.0427 6036 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
17:58:09.0736 6036 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
17:58:09.0763 6036 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
17:58:09.0778 6036 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
17:58:09.0846 6036 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:58:09.0901 6036 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:58:09.0927 6036 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:58:09.0977 6036 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:58:10.0002 6036 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
17:58:10.0008 6036 \Device\Harddisk0\DR0\TDLFS\tdi32 - copied to quarantine
17:58:10.0035 6036 \Device\Harddisk0\DR0\TDLFS\tdi64 - copied to quarantine
17:58:10.0056 6036 \Device\Harddisk0\DR0\TDLFS\main1 - copied to quarantine
17:58:10.0067 6036 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
17:58:10.0088 6036 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
17:58:10.0097 6036 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
17:58:10.0223 6036 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
17:58:10.0271 6036 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
17:58:11.0719 6036 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
17:58:11.0768 6036 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
17:58:11.0893 6036 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
17:58:11.0908 6036 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Quarantine


I then ran aswMBW and it completed successfully.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-19 19:48:45
-----------------------------
19:48:45.355 OS Version: Windows 6.0.6002 Service Pack 2
19:48:45.356 Number of processors: 2 586 0x170A
19:48:45.359 ComputerName: NATHAN-PC UserName: Nathan
19:49:45.179 Initialize success
19:50:05.993 AVAST engine defs: 12101901
19:50:53.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:50:53.139 Disk 0 Vendor: Hitachi_ FB4O Size: 305245MB BusType: 3
19:50:53.159 Disk 0 MBR read successfully
19:50:53.163 Disk 0 MBR scan
19:50:53.173 Disk 0 Windows VISTA default MBR code
19:50:53.179 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
19:50:53.196 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
19:50:53.215 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 290204 MB offset 30801920
19:50:53.228 Disk 0 scanning sectors +625140400
19:50:53.304 Disk 0 scanning C:\Windows\system32\drivers
19:51:21.419 Service scanning
19:52:33.545 Modules scanning
19:53:04.229 Disk 0 trace - called modules:
19:53:04.695 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
19:53:04.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8599bac8]
19:53:04.716 3 CLASSPNP.SYS[8a1a88b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84f4a028]
19:53:06.324 AVAST engine scan C:\Windows
19:53:12.810 AVAST engine scan C:\Windows\system32
20:00:19.738 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
20:05:01.622 AVAST engine scan C:\Windows\system32\drivers
20:05:41.466 AVAST engine scan C:\Users\Nathan
20:06:22.011 Disk 0 MBR has been saved successfully to "C:\Users\Nathan\Documents\GoogleRedirectVirus\MBR.dat"
20:06:22.072 The log file has been saved successfully to "C:\Users\Nathan\Documents\GoogleRedirectVirus\aswMBR.txt"
21:00:33.299 File: C:\Users\Nathan\AppData\Local\Temp\msimg32.dll **INFECTED** Win32:Sirefef-AMZ [Trj]
22:20:02.576 AVAST engine scan C:\ProgramData
22:40:15.044 Scan finished successfully
09:39:41.278 Disk 0 MBR has been saved successfully to "C:\Users\Nathan\Documents\GoogleRedirectVirus\MBR.dat"
09:39:41.327 The log file has been saved successfully to "C:\Users\Nathan\Documents\GoogleRedirectVirus\aswMBR_1020.txt"



I successfully ran ESET online scanner.

C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_17.56.21\mbr0000\tdlfs0000\tsk0024.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.10.2012_19.15.03\mbr0000\tdlfs0000\tsk0024.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined
Operating memory multiple threats


Thank you for your continuing help!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 20 October 2012 - 12:30 PM

Run TDSSkiller again and post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 23 October 2012 - 08:26 PM

Sorry for the delay. I was pretty busy over the weekend. My computer has actually been running great since I was able to get TDSSKiller to run. I ran the things you suggested. I noticed that some files still showed up in the MalwareBytes scan. Here are the logs. Thank you for all your help!


