Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

McAfee Security Center Firewall keeps turning off


  • Please log in to reply
13 replies to this topic

#1 Ann M

Ann M

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 20 November 2012 - 12:08 AM

McAfee Security Center firewall is turning off periodically.A message comes up telling me my computer is at risk. I turn it back on but it goes back to off. I did a full scan and it found 6 infected items. I am running Windows 7 on a Dell Studio laptop.

Thank you

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 20 November 2012 - 12:09 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Ann M

Ann M
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 20 November 2012 - 12:29 AM

When I click the download link the option run or save tdsskiller pops up.Which do I choose?

Edited by Ann M, 20 November 2012 - 12:30 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 20 November 2012 - 12:35 AM

Select which ever option you want.You can launch it and clicking on RUN or saving it and then launching.

#5 Ann M

Ann M
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 20 November 2012 - 05:42 PM

Here is the 1st TDDSS log. After the first scan I rebooted and scanned again it asked me to perform an action on a medium threat. I wasn't sure what to do so I chose skip.

00:39:10.0833 5184 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:39:11.0206 5184 ============================================================
00:39:11.0206 5184 Current date / time: 2012/11/20 00:39:11.0206
00:39:11.0206 5184 SystemInfo:
00:39:11.0206 5184
00:39:11.0206 5184 OS Version: 6.1.7601 ServicePack: 1.0
00:39:11.0206 5184 Product type: Workstation
00:39:11.0207 5184 ComputerName: STUDIO15-PC
00:39:11.0207 5184 UserName: Studio15
00:39:11.0207 5184 Windows directory: C:\Windows
00:39:11.0207 5184 System windows directory: C:\Windows
00:39:11.0207 5184 Running under WOW64
00:39:11.0207 5184 Processor architecture: Intel x64
00:39:11.0207 5184 Number of processors: 4
00:39:11.0207 5184 Page size: 0x1000
00:39:11.0207 5184 Boot type: Normal boot
00:39:11.0207 5184 ============================================================
00:39:12.0584 5184 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:39:12.0590 5184 ============================================================
00:39:12.0590 5184 \Device\Harddisk0\DR0:
00:39:12.0590 5184 MBR partitions:
00:39:12.0590 5184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x2328000
00:39:12.0590 5184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x233B9C5, BlocksNum 0x38049E6B
00:39:12.0590 5184 ============================================================
00:39:12.0605 5184 C: <-> \Device\Harddisk0\DR0\Partition2
00:39:12.0605 5184 ============================================================
00:39:12.0605 5184 Initialize success
00:39:12.0605 5184 ============================================================
00:40:34.0350 6232 ============================================================
00:40:34.0350 6232 Scan started
00:40:34.0350 6232 Mode: Manual; TDLFS;
00:40:34.0350 6232 ============================================================
00:40:35.0612 6232 ================ Scan system memory ========================
00:40:35.0612 6232 System memory - ok
00:40:35.0612 6232 ================ Scan services =============================
00:40:35.0782 6232 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:40:35.0786 6232 1394ohci - ok
00:40:35.0825 6232 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
00:40:35.0887 6232 Acceler - ok
00:40:35.0918 6232 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:40:35.0920 6232 ACPI - ok
00:40:35.0936 6232 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:40:35.0988 6232 AcpiPmi - ok
00:40:36.0091 6232 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:40:36.0093 6232 AdobeARMservice - ok
00:40:36.0232 6232 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:40:36.0237 6232 AdobeFlashPlayerUpdateSvc - ok
00:40:36.0298 6232 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:40:36.0319 6232 adp94xx - ok
00:40:36.0342 6232 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:40:36.0360 6232 adpahci - ok
00:40:36.0370 6232 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:40:36.0382 6232 adpu320 - ok
00:40:36.0419 6232 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:40:36.0422 6232 AeLookupSvc - ok
00:40:36.0537 6232 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
00:40:36.0539 6232 AESTFilters - ok
00:40:36.0591 6232 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:40:36.0647 6232 AFD - ok
00:40:36.0726 6232 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:40:36.0758 6232 agp440 - ok
00:40:36.0847 6232 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:40:36.0886 6232 ALG - ok
00:40:36.0932 6232 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:40:36.0940 6232 aliide - ok
00:40:36.0959 6232 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:40:36.0962 6232 amdide - ok
00:40:37.0007 6232 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:40:37.0015 6232 AmdK8 - ok
00:40:37.0023 6232 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:40:37.0030 6232 AmdPPM - ok
00:40:37.0068 6232 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:40:37.0139 6232 amdsata - ok
00:40:37.0156 6232 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:40:37.0167 6232 amdsbs - ok
00:40:37.0184 6232 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:40:37.0240 6232 amdxata - ok
00:40:37.0283 6232 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:40:37.0350 6232 AppID - ok
00:40:37.0376 6232 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:40:37.0384 6232 AppIDSvc - ok
00:40:37.0432 6232 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:40:37.0486 6232 Appinfo - ok
00:40:37.0491 6232 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:40:37.0495 6232 arc - ok
00:40:37.0510 6232 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:40:37.0517 6232 arcsas - ok
00:40:37.0539 6232 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:40:37.0545 6232 AsyncMac - ok
00:40:37.0560 6232 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:40:37.0561 6232 atapi - ok
00:40:37.0605 6232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:40:37.0651 6232 AudioEndpointBuilder - ok
00:40:37.0661 6232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:40:37.0665 6232 AudioSrv - ok
00:40:37.0711 6232 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:40:37.0764 6232 AxInstSV - ok
00:40:37.0802 6232 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:40:37.0821 6232 b06bdrv - ok
00:40:37.0854 6232 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:40:37.0868 6232 b57nd60a - ok
00:40:37.0909 6232 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:40:37.0914 6232 BDESVC - ok
00:40:37.0943 6232 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:40:37.0953 6232 Beep - ok
00:40:37.0991 6232 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:40:38.0079 6232 BITS - ok
00:40:38.0096 6232 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:40:38.0102 6232 blbdrive - ok
00:40:38.0142 6232 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:40:38.0198 6232 bowser - ok
00:40:38.0202 6232 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:40:38.0208 6232 BrFiltLo - ok
00:40:38.0211 6232 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:40:38.0217 6232 BrFiltUp - ok
00:40:38.0250 6232 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:40:38.0303 6232 Browser - ok
00:40:38.0321 6232 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:40:38.0345 6232 Brserid - ok
00:40:38.0352 6232 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:40:38.0363 6232 BrSerWdm - ok
00:40:38.0368 6232 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:40:38.0373 6232 BrUsbMdm - ok
00:40:38.0377 6232 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:40:38.0381 6232 BrUsbSer - ok
00:40:38.0397 6232 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:40:38.0401 6232 BTHMODEM - ok
00:40:38.0417 6232 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:40:38.0421 6232 bthserv - ok
00:40:38.0432 6232 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:40:38.0439 6232 cdfs - ok
00:40:38.0489 6232 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
00:40:38.0554 6232 cdrom - ok
00:40:38.0578 6232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:40:38.0626 6232 CertPropSvc - ok