TDSSKiller log


21:32:17.0997 10996 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:32:20.0024 10996 ============================================================
21:32:20.0024 10996 Current date / time: 2012/10/22 21:32:20.0024
21:32:20.0024 10996 SystemInfo:
21:32:20.0024 10996
21:32:20.0024 10996 OS Version: 6.0.6002 ServicePack: 2.0
21:32:20.0024 10996 Product type: Workstation
21:32:20.0024 10996 ComputerName: NATHAN-PC
21:32:20.0026 10996 UserName: Nathan
21:32:20.0026 10996 Windows directory: C:\Windows
21:32:20.0026 10996 System windows directory: C:\Windows
21:32:20.0026 10996 Processor architecture: Intel x86
21:32:20.0026 10996 Number of processors: 2
21:32:20.0026 10996 Page size: 0x1000
21:32:20.0026 10996 Boot type: Normal boot
21:32:20.0026 10996 ============================================================
21:32:23.0554 10996 BG loaded
21:32:26.0100 10996 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:32:26.0250 10996 ============================================================
21:32:26.0449 10996 \Device\Harddisk0\DR0:
21:32:26.0522 10996 MBR partitions:
21:32:26.0522 10996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
21:32:26.0522 10996 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
21:32:26.0522 10996 ============================================================
21:32:26.0709 10996 C: <-> \Device\Harddisk0\DR0\Partition2
21:32:26.0864 10996 E: <-> \Device\Harddisk0\DR0\Partition1
21:32:26.0865 10996 ============================================================
21:32:26.0865 10996 Initialize success
21:32:26.0865 10996 ============================================================
21:32:56.0712 9768 ============================================================
21:32:56.0712 9768 Scan started
21:32:56.0712 9768 Mode: Manual;
21:32:56.0712 9768 ============================================================
21:32:57.0169 9768 ================ Scan system memory ========================
21:32:57.0169 9768 System memory - ok
21:32:57.0170 9768 ================ Scan services =============================
21:32:57.0457 9768 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:32:57.0483 9768 !SASCORE - ok
21:32:59.0614 9768 0267441243084857mcinstcleanup - ok
21:32:59.0932 9768 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:32:59.0939 9768 ACPI - ok
21:33:00.0050 9768 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:33:00.0053 9768 AdobeFlashPlayerUpdateSvc - ok
21:33:00.0191 9768 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:33:00.0200 9768 adp94xx - ok
21:33:00.0272 9768 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:33:00.0278 9768 adpahci - ok
21:33:00.0305 9768 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:33:00.0308 9768 adpu160m - ok
21:33:00.0369 9768 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:33:00.0373 9768 adpu320 - ok
21:33:00.0463 9768 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:33:00.0469 9768 AeLookupSvc - ok
21:33:00.0680 9768 [ 087B04CA45E2F059A55709B0B8F95EA9 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
21:33:00.0683 9768 AESTFilters - ok
21:33:00.0859 9768 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:33:00.0865 9768 AFD - ok
21:33:00.0974 9768 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:33:01.0000 9768 agp440 - ok
21:33:01.0041 9768 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:33:01.0043 9768 aic78xx - ok
21:33:01.0133 9768 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:33:01.0158 9768 ALG - ok
21:33:01.0199 9768 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
21:33:01.0201 9768 aliide - ok
21:33:01.0243 9768 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:33:01.0263 9768 amdagp - ok
21:33:01.0325 9768 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
21:33:01.0327 9768 amdide - ok
21:33:01.0412 9768 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:33:01.0413 9768 AmdK7 - ok
21:33:01.0464 9768 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:33:01.0489 9768 AmdK8 - ok
21:33:01.0715 9768 [ EA504A3E708A37CDA81D214D09B8A62F ] Apache2.2 C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
21:33:01.0733 9768 Apache2.2 - ok
21:33:01.0769 9768 [ B83F9DA84F7079451C1C6A4A2F140920 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:33:01.0772 9768 ApfiltrService - ok
21:33:01.0833 9768 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:33:01.0834 9768 Appinfo - ok
21:33:02.0089 9768 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:33:02.0116 9768 Apple Mobile Device - ok
21:33:02.0191 9768 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
21:33:02.0194 9768 arc - ok
21:33:02.0236 9768 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:33:02.0239 9768 arcsas - ok
21:33:02.0599 9768 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:33:02.0634 9768 aspnet_state - ok
21:33:02.0684 9768 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:33:02.0709 9768 AsyncMac - ok
21:33:02.0754 9768 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
21:33:02.0755 9768 atapi - ok
21:33:02.0875 9768 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:33:02.0886 9768 AudioEndpointBuilder - ok
21:33:02.0898 9768 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:33:02.0901 9768 Audiosrv - ok
21:33:03.0156 9768 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
21:33:03.0161 9768 BBSvc - ok
21:33:03.0241 9768 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
21:33:03.0246 9768 BBUpdate - ok
21:33:03.0321 9768 [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
21:33:03.0322 9768 BCM42RLY - ok
21:33:03.0442 9768 [ 41A70777E892C3DEA606758366566A77 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
21:33:03.0471 9768 BCM43XX - ok
21:33:03.0570 9768 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:33:03.0576 9768 Beep - ok
21:33:03.0658 9768 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:33:03.0665 9768 BFE - ok
21:33:03.0696 9768 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:33:03.0697 9768 blbdrive - ok
21:33:03.0833 9768 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:33:03.0840 9768 Bonjour Service - ok
21:33:03.0903 9768 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:33:03.0905 9768 bowser - ok
21:33:03.0996 9768 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:33:03.0999 9768 BrFiltLo - ok
21:33:04.0032 9768 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:33:04.0033 9768 BrFiltUp - ok
21:33:04.0139 9768 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:33:04.0145 9768 Browser - ok
21:33:04.0243 9768 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:33:04.0246 9768 Brserid - ok
21:33:04.0272 9768 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:33:04.0274 9768 BrSerWdm - ok
21:33:04.0319 9768 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:33:04.0320 9768 BrUsbMdm - ok
21:33:04.0340 9768 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:33:04.0341 9768 BrUsbSer - ok
21:33:04.0417 9768 [ C9AFF970593E598B896F22898D768105 ] BSecACFltr C:\Windows\system32\DRIVERS\BSecACFltr.sys
21:33:04.0442 9768 BSecACFltr - ok
21:33:04.0623 9768 [ 80505B18392A04486C681FE3D659F2CC ] Bsecure C:\Program Files\Bsecure\InetCtrl.exe
21:33:04.0644 9768 Bsecure - ok
21:33:04.0677 9768 [ 986887D63B4DD32256A638AD964A5906 ] BsecureAV C:\Program Files\Bsecure\BsecAV.exe
21:33:04.0681 9768 BsecureAV - ok
21:33:04.0751 9768 [ 0A00FD8D22ECF4031964414F699B7BBD ] BsecureFilter C:\Windows\system32\drivers\BsecFltr.sys
21:33:04.0753 9768 BsecureFilter - ok
21:33:04.0819 9768 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:33:04.0821 9768 BTHMODEM - ok
21:33:04.0881 9768 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:33:04.0883 9768 cdfs - ok
21:33:04.0938 9768 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:33:04.0961 9768 cdrom - ok
21:33:05.0040 9768 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:33:05.0041 9768 CertPropSvc - ok
21:33:05.0081 9768 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
21:33:05.0083 9768 circlass - ok
21:33:05.0161 9768 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:33:05.0167 9768 CLFS - ok
21:33:05.0305 9768 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:33:05.0330 9768 clr_optimization_v2.0.50727_32 - ok
21:33:05.0411 9768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:33:05.0530 9768 clr_optimization_v4.0.30319_32 - ok
21:33:05.0595 9768 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:33:05.0606 9768 CmBatt - ok
21:33:05.0643 9768 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:33:05.0645 9768 cmdide - ok
21:33:05.0689 9768 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:33:05.0690 9768 Compbatt - ok
21:33:05.0699 9768 COMSysApp - ok
21:33:05.0737 9768 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:33:05.0739 9768 crcdisk - ok
21:33:05.0774 9768 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:33:05.0776 9768 Crusoe - ok
21:33:05.0863 9768 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:33:05.0866 9768 CryptSvc - ok
21:33:05.0961 9768 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:33:05.0964 9768 ctxusbm - ok
21:33:06.0074 9768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:33:06.0086 9768 DcomLaunch - ok
21:33:06.0140 9768 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:33:06.0143 9768 DfsC - ok
21:33:06.0267 9768 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:33:06.0303 9768 DFSR - ok
21:33:06.0390 9768 [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:33:06.0393 9768 dg_ssudbus - ok
21:33:06.0479 9768 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:33:06.0482 9768 Dhcp - ok
21:33:06.0610 9768 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:33:06.0611 9768 disk - ok
21:33:06.0801 9768 [ 8B35F7D18721CA4282D34904B0EEBF61 ] DMDefragService C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
21:33:06.0848 9768 DMDefragService - ok
21:33:06.0937 9768 [ 211AB1D8D0D9695F230C624A778F3B22 ] DMRepairService C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
21:33:06.0955 9768 DMRepairService - ok
21:33:07.0061 9768 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:33:07.0064 9768 Dnscache - ok
21:33:07.0258 9768 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
21:33:07.0262 9768 DockLoginService - ok
21:33:07.0400 9768 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:33:07.0411 9768 dot3svc - ok
21:33:07.0463 9768 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:33:07.0466 9768 DPS - ok
21:33:07.0531 9768 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:33:07.0532 9768 drmkaud - ok
21:33:07.0738 9768 [ 0BB913F9F02677BD4AE96D4967CACFEE ] dsl-db C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
21:33:08.0184 9768 dsl-db - ok
21:33:08.0282 9768 [ CDEF1D195EA938CCC49B8F288404DAE5 ] dsl-fs-sync C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
21:33:08.0284 9768 dsl-fs-sync - ok
21:33:08.0664 9768 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:33:08.0686 9768 DXGKrnl - ok
21:33:08.0846 9768 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
21:33:09.0124 9768 e1express - ok
21:33:09.0539 9768 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:33:09.0574 9768 E1G60 - ok
21:33:09.0728 9768 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:33:09.0835 9768 EapHost - ok
21:33:09.0925 9768 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:33:09.0929 9768 Ecache - ok
21:33:10.0192 9768 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:33:10.0200 9768 ehRecvr - ok
21:33:10.0310 9768 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:33:10.0313 9768 ehSched - ok
21:33:10.0336 9768 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:33:10.0337 9768 ehstart - ok
21:33:10.0447 9768 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:33:10.0453 9768 elxstor - ok
21:33:10.0594 9768 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:33:10.0604 9768 EMDMgmt - ok
21:33:10.0687 9768 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:33:10.0693 9768 ErrDev - ok
21:33:10.0824 9768 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:33:10.0827 9768 EventSystem - ok
21:33:10.0901 9768 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:33:10.0904 9768 exfat - ok
21:33:10.0955 9768 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:33:10.0958 9768 fastfat - ok
21:33:10.0999 9768 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:33:11.0001 9768 fdc - ok
21:33:11.0103 9768 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:33:11.0125 9768 fdPHost - ok
21:33:11.0164 9768 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:33:11.0166 9768 FDResPub - ok
21:33:11.0218 9768 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:33:11.0220 9768 FileInfo - ok
21:33:11.0274 9768 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:33:11.0276 9768 Filetrace - ok
21:33:11.0301 9768 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:33:11.0302 9768 flpydisk - ok
21:33:11.0355 9768 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:33:11.0359 9768 FltMgr - ok
21:33:11.0503 9768 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:33:11.0519 9768 FontCache - ok
21:33:11.0618 9768 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:33:11.0620 9768 FontCache3.0.0.0 - ok
21:33:11.0682 9768 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:33:11.0684 9768 Fs_Rec - ok
21:33:11.0765 9768 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:33:11.0767 9768 gagp30kx - ok
21:33:11.0922 9768 [ 37331304E89A773B1A86FE681FCA150D ] GameConsoleService C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
21:33:11.0931 9768 GameConsoleService - ok
21:33:12.0013 9768 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:33:12.0014 9768 GEARAspiWDM - ok
21:33:12.0042 9768 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
21:33:12.0044 9768 GoToAssist - ok
21:33:12.0102 9768 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:33:12.0112 9768 gpsvc - ok
21:33:12.0217 9768 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:33:12.0219 9768 gupdate - ok
21:33:12.0263 9768 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:33:12.0264 9768 gupdatem - ok
21:33:12.0300 9768 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:33:12.0305 9768 gusvc - ok
21:33:12.0374 9768 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:33:12.0384 9768 HDAudBus - ok
21:33:12.0425 9768 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:33:12.0428 9768 HidBth - ok
21:33:12.0456 9768 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:33:12.0458 9768 HidIr - ok
21:33:12.0517 9768 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
21:33:12.0519 9768 hidserv - ok
21:33:12.0577 9768 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:33:12.0577 9768 HidUsb - ok
21:33:12.0632 9768 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:33:12.0635 9768 hkmsvc - ok
21:33:12.0774 9768 [ 26018AFA49F03032CCD3C26EAA384A4C ] hnmsvc c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
21:33:12.0789 9768 hnmsvc - ok
21:33:12.0829 9768 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:33:12.0830 9768 HpCISSs - ok
21:33:12.0882 9768 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:33:12.0891 9768 HTTP - ok
21:33:12.0941 9768 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:33:12.0943 9768 i2omp - ok
21:33:13.0024 9768 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:33:13.0026 9768 i8042prt - ok
21:33:13.0159 9768 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:33:13.0165 9768 IAANTMON - ok
21:33:13.0240 9768 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\drivers\iastor.sys
21:33:13.0243 9768 iaStor - ok
21:33:13.0289 9768 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:33:13.0294 9768 iaStorV - ok
21:33:13.0383 9768 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:33:13.0385 9768 IDriverT - ok
21:33:13.0502 9768 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:33:13.0521 9768 idsvc - ok
21:33:13.0712 9768 [ 8DAD27DD28A4274866767C89C0BF154F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:33:13.0772 9768 igfx - ok
21:33:13.0807 9768 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:33:13.0808 9768 iirsp - ok
21:33:13.0843 9768 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:33:13.0853 9768 IKEEXT - ok
21:33:13.0937 9768 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
21:33:13.0939 9768 intelide - ok
21:33:13.0964 9768 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:33:13.0965 9768 intelppm - ok
21:33:14.0034 9768 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:33:14.0037 9768 IPBusEnum - ok
21:33:14.0094 9768 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:33:14.0096 9768 IpFilterDriver - ok
21:33:14.0204 9768 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:33:14.0210 9768 iphlpsvc - ok
21:33:14.0232 9768 IpInIp - ok
21:33:14.0291 9768 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:33:14.0293 9768 IPMIDRV - ok
21:33:14.0313 9768 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:33:14.0316 9768 IPNAT - ok
21:33:14.0412 9768 [ 6E0FAEA90E71C5F1B9F3BC71B4CCA2FA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:33:14.0423 9768 iPod Service - ok
21:33:14.0466 9768 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:33:14.0467 9768 IRENUM - ok
21:33:14.0509 9768 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:33:14.0511 9768 isapnp - ok
21:33:14.0584 9768 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:33:14.0588 9768 iScsiPrt - ok
21:33:14.0629 9768 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:33:14.0631 9768 iteatapi - ok
21:33:14.0655 9768 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:33:14.0657 9768 iteraid - ok
21:33:14.0703 9768 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:33:14.0705 9768 kbdclass - ok
21:33:14.0738 9768 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:33:14.0739 9768 kbdhid - ok
21:33:14.0785 9768 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:33:14.0787 9768 KeyIso - ok
21:33:14.0845 9768 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:33:14.0856 9768 KSecDD - ok
21:33:14.0955 9768 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:33:14.0963 9768 KtmRm - ok
21:33:15.0025 9768 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
21:33:15.0030 9768 LanmanServer - ok
21:33:15.0091 9768 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:33:15.0100 9768 LanmanWorkstation - ok
21:33:15.0213 9768 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:33:15.0215 9768 lltdio - ok
21:33:15.0274 9768 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:33:15.0279 9768 lltdsvc - ok
21:33:15.0322 9768 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:33:15.0324 9768 lmhosts - ok
21:33:15.0369 9768 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:33:15.0371 9768 LSI_FC - ok
21:33:15.0425 9768 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:33:15.0429 9768 LSI_SAS - ok
21:33:15.0495 9768 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:33:15.0498 9768 LSI_SCSI - ok
21:33:15.0586 9768 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:33:15.0588 9768 luafv - ok
21:33:15.0688 9768 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:33:15.0689 9768 MBAMProtector - ok
21:33:15.0793 9768 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:33:15.0800 9768 MBAMScheduler - ok