00:40:38.0676 6232 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
00:40:38.0744 6232 cfwids - ok
00:40:38.0770 6232 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:40:38.0773 6232 circlass - ok
00:40:38.0809 6232 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:40:38.0829 6232 CLFS - ok
00:40:38.0921 6232 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:40:38.0924 6232 clr_optimization_v2.0.50727_32 - ok
00:40:38.0970 6232 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:40:38.0976 6232 clr_optimization_v2.0.50727_64 - ok
00:40:39.0060 6232 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:40:39.0063 6232 clr_optimization_v4.0.30319_32 - ok
00:40:39.0091 6232 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:40:39.0094 6232 clr_optimization_v4.0.30319_64 - ok
00:40:39.0140 6232 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:40:39.0148 6232 CmBatt - ok
00:40:39.0180 6232 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:40:39.0185 6232 cmdide - ok
00:40:39.0225 6232 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:40:39.0280 6232 CNG - ok
00:40:39.0306 6232 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:40:39.0311 6232 Compbatt - ok
00:40:39.0346 6232 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:40:39.0422 6232 CompositeBus - ok
00:40:39.0434 6232 COMSysApp - ok
00:40:39.0449 6232 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:40:39.0452 6232 crcdisk - ok
00:40:39.0496 6232 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:40:39.0554 6232 CryptSvc - ok
00:40:39.0589 6232 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:40:39.0639 6232 CtClsFlt - ok
00:40:40.0011 6232 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:40:40.0021 6232 cvhsvc - ok
00:40:40.0077 6232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:40:40.0089 6232 DcomLaunch - ok
00:40:40.0132 6232 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:40:40.0149 6232 defragsvc - ok
00:40:40.0189 6232 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:40:40.0238 6232 DfsC - ok
00:40:40.0286 6232 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:40:40.0341 6232 Dhcp - ok
00:40:40.0370 6232 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:40:40.0375 6232 discache - ok
00:40:40.0406 6232 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:40:40.0416 6232 Disk - ok
00:40:40.0446 6232 dlea_device - ok
00:40:40.0484 6232 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:40:40.0545 6232 Dnscache - ok
00:40:40.0636 6232 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
00:40:40.0639 6232 DockLoginService - ok
00:40:40.0676 6232 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:40:40.0744 6232 dot3svc - ok
00:40:40.0781 6232 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:40:40.0844 6232 DPS - ok
00:40:40.0891 6232 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:40:40.0902 6232 drmkaud - ok
00:40:40.0954 6232 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:40:41.0028 6232 DXGKrnl - ok
00:40:41.0061 6232 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:40:41.0066 6232 EapHost - ok
00:40:41.0159 6232 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:40:41.0201 6232 ebdrv - ok
00:40:41.0231 6232 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:40:41.0233 6232 EFS - ok
00:40:41.0285 6232 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:40:41.0298 6232 ehRecvr - ok
00:40:41.0333 6232 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:40:41.0339 6232 ehSched - ok
00:40:41.0373 6232 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:40:41.0386 6232 elxstor - ok
00:40:41.0418 6232 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:40:41.0422 6232 ErrDev - ok
00:40:41.0465 6232 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:40:41.0473 6232 EventSystem - ok
00:40:41.0547 6232 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:40:41.0555 6232 EvtEng - ok
00:40:41.0596 6232 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:40:41.0605 6232 exfat - ok
00:40:41.0616 6232 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:40:41.0622 6232 fastfat - ok
00:40:41.0665 6232 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:40:41.0717 6232 Fax - ok
00:40:41.0732 6232 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:40:41.0737 6232 fdc - ok
00:40:41.0746 6232 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:40:41.0750 6232 fdPHost - ok
00:40:41.0760 6232 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:40:41.0762 6232 FDResPub - ok
00:40:41.0775 6232 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:40:41.0778 6232 FileInfo - ok
00:40:41.0793 6232 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:40:41.0797 6232 Filetrace - ok
00:40:41.0802 6232 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:40:41.0806 6232 flpydisk - ok
00:40:41.0842 6232 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:40:41.0900 6232 FltMgr - ok
00:40:42.0092 6232 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:40:42.0149 6232 FontCache - ok
00:40:42.0202 6232 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:40:42.0204 6232 FontCache3.0.0.0 - ok
00:40:42.0247 6232 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:40:42.0255 6232 FsDepends - ok
00:40:42.0316 6232 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:40:42.0389 6232 Fs_Rec - ok
00:40:42.0429 6232 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:40:42.0506 6232 fvevol - ok
00:40:42.0525 6232 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:40:42.0531 6232 gagp30kx - ok
00:40:42.0581 6232 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
00:40:42.0587 6232 GameConsoleService - ok
00:40:42.0656 6232 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:40:42.0661 6232 GamesAppService - ok
00:40:42.0741 6232 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
00:40:42.0742 6232 GoToAssist - ok
00:40:42.0798 6232 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:40:42.0813 6232 gpsvc - ok
00:40:42.0903 6232 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:40:42.0906 6232 gupdate - ok
00:40:42.0936 6232 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:40:42.0938 6232 gupdatem - ok
00:40:42.0988 6232 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:40:43.0067 6232 gusvc - ok
00:40:43.0095 6232 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:40:43.0099 6232 hcw85cir - ok
00:40:43.0148 6232 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:40:43.0152 6232 HDAudBus - ok
00:40:43.0177 6232 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:40:43.0254 6232 HECIx64 - ok
00:40:43.0258 6232 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:40:43.0261 6232 HidBatt - ok
00:40:43.0275 6232 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:40:43.0279 6232 HidBth - ok
00:40:43.0286 6232 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:40:43.0290 6232 HidIr - ok
00:40:43.0323 6232 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:40:43.0328 6232 hidserv - ok
00:40:43.0345 6232 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
00:40:43.0412 6232 HidUsb - ok
00:40:43.0488 6232 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
00:40:43.0560 6232 HipShieldK - ok
00:40:43.0594 6232 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:40:43.0661 6232 hkmsvc - ok
00:40:43.0705 6232 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:40:43.0760 6232 HomeGroupListener - ok
00:40:43.0796 6232 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:40:43.0851 6232 HomeGroupProvider - ok
00:40:43.0883 6232 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:40:43.0954 6232 HpSAMD - ok
00:40:43.0991 6232 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:40:44.0054 6232 HTTP - ok
00:40:44.0089 6232 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:40:44.0127 6232 hwpolicy - ok
00:40:44.0155 6232 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:40:44.0162 6232 i8042prt - ok
00:40:44.0203 6232 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:40:44.0279 6232 iaStorV - ok
00:40:44.0321 6232 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:40:44.0330 6232 idsvc - ok
00:40:44.0541 6232 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:40:44.0738 6232 igfx - ok
00:40:44.0787 6232 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:40:44.0798 6232 iirsp - ok
00:40:44.0851 6232 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:40:44.0927 6232 IKEEXT - ok