21:33:15.0866 9768 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:33:15.0872 9768 MBAMService - ok
21:33:15.0970 9768 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
21:33:15.0974 9768 McComponentHostService - ok
21:33:16.0094 9768 [ 5F2E238661F79CC2D0347F0265BF0063 ] mcmscsvc C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
21:33:16.0100 9768 mcmscsvc - ok
21:33:16.0241 9768 [ AA490BFB95998686AF46FDCD8093443B ] McNASvc c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
21:33:16.0307 9768 McNASvc - ok
21:33:16.0389 9768 [ A56DDC19C16A0D9B67F43DC092539C7F ] McODS C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
21:33:16.0396 9768 McODS - ok
21:33:16.0532 9768 [ 5A8D1ACD2070B8261236D5484AE63721 ] McProxy c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
21:33:16.0545 9768 McProxy - ok
21:33:16.0652 9768 [ 0C53EFC1DD2318A235EC628A41E05312 ] McShield C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
21:33:16.0656 9768 McShield - ok
21:33:16.0723 9768 [ 9C2BA4C40B94D049539AD99235715A9A ] McSysmon C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
21:33:16.0747 9768 McSysmon - ok
21:33:16.0787 9768 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:33:16.0790 9768 Mcx2Svc - ok
21:33:16.0840 9768 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
21:33:16.0841 9768 megasas - ok
21:33:16.0887 9768 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
21:33:16.0894 9768 MegaSR - ok
21:33:16.0984 9768 [ 26653763D99EA717FC9E069F6BE6771E ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:33:16.0987 9768 mfeavfk - ok
21:33:17.0028 9768 [ E65CE1279F2C1FD9BD81184CEB7F5468 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
21:33:17.0030 9768 mfebopk - ok
21:33:17.0082 9768 [ F817BFCA67475CF04925ECE4FCF9C3C0 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:33:17.0087 9768 mfehidk - ok
21:33:17.0140 9768 [ FE03BE0B990983A08A33389C00636175 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
21:33:17.0141 9768 mferkdk - ok
21:33:17.0175 9768 [ 9C73ACA963AD8883B9FC44B410E70B71 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
21:33:17.0180 9768 mfesmfk - ok
21:33:17.0261 9768 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:33:17.0263 9768 Microsoft Office Groove Audit Service - ok
21:33:17.0335 9768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:33:17.0338 9768 MMCSS - ok
21:33:17.0388 9768 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:33:17.0389 9768 Modem - ok
21:33:17.0474 9768 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:33:17.0479 9768 monitor - ok
21:33:17.0512 9768 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:33:17.0514 9768 mouclass - ok
21:33:17.0552 9768 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:33:17.0553 9768 mouhid - ok
21:33:17.0585 9768 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:33:17.0587 9768 MountMgr - ok
21:33:17.0623 9768 [ 447D50511A7AAC23D4CBBE527E1FF1F2 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
21:33:17.0627 9768 MPFP - ok
21:33:17.0699 9768 [ DE51C0969EE26777D2D10C5CF70538FA ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe
21:33:17.0706 9768 MpfService - ok
21:33:17.0779 9768 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
21:33:17.0781 9768 mpio - ok
21:33:17.0826 9768 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:33:17.0829 9768 mpsdrv - ok
21:33:17.0905 9768 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:33:17.0915 9768 MpsSvc - ok
21:33:17.0972 9768 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:33:17.0984 9768 Mraid35x - ok
21:33:18.0053 9768 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:33:18.0057 9768 MRxDAV - ok
21:33:18.0119 9768 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:33:18.0122 9768 mrxsmb - ok
21:33:18.0164 9768 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:33:18.0169 9768 mrxsmb10 - ok
21:33:18.0198 9768 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:33:18.0200 9768 mrxsmb20 - ok
21:33:18.0228 9768 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
21:33:18.0229 9768 msahci - ok
21:33:18.0288 9768 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:33:18.0290 9768 msdsm - ok
21:33:18.0354 9768 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:33:18.0372 9768 MSDTC - ok
21:33:18.0448 9768 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:33:18.0449 9768 Msfs - ok
21:33:18.0643 9768 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:33:18.0900 9768 msisadrv - ok
21:33:18.0974 9768 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:33:18.0978 9768 MSiSCSI - ok
21:33:18.0992 9768 msiserver - ok
21:33:19.0070 9768 [ 9A55CFA5F970BB407C7F639D19578A89 ] MSK80Service C:\Program Files\McAfee\MSK\MskSrver.exe
21:33:19.0071 9768 MSK80Service - ok
21:33:19.0135 9768 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:33:19.0136 9768 MSKSSRV - ok
21:33:19.0245 9768 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:33:19.0247 9768 MSPCLOCK - ok
21:33:19.0268 9768 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:33:19.0269 9768 MSPQM - ok
21:33:19.0319 9768 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:33:19.0323 9768 MsRPC - ok
21:33:19.0354 9768 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:33:19.0356 9768 mssmbios - ok
21:33:19.0472 9768 MSSQL$SQLEXPRESS - ok
21:33:19.0658 9768 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:33:19.0659 9768 MSSQLServerADHelper100 - ok
21:33:19.0722 9768 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:33:19.0724 9768 MSTEE - ok
21:33:19.0800 9768 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:33:19.0803 9768 Mup - ok
21:33:19.0901 9768 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:33:19.0909 9768 napagent - ok
21:33:19.0982 9768 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:33:19.0986 9768 NativeWifiP - ok
21:33:20.0056 9768 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:33:20.0066 9768 NDIS - ok
21:33:20.0116 9768 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:33:20.0117 9768 NdisTapi - ok
21:33:20.0184 9768 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:33:20.0186 9768 Ndisuio - ok
21:33:20.0266 9768 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:33:20.0268 9768 NdisWan - ok
21:33:20.0287 9768 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:33:20.0289 9768 NDProxy - ok
21:33:20.0334 9768 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:33:20.0336 9768 NetBIOS - ok
21:33:20.0378 9768 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:33:20.0382 9768 netbt - ok
21:33:20.0440 9768 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:33:20.0441 9768 Netlogon - ok
21:33:20.0723 9768 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:33:20.0730 9768 Netman - ok
21:33:20.0782 9768 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:33:20.0804 9768 NetMsmqActivator - ok
21:33:20.0814 9768 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:33:20.0817 9768 NetPipeActivator - ok
21:33:20.0860 9768 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:33:20.0866 9768 netprofm - ok
21:33:20.0890 9768 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:33:20.0891 9768 NetTcpActivator - ok
21:33:20.0904 9768 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:33:20.0906 9768 NetTcpPortSharing - ok
21:33:20.0947 9768 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:33:20.0949 9768 nfrd960 - ok
21:33:21.0033 9768 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:33:21.0038 9768 NlaSvc - ok
21:33:21.0100 9768 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:33:21.0102 9768 Npfs - ok
21:33:21.0140 9768 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:33:21.0143 9768 nsi - ok
21:33:21.0195 9768 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:33:21.0197 9768 nsiproxy - ok
21:33:21.0293 9768 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:33:21.0325 9768 Ntfs - ok
21:33:21.0362 9768 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:33:21.0363 9768 ntrigdigi - ok
21:33:21.0384 9768 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:33:21.0385 9768 Null - ok
21:33:21.0407 9768 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:33:21.0409 9768 nvraid - ok
21:33:21.0426 9768 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:33:21.0428 9768 nvstor - ok
21:33:21.0449 9768 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:33:21.0451 9768 nv_agp - ok
21:33:21.0458 9768 NwlnkFlt - ok
21:33:21.0465 9768 NwlnkFwd - ok
21:33:21.0626 9768 [ A015DD2BA6009C8BDD00A6C431302D06 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
21:33:21.0630 9768 OA009Ufd - ok
21:33:21.0691 9768 [ D4E1F63A07C58563A73FD5AA20DCFB65 ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
21:33:21.0696 9768 OA009Vid - ok
21:33:21.0808 9768 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:33:21.0816 9768 odserv - ok
21:33:21.0857 9768 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:33:21.0859 9768 ohci1394 - ok
21:33:21.0908 9768 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:33:21.0912 9768 ose - ok
21:33:21.0985 9768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:33:21.0999 9768 p2pimsvc - ok
21:33:22.0016 9768 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:33:22.0024 9768 p2psvc - ok
21:33:22.0068 9768 [ 9D80E0BE979C3EDAF2863F23B88F4DE6 ] Packet C:\Windows\system32\DRIVERS\packet.sys
21:33:22.0069 9768 Packet - ok
21:33:22.0120 9768 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:33:22.0122 9768 Parport - ok
21:33:22.0209 9768 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:33:22.0211 9768 partmgr - ok
21:33:22.0243 9768 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:33:22.0244 9768 Parvdm - ok
21:33:22.0274 9768 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:33:22.0277 9768 PcaSvc - ok
21:33:22.0470 9768 [ 42EDE7D217325FF56CB8A9983CD7F73B ] PCD5SRVC{3F6A8B78-EC003E00-05040104} C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
21:33:22.0563 9768 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
21:33:22.0612 9768 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:33:22.0614 9768 pci - ok
21:33:22.0672 9768 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
21:33:22.0673 9768 pciide - ok
21:33:22.0684 9768 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:33:22.0688 9768 pcmcia - ok
21:33:22.0764 9768 [ 927AAA8E65F9B7E5F95B53A92E65EC98 ] PCTDMDefrag C:\Windows\system32\drivers\PCTDMDefrag.sys
21:33:22.0767 9768 PCTDMDefrag - ok
21:33:22.0799 9768 [ 2D3B87BAE5ADBFE1831176C01FB7FBEE ] PCTDSMon C:\Windows\system32\drivers\PCTDSMon.sys
21:33:22.0802 9768 PCTDSMon - ok
21:33:22.0853 9768 [ F85B41F5968B3CA8001E91DE48CA0740 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
21:33:22.0864 9768 PCToolsSSDMonitorSvc - ok
21:33:22.0907 9768 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:33:22.0924 9768 PEAUTH - ok
21:33:23.0056 9768 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:33:23.0090 9768 pla - ok
21:33:23.0130 9768 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:33:23.0136 9768 PlugPlay - ok
21:33:23.0193 9768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:33:23.0200 9768 PNRPAutoReg - ok
21:33:23.0218 9768 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:33:23.0225 9768 PNRPsvc - ok
21:33:23.0291 9768 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:33:23.0299 9768 PolicyAgent - ok
21:33:23.0349 9768 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:33:23.0351 9768 PptpMiniport - ok
21:33:23.0389 9768 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
21:33:23.0391 9768 Processor - ok
21:33:23.0439 9768 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:33:23.0444 9768 ProfSvc - ok
21:33:23.0462 9768 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:33:23.0464 9768 ProtectedStorage - ok
21:33:23.0497 9768 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:33:23.0499 9768 PSched - ok
21:33:23.0585 9768 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
21:33:23.0586 9768 PxHelp20 - ok
21:33:23.0680 9768 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:33:23.0703 9768 ql2300 - ok
21:33:23.0743 9768 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:33:23.0746 9768 ql40xx - ok
21:33:23.0838 9768 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:33:23.0845 9768 QWAVE - ok
21:33:23.0882 9768 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:33:23.0884 9768 QWAVEdrv - ok
21:33:23.0996 9768 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
21:33:24.0030 9768 R300 - ok
21:33:24.0063 9768 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:33:24.0065 9768 RasAcd - ok
21:33:24.0108 9768 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:33:24.0113 9768 RasAuto - ok
21:33:24.0137 9768 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:33:24.0140 9768 Rasl2tp - ok
21:33:24.0212 9768 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:33:24.0219 9768 RasMan - ok
21:33:24.0281 9768 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:33:24.0282 9768 RasPppoe - ok
21:33:24.0310 9768 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:33:24.0314 9768 RasSstp - ok
21:33:24.0349 9768 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:33:24.0354 9768 rdbss - ok
21:33:24.0414 9768 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:33:24.0415 9768 RDPCDD - ok
21:33:24.0460 9768 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:33:24.0465 9768 rdpdr - ok
21:33:24.0492 9768 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:33:24.0493 9768 RDPENCDD - ok
21:33:24.0549 9768 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:33:24.0553 9768 RDPWD - ok
21:33:24.0660 9768 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:33:24.0663 9768 RemoteAccess - ok
21:33:24.0709 9768 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:33:24.0713 9768 RemoteRegistry - ok
21:33:24.0763 9768 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:33:24.0765 9768 RpcLocator - ok
21:33:24.0846 9768 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:33:24.0854 9768 RpcSs - ok
21:33:24.0923 9768 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
21:33:24.0927 9768 RsFx0103 - ok
21:33:24.0976 9768 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:33:24.0978 9768 rspndr - ok
21:33:25.0062 9768 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
21:33:25.0064 9768 RTSTOR - ok
21:33:25.0117 9768 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:33:25.0119 9768 SamSs - ok
21:33:25.0227 9768 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:33:25.0228 9768 SASDIFSV - ok
21:33:25.0276 9768 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:33:25.0279 9768 SASKUTIL - ok
21:33:25.0315 9768 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:33:25.0317 9768 sbp2port - ok
21:33:25.0380 9768 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:33:25.0385 9768 SCardSvr - ok
21:33:25.0434 9768 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:33:25.0451 9768 Schedule - ok
21:33:25.0505 9768 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:33:25.0505 9768 SCPolicySvc - ok
21:33:25.0552 9768 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:33:25.0557 9768 SDRSVC - ok
21:33:25.0638 9768 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:33:25.0640 9768 secdrv - ok
21:33:25.0653 9768 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:33:25.0656 9768 seclogon - ok
21:33:25.0688 9768 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
21:33:25.0693 9768 SENS - ok
21:33:25.0721 9768 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:33:25.0723 9768 Serenum - ok
21:33:25.0738 9768 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:33:25.0741 9768 Serial - ok
21:33:25.0751 9768 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:33:25.0752 9768 sermouse - ok
21:33:25.0823 9768 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:33:25.0827 9768 SessionEnv - ok
21:33:25.0844 9768 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:33:25.0845 9768 sffdisk - ok
21:33:25.0858 9768 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:33:25.0860 9768 sffp_mmc - ok
21:33:25.0873 9768 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:33:25.0874 9768 sffp_sd - ok
21:33:25.0889 9768 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:33:25.0904 9768 sfloppy - ok
21:33:26.0034 9768 [ 89C8CE6971A3E571176348E237018C0A ] SftService C:\Windows\sminst\sftservice.EXE
21:33:26.0045 9768 SftService - ok
21:33:26.0088 9768 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:33:26.0096 9768 SharedAccess - ok
21:33:26.0162 9768 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:33:26.0169 9768 ShellHWDetection - ok
21:33:26.0199 9768 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:33:26.0201 9768 sisagp - ok
21:33:26.0235 9768 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:33:26.0237 9768 SiSRaid2 - ok
21:33:26.0255 9768 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:33:26.0260 9768 SiSRaid4 - ok
21:33:26.0363 9768 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:33:26.0368 9768 SkypeUpdate - ok
21:33:26.0530 9768 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:33:26.0629 9768 slsvc - ok
21:33:26.0725 9768 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:33:26.0730 9768 SLUINotify - ok
21:33:26.0828 9768 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:33:26.0845 9768 Smb - ok
21:33:26.0916 9768 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:33:26.0942 9768 SNMPTRAP - ok
21:33:26.0995 9768 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:33:26.0998 9768 spldr - ok
21:33:27.0049 9768 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:33:27.0076 9768 Spooler - ok
21:33:27.0187 9768 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
21:33:27.0191 9768 sprtsvc_DellSupportCenter - ok
21:33:27.0350 9768 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:33:27.0363 9768 SQLAgent$SQLEXPRESS - ok
21:33:27.0468 9768 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:33:27.0474 9768 SQLBrowser - ok
21:33:27.0545 9768 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:33:27.0547 9768 SQLWriter - ok
21:33:27.0594 9768 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:33:27.0600 9768 srv - ok
21:33:27.0676 9768 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:33:27.0680 9768 srv2 - ok
21:33:27.0736 9768 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:33:27.0739 9768 srvnet - ok
21:33:27.0788 9768 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:33:27.0793 9768 SSDPSRV - ok
21:33:27.0851 9768 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:33:27.0856 9768 SstpSvc - ok
21:33:27.0979 9768 [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:33:27.0983 9768 ssudmdm - ok
21:33:28.0137 9768 [ CB2449150A5EA17CAA0B94363D9440CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
21:33:28.0142 9768 STacSV - ok
21:33:28.0255 9768 [ 14A9AD287FDA70A06463E09C4328C1F2 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
21:33:28.0264 9768 STHDA - ok
21:33:28.0319 9768 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:33:28.0330 9768 stisvc - ok
21:33:28.0391 9768 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:33:28.0394 9768 stllssvr - ok
21:33:28.0440 9768 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:33:28.0441 9768 swenum - ok
21:33:28.0493 9768 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:33:28.0503 9768 swprv - ok
21:33:28.0532 9768 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:33:28.0534 9768 Symc8xx - ok
21:33:28.0544 9768 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:33:28.0546 9768 Sym_hi - ok
21:33:28.0556 9768 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:33:28.0557 9768 Sym_u3 - ok
21:33:28.0599 9768 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:33:28.0619 9768 SysMain - ok
21:33:28.0710 9768 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:33:28.0714 9768 TabletInputService - ok
21:33:28.0767 9768 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:33:28.0775 9768 TapiSrv - ok
21:33:28.0793 9768 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:33:28.0796 9768 TBS - ok
21:33:28.0869 9768 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:33:28.0891 9768 Tcpip - ok
21:33:28.0925 9768 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:33:28.0933 9768 Tcpip6 - ok
21:33:28.0979 9768 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:33:28.0981 9768 tcpipreg - ok
21:33:29.0021 9768 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:33:29.0043 9768 TDPIPE - ok
21:33:29.0072 9768 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:33:29.0074 9768 TDTCP - ok
21:33:29.0185 9768 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:33:29.0188 9768 tdx - ok
21:33:29.0238 9768 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:33:29.0240 9768 TermDD - ok
21:33:29.0309 9768 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:33:29.0325 9768 TermService - ok
21:33:29.0367 9768 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:33:29.0374 9768 Themes - ok
21:33:29.0412 9768 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:33:29.0414 9768 THREADORDER - ok
21:33:29.0457 9768 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:33:29.0461 9768 TrkWks - ok
21:33:29.0535 9768 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:33:29.0536 9768 TrustedInstaller - ok
21:33:29.0626 9768 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:33:29.0628 9768 tssecsrv - ok
21:33:29.0770 9768 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:33:29.0772 9768 tunmp - ok
21:33:29.0860 9768 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:33:29.0861 9768 tunnel - ok
21:33:29.0875 9768 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:33:29.0877 9768 uagp35 - ok
21:33:29.0942 9768 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:33:29.0948 9768 udfs - ok
21:33:29.0994 9768 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:33:29.0997 9768 UI0Detect - ok
21:33:30.0040 9768 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:33:30.0042 9768 uliagpkx - ok
21:33:30.0074 9768 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:33:30.0080 9768 uliahci - ok
21:33:30.0094 9768 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:33:30.0097 9768 UlSata - ok
21:33:30.0107 9768 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:33:30.0110 9768 ulsata2 - ok
21:33:30.0135 9768 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:33:30.0137 9768 umbus - ok
21:33:30.0195 9768 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:33:30.0203 9768 upnphost - ok
21:33:30.0295 9768 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:33:30.0297 9768 USBAAPL - ok
21:33:30.0345 9768 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:33:30.0349 9768 usbccgp - ok
21:33:30.0391 9768 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:33:30.0394 9768 usbcir - ok
21:33:30.0482 9768 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:33:30.0483 9768 usbehci - ok
21:33:30.0551 9768 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:33:30.0555 9768 usbhub - ok
21:33:30.0599 9768 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:33:30.0601 9768 usbohci - ok
21:33:30.0645 9768 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:33:30.0647 9768 usbprint - ok
21:33:30.0740 9768 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:33:30.0742 9768 USBSTOR - ok
21:33:30.0788 9768 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:33:30.0790 9768 usbuhci - ok
21:33:30.0851 9768 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:33:30.0854 9768 UxSms - ok
21:33:30.0901 9768 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:33:30.0912 9768 vds - ok
21:33:31.0003 9768 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:33:31.0004 9768 vga - ok
21:33:31.0032 9768 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:33:31.0033 9768 VgaSave - ok
21:33:31.0047 9768 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:33:31.0049 9768 viaagp - ok
21:33:31.0071 9768 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:33:31.0073 9768 ViaC7 - ok
21:33:31.0086 9768 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
21:33:31.0087 9768 viaide - ok
21:33:31.0106 9768 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:33:31.0108 9768 volmgr - ok
21:33:31.0154 9768 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:33:31.0161 9768 volmgrx - ok
21:33:31.0229 9768 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:33:31.0234 9768 volsnap - ok
21:33:31.0274 9768 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:33:31.0277 9768 vsmraid - ok
21:33:31.0363 9768 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:33:31.0385 9768 VSS - ok
21:33:31.0443 9768 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:33:31.0451 9768 W32Time - ok
21:33:31.0485 9768 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:33:31.0487 9768 WacomPen - ok
21:33:31.0533 9768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:33:31.0535 9768 Wanarp - ok
21:33:31.0550 9768 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:33:31.0551 9768 Wanarpv6 - ok
21:33:31.0617 9768 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:33:31.0628 9768 wcncsvc - ok
21:33:31.0704 9768 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:33:31.0721 9768 WcsPlugInService - ok
21:33:31.0734 9768 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
21:33:31.0735 9768 Wd - ok
21:33:31.0793 9768 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:33:31.0803 9768 Wdf01000 - ok
21:33:31.0848 9768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:33:31.0851 9768 WdiServiceHost - ok
21:33:31.0857 9768 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:33:31.0861 9768 WdiSystemHost - ok
21:33:31.0948 9768 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:33:31.0954 9768 WebClient - ok
21:33:32.0025 9768 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:33:32.0030 9768 Wecsvc - ok
21:33:32.0068 9768 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:33:32.0071 9768 wercplsupport - ok
21:33:32.0125 9768 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:33:32.0130 9768 WerSvc - ok
21:33:32.0231 9768 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:33:32.0236 9768 WinDefend - ok
21:33:32.0276 9768 WinHttpAutoProxySvc - ok
21:33:32.0382 9768 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:33:32.0386 9768 Winmgmt - ok
21:33:32.0501 9768 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:33:32.0528 9768 WinRM - ok
21:33:32.0621 9768 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:33:32.0634 9768 Wlansvc - ok
21:33:32.0644 9768 wltrysvc - ok
21:33:32.0746 9768 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:33:32.0748 9768 WmiAcpi - ok
21:33:32.0807 9768 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:33:32.0810 9768 wmiApSrv - ok
21:33:32.0950 9768 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:33:32.0967 9768 WMPNetworkSvc - ok
21:33:33.0017 9768 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:33:33.0023 9768 WPCSvc - ok
21:33:33.0089 9768 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:33:33.0093 9768 WPDBusEnum - ok
21:33:33.0160 9768 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:33:33.0162 9768 WpdUsb - ok
21:33:33.0341 9768 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:33:33.0355 9768 WPFFontCache_v0400 - ok
21:33:33.0398 9768 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:33:33.0399 9768 ws2ifsl - ok
21:33:33.0430 9768 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
21:33:33.0434 9768 wscsvc - ok
21:33:33.0445 9768 WSearch - ok
21:33:33.0537 9768 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:33:33.0540 9768 WUDFRd - ok
21:33:33.0595 9768 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:33:33.0599 9768 wudfsvc - ok
21:33:33.0652 9768 yksvc - ok
21:33:33.0773 9768 [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
21:33:33.0780 9768 yukonwlh - ok
21:33:33.0859 9768 ================ Scan global ===============================
21:33:33.0915 9768 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:33:33.0972 9768 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:33:33.0992 9768 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:33:34.0040 9768 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:33:34.0047 9768 [Global] - ok
21:33:34.0047 9768 ================ Scan MBR ==================================
21:33:34.0070 9768 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
21:33:34.0419 9768 \Device\Harddisk0\DR0 - ok
21:33:34.0420 9768 ================ Scan VBR ==================================
21:33:34.0442 9768 [ 05FDC1787582D2D0FBA3A56C37E378A0 ] \Device\Harddisk0\DR0\Partition1
21:33:34.0453 9768 \Device\Harddisk0\DR0\Partition1 - ok
21:33:34.0457 9768 [ ED15DC63EA27F24E5D1BD0523D8E1F2C ] \Device\Harddisk0\DR0\Partition2
21:33:34.0459 9768 \Device\Harddisk0\DR0\Partition2 - ok
21:33:34.0462 9768 ============================================================
21:33:34.0462 9768 Scan finished
21:33:34.0462 9768 ============================================================
21:33:34.0479 11720 Detected object count: 0
21:33:34.0479 11720 Actual detected object count: 0
21:34:47.0895 11712 ============================================================
21:34:47.0896 11712 Scan started
21:34:47.0896 11712 Mode: Manual;
21:34:47.0896 11712 ============================================================
21:34:48.0136 11712 ================ Scan system memory ========================
21:34:48.0136 11712 System memory - ok
21:34:48.0136 11712 ================ Scan services =============================
21:34:48.0257 11712 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:34:48.0258 11712 !SASCORE - ok
21:34:48.0554 11712 0267441243084857mcinstcleanup - ok
21:34:48.0687 11712 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
21:34:48.0690 11712 ACPI - ok
21:34:48.0772 11712 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:34:48.0775 11712 AdobeFlashPlayerUpdateSvc - ok
21:34:48.0824 11712 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:34:48.0828 11712 adp94xx - ok
21:34:48.0872 11712 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:34:48.0874 11712 adpahci - ok
21:34:48.0927 11712 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
21:34:48.0931 11712 adpu160m - ok
21:34:48.0990 11712 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:34:48.0991 11712 adpu320 - ok
21:34:49.0051 11712 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:34:49.0052 11712 AeLookupSvc - ok
21:34:49.0157 11712 [ 087B04CA45E2F059A55709B0B8F95EA9 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
21:34:49.0158 11712 AESTFilters - ok
21:34:49.0203 11712 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
21:34:49.0205 11712 AFD - ok
21:34:49.0262 11712 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:34:49.0263 11712 agp440 - ok
21:34:49.0295 11712 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:34:49.0296 11712 aic78xx - ok
21:34:49.0339 11712 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
21:34:49.0340 11712 ALG - ok
21:34:49.0364 11712 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
21:34:49.0364 11712 aliide - ok
21:34:49.0387 11712 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:34:49.0388 11712 amdagp - ok
21:34:49.0424 11712 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
21:34:49.0425 11712 amdide - ok
21:34:49.0445 11712 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
21:34:49.0445 11712 AmdK7 - ok
21:34:49.0475 11712 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:34:49.0476 11712 AmdK8 - ok
21:34:49.0615 11712 [ EA504A3E708A37CDA81D214D09B8A62F ] Apache2.2 C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
21:34:49.0615 11712 Apache2.2 - ok
21:34:49.0658 11712 [ B83F9DA84F7079451C1C6A4A2F140920 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:34:49.0660 11712 ApfiltrService - ok
21:34:49.0688 11712 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
21:34:49.0689 11712 Appinfo - ok
21:34:49.0778 11712 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:34:49.0779 11712 Apple Mobile Device - ok
21:34:49.0827 11712 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
21:34:49.0828 11712 arc - ok
21:34:49.0847 11712 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:34:49.0849 11712 arcsas - ok
21:34:50.0010 11712 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:34:50.0013 11712 aspnet_state - ok
21:34:50.0040 11712 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:34:50.0040 11712 AsyncMac - ok
21:34:50.0076 11712 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
21:34:50.0077 11712 atapi - ok
21:34:50.0130 11712 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:34:50.0133 11712 AudioEndpointBuilder - ok
21:34:50.0144 11712 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:34:50.0147 11712 Audiosrv - ok
21:34:50.0263 11712 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
21:34:50.0265 11712 BBSvc - ok
21:34:50.0307 11712 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
21:34:50.0309 11712 BBUpdate - ok
21:34:50.0354 11712 [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
21:34:50.0354 11712 BCM42RLY - ok
21:34:50.0420 11712 [ 41A70777E892C3DEA606758366566A77 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
21:34:50.0430 11712 BCM43XX - ok
21:34:50.0481 11712 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
21:34:50.0481 11712 Beep - ok
21:34:50.0558 11712 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
21:34:50.0560 11712 BFE - ok
21:34:50.0606 11712 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:34:50.0607 11712 blbdrive - ok
21:34:50.0699 11712 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:34:50.0702 11712 Bonjour Service - ok
21:34:50.0758 11712 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:34:50.0759 11712 bowser - ok
21:34:50.0792 11712 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
21:34:50.0793 11712 BrFiltLo - ok
21:34:50.0811 11712 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
21:34:50.0813 11712 BrFiltUp - ok
21:34:50.0850 11712 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
21:34:50.0851 11712 Browser - ok
21:34:50.0887 11712 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
21:34:50.0888 11712 Brserid - ok
21:34:50.0917 11712 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
21:34:50.0918 11712 BrSerWdm - ok
21:34:50.0941 11712 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
21:34:50.0943 11712 BrUsbMdm - ok
21:34:50.0972 11712 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
21:34:50.0973 11712 BrUsbSer - ok
21:34:51.0017 11712 [ C9AFF970593E598B896F22898D768105 ] BSecACFltr C:\Windows\system32\DRIVERS\BSecACFltr.sys
21:34:51.0018 11712 BSecACFltr - ok
21:34:51.0123 11712 [ 80505B18392A04486C681FE3D659F2CC ] Bsecure C:\Program Files\Bsecure\InetCtrl.exe
21:34:51.0124 11712 Bsecure - ok
21:34:51.0250 11712 [ 986887D63B4DD32256A638AD964A5906 ] BsecureAV C:\Program Files\Bsecure\BsecAV.exe
21:34:51.0252 11712 BsecureAV - ok
21:34:51.0284 11712 [ 0A00FD8D22ECF4031964414F699B7BBD ] BsecureFilter C:\Windows\system32\drivers\BsecFltr.sys
21:34:51.0285 11712 BsecureFilter - ok
21:34:51.0386 11712 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:34:51.0387 11712 BTHMODEM - ok
21:34:51.0438 11712 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:34:51.0439 11712 cdfs - ok
21:34:51.0493 11712 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:34:51.0494 11712 cdrom - ok
21:34:51.0539 11712 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
21:34:51.0540 11712 CertPropSvc - ok
21:34:51.0603 11712 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
21:34:51.0604 11712 circlass - ok
21:34:51.0638 11712 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
21:34:51.0640 11712 CLFS - ok
21:34:51.0739 11712 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:34:51.0740 11712 clr_optimization_v2.0.50727_32 - ok
21:34:51.0789 11712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:34:51.0791 11712 clr_optimization_v4.0.30319_32 - ok
21:34:51.0872 11712 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:34:51.0875 11712 CmBatt - ok
21:34:51.0965 11712 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:34:51.0966 11712 cmdide - ok
21:34:52.0044 11712 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:34:52.0045 11712 Compbatt - ok
21:34:52.0050 11712 COMSysApp - ok
21:34:52.0081 11712 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:34:52.0082 11712 crcdisk - ok
21:34:52.0140 11712 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
21:34:52.0141 11712 Crusoe - ok
21:34:52.0214 11712 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:34:52.0215 11712 CryptSvc - ok
21:34:52.0294 11712 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:34:52.0295 11712 ctxusbm - ok
21:34:52.0384 11712 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:34:52.0392 11712 DcomLaunch - ok
21:34:52.0495 11712 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:34:52.0496 11712 DfsC - ok
21:34:52.0590 11712 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
21:34:52.0608 11712 DFSR - ok
21:34:52.0645 11712 [ 919F338FD36F47D860775368D0748780 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:34:52.0646 11712 dg_ssudbus - ok
21:34:52.0690 11712 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
21:34:52.0693 11712 Dhcp - ok
21:34:52.0743 11712 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
21:34:52.0744 11712 disk - ok
21:34:52.0892 11712 [ 8B35F7D18721CA4282D34904B0EEBF61 ] DMDefragService C:\Program Files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
21:34:52.0903 11712 DMDefragService - ok
21:34:52.0970 11712 [ 211AB1D8D0D9695F230C624A778F3B22 ] DMRepairService C:\Program Files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
21:34:52.0979 11712 DMRepairService - ok
21:34:53.0016 11712 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:34:53.0018 11712 Dnscache - ok
21:34:53.0140 11712 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
21:34:53.0142 11712 DockLoginService - ok
21:34:53.0188 11712 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:34:53.0191 11712 dot3svc - ok
21:34:53.0251 11712 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
21:34:53.0254 11712 DPS - ok
21:34:53.0297 11712 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:34:53.0298 11712 drmkaud - ok
21:34:53.0461 11712 [ 0BB913F9F02677BD4AE96D4967CACFEE ] dsl-db C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
21:34:53.0499 11712 dsl-db - ok
21:34:53.0593 11712 [ CDEF1D195EA938CCC49B8F288404DAE5 ] dsl-fs-sync C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