00:40:44.0957 6232 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
00:40:45.0023 6232 Impcd - ok
00:40:45.0063 6232 [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
00:40:45.0064 6232 InstallFilterService - ok
00:40:45.0095 6232 [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:40:45.0155 6232 IntcDAud - ok
00:40:45.0192 6232 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:40:45.0196 6232 intelide - ok
00:40:45.0218 6232 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:40:45.0229 6232 intelppm - ok
00:40:45.0262 6232 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:40:45.0273 6232 IPBusEnum - ok
00:40:45.0313 6232 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:40:45.0383 6232 IpFilterDriver - ok
00:40:45.0422 6232 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:40:45.0483 6232 IPMIDRV - ok
00:40:45.0527 6232 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:40:45.0539 6232 IPNAT - ok
00:40:45.0561 6232 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:40:45.0567 6232 IRENUM - ok
00:40:45.0581 6232 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:40:45.0587 6232 isapnp - ok
00:40:45.0621 6232 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:40:45.0693 6232 iScsiPrt - ok
00:40:45.0714 6232 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
00:40:45.0720 6232 kbdclass - ok
00:40:45.0752 6232 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:40:45.0813 6232 kbdhid - ok
00:40:45.0823 6232 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:40:45.0824 6232 KeyIso - ok
00:40:45.0856 6232 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:40:45.0913 6232 KSecDD - ok
00:40:45.0944 6232 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:40:46.0014 6232 KSecPkg - ok
00:40:46.0032 6232 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:40:46.0036 6232 ksthunk - ok
00:40:46.0075 6232 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:40:46.0095 6232 KtmRm - ok
00:40:46.0137 6232 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:40:46.0193 6232 LanmanServer - ok
00:40:46.0219 6232 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:40:46.0275 6232 LanmanWorkstation - ok
00:40:46.0326 6232 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:40:46.0335 6232 lltdio - ok
00:40:46.0380 6232 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:40:46.0395 6232 lltdsvc - ok
00:40:46.0416 6232 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:40:46.0422 6232 lmhosts - ok
00:40:46.0474 6232 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:40:46.0478 6232 LMS - ok
00:40:46.0508 6232 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:40:46.0517 6232 LSI_FC - ok
00:40:46.0536 6232 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:40:46.0541 6232 LSI_SAS - ok
00:40:46.0545 6232 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:40:46.0549 6232 LSI_SAS2 - ok
00:40:46.0563 6232 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:40:46.0569 6232 LSI_SCSI - ok
00:40:46.0588 6232 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:40:46.0595 6232 luafv - ok
00:40:46.0684 6232 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:40:46.0687 6232 McMPFSvc - ok
00:40:46.0704 6232 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:40:46.0707 6232 mcmscsvc - ok
00:40:46.0715 6232 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:40:46.0718 6232 McNaiAnn - ok
00:40:46.0730 6232 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:40:46.0733 6232 McNASvc - ok
00:40:46.0822 6232 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
00:40:46.0895 6232 McODS - ok
00:40:46.0900 6232 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:40:46.0902 6232 McOobeSv - ok
00:40:46.0918 6232 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:40:46.0919 6232 McProxy - ok
00:40:46.0966 6232 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:40:46.0970 6232 McShield - ok
00:40:46.0998 6232 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:40:47.0062 6232 Mcx2Svc - ok
00:40:47.0191 6232 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:40:47.0250 6232 megasas - ok
00:40:47.0336 6232 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:40:47.0352 6232 MegaSR - ok
00:40:47.0386 6232 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
00:40:47.0455 6232 mfeapfk - ok
00:40:47.0508 6232 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
00:40:47.0584 6232 mfeavfk - ok
00:40:47.0600 6232 mfeavfk01 - ok
00:40:47.0657 6232 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:40:47.0661 6232 mfefire - ok
00:40:47.0683 6232 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
00:40:47.0765 6232 mfefirek - ok
00:40:47.0798 6232 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
00:40:47.0868 6232 mfehidk - ok
00:40:47.0891 6232 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
00:40:47.0947 6232 mferkdet - ok
00:40:47.0996 6232 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
00:40:47.0998 6232 mfevtp - ok
00:40:48.0033 6232 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
00:40:48.0116 6232 mfewfpk - ok
00:40:48.0153 6232 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:40:48.0157 6232 MMCSS - ok
00:40:48.0189 6232 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:40:48.0193 6232 Modem - ok
00:40:48.0215 6232 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:40:48.0216 6232 monitor - ok
00:40:48.0260 6232 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
00:40:48.0270 6232 mouclass - ok
00:40:48.0282 6232 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:40:48.0293 6232 mouhid - ok
00:40:48.0330 6232 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:40:48.0397 6232 mountmgr - ok
00:40:48.0427 6232 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:40:48.0482 6232 mpio - ok
00:40:48.0495 6232 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:40:48.0502 6232 mpsdrv - ok
00:40:48.0538 6232 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:40:48.0594 6232 MRxDAV - ok
00:40:48.0625 6232 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:40:48.0683 6232 mrxsmb - ok
00:40:48.0716 6232 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:40:48.0770 6232 mrxsmb10 - ok
00:40:48.0788 6232 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:40:48.0839 6232 mrxsmb20 - ok
00:40:48.0848 6232 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:40:48.0908 6232 msahci - ok
00:40:48.0925 6232 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:40:48.0984 6232 msdsm - ok
00:40:49.0000 6232 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:40:49.0007 6232 MSDTC - ok
00:40:49.0041 6232 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:40:49.0049 6232 Msfs - ok
00:40:49.0060 6232 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:40:49.0070 6232 mshidkmdf - ok
00:40:49.0107 6232 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:40:49.0113 6232 msisadrv - ok
00:40:49.0156 6232 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:40:49.0163 6232 MSiSCSI - ok
00:40:49.0167 6232 msiserver - ok
00:40:49.0187 6232 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:40:49.0193 6232 MSKSSRV - ok
00:40:49.0205 6232 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:40:49.0210 6232 MSPCLOCK - ok
00:40:49.0220 6232 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:40:49.0223 6232 MSPQM - ok
00:40:49.0287 6232 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:40:49.0344 6232 MsRPC - ok
00:40:49.0378 6232 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:40:49.0379 6232 mssmbios - ok
00:40:49.0411 6232 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:40:49.0418 6232 MSTEE - ok
00:40:49.0426 6232 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:40:49.0435 6232 MTConfig - ok
00:40:49.0455 6232 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:40:49.0460 6232 Mup - ok
00:40:49.0525 6232 [ D285D0539016BE299A55FF997B44DA33 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:40:49.0529 6232 MyWiFiDHCPDNS - ok
00:40:49.0566 6232 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:40:49.0612 6232 napagent - ok
00:40:49.0635 6232 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:40:49.0644 6232 NativeWifiP - ok
00:40:49.0758 6232 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:40:49.0771 6232 NDIS - ok
00:40:49.0822 6232 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:40:49.0828 6232 NdisCap - ok