21:34:53.0595 11712 dsl-fs-sync - ok
21:34:53.0650 11712 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:34:53.0654 11712 DXGKrnl - ok
21:34:53.0703 11712 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
21:34:53.0705 11712 e1express - ok
21:34:53.0722 11712 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
21:34:53.0724 11712 E1G60 - ok
21:34:53.0761 11712 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
21:34:53.0762 11712 EapHost - ok
21:34:53.0803 11712 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
21:34:53.0804 11712 Ecache - ok
21:34:53.0900 11712 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:34:53.0902 11712 ehRecvr - ok
21:34:53.0932 11712 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
21:34:53.0934 11712 ehSched - ok
21:34:53.0969 11712 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
21:34:53.0970 11712 ehstart - ok
21:34:54.0033 11712 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:34:54.0036 11712 elxstor - ok
21:34:54.0105 11712 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
21:34:54.0110 11712 EMDMgmt - ok
21:34:54.0143 11712 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:34:54.0143 11712 ErrDev - ok
21:34:54.0212 11712 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
21:34:54.0215 11712 EventSystem - ok
21:34:54.0256 11712 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
21:34:54.0258 11712 exfat - ok
21:34:54.0321 11712 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:34:54.0323 11712 fastfat - ok
21:34:54.0355 11712 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:34:54.0355 11712 fdc - ok
21:34:54.0392 11712 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:34:54.0393 11712 fdPHost - ok
21:34:54.0404 11712 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
21:34:54.0406 11712 FDResPub - ok
21:34:54.0428 11712 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:34:54.0429 11712 FileInfo - ok
21:34:54.0464 11712 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:34:54.0466 11712 Filetrace - ok
21:34:54.0478 11712 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:34:54.0479 11712 flpydisk - ok
21:34:54.0565 11712 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:34:54.0567 11712 FltMgr - ok
21:34:54.0636 11712 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
21:34:54.0642 11712 FontCache - ok
21:34:54.0740 11712 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:34:54.0741 11712 FontCache3.0.0.0 - ok
21:34:54.0782 11712 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:34:54.0783 11712 Fs_Rec - ok
21:34:54.0820 11712 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:34:54.0821 11712 gagp30kx - ok
21:34:54.0902 11712 [ 37331304E89A773B1A86FE681FCA150D ] GameConsoleService C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
21:34:54.0904 11712 GameConsoleService - ok
21:34:54.0979 11712 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:34:54.0980 11712 GEARAspiWDM - ok
21:34:55.0031 11712 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
21:34:55.0032 11712 GoToAssist - ok
21:34:55.0101 11712 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
21:34:55.0106 11712 gpsvc - ok
21:34:55.0377 11712 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:34:55.0378 11712 gupdate - ok
21:34:55.0387 11712 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:34:55.0388 11712 gupdatem - ok
21:34:55.0444 11712 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:34:55.0446 11712 gusvc - ok
21:34:55.0510 11712 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:34:55.0516 11712 HDAudBus - ok
21:34:55.0559 11712 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:34:55.0559 11712 HidBth - ok
21:34:55.0578 11712 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:34:55.0579 11712 HidIr - ok
21:34:55.0628 11712 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
21:34:55.0630 11712 hidserv - ok
21:34:55.0677 11712 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:34:55.0677 11712 HidUsb - ok
21:34:55.0743 11712 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:34:55.0745 11712 hkmsvc - ok
21:34:55.0818 11712 [ 26018AFA49F03032CCD3C26EAA384A4C ] hnmsvc c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
21:34:55.0832 11712 hnmsvc - ok
21:34:55.0873 11712 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
21:34:55.0874 11712 HpCISSs - ok
21:34:55.0949 11712 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:34:55.0953 11712 HTTP - ok
21:34:55.0974 11712 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
21:34:55.0976 11712 i2omp - ok
21:34:56.0019 11712 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:34:56.0020 11712 i8042prt - ok
21:34:56.0091 11712 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:34:56.0098 11712 IAANTMON - ok
21:34:56.0149 11712 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\drivers\iastor.sys
21:34:56.0152 11712 iaStor - ok
21:34:56.0200 11712 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
21:34:56.0202 11712 iaStorV - ok
21:34:56.0294 11712 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:34:56.0297 11712 IDriverT - ok
21:34:56.0424 11712 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:34:56.0441 11712 idsvc - ok
21:34:56.0529 11712 [ 8DAD27DD28A4274866767C89C0BF154F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:34:56.0596 11712 igfx - ok
21:34:56.0618 11712 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:34:56.0619 11712 iirsp - ok
21:34:56.0701 11712 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
21:34:56.0705 11712 IKEEXT - ok
21:34:56.0804 11712 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
21:34:56.0804 11712 intelide - ok
21:34:56.0830 11712 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:34:56.0831 11712 intelppm - ok
21:34:56.0878 11712 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:34:56.0882 11712 IPBusEnum - ok
21:34:56.0939 11712 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:34:56.0940 11712 IpFilterDriver - ok
21:34:57.0039 11712 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:34:57.0042 11712 iphlpsvc - ok
21:34:57.0052 11712 IpInIp - ok
21:34:57.0090 11712 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
21:34:57.0091 11712 IPMIDRV - ok
21:34:57.0135 11712 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
21:34:57.0136 11712 IPNAT - ok
21:34:57.0215 11712 [ 6E0FAEA90E71C5F1B9F3BC71B4CCA2FA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:34:57.0220 11712 iPod Service - ok
21:34:57.0254 11712 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:34:57.0255 11712 IRENUM - ok
21:34:57.0361 11712 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:34:57.0362 11712 isapnp - ok
21:34:57.0461 11712 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:34:57.0464 11712 iScsiPrt - ok
21:34:57.0518 11712 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
21:34:57.0519 11712 iteatapi - ok
21:34:57.0559 11712 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
21:34:57.0560 11712 iteraid - ok
21:34:57.0592 11712 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:34:57.0593 11712 kbdclass - ok
21:34:57.0638 11712 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:34:57.0639 11712 kbdhid - ok
21:34:57.0707 11712 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
21:34:57.0710 11712 KeyIso - ok
21:34:57.0940 11712 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:34:57.0944 11712 KSecDD - ok
21:34:58.0003 11712 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:34:58.0010 11712 KtmRm - ok
21:34:58.0091 11712 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
21:34:58.0095 11712 LanmanServer - ok
21:34:58.0169 11712 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:34:58.0173 11712 LanmanWorkstation - ok
21:34:58.0269 11712 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:34:58.0270 11712 lltdio - ok
21:34:58.0373 11712 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:34:58.0378 11712 lltdsvc - ok
21:34:58.0419 11712 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:34:58.0421 11712 lmhosts - ok
21:34:58.0468 11712 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:34:58.0470 11712 LSI_FC - ok
21:34:58.0518 11712 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:34:58.0519 11712 LSI_SAS - ok
21:34:58.0550 11712 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:34:58.0552 11712 LSI_SCSI - ok
21:34:58.0630 11712 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
21:34:58.0631 11712 luafv - ok
21:34:58.0688 11712 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:34:58.0688 11712 MBAMProtector - ok
21:34:58.0870 11712 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:34:58.0877 11712 MBAMScheduler - ok
21:34:58.0930 11712 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:34:58.0941 11712 MBAMService - ok
21:34:59.0104 11712 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
21:34:59.0109 11712 McComponentHostService - ok
21:34:59.0300 11712 [ 5F2E238661F79CC2D0347F0265BF0063 ] mcmscsvc C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
21:34:59.0306 11712 mcmscsvc - ok
21:34:59.0766 11712 [ AA490BFB95998686AF46FDCD8093443B ] McNASvc c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
21:34:59.0839 11712 McNASvc - ok
21:35:00.0077 11712 [ A56DDC19C16A0D9B67F43DC092539C7F ] McODS C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
21:35:00.0102 11712 McODS - ok
21:35:00.0195 11712 [ 5A8D1ACD2070B8261236D5484AE63721 ] McProxy c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
21:35:00.0203 11712 McProxy - ok
21:35:00.0242 11712 [ 0C53EFC1DD2318A235EC628A41E05312 ] McShield C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
21:35:00.0245 11712 McShield - ok
21:35:00.0391 11712 [ 9C2BA4C40B94D049539AD99235715A9A ] McSysmon C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
21:35:00.0423 11712 McSysmon - ok
21:35:00.0476 11712 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:35:00.0479 11712 Mcx2Svc - ok
21:35:00.0570 11712 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
21:35:00.0571 11712 megasas - ok
21:35:00.0621 11712 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
21:35:00.0624 11712 MegaSR - ok
21:35:00.0663 11712 [ 26653763D99EA717FC9E069F6BE6771E ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:35:00.0664 11712 mfeavfk - ok
21:35:00.0740 11712 [ E65CE1279F2C1FD9BD81184CEB7F5468 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
21:35:00.0741 11712 mfebopk - ok
21:35:00.0817 11712 [ F817BFCA67475CF04925ECE4FCF9C3C0 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:35:00.0819 11712 mfehidk - ok
21:35:00.0891 11712 [ FE03BE0B990983A08A33389C00636175 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
21:35:00.0893 11712 mferkdk - ok
21:35:00.0942 11712 [ 9C73ACA963AD8883B9FC44B410E70B71 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
21:35:00.0943 11712 mfesmfk - ok
21:35:01.0164 11712 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:35:01.0166 11712 Microsoft Office Groove Audit Service - ok
21:35:01.0247 11712 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
21:35:01.0249 11712 MMCSS - ok
21:35:01.0287 11712 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
21:35:01.0288 11712 Modem - ok
21:35:01.0364 11712 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:35:01.0365 11712 monitor - ok
21:35:01.0413 11712 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:35:01.0414 11712 mouclass - ok
21:35:01.0442 11712 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:35:01.0443 11712 mouhid - ok
21:35:01.0475 11712 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
21:35:01.0476 11712 MountMgr - ok
21:35:01.0523 11712 [ 447D50511A7AAC23D4CBBE527E1FF1F2 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
21:35:01.0525 11712 MPFP - ok
21:35:01.0655 11712 [ DE51C0969EE26777D2D10C5CF70538FA ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe
21:35:01.0662 11712 MpfService - ok
21:35:01.0735 11712 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
21:35:01.0736 11712 mpio - ok
21:35:01.0767 11712 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:35:01.0768 11712 mpsdrv - ok
21:35:01.0816 11712 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:35:01.0822 11712 MpsSvc - ok
21:35:01.0857 11712 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
21:35:01.0858 11712 Mraid35x - ok
21:35:01.0910 11712 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:35:01.0911 11712 MRxDAV - ok
21:35:01.0964 11712 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:35:01.0966 11712 mrxsmb - ok
21:35:02.0009 11712 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:35:02.0012 11712 mrxsmb10 - ok
21:35:02.0044 11712 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:35:02.0045 11712 mrxsmb20 - ok
21:35:02.0151 11712 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
21:35:02.0152 11712 msahci - ok
21:35:02.0477 11712 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:35:02.0479 11712 msdsm - ok
21:35:02.0555 11712 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
21:35:02.0757 11712 MSDTC - ok
21:35:02.0815 11712 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:35:02.0816 11712 Msfs - ok
21:35:02.0866 11712 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:35:02.0867 11712 msisadrv - ok
21:35:02.0942 11712 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:35:02.0945 11712 MSiSCSI - ok
21:35:02.0951 11712 msiserver - ok
21:35:03.0081 11712 [ 9A55CFA5F970BB407C7F639D19578A89 ] MSK80Service C:\Program Files\McAfee\MSK\MskSrver.exe
21:35:03.0083 11712 MSK80Service - ok
21:35:03.0136 11712 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:35:03.0137 11712 MSKSSRV - ok
21:35:03.0431 11712 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:35:03.0432 11712 MSPCLOCK - ok
21:35:03.0513 11712 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:35:03.0514 11712 MSPQM - ok
21:35:03.0621 11712 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:35:03.0623 11712 MsRPC - ok
21:35:03.0676 11712 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:35:03.0677 11712 mssmbios - ok
21:35:03.0773 11712 MSSQL$SQLEXPRESS - ok
21:35:03.0881 11712 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:35:03.0883 11712 MSSQLServerADHelper100 - ok
21:35:03.0923 11712 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:35:03.0924 11712 MSTEE - ok
21:35:03.0968 11712 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
21:35:03.0969 11712 Mup - ok
21:35:04.0047 11712 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
21:35:04.0058 11712 napagent - ok
21:35:04.0144 11712 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:35:04.0146 11712 NativeWifiP - ok
21:35:04.0497 11712 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:35:04.0501 11712 NDIS - ok
21:35:04.0721 11712 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:35:04.0722 11712 NdisTapi - ok
21:35:04.0758 11712 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:35:04.0759 11712 Ndisuio - ok
21:35:04.0788 11712 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:35:04.0789 11712 NdisWan - ok
21:35:04.0809 11712 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:35:04.0810 11712 NDProxy - ok
21:35:04.0856 11712 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:35:04.0858 11712 NetBIOS - ok
21:35:04.0923 11712 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
21:35:04.0926 11712 netbt - ok
21:35:04.0973 11712 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
21:35:04.0975 11712 Netlogon - ok
21:35:05.0025 11712 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
21:35:05.0029 11712 Netman - ok
21:35:05.0059 11712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:35:05.0062 11712 NetMsmqActivator - ok
21:35:05.0070 11712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:35:05.0072 11712 NetPipeActivator - ok
21:35:05.0111 11712 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
21:35:05.0115 11712 netprofm - ok
21:35:05.0137 11712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:35:05.0139 11712 NetTcpActivator - ok
21:35:05.0307 11712 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:35:05.0308 11712 NetTcpPortSharing - ok
21:35:05.0436 11712 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:35:05.0437 11712 nfrd960 - ok
21:35:05.0466 11712 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:35:05.0469 11712 NlaSvc - ok
21:35:05.0528 11712 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:35:05.0529 11712 Npfs - ok
21:35:05.0573 11712 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
21:35:05.0575 11712 nsi - ok
21:35:05.0631 11712 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:35:05.0631 11712 nsiproxy - ok
21:35:05.0736 11712 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:35:05.0744 11712 Ntfs - ok
21:35:05.0784 11712 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
21:35:05.0785 11712 ntrigdigi - ok
21:35:05.0806 11712 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
21:35:05.0807 11712 Null - ok
21:35:05.0829 11712 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:35:05.0830 11712 nvraid - ok
21:35:05.0870 11712 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:35:05.0871 11712 nvstor - ok
21:35:05.0893 11712 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:35:05.0895 11712 nv_agp - ok
21:35:05.0904 11712 NwlnkFlt - ok
21:35:05.0910 11712 NwlnkFwd - ok
21:35:05.0959 11712 [ A015DD2BA6009C8BDD00A6C431302D06 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
21:35:05.0961 11712 OA009Ufd - ok
21:35:06.0002 11712 [ D4E1F63A07C58563A73FD5AA20DCFB65 ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
21:35:06.0004 11712 OA009Vid - ok
21:35:06.0131 11712 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:35:06.0307 11712 odserv - ok
21:35:06.0379 11712 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:35:06.0380 11712 ohci1394 - ok
21:35:06.0443 11712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:35:06.0447 11712 ose - ok
21:35:06.0516 11712 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
21:35:06.0525 11712 p2pimsvc - ok
21:35:06.0547 11712 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
21:35:06.0554 11712 p2psvc - ok
21:35:06.0607 11712 [ 9D80E0BE979C3EDAF2863F23B88F4DE6 ] Packet C:\Windows\system32\DRIVERS\packet.sys
21:35:06.0608 11712 Packet - ok
21:35:06.0653 11712 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
21:35:06.0654 11712 Parport - ok
21:35:06.0697 11712 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:35:06.0698 11712 partmgr - ok
21:35:06.0720 11712 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
21:35:06.0722 11712 Parvdm - ok
21:35:06.0773 11712 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
21:35:06.0776 11712 PcaSvc - ok
21:35:06.0958 11712 [ 42EDE7D217325FF56CB8A9983CD7F73B ] PCD5SRVC{3F6A8B78-EC003E00-05040104} C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
21:35:06.0960 11712 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
21:35:07.0023 11712 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
21:35:07.0024 11712 pci - ok
21:35:07.0061 11712 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
21:35:07.0061 11712 pciide - ok
21:35:07.0072 11712 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:35:07.0074 11712 pcmcia - ok
21:35:07.0141 11712 [ 927AAA8E65F9B7E5F95B53A92E65EC98 ] PCTDMDefrag C:\Windows\system32\drivers\PCTDMDefrag.sys