00:40:49.0852 6232 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:40:49.0856 6232 NdisTapi - ok
00:40:49.0897 6232 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:40:49.0955 6232 Ndisuio - ok
00:40:49.0983 6232 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:40:50.0032 6232 NdisWan - ok
00:40:50.0062 6232 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:40:50.0111 6232 NDProxy - ok
00:40:50.0133 6232 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:40:50.0140 6232 NetBIOS - ok
00:40:50.0181 6232 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:40:50.0252 6232 NetBT - ok
00:40:50.0282 6232 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:40:50.0284 6232 Netlogon - ok
00:40:50.0329 6232 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:40:50.0342 6232 Netman - ok
00:40:50.0369 6232 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:40:50.0379 6232 netprofm - ok
00:40:50.0405 6232 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:40:50.0410 6232 NetTcpPortSharing - ok
00:40:50.0561 6232 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
00:40:50.0687 6232 NETw5s64 - ok
00:40:50.0732 6232 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:40:50.0739 6232 nfrd960 - ok
00:40:50.0779 6232 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:40:50.0786 6232 NlaSvc - ok
00:40:50.0803 6232 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:40:50.0806 6232 Npfs - ok
00:40:50.0833 6232 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:40:50.0839 6232 nsi - ok
00:40:50.0844 6232 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:40:50.0850 6232 nsiproxy - ok
00:40:50.0928 6232 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:40:50.0990 6232 Ntfs - ok
00:40:51.0004 6232 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:40:51.0010 6232 Null - ok
00:40:51.0053 6232 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:40:51.0122 6232 nvraid - ok
00:40:51.0140 6232 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:40:51.0198 6232 nvstor - ok
00:40:51.0230 6232 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:40:51.0239 6232 nv_agp - ok
00:40:51.0267 6232 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:40:51.0278 6232 ohci1394 - ok
00:40:51.0322 6232 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:40:51.0326 6232 ose - ok
00:40:51.0454 6232 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:40:51.0517 6232 osppsvc - ok
00:40:51.0548 6232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:40:51.0553 6232 p2pimsvc - ok
00:40:51.0576 6232 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:40:51.0597 6232 p2psvc - ok
00:40:51.0635 6232 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:40:51.0644 6232 Parport - ok
00:40:51.0672 6232 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:40:51.0744 6232 partmgr - ok
00:40:51.0755 6232 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:40:51.0764 6232 PcaSvc - ok
00:40:51.0792 6232 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:40:51.0845 6232 pci - ok
00:40:51.0873 6232 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:40:51.0878 6232 pciide - ok
00:40:51.0896 6232 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:40:51.0908 6232 pcmcia - ok
00:40:51.0929 6232 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:40:51.0933 6232 pcw - ok
00:40:51.0954 6232 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:40:51.0969 6232 PEAUTH - ok
00:40:52.0137 6232 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:40:52.0143 6232 PerfHost - ok
00:40:52.0230 6232 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:40:52.0290 6232 pla - ok
00:40:52.0341 6232 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:40:52.0428 6232 PlugPlay - ok
00:40:52.0462 6232 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:40:52.0469 6232 PNRPAutoReg - ok
00:40:52.0492 6232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:40:52.0499 6232 PNRPsvc - ok
00:40:52.0523 6232 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:40:52.0579 6232 PolicyAgent - ok
00:40:52.0617 6232 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:40:52.0630 6232 Power - ok
00:40:52.0672 6232 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:40:52.0741 6232 PptpMiniport - ok
00:40:52.0777 6232 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:40:52.0783 6232 Processor - ok
00:40:52.0823 6232 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:40:52.0826 6232 ProfSvc - ok
00:40:52.0841 6232 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:40:52.0843 6232 ProtectedStorage - ok
00:40:52.0890 6232 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:40:52.0894 6232 Psched - ok
00:40:52.0940 6232 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
00:40:53.0012 6232 PxHlpa64 - ok
00:40:53.0062 6232 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:40:53.0088 6232 ql2300 - ok
00:40:53.0105 6232 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:40:53.0109 6232 ql40xx - ok
00:40:53.0142 6232 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:40:53.0150 6232 QWAVE - ok
00:40:53.0163 6232 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:40:53.0169 6232 QWAVEdrv - ok
00:40:53.0180 6232 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:40:53.0185 6232 RasAcd - ok
00:40:53.0223 6232 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:40:53.0228 6232 RasAgileVpn - ok
00:40:53.0245 6232 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:40:53.0258 6232 RasAuto - ok
00:40:53.0299 6232 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:40:53.0367 6232 Rasl2tp - ok
00:40:53.0402 6232 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:40:53.0455 6232 RasMan - ok
00:40:53.0467 6232 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:40:53.0474 6232 RasPppoe - ok
00:40:53.0498 6232 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:40:53.0505 6232 RasSstp - ok
00:40:53.0533 6232 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:40:53.0591 6232 rdbss - ok
00:40:53.0605 6232 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:40:53.0611 6232 rdpbus - ok
00:40:53.0624 6232 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:40:53.0628 6232 RDPCDD - ok
00:40:53.0650 6232 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:40:53.0654 6232 RDPENCDD - ok
00:40:53.0665 6232 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:40:53.0668 6232 RDPREFMP - ok
00:40:53.0697 6232 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:40:53.0762 6232 RDPWD - ok
00:40:53.0801 6232 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:40:53.0877 6232 rdyboost - ok
00:40:53.0953 6232 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:40:53.0963 6232 RegSrvc - ok
00:40:54.0025 6232 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:40:54.0037 6232 RemoteAccess - ok
00:40:54.0064 6232 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:40:54.0073 6232 RemoteRegistry - ok
00:40:54.0104 6232 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
00:40:54.0169 6232 rimmptsk - ok
00:40:54.0184 6232 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
00:40:54.0233 6232 rimspci - ok
00:40:54.0248 6232 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
00:40:54.0296 6232 rimsptsk - ok
00:40:54.0316 6232 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
00:40:54.0365 6232 risdpcie - ok
00:40:54.0378 6232 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
00:40:54.0428 6232 rismxdp - ok
00:40:54.0438 6232 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
00:40:54.0488 6232 rixdpcie - ok
00:40:54.0501 6232 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:40:54.0508 6232 RpcEptMapper - ok
00:40:54.0541 6232 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:40:54.0553 6232 RpcLocator - ok
00:40:54.0593 6232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:40:54.0597 6232 RpcSs - ok
00:40:54.0631 6232 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:40:54.0638 6232 rspndr - ok
00:40:54.0684 6232 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:40:54.0752 6232 RTL8167 - ok
00:40:54.0766 6232 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:40:54.0768 6232 SamSs - ok
00:40:54.0796 6232 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:40:54.0868 6232 sbp2port - ok
00:40:54.0904 6232 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:40:54.0920 6232 SCardSvr - ok
00:40:54.0946 6232 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:40:55.0001 6232 scfilter - ok
00:40:55.0027 6232 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:40:55.0080 6232 Schedule - ok
00:40:55.0097 6232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:40:55.0098 6232 SCPolicySvc - ok
00:40:55.0128 6232 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:40:55.0131 6232 SDRSVC - ok
00:40:55.0164 6232 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:40:55.0169 6232 secdrv - ok
00:40:55.0184 6232 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:40:55.0231 6232 seclogon - ok
00:40:55.0248 6232 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:40:55.0250 6232 SENS - ok
00:40:55.0267 6232 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:40:55.0271 6232 SensrSvc - ok
00:40:55.0283 6232 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:40:55.0287 6232 Serenum - ok
00:40:55.0312 6232 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:40:55.0318 6232 Serial - ok
00:40:55.0355 6232 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:40:55.0360 6232 sermouse - ok
00:40:55.0407 6232 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:40:55.0461 6232 SessionEnv - ok
00:40:55.0490 6232 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:40:55.0495 6232 sffdisk - ok
00:40:55.0509 6232 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:40:55.0519 6232 sffp_mmc - ok
00:40:55.0529 6232 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:40:55.0578 6232 sffp_sd - ok
00:40:55.0585 6232 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:40:55.0590 6232 sfloppy - ok
00:40:55.0631 6232 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
00:40:55.0699 6232 Sftfs - ok
00:40:55.0773 6232 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:40:55.0780 6232 sftlist - ok
00:40:55.0798 6232 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:40:55.0852 6232 Sftplay - ok
00:40:55.0878 6232 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:40:55.0880 6232 Sftredir - ok
00:40:56.0008 6232 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:40:56.0081 6232 SftService - ok
00:40:56.0110 6232 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
00:40:56.0161 6232 Sftvol - ok
00:40:56.0175 6232 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:40:56.0176 6232 sftvsa - ok
00:40:56.0223 6232 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:40:56.0277 6232 ShellHWDetection - ok
00:40:56.0318 6232 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:40:56.0327 6232 SiSRaid2 - ok
00:40:56.0343 6232 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:40:56.0352 6232 SiSRaid4 - ok
00:40:56.0421 6232 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:40:56.0424 6232 SkypeUpdate - ok
00:40:56.0444 6232 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:40:56.0457 6232 Smb - ok
00:40:56.0512 6232 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:40:56.0524 6232 SNMPTRAP - ok
00:40:56.0542 6232 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:40:56.0549 6232 spldr - ok
00:40:56.0591 6232 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:40:56.0601 6232 Spooler - ok
00:40:56.0702 6232 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:40:56.0748 6232 sppsvc - ok
00:40:56.0764 6232 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:40:56.0771 6232 sppuinotify - ok
00:40:56.0820 6232 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
00:40:56.0823 6232 sprtsvc_DellSupportCenter - ok
00:40:56.0878 6232 sprtsvc_verizondm - ok
00:40:56.0923 6232 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:40:56.0982 6232 srv - ok
00:40:57.0000 6232 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:40:57.0054 6232 srv2 - ok
00:40:57.0070 6232 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:40:57.0123 6232 srvnet - ok
00:40:57.0159 6232 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:40:57.0163 6232 SSDPSRV - ok
00:40:57.0179 6232 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:40:57.0190 6232 SstpSvc - ok
00:40:57.0297 6232 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
00:40:57.0301 6232 STacSV - ok
00:40:57.0333 6232 [ C48E0745D33897C7A73394214F2B9B4F ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
00:40:57.0397 6232 stdflt - ok
00:40:57.0456 6232 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:40:57.0487 6232 stexstor - ok
00:40:57.0675 6232 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
00:40:57.0749 6232 STHDA - ok
00:40:57.0801 6232 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:40:57.0863 6232 stisvc - ok
00:40:57.0887 6232 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:40:57.0892 6232 swenum - ok
00:40:57.0925 6232 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:40:57.0955 6232 swprv - ok
00:40:58.0008 6232 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:40:58.0077 6232 SynTP - ok
00:40:58.0143 6232 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:40:58.0200 6232 SysMain - ok
00:40:58.0216 6232 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:40:58.0257 6232 TabletInputService - ok
00:40:58.0277 6232 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:40:58.0322 6232 TapiSrv - ok
00:40:58.0334 6232 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:40:58.0337 6232 TBS - ok
00:40:58.0406 6232 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:40:58.0473 6232 Tcpip - ok
00:40:58.0498 6232 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:40:58.0509 6232 TCPIP6 - ok
00:40:58.0531 6232 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:40:58.0532 6232 tcpipreg - ok
00:40:58.0569 6232 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:40:58.0580 6232 TDPIPE - ok
00:40:58.0614 6232 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:40:58.0681 6232 TDTCP - ok
00:40:58.0715 6232 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:40:58.0776 6232 tdx - ok
00:40:58.0805 6232 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:40:58.0847 6232 TermDD - ok
00:40:58.0869 6232 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:40:58.0915 6232 TermService - ok
00:40:58.0935 6232 tgsrvc_verizondm - ok
00:40:58.0970 6232 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:40:58.0983 6232 Themes - ok
00:40:59.0021 6232 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:40:59.0024 6232 THREADORDER - ok
00:40:59.0043 6232 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:40:59.0056 6232 TrkWks - ok
00:40:59.0119 6232 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:40:59.0123 6232 TrustedInstaller - ok
00:40:59.0158 6232 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:40:59.0222 6232 tssecsrv - ok
00:40:59.0263 6232 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:40:59.0334 6232 TsUsbFlt - ok
00:40:59.0380 6232 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:40:59.0432 6232 tunnel - ok
00:40:59.0461 6232 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:40:59.0471 6232 uagp35 - ok
00:40:59.0510 6232 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:40:59.0583 6232 udfs - ok
00:40:59.0612 6232 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:40:59.0625 6232 UI0Detect - ok
00:40:59.0657 6232 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:40:59.0662 6232 uliagpkx - ok
00:40:59.0700 6232 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
00:40:59.0764 6232 umbus - ok
00:40:59.0789 6232 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:40:59.0792 6232 UmPass - ok
00:40:59.0908 6232 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:40:59.0922 6232 UNS - ok
00:40:59.0958 6232 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:40:59.0965 6232 upnphost - ok
00:41:00.0004 6232 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:41:00.0065 6232 usbccgp - ok
00:41:00.0097 6232 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:41:00.0103 6232 usbcir - ok
00:41:00.0114 6232 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:41:00.0165 6232 usbehci - ok
00:41:00.0188 6232 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:41:00.0241 6232 usbhub - ok
00:41:00.0255 6232 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:41:00.0305 6232 usbohci - ok
00:41:00.0351 6232 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:41:00.0356 6232 usbprint - ok
00:41:00.0395 6232 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:41:00.0400 6232 usbscan - ok
00:41:00.0418 6232 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:41:00.0498 6232 USBSTOR - ok