21:35:07.0143 11712 PCTDMDefrag - ok
21:35:07.0243 11712 [ 2D3B87BAE5ADBFE1831176C01FB7FBEE ] PCTDSMon C:\Windows\system32\drivers\PCTDSMon.sys
21:35:07.0245 11712 PCTDSMon - ok
21:35:07.0364 11712 [ F85B41F5968B3CA8001E91DE48CA0740 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
21:35:07.0379 11712 PCToolsSSDMonitorSvc - ok
21:35:07.0419 11712 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:35:07.0427 11712 PEAUTH - ok
21:35:07.0525 11712 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
21:35:07.0556 11712 pla - ok
21:35:07.0599 11712 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:35:07.0604 11712 PlugPlay - ok
21:35:07.0662 11712 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
21:35:07.0670 11712 PNRPAutoReg - ok
21:35:07.0693 11712 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
21:35:07.0703 11712 PNRPsvc - ok
21:35:07.0767 11712 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:35:07.0771 11712 PolicyAgent - ok
21:35:07.0825 11712 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:35:07.0826 11712 PptpMiniport - ok
21:35:07.0851 11712 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
21:35:07.0852 11712 Processor - ok
21:35:07.0917 11712 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
21:35:07.0920 11712 ProfSvc - ok
21:35:07.0939 11712 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:35:07.0941 11712 ProtectedStorage - ok
21:35:07.0974 11712 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
21:35:07.0975 11712 PSched - ok
21:35:08.0029 11712 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
21:35:08.0030 11712 PxHelp20 - ok
21:35:08.0090 11712 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:35:08.0103 11712 ql2300 - ok
21:35:08.0115 11712 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:35:08.0117 11712 ql40xx - ok
21:35:08.0300 11712 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
21:35:08.0308 11712 QWAVE - ok
21:35:08.0348 11712 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:35:08.0349 11712 QWAVEdrv - ok
21:35:08.0453 11712 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
21:35:08.0502 11712 R300 - ok
21:35:08.0530 11712 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:35:08.0530 11712 RasAcd - ok
21:35:08.0564 11712 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
21:35:08.0568 11712 RasAuto - ok
21:35:08.0592 11712 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:35:08.0594 11712 Rasl2tp - ok
21:35:08.0645 11712 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
21:35:08.0649 11712 RasMan - ok
21:35:08.0682 11712 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:35:08.0683 11712 RasPppoe - ok
21:35:08.0709 11712 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:35:08.0710 11712 RasSstp - ok
21:35:08.0738 11712 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:35:08.0741 11712 rdbss - ok
21:35:08.0781 11712 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:35:08.0781 11712 RDPCDD - ok
21:35:08.0837 11712 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
21:35:08.0840 11712 rdpdr - ok
21:35:08.0848 11712 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:35:08.0850 11712 RDPENCDD - ok
21:35:08.0904 11712 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:35:08.0907 11712 RDPWD - ok
21:35:08.0949 11712 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:35:08.0952 11712 RemoteAccess - ok
21:35:09.0008 11712 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:35:09.0013 11712 RemoteRegistry - ok
21:35:09.0023 11712 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
21:35:09.0025 11712 RpcLocator - ok
21:35:09.0082 11712 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
21:35:09.0089 11712 RpcSs - ok
21:35:09.0251 11712 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
21:35:09.0253 11712 RsFx0103 - ok
21:35:09.0298 11712 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:35:09.0299 11712 rspndr - ok
21:35:09.0339 11712 [ 9B09F336DE36A7A6CA871DE8A7847B65 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
21:35:09.0341 11712 RTSTOR - ok
21:35:09.0372 11712 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
21:35:09.0374 11712 SamSs - ok
21:35:09.0472 11712 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:35:09.0472 11712 SASDIFSV - ok
21:35:09.0510 11712 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:35:09.0514 11712 SASKUTIL - ok
21:35:09.0548 11712 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:35:09.0549 11712 sbp2port - ok
21:35:09.0602 11712 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:35:09.0606 11712 SCardSvr - ok
21:35:09.0659 11712 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
21:35:09.0667 11712 Schedule - ok
21:35:09.0728 11712 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:35:09.0729 11712 SCPolicySvc - ok
21:35:09.0786 11712 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:35:09.0790 11712 SDRSVC - ok
21:35:09.0828 11712 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:35:09.0829 11712 secdrv - ok
21:35:09.0842 11712 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
21:35:09.0845 11712 seclogon - ok
21:35:09.0861 11712 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
21:35:09.0865 11712 SENS - ok
21:35:09.0887 11712 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:35:09.0889 11712 Serenum - ok
21:35:09.0900 11712 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
21:35:09.0902 11712 Serial - ok
21:35:09.0913 11712 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:35:09.0914 11712 sermouse - ok
21:35:09.0956 11712 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
21:35:09.0959 11712 SessionEnv - ok
21:35:09.0965 11712 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:35:09.0966 11712 sffdisk - ok
21:35:09.0974 11712 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:35:09.0975 11712 sffp_mmc - ok
21:35:09.0982 11712 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:35:09.0983 11712 sffp_sd - ok
21:35:09.0995 11712 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:35:09.0995 11712 sfloppy - ok
21:35:10.0151 11712 [ 89C8CE6971A3E571176348E237018C0A ] SftService C:\Windows\sminst\sftservice.EXE
21:35:10.0164 11712 SftService - ok
21:35:10.0232 11712 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:35:10.0240 11712 SharedAccess - ok
21:35:10.0301 11712 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:35:10.0308 11712 ShellHWDetection - ok
21:35:10.0332 11712 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:35:10.0333 11712 sisagp - ok
21:35:10.0350 11712 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
21:35:10.0351 11712 SiSRaid2 - ok
21:35:10.0364 11712 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:35:10.0365 11712 SiSRaid4 - ok
21:35:10.0429 11712 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:35:10.0433 11712 SkypeUpdate - ok
21:35:10.0575 11712 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
21:35:10.0700 11712 slsvc - ok
21:35:10.0758 11712 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
21:35:10.0762 11712 SLUINotify - ok
21:35:10.0806 11712 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:35:10.0807 11712 Smb - ok
21:35:10.0860 11712 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:35:10.0863 11712 SNMPTRAP - ok
21:35:10.0910 11712 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
21:35:10.0910 11712 spldr - ok
21:35:10.0949 11712 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
21:35:10.0952 11712 Spooler - ok
21:35:11.0016 11712 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
21:35:11.0020 11712 sprtsvc_DellSupportCenter - ok
21:35:11.0227 11712 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:35:11.0234 11712 SQLAgent$SQLEXPRESS - ok
21:35:11.0323 11712 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:35:11.0330 11712 SQLBrowser - ok
21:35:11.0393 11712 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:35:11.0396 11712 SQLWriter - ok
21:35:11.0438 11712 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:35:11.0442 11712 srv - ok
21:35:11.0521 11712 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:35:11.0522 11712 srv2 - ok
21:35:11.0569 11712 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:35:11.0571 11712 srvnet - ok
21:35:11.0609 11712 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:35:11.0613 11712 SSDPSRV - ok
21:35:11.0673 11712 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:35:11.0676 11712 SstpSvc - ok
21:35:11.0744 11712 [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:35:11.0746 11712 ssudmdm - ok
21:35:11.0882 11712 [ CB2449150A5EA17CAA0B94363D9440CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
21:35:11.0888 11712 STacSV - ok
21:35:11.0932 11712 [ 14A9AD287FDA70A06463E09C4328C1F2 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
21:35:11.0936 11712 STHDA - ok
21:35:11.0995 11712 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
21:35:12.0001 11712 stisvc - ok
21:35:12.0058 11712 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:35:12.0061 11712 stllssvr - ok
21:35:12.0117 11712 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:35:12.0118 11712 swenum - ok
21:35:12.0182 11712 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
21:35:12.0191 11712 swprv - ok
21:35:12.0221 11712 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
21:35:12.0222 11712 Symc8xx - ok
21:35:12.0239 11712 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
21:35:12.0240 11712 Sym_hi - ok
21:35:12.0249 11712 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
21:35:12.0251 11712 Sym_u3 - ok
21:35:12.0288 11712 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
21:35:12.0302 11712 SysMain - ok
21:35:12.0353 11712 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:35:12.0359 11712 TabletInputService - ok
21:35:12.0402 11712 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:35:12.0409 11712 TapiSrv - ok
21:35:12.0426 11712 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
21:35:12.0430 11712 TBS - ok
21:35:12.0557 11712 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:35:12.0563 11712 Tcpip - ok
21:35:12.0584 11712 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
21:35:12.0592 11712 Tcpip6 - ok
21:35:12.0634 11712 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:35:12.0635 11712 tcpipreg - ok
21:35:12.0676 11712 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:35:12.0677 11712 TDPIPE - ok
21:35:12.0684 11712 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:35:12.0685 11712 TDTCP - ok
21:35:12.0731 11712 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:35:12.0733 11712 tdx - ok
21:35:12.0806 11712 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:35:12.0807 11712 TermDD - ok
21:35:12.0861 11712 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
21:35:12.0866 11712 TermService - ok
21:35:12.0890 11712 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
21:35:12.0894 11712 Themes - ok
21:35:12.0934 11712 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
21:35:12.0936 11712 THREADORDER - ok
21:35:12.0979 11712 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
21:35:12.0982 11712 TrkWks - ok
21:35:13.0057 11712 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:13.0059 11712 TrustedInstaller - ok
21:35:13.0092 11712 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:13.0093 11712 tssecsrv - ok
21:35:13.0114 11712 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
21:35:13.0115 11712 tunmp - ok
21:35:13.0215 11712 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:35:13.0216 11712 tunnel - ok
21:35:13.0225 11712 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:35:13.0226 11712 uagp35 - ok
21:35:13.0275 11712 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:35:13.0278 11712 udfs - ok
21:35:13.0338 11712 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:35:13.0342 11712 UI0Detect - ok
21:35:13.0362 11712 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:35:13.0363 11712 uliagpkx - ok
21:35:13.0396 11712 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
21:35:13.0399 11712 uliahci - ok
21:35:13.0411 11712 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
21:35:13.0413 11712 UlSata - ok
21:35:13.0430 11712 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
21:35:13.0431 11712 ulsata2 - ok
21:35:13.0457 11712 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:35:13.0459 11712 umbus - ok
21:35:13.0477 11712 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
21:35:13.0482 11712 upnphost - ok
21:35:13.0561 11712 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
21:35:13.0563 11712 USBAAPL - ok
21:35:13.0600 11712 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:13.0602 11712 usbccgp - ok
21:35:13.0611 11712 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:35:13.0613 11712 usbcir - ok
21:35:13.0670 11712 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:35:13.0672 11712 usbehci - ok
21:35:13.0739 11712 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:35:13.0741 11712 usbhub - ok
21:35:13.0788 11712 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:35:13.0789 11712 usbohci - ok
21:35:13.0823 11712 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:35:13.0824 11712 usbprint - ok
21:35:13.0878 11712 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:13.0879 11712 USBSTOR - ok
21:35:13.0900 11712 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:35:13.0901 11712 usbuhci - ok
21:35:13.0939 11712 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
21:35:13.0943 11712 UxSms - ok
21:35:13.0989 11712 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
21:35:14.0000 11712 vds - ok
21:35:14.0047 11712 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:14.0048 11712 vga - ok
21:35:14.0076 11712 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
21:35:14.0077 11712 VgaSave - ok
21:35:14.0085 11712 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:35:14.0086 11712 viaagp - ok
21:35:14.0095 11712 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:35:14.0096 11712 ViaC7 - ok
21:35:14.0104 11712 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
21:35:14.0106 11712 viaide - ok
21:35:14.0172 11712 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:35:14.0173 11712 volmgr - ok
21:35:14.0222 11712 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:35:14.0225 11712 volmgrx - ok
21:35:14.0274 11712 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:35:14.0276 11712 volsnap - ok
21:35:14.0318 11712 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:35:14.0320 11712 vsmraid - ok
21:35:14.0395 11712 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
21:35:14.0417 11712 VSS - ok
21:35:14.0465 11712 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
21:35:14.0471 11712 W32Time - ok
21:35:14.0514 11712 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:35:14.0515 11712 WacomPen - ok
21:35:14.0533 11712 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:35:14.0534 11712 Wanarp - ok
21:35:14.0546 11712 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:35:14.0547 11712 Wanarpv6 - ok
21:35:14.0608 11712 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:35:14.0618 11712 wcncsvc - ok
21:35:14.0660 11712 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:14.0664 11712 WcsPlugInService - ok
21:35:14.0712 11712 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
21:35:14.0713 11712 Wd - ok
21:35:14.0776 11712 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:35:14.0782 11712 Wdf01000 - ok
21:35:14.0814 11712 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:35:14.0818 11712 WdiServiceHost - ok
21:35:14.0829 11712 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:35:14.0833 11712 WdiSystemHost - ok
21:35:14.0886 11712 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
21:35:14.0890 11712 WebClient - ok
21:35:14.0937 11712 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:35:14.0943 11712 Wecsvc - ok
21:35:14.0991 11712 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:35:14.0995 11712 wercplsupport - ok
21:35:15.0036 11712 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
21:35:15.0041 11712 WerSvc - ok
21:35:15.0121 11712 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:35:15.0128 11712 WinDefend - ok
21:35:15.0150 11712 WinHttpAutoProxySvc - ok
21:35:15.0259 11712 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:35:15.0264 11712 Winmgmt - ok
21:35:15.0380 11712 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
21:35:15.0407 11712 WinRM - ok
21:35:15.0489 11712 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:35:15.0495 11712 Wlansvc - ok
21:35:15.0504 11712 wltrysvc - ok
21:35:15.0558 11712 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:35:15.0559 11712 WmiAcpi - ok
21:35:15.0630 11712 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:35:15.0633 11712 wmiApSrv - ok
21:35:15.0741 11712 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:35:15.0760 11712 WMPNetworkSvc - ok
21:35:15.0829 11712 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:35:15.0835 11712 WPCSvc - ok
21:35:15.0909 11712 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:35:15.0914 11712 WPDBusEnum - ok
21:35:15.0972 11712 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
21:35:15.0973 11712 WpdUsb - ok
21:35:16.0177 11712 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:35:16.0203 11712 WPFFontCache_v0400 - ok
21:35:16.0298 11712 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:35:16.0300 11712 ws2ifsl - ok
21:35:16.0331 11712 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
21:35:16.0335 11712 wscsvc - ok
21:35:16.0343 11712 WSearch - ok
21:35:16.0394 11712 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:16.0395 11712 WUDFRd - ok
21:35:16.0451 11712 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:35:16.0454 11712 wudfsvc - ok
21:35:16.0469 11712 yksvc - ok
21:35:16.0553 11712 [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
21:35:16.0556 11712 yukonwlh - ok
21:35:16.0587 11712 ================ Scan global ===============================
21:35:16.0661 11712 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
21:35:16.0718 11712 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:35:16.0741 11712 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
21:35:16.0789 11712 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
21:35:16.0797 11712 [Global] - ok
21:35:16.0803 11712 ================ Scan MBR ==================================
21:35:16.0838 11712 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
21:35:17.0292 11712 \Device\Harddisk0\DR0 - ok
21:35:17.0293 11712 ================ Scan VBR ==================================
21:35:17.0320 11712 [ 05FDC1787582D2D0FBA3A56C37E378A0 ] \Device\Harddisk0\DR0\Partition1
21:35:17.0322 11712 \Device\Harddisk0\DR0\Partition1 - ok
21:35:17.0326 11712 [ ED15DC63EA27F24E5D1BD0523D8E1F2C ] \Device\Harddisk0\DR0\Partition2
21:35:17.0328 11712 \Device\Harddisk0\DR0\Partition2 - ok
21:35:17.0329 11712 ============================================================
21:35:17.0329 11712 Scan finished
21:35:17.0329 11712 ============================================================
21:35:17.0348 7504 Detected object count: 0
21:35:17.0348 7504 Actual detected object count: 0