00:41:00.0511 6232 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:41:00.0562 6232 usbuhci - ok
00:41:00.0595 6232 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:41:00.0661 6232 usbvideo - ok
00:41:00.0710 6232 [ 622FCF264119F7DF127BE353F796B319 ] UtilityChest_49Service C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
00:41:00.0711 6232 UtilityChest_49Service - ok
00:41:00.0749 6232 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:41:00.0754 6232 UxSms - ok
00:41:00.0766 6232 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:41:00.0768 6232 VaultSvc - ok
00:41:00.0806 6232 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:41:00.0815 6232 vdrvroot - ok
00:41:00.0853 6232 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:41:00.0912 6232 vds - ok
00:41:00.0952 6232 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:41:00.0955 6232 vga - ok
00:41:00.0970 6232 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:41:00.0979 6232 VgaSave - ok
00:41:01.0026 6232 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:41:01.0081 6232 vhdmp - ok
00:41:01.0092 6232 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:41:01.0097 6232 viaide - ok
00:41:01.0113 6232 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:41:01.0167 6232 volmgr - ok
00:41:01.0206 6232 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:41:01.0274 6232 volmgrx - ok
00:41:01.0287 6232 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:41:01.0343 6232 volsnap - ok
00:41:01.0368 6232 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:41:01.0376 6232 vsmraid - ok
00:41:01.0439 6232 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:41:01.0513 6232 VSS - ok
00:41:01.0529 6232 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:41:01.0532 6232 vwifibus - ok
00:41:01.0544 6232 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:41:01.0550 6232 vwififlt - ok
00:41:01.0576 6232 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:41:01.0581 6232 vwifimp - ok
00:41:01.0615 6232 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:41:01.0634 6232 W32Time - ok
00:41:01.0674 6232 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:41:01.0684 6232 WacomPen - ok
00:41:01.0734 6232 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:41:01.0802 6232 WANARP - ok
00:41:01.0806 6232 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:41:01.0807 6232 Wanarpv6 - ok
00:41:01.0870 6232 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:41:01.0943 6232 WatAdminSvc - ok
00:41:02.0019 6232 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:41:02.0088 6232 wbengine - ok
00:41:02.0105 6232 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:41:02.0114 6232 WbioSrvc - ok
00:41:02.0145 6232 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:41:02.0190 6232 wcncsvc - ok
00:41:02.0221 6232 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:41:02.0227 6232 WcsPlugInService - ok
00:41:02.0260 6232 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:41:02.0269 6232 Wd - ok
00:41:02.0313 6232 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:41:02.0385 6232 Wdf01000 - ok
00:41:02.0404 6232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:41:02.0407 6232 WdiServiceHost - ok
00:41:02.0411 6232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:41:02.0413 6232 WdiSystemHost - ok
00:41:02.0441 6232 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:41:02.0482 6232 WebClient - ok
00:41:02.0501 6232 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:41:02.0510 6232 Wecsvc - ok
00:41:02.0530 6232 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:41:02.0537 6232 wercplsupport - ok
00:41:02.0559 6232 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:41:02.0564 6232 WerSvc - ok
00:41:02.0578 6232 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:41:02.0583 6232 WfpLwf - ok
00:41:02.0618 6232 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
00:41:02.0677 6232 WimFltr - ok
00:41:02.0688 6232 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:41:02.0692 6232 WIMMount - ok
00:41:02.0698 6232 WinHttpAutoProxySvc - ok
00:41:02.0795 6232 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:41:02.0808 6232 Winmgmt - ok
00:41:02.0884 6232 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:41:02.0947 6232 WinRM - ok
00:41:03.0014 6232 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:41:03.0036 6232 Wlansvc - ok
00:41:03.0070 6232 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:41:03.0071 6232 WmiAcpi - ok
00:41:03.0089 6232 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:41:03.0103 6232 wmiApSrv - ok
00:41:03.0141 6232 WMPNetworkSvc - ok
00:41:03.0161 6232 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:41:03.0170 6232 WPCSvc - ok
00:41:03.0202 6232 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:41:03.0208 6232 WPDBusEnum - ok
00:41:03.0239 6232 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:41:03.0245 6232 ws2ifsl - ok
00:41:03.0254 6232 WSearch - ok
00:41:03.0326 6232 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:41:03.0353 6232 wuauserv - ok
00:41:03.0381 6232 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:41:03.0447 6232 WudfPf - ok
00:41:03.0486 6232 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:41:03.0547 6232 WUDFRd - ok
00:41:03.0576 6232 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:41:03.0616 6232 wudfsvc - ok
00:41:03.0647 6232 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:41:03.0658 6232 WwanSvc - ok
00:41:03.0689 6232 ================ Scan global ===============================
00:41:03.0719 6232 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:41:03.0761 6232 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
00:41:03.0773 6232 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
00:41:03.0807 6232 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:41:03.0850 6232 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:41:03.0857 6232 [Global] - ok
00:41:03.0858 6232 ================ Scan MBR ==================================
00:41:03.0872 6232 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:41:03.0872 6232 Suspicious mbr (Forged): \Device\Harddisk0\DR0
00:41:03.0926 6232 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
00:41:03.0927 6232 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
00:41:04.0578 6232 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:41:04.0578 6232 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:41:04.0579 6232 ================ Scan VBR ==================================
00:41:04.0609 6232 [ B6B637B6121CE3E96930D1AC52232F58 ] \Device\Harddisk0\DR0\Partition1
00:41:04.0611 6232 \Device\Harddisk0\DR0\Partition1 - ok
00:41:04.0632 6232 [ E471480002A65896B6FF6DC8684391EF ] \Device\Harddisk0\DR0\Partition2
00:41:04.0634 6232 \Device\Harddisk0\DR0\Partition2 - ok
00:41:04.0636 6232 ============================================================
00:41:04.0636 6232 Scan finished
00:41:04.0636 6232 ============================================================
00:41:04.0654 5356 Detected object count: 2
00:41:04.0654 5356 Actual detected object count: 2
00:42:07.0269 5356 \Device\Harddisk0\DR0\# - copied to quarantine
00:42:07.0272 5356 \Device\Harddisk0\DR0 - copied to quarantine
00:42:07.0338 5356 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
00:42:07.0342 5356 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
00:42:07.0367 5356 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
00:42:07.0382 5356 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
00:42:07.0384 5356 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
00:42:07.0387 5356 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
00:42:07.0391 5356 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
00:42:07.0395 5356 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:42:07.0400 5356 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:42:07.0403 5356 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
00:42:07.0406 5356 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
00:42:07.0409 5356 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
00:42:07.0436 5356 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
00:42:07.0472 5356 \Device\Harddisk0\DR0 - ok
00:42:07.0634 5356 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
00:42:07.0638 5356 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
00:42:07.0638 5356 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
00:42:44.0387 2696 Deinitialize success

Avast crashed in normal mode. After I restarted in safe mode with networking McAfee will not turn on at all. Real time scanning and firewall is off. here is the log.
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-20 15:16:45
-----------------------------
15:16:45.803 OS Version: Windows x64 6.1.7601 Service Pack 1
15:16:45.803 Number of processors: 4 586 0x2505
15:16:45.803 ComputerName: STUDIO15-PC UserName: Studio15
15:16:48.049 Initialize success
15:16:59.437 AVAST engine defs: 12111901
15:17:50.091 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:17:50.091 Disk 0 Vendor: TOSHIBA_MK5056GSY LH003D Size: 476940MB BusType: 11
15:17:50.091 Disk 0 MBR read successfully
15:17:50.106 Disk 0 MBR scan
15:17:50.122 Disk 0 Windows VISTA default MBR code
15:17:50.122 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
15:17:50.138 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 18000 MB offset 80325
15:17:50.169 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 458899 MB offset 36944325
15:17:50.200 Disk 0 scanning C:\Windows\system32\drivers
15:17:58.874 Service scanning
15:18:22.523 Modules scanning
15:18:22.523 Disk 0 trace - called modules:
15:18:22.601 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:18:23.132 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bc7790]
15:18:23.132 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8004a4dce0]
15:18:23.132 5 stdflt.sys[fffff88001b7fa4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80048d2680]
15:18:24.551 AVAST engine scan C:\Windows
15:18:26.657 AVAST engine scan C:\Windows\system32
15:21:12.860 AVAST engine scan C:\Windows\system32\drivers
15:21:24.092 AVAST engine scan C:\Users\Studio15
15:33:01.663 AVAST engine scan C:\ProgramData
15:59:23.022 Scan finished successfully
15:59:57.014 Disk 0 MBR has been saved successfully to "C:\Users\Studio15\Documents\MBR.dat"
15:59:57.014 The log file has been saved successfully to "C:\Users\Studio15\Documents\aswMBR.txt"