MalwareBytes log

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.23.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Nathan :: NATHAN-PC [administrator]

10/22/2012 10:15:34 PM
mbam-log-2012-10-23 (07-29-42).txt

Scan type: Full scan (C:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 532960
Time elapsed: 8 hour(s), 23 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\n.) Good: (shell32.dll) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\n (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\U\00000004.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\U\000000cb.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\U\80000000.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1720371889-635612115-3847877989-1000\$f5bcd340d06207d2560affd3597a14f2\U\80000032.@ (Trojan.0Access) -> No action taken.
C:\Users\Nathan\ms.exe (Rootkit.0Access) -> No action taken.
C:\Windows\assembly\GAC\Desktop.ini (Rootkit.0access) -> No action taken.

(end)

#8 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 23 October 2012 - 08:28 PM

Continued

MiniToolBox log

MiniToolBox by Farbar Version: 23-07-2012
Ran by Nathan (administrator) on 23-10-2012 at 19:07:11
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Nathan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-24-2C-86-12-6F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::513f:754:6a68:ef36%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 23, 2012 7:40:33 AM
Lease Expires . . . . . . . . . . : Wednesday, October 24, 2012 6:52:36 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 285221932
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-97-00-74-00-23-AE-33-27-89
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-23-AE-33-27-89
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{7A10381D-D6B8-4989-B0ED-41DA865A82A1}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:18f5:25b4:f5ff:fffb(Preferred)
Link-local IPv6 Address . . . . . : fe80::18f5:25b4:f5ff:fffb%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{831A7B0E-94CA-47B6-A696-18C2A6392F8F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4009:802::1005
74.125.225.136
74.125.225.137
74.125.225.142
74.125.225.128
74.125.225.129
74.125.225.130
74.125.225.131
74.125.225.132
74.125.225.133
74.125.225.134
74.125.225.135

Pinging google.com [74.125.225.6] with 32 bytes of data:Reply from 74.125.225.6: bytes=32 time=19ms TTL=53Reply from 74.125.225.6: bytes=32 time=18ms TTL=53Ping statistics for 74.125.225.6: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 18ms, Maximum = 19ms, Average = 18msServer: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:Reply from 72.30.38.140: bytes=32 time=842ms TTL=50Reply from 72.30.38.140: bytes=32 time=787ms TTL=50Ping statistics for 72.30.38.140: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 787ms, Maximum = 842ms, Average = 814msServer: UnKnown
Address: 10.0.0.1

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Request timed out.Request timed out.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
12 ...00 24 2c 86 12 6f ...... Dell Wireless 1397 WLAN Mini-Card
11 ...00 23 ae 33 27 89 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{7A10381D-D6B8-4989-B0ED-41DA865A82A1}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15 ...00 00 00 00 00 00 00 e0 isatap.{831A7B0E-94CA-47B6-A696-18C2A6392F8F}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 25
10.0.0.0 255.255.255.0 On-link 10.0.0.4 281
10.0.0.4 255.255.255.255 On-link 10.0.0.4 281
10.0.0.255 255.255.255.255 On-link 10.0.0.4 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:9d38:953c:18f5:25b4:f5ff:fffb/128
On-link
12 281 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::18f5:25b4:f5ff:fffb/128
On-link
12 281 fe80::513f:754:6a68:ef36/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 02 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 03 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 04 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 05 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 06 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 07 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 08 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 09 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 10 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 %ProgramFiles%\Bsecure\InetCtrl57.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/23/2012 06:55:55 PM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 4740 (0x1284)

Thread address : 0x77855CD4

Thread message :

Build VSCORE.14.0.0.423 / 5301.4018
Object being scanned = \Device\HarddiskVolume3\ProgramData\SupportSoft\dellsupportcenter\SYSTEM\data\manifest.xml
by C:\Program Files\Dell Support Center\bin\sprtcmd.exe
22303(15241)(0)
22302(15241)(0)
22301(15241)(0)
226(15241)(0)
223(15241)(0)
220(15241)(0)
4(0)(0)
4(0)(0)

Error: (10/23/2012 07:41:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2012 06:26:08 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x290c, application start time 0xsvchost.exe0.

Error: (10/23/2012 05:21:26 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x28d8, application start time 0xsvchost.exe0.

Error: (10/23/2012 04:19:15 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x2ad0, application start time 0xsvchost.exe0.

Error: (10/23/2012 03:50:31 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x1570, application start time 0xsvchost.exe0.

Error: (10/23/2012 02:53:11 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x18c0, application start time 0xsvchost.exe0.

Error: (10/23/2012 02:23:49 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x2704, application start time 0xsvchost.exe0.

Error: (10/22/2012 09:54:02 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x1fa0, application start time 0xsvchost.exe0.

Error: (10/21/2012 09:08:17 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 9.0.8112.16450, time stamp 0x50372c8a, exception code 0xc0000005, fault offset 0x001d9ad6,
process id 0x118c, application start time 0xsvchost.exe0.


System errors:
=============
Error: (10/23/2012 07:01:35 PM) (Source: Service Control Manager) (User: )
Description: Windows Modules Installer%%1053

Error: (10/23/2012 07:01:35 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Modules Installer

Error: (10/23/2012 07:01:34 PM) (Source: DCOM) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (10/23/2012 06:56:15 PM) (Source: DCOM) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

Error: (10/23/2012 06:56:11 PM) (Source: Service Control Manager) (User: )
Description: McAfee Real-time Scanner1600001Restart the service

Error: (10/23/2012 06:55:56 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service%%1053

Error: (10/23/2012 06:55:56 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player Network Sharing Service

Error: (10/23/2012 07:51:41 AM) (Source: netbt) (User: )
Description: The name "YOUR-55E5F9E3D2:0" could not be registered on the interface with IP address 10.0.0.4.
The computer with the IP address 10.0.0.2 did not allow the name to be claimed by
this computer.

Error: (10/23/2012 07:41:53 AM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (10/23/2012 07:41:53 AM) (Source: Service Control Manager) (User: )
Description: Intel® PRO/1000 PCI Express Network Connection Driver%%1058


Microsoft Office Sessions:
=========================
Error: (06/27/2010 07:24:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 197099 seconds with 120 seconds of active time. This session ended with a crash.

Error: (05/04/2010 05:00:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1449 seconds with 360 seconds of active time. This session ended with a crash.

Error: (03/17/2010 02:42:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1271 seconds with 360 seconds of active time. This session ended with a crash.

Error: (03/17/2010 02:21:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4413 seconds with 1920 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader 9.2 (Version: 9.2.0)
Advanced Audio FX Engine
Age of Empires III - The WarChiefs (Version: 1.00.0000)
Age of Empires III (Version: 1.00.0000)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.2.0)
Ask Toolbar Updater (Version: 1.2.1.23037)
Banctec Service Agreement (Version: 2.0.0)
Bing Bar (Version: 7.0.822.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.2)
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
CloudCare (Version: 6.1.8)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dell-eBay (Version: 1.00.0000)
Dell DataSafe Local Backup - Support Software (Version: 2.16)
Dell DataSafe Local Backup (Version: Dell DataSafe Local Backup 2.75 x86)
Dell DataSafe Online (Version: 1.1.0029)
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Remote Access (Version: 1.0.0.0)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell Touchpad (Version: 7.2.115.201)
Dell Video Chat (Version: 6.0 (6567))
Dell Webcam Central
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
DELL0703 (Version: 1.0.0)
Dream Cars (Version: 2.2.0.95)
EA Download Manager (Version: 4.0.0.462)
Energy Skate Park
ESET Online Scanner v3
Fritz7
Google Chrome (Version: 22.0.1229.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
Integrated Webcam Driver (1.00.02.0825)
Intel® Matrix Storage Manager
iTunes (Version: 9.0.1.8)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Juniper Citrix Services Client (Version: 7.1.0.19243)
Juniper Networks, Inc. Setup Client (Version: 7.1.4.13103)
Juniper Networks, Inc. Setup Client Activex Control (Version: 2.1.1.1)
Junk Mail filter update (Version: 14.0.8050.1202)
Live! Cam Avatar Creator (Version: 4.6.1419.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SecurityCenter
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Rise Of Nations
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
MySQL Workbench 5.2 OSS (Version: 5.2.18)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Out of the Park 8
Performance Toolkit 1.0 (Version: 1.0)
PowerDVD (Version: 8.1)
QuickSet (Version: 9.2.17)
QuickTime (Version: 7.69.80.9)
R for Windows 2.10.1 (Version: 2.10.1)
Railroad Tycoon II - Platinum
REA's TESTware for the CLEP Freshman College Composition (Version: 1.3.32)
REA's TESTware for the CLEP History of the United States II (Version: 2.1.0)
Real E$tate Empire (Version: 1.8.1)
RedRover Secure AutoConfig for Vista 64bit (Version: 1.00.0000)
Rise of Nations Thrones and Patriots
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
SecureW2 EAP Suite 1.0.6 for Windows
Service Pack 1 for SQL Server 2008 (KB968369) (Version: 10.1.2531.0)
Skype™ 5.10 (Version: 5.10.116)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
SUPERAntiSpyware (Version: 5.6.1010)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
WildTangent Games (Version: 1.0.1.3)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 3033.63 MB
Available physical RAM: 1109.63 MB
Total Pagefile: 6277.56 MB
Available Pagefile: 4016.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.23 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:165.59 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:4.08 GB) NTFS
3 Drive f: (VISTA_SP1_HOMEPREMIUM) (CDROM) (Total:3.32 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\NATHAN-PC

Administrator Guest Nathan
Nathan Maichel RA Media Server

========================= Restore Points ==================================

23-09-2012 03:38:34 Installed Microsoft Office Outlook MUI (English) 2007
23-09-2012 03:41:10 Installed Microsoft Office Outlook MUI (English) 2007
23-09-2012 03:44:04 Installed Microsoft Office Outlook MUI (English) 2007
23-09-2012 04:06:34 Windows Update
23-09-2012 18:12:54 Installed Microsoft Office Outlook MUI (English) 2007
23-09-2012 18:24:41 Installed Microsoft Office Ultimate 2007
23-09-2012 18:32:34 Installed Microsoft Office Ultimate 2007
23-09-2012 18:33:46 Installed Microsoft Office Ultimate 2007
23-09-2012 18:37:29 Installed Microsoft Office Ultimate 2007
23-09-2012 19:39:43 Installed Microsoft Office Ultimate 2007
23-09-2012 21:31:17 Windows Update
24-09-2012 03:23:44 Windows Update
25-09-2012 04:11:07 Norton_Power_Eraser_20120924231107109
25-09-2012 04:37:47 Windows Update
25-09-2012 19:02:11 Installed Microsoft Office Ultimate 2007
29-09-2012 00:01:10 Installed Microsoft Office Visio Professional 2007
29-09-2012 00:13:56 Windows Update
29-09-2012 00:21:41 Installed Microsoft Office Ultimate 2007
29-09-2012 00:22:09 Installed Microsoft Office Ultimate 2007
29-09-2012 00:23:30 Installed Microsoft Office Ultimate 2007
29-09-2012 00:41:14 Installed Microsoft Office Ultimate 2007
29-09-2012 01:16:12 Installed Microsoft Office Ultimate 2007
29-09-2012 01:20:28 Windows Update
29-09-2012 04:13:27 Windows Update
30-09-2012 08:00:13 Windows Update
01-10-2012 00:51:46 Installed Microsoft Office Ultimate 2007
01-10-2012 01:02:28 Installed Microsoft Office Ultimate 2007
01-10-2012 02:09:11 Windows Update
01-10-2012 03:32:30 Windows Update
02-10-2012 03:41:19 Windows Update
02-10-2012 03:47:19 Windows Update
04-10-2012 00:14:23 Windows Update
04-10-2012 00:44:58 Installed Microsoft Office Ultimate 2007
04-10-2012 03:40:15 Installed Microsoft Office Ultimate 2007
04-10-2012 04:25:18 Windows Update
04-10-2012 23:12:11 Windows Update
04-10-2012 23:39:30 Installed Microsoft Office Ultimate 2007
04-10-2012 23:46:12 Installed Microsoft Office Ultimate 2007
04-10-2012 23:59:11 Restore Operation
05-10-2012 00:00:22 Installed Microsoft Office Visio Professional 2007
05-10-2012 01:20:01 Windows Update
05-10-2012 02:31:20 Installed Java™ 6 Update 35
05-10-2012 02:38:12 Installed Java Runtime Environment
05-10-2012 04:11:18 Windows Update
09-10-2012 21:06:38 Windows Update
10-10-2012 04:55:28 Windows Update
12-10-2012 05:15:51 Scheduled Checkpoint
13-10-2012 11:19:59 Scheduled Checkpoint
14-10-2012 05:16:01 Scheduled Checkpoint
23-10-2012 13:21:29 Scheduled Checkpoint

**** End of log ****



Farbar service scanner log

Farbar Service Scanner Version: 19-10-2012
Ran by Nathan (administrator) on 23-10-2012 at 19:13:19
Running from "C:\Users\Nathan\Documents\GoogleRedirectVirus"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-09 16:19] - [2012-06-01 19:02] - 0133120 ____A (Microsoft Corporation) F1E8C34892336D33EDDCDFE44E474F64

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 21:24] - [2008-01-20 21:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



Adware cleaner log

# AdwCleaner v2.005 - Logfile created 10/23/2012 at 19:18:21
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Nathan - NATHAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Nathan\Documents\GoogleRedirectVirus\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\Nathan\AppData\Local\APN
Folder Deleted : C:\Users\Nathan\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Nathan\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Nathan\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Nathan\AppData\Local\TempDir
Folder Deleted : C:\Users\Nathan\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Nathan\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKU\S-1-5-21-1720371889-635612115-3847877989-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.31] : icon_url = "hxxps://isearch.avg.com/favicon.ico",
Deleted [l.34] : keyword = "isearch.avg.com",
Deleted [l.37] : search_url = "hxxps://isearch.avg.com/search?cid={A3117BB6-DBF5-461D-B37D-47083D5F642A}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}",

*************************

AdwCleaner[S1].txt - [5064 octets] - [23/10/2012 19:18:21]

########## EOF - C:\AdwCleaner[S1].txt - [5124 octets] ##########



Junkware removal tool log

Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.2 (10.23.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Nathan on Tue 10/23/2012 at 19:41:23.78
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/23/2012 at 19:59:11.30
End of Report

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 October 2012 - 08:30 PM

You didnot remove the infections detected by malwarebytes.Run a scan again and make sure to remove them>>Post the clean log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 24 October 2012 - 09:00 PM

Is there a way that I can launch autoruns.exe without having to extract the file (like I did for RootRepeal). I have a bug that doesn't allow me to extract ZIP files. It's something that I very rarely need to do, and just noticed.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 24 October 2012 - 09:15 PM

Download from here

Autoruns

Edited by narenxp, 24 October 2012 - 09:16 PM.


#12 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 25 October 2012 - 09:27 PM

MalwareBytes Log

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.23.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Nathan :: NATHAN-PC [administrator]

10/25/2012 7:18:15 AM
mbam-log-2012-10-25 (07-18-15).txt

Scan type: Full scan (C:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 526807
Time elapsed: 13 hour(s), 33 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




RKILL Log

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/25/2012 09:16:42 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\System32\WLTRYSVC.EXE (PID: 1752) [WD-HEUR]
* C:\Windows\System32\bcmwltry.exe (PID: 1796) [WD-HEUR]
* C:\Windows\System32\WLTRAY.EXE (PID: 4080) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

* SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html

Checking Windows Service Integrity:

* BITS [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 10/25/2012 09:17:09 PM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)




Autoruns log

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\windows\system32\wltray.exe"
+ "CloudCare" "BsecTray Application" "Bsecure Technologies, Inc." "c:\program files\bsecure\bsectray.exe"
+ "ConnectionCenter" "Citrix online plug-in Connection Center" "Citrix Systems, Inc." "c:\program files\citrix\ica client\concentr.exe"
+ "Dell DataSafe Online" "DataSafeOnline" "" "c:\program files\dell datasafe online\datasafeonline.exe"
+ "Dell Webcam Central" "Dell Webcam Central Application" "Creative Technology Ltd." "c:\program files\dell webcam\dell webcam central\webcamdell.exe"
+ "dellsupportcenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files\dell support center\bin\sprtcmd.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "iTunesHelper" "iTunesHelper Module" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "mcagent_exe" "McAfee Integrated Security Platform" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SSDMonitor" "SSDMonit Application" "PC Tools" "c:\program files\common files\pc tools\smonitor\ssdmonitor.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "AvgUninstallURL" "" "" "File not found: start"
+ "DSUpdateLauncher" "" "" "c:\program files\dell datasafe local backup\components\dsupdate\runhstart.bat"
+ "Launcher" "VistaLauncher" "Softthinks" "c:\windows\sminst\components\scheduler\launcher.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Remote Access.lnk" "InstallShield" "Macrovision Corporation" "c:\windows\installer\{f66a31d9-7831-4fba-ba02-c411c0047cc5}\newshortcut4_f66a31d978314fbaba02c411c0047cc5.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
+ "OneNote 2007 Screen Clipper and Launcher.lnk" "Microsoft Office OneNote Quick Launcher" "Microsoft Corporation" "c:\program files\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EA Core" "" "" "File not found: C:\Program Files\Electronic Arts\EADM\Core.exe -silent"
+ "faFjEoiWJrf.exe" "" "" "File not found: C:\ProgramData\faFjEoiWJrf.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "qf9N6hU6d7upQb" "" "" "File not found: C:\ProgramData\qf9N6hU6d7upQb.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "WMPNSCFG" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-ica" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=euc-jp" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=ISO-8859-1" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=MS936" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=MS949" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=MS950" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=UTF-8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica; charset=UTF8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=euc-jp" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=ISO-8859-1" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=MS936" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=MS949" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=MS950" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=UTF-8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "application/x-ica;charset=UTF8" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "ica" "Citrix online plug-in ICAMimeFilter DLL" "Citrix Systems, Inc." "c:\program files\citrix\ica client\icamimefilter.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8050.1202.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "ms-itss" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8050.1202.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenu" "McAfee VirusScan - Context Menu" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcctxmnu.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "PT File Recover Shell Extension" "Performance Toolkit File Recover Shell extension" "PC Tools" "c:\program files\pc tools utilities\tools\fr\filerecovershellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenu" "McAfee VirusScan - Context Menu" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcctxmnu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\scriptsn.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\FileCure" "ParetoLogic FileCure" "ParetoLogic" "c:\program files\paretologic\filecure\filecure.exe"
+ "\FileCure Startup" "ParetoLogic FileCure" "ParetoLogic" "c:\program files\paretologic\filecure\filecure.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Launch BCM WLAN Tray" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\windows\system32\wltray.exe"
+ "\McDefragTask" "QuickClean Console Application" "McAfee, Inc." "c:\program files\mcafee\mqc\qcconsol.exe"
+ "\McQcTask" "QuickClean Console Application" "McAfee, Inc." "c:\program files\mcafee\mqc\qcconsol.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\ParetoLogic Registration3" "ParetoLogic Update Component" "" "c:\program files\common files\paretologic\uus3\uus3.dll"
+ "\ParetoLogic Update Version3" "ParetoLogic Update Application" "ParetoLogic Inc." "c:\program files\common files\paretologic\uus3\pareto_update3.exe"
+ "\PTSchedule" "PC Tools Performance Toolkit 1.0" "PC Tools" "c:\program files\pc tools utilities\pt.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files\Ask.com\UpdateTask.exe"
+ "\{FFB6B94D-E491-4F87-955C-54E16B3BB238}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "0267441243084857mcinstcleanup" "" "" "File not found: C:\Windows\TEMP\026744~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\aestsrv.exe"
+ "Apache2.2" "Apache/2.2.6 (Win32) PHP/5.2.4" "Apache Software Foundation" "c:\program files\common files\dell\apache\bin\httpd.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files\microsoft\bingbar\seaport.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Bsecure" "CloudCare" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl.exe"
+ "BsecureAV" "CloudCare AntiVirus" "Bsecure Technologies, Inc." "c:\program files\bsecure\bsecav.exe"
+ "DMDefragService" "Provides PCTools Performance Toolkit Disk Defrag services. If this service is disabled the Performance Toolkit Disk Defrag product will not function." "PC Tools" "c:\program files\pc tools utilities\tools\defrag\dmdefragsrv.exe"
+ "DMRepairService" "Provides PCTools Performance Toolkit Disk Repair services. If this service is disabled the Performance Toolkit Disk Repair product will not function." "PC Tools" "c:\program files\pc tools utilities\tools\repair\dmrepairsrv.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "dsl-db" "Stores data relevant to Remote Access" "" "c:\program files\common files\dell\mysql\bin\mysqld.exe"
+ "dsl-fs-sync" "Tracks changes to files and folders and keeps Remote Access media server in sync" "SingleClick Systems" "c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files\wildtangent\dell games\dell game console\gameconsoleservice.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "hnmsvc" "Maintains connection to Remote Access and performs network diagnostic functions" "Dell Inc." "c:\program files\common files\dell\advanced networking service\hnm_svc.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files\mcafee security scan\2.0.181\mcchsvc.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\mcafee\msc\mcmscsvc.exe"
+ "McNASvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\mna\mcnasvc.exe"
+ "McODS" "Scans specified locations on this computer for viruses and other threats. The service runs for scheduled scans and manual scans." "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcproxy\mcproxy.exe"
+ "McShield" "Scans files for viruses and other threats when they are accessed by this computer." "McAfee, Inc." "c:\program files\mcafee\virusscan\mcshield.exe"
+ "McSysmon" "Monitors potentially unauthorized changes to this computer." "McAfee, Inc." "c:\program files\mcafee\virusscan\mcsysmon.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "MpfService" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\mcafee\mpf\mpfsrv.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\mcafee\msk\msksrver.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PCToolsSSDMonitorSvc" "PC Tools Startup and Shutdown Monitor service" "PC Tools" "c:\program files\common files\pc tools\smonitor\startmansvc.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks" "c:\windows\sminst\sftservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files\dell support center\bin\sprtsvc.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\stacsv.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\windows\system32\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "yksvc" "Service for Marvell® Yukon® Network Adapters" "Marvell" "c:\windows\system32\ykx32coinst.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl6.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BSecACFltr" "BSecure Mini-Filter Driver" "" "c:\windows\system32\drivers\bsecacfltr.sys"
+ "BsecureFilter" "BSafeFil" "BSafe Online" "c:\windows\system32\drivers\bsecfltr.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfehidk" "Host Intrusion Detection Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdk" "VSCore Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdk.sys"
+ "mfesmfk" "System Monitor Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfesmfk.sys"
+ "MPFP" "McAfee Personal Firewall Plus Driver" "McAfee, Inc." "c:\windows\system32\drivers\mpfp.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "OA009Ufd" "Provides a software interface to control effects of Integrated Webcam." "Creative Technology Ltd." "c:\windows\system32\drivers\oa009ufd.sys"
+ "OA009Vid" "Provides a software interface to control Integrated Webcam." "Creative Technology Ltd." "c:\windows\system32\drivers\oa009vid.sys"
+ "Packet" "Auto Internet Protocol" "SingleClick Systems" "c:\windows\system32\drivers\packet.sys"
+ "PCD5SRVC{3F6A8B78-EC003E00-05040104}" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\dell support center\hwdiag\bin\pcd5srvc.pkms"
+ "PCTDMDefrag" "PC Tools File Monitor Plugin" "PC Tools" "c:\windows\system32\drivers\pctdmdefrag.sys"
+ "PCTDSMon" "PCTools File Monitor" "PC Tools" "c:\windows\system32\drivers\pctdsmon.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RTSTOR" "Realtek USB Mass Storage Driver for Vista" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtstor.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "yukonwlh" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk60x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.IV41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files\citrix\gotoassist\514\g2awinlogon.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "Bsecure " "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [MSAFD Tcpip [RAW/IP]]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [MSAFD Tcpip [RAW/IPv6]]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [MSAFD Tcpip [TCP/IP]]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [MSAFD Tcpip [TCP/IPv6]]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [MSAFD Tcpip [UDP/IP]]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [MSAFD Tcpip [UDP/IPv6]]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [RSVP TCP Service Provider]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [RSVP TCPv6 Service Provider]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [RSVP UDP Service Provider]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
+ "Bsecure over [RSVP UDPv6 Service Provider]" "LSP Dynamic Link Library" "Bsecure Technologies, Inc." "c:\program files\bsecure\inetctrl57.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"
"C:\Users\Nathan\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 25 October 2012 - 09:31 PM

Download

UNHIDE

Run the tool and this should restore the hidden files

Download

BITS
wuauserv

Launch them and click YES

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#14 NathanStl

NathanStl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 25 October 2012 - 09:40 PM

Thank you for all your help!! You have been amazing!

God's blessings to you and yours.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 25 October 2012 - 09:41 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users