I ran ESET still in safe mode with networking and copied the list of found threats:
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49datact.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49html.dll probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49ieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49Plugin.dll a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49skin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.11.2012_00.39.11\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.11.2012_00.39.11\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.PR trojan cleaned by deleting - quarantined
C:\Users\Studio15\AppData\LocalLow\UtilityChest_49EI\Installr\Cache\001C1303.exe a variant of Win32/Toolbar.MyWebSearch.O application cleaned by deleting - quarantined

Currently I am keeping my computer in safe mode. I am concerned because McAfee is still off and will not turn on. Thank you for your assistance.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 20 November 2012 - 10:01 PM

Reboot into normal mode

Launch TDSSkiller and select DELETE

00:42:07.0638 5356 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 Ann M

Ann M
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 21 November 2012 - 12:47 AM

New TDDSS LOG:
22:26:32.0362 0960 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:26:32.0940 0960 ============================================================
22:26:32.0940 0960 Current date / time: 2012/11/20 22:26:32.0940
22:26:32.0940 0960 SystemInfo:
22:26:32.0940 0960
22:26:32.0940 0960 OS Version: 6.1.7601 ServicePack: 1.0
22:26:32.0940 0960 Product type: Workstation
22:26:32.0940 0960 ComputerName: STUDIO15-PC
22:26:32.0940 0960 UserName: Studio15
22:26:32.0940 0960 Windows directory: C:\Windows
22:26:32.0940 0960 System windows directory: C:\Windows
22:26:32.0940 0960 Running under WOW64
22:26:32.0940 0960 Processor architecture: Intel x64
22:26:32.0940 0960 Number of processors: 4
22:26:32.0940 0960 Page size: 0x1000
22:26:32.0940 0960 Boot type: Normal boot
22:26:32.0940 0960 ============================================================
22:26:34.0344 0960 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:26:34.0359 0960 ============================================================
22:26:34.0359 0960 \Device\Harddisk0\DR0:
22:26:34.0359 0960 MBR partitions:
22:26:34.0359 0960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x2328000
22:26:34.0359 0960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x233B9C5, BlocksNum 0x38049E6B
22:26:34.0359 0960 ============================================================
22:26:34.0375 0960 C: <-> \Device\Harddisk0\DR0\Partition2
22:26:34.0375 0960 ============================================================
22:26:34.0375 0960 Initialize success
22:26:34.0375 0960 ============================================================
22:27:48.0761 5504 ============================================================
22:27:48.0761 5504 Scan started
22:27:48.0761 5504 Mode: Manual; TDLFS;
22:27:48.0761 5504 ============================================================
22:27:49.0479 5504 ================ Scan system memory ========================
22:27:49.0479 5504 System memory - ok
22:27:49.0479 5504 ================ Scan services =============================
22:27:49.0650 5504 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:27:49.0760 5504 1394ohci - ok
22:27:49.0791 5504 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
22:27:49.0869 5504 Acceler - ok
22:27:49.0884 5504 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:27:49.0978 5504 ACPI - ok
22:27:49.0994 5504 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:27:50.0040 5504 AcpiPmi - ok
22:27:50.0134 5504 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:27:50.0212 5504 AdobeARMservice - ok
22:27:50.0337 5504 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:27:50.0352 5504 AdobeFlashPlayerUpdateSvc - ok
22:27:50.0415 5504 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:27:50.0430 5504 adp94xx - ok
22:27:50.0462 5504 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:27:50.0477 5504 adpahci - ok
22:27:50.0477 5504 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:27:50.0493 5504 adpu320 - ok
22:27:50.0524 5504 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:27:50.0524 5504 AeLookupSvc - ok
22:27:50.0680 5504 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
22:27:50.0742 5504 AESTFilters - ok
22:27:50.0789 5504 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:27:50.0867 5504 AFD - ok
22:27:50.0898 5504 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:27:50.0898 5504 agp440 - ok
22:27:50.0930 5504 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:27:50.0930 5504 ALG - ok
22:27:50.0945 5504 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:27:50.0961 5504 aliide - ok
22:27:50.0992 5504 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:27:50.0992 5504 amdide - ok
22:27:51.0039 5504 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:27:51.0039 5504 AmdK8 - ok
22:27:51.0054 5504 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:27:51.0054 5504 AmdPPM - ok
22:27:51.0101 5504 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:27:51.0179 5504 amdsata - ok
22:27:51.0195 5504 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:27:51.0210 5504 amdsbs - ok
22:27:51.0226 5504 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:27:51.0288 5504 amdxata - ok
22:27:51.0335 5504 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:27:51.0398 5504 AppID - ok
22:27:51.0429 5504 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:27:51.0429 5504 AppIDSvc - ok
22:27:51.0476 5504 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:27:51.0554 5504 Appinfo - ok
22:27:51.0554 5504 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:27:51.0569 5504 arc - ok
22:27:51.0569 5504 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:27:51.0585 5504 arcsas - ok
22:27:51.0600 5504 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:27:51.0600 5504 AsyncMac - ok
22:27:51.0616 5504 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:27:51.0616 5504 atapi - ok
22:27:51.0663 5504 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:27:51.0725 5504 AudioEndpointBuilder - ok
22:27:51.0741 5504 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:27:51.0741 5504 AudioSrv - ok
22:27:51.0788 5504 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:27:51.0834 5504 AxInstSV - ok
22:27:51.0866 5504 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:27:51.0881 5504 b06bdrv - ok
22:27:51.0912 5504 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:27:51.0928 5504 b57nd60a - ok
22:27:51.0975 5504 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:27:51.0975 5504 BDESVC - ok
22:27:52.0006 5504 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:27:52.0006 5504 Beep - ok
22:27:52.0037 5504 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:27:52.0131 5504 BITS - ok
22:27:52.0146 5504 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:27:52.0146 5504 blbdrive - ok
22:27:52.0193 5504 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:27:52.0256 5504 bowser - ok
22:27:52.0256 5504 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:27:52.0271 5504 BrFiltLo - ok
22:27:52.0271 5504 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:27:52.0271 5504 BrFiltUp - ok
22:27:52.0318 5504 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:27:52.0349 5504 Browser - ok
22:27:52.0365 5504 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:27:52.0380 5504 Brserid - ok
22:27:52.0396 5504 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:27:52.0412 5504 BrSerWdm - ok
22:27:52.0412 5504 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:27:52.0412 5504 BrUsbMdm - ok
22:27:52.0427 5504 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:27:52.0427 5504 BrUsbSer - ok
22:27:52.0427 5504 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:27:52.0427 5504 BTHMODEM - ok
22:27:52.0458 5504 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:27:52.0458 5504 bthserv - ok
22:27:52.0474 5504 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:27:52.0474 5504 cdfs - ok
22:27:52.0521 5504 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:27:52.0599 5504 cdrom - ok
22:27:52.0614 5504 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:27:52.0661 5504 CertPropSvc - ok
22:27:52.0708 5504 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:27:52.0786 5504 cfwids - ok
22:27:52.0802 5504 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:27:52.0802 5504 circlass - ok
22:27:52.0833 5504 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:27:52.0848 5504 CLFS - ok
22:27:52.0926 5504 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:27:52.0942 5504 clr_optimization_v2.0.50727_32 - ok
22:27:52.0989 5504 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:27:53.0004 5504 clr_optimization_v2.0.50727_64 - ok
22:27:53.0082 5504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:27:53.0176 5504 clr_optimization_v4.0.30319_32 - ok
22:27:53.0207 5504 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:27:53.0270 5504 clr_optimization_v4.0.30319_64 - ok
22:27:53.0316 5504 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:27:53.0316 5504 CmBatt - ok
22:27:53.0348 5504 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:27:53.0363 5504 cmdide - ok
22:27:53.0410 5504 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:27:53.0457 5504 CNG - ok
22:27:53.0488 5504 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:27:53.0535 5504 Compbatt - ok
22:27:53.0660 5504 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:27:53.0769 5504 CompositeBus - ok
22:27:53.0784 5504 COMSysApp - ok
22:27:53.0800 5504 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:27:53.0800 5504 crcdisk - ok
22:27:53.0847 5504 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:27:53.0909 5504 CryptSvc - ok
22:27:53.0940 5504 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:27:54.0018 5504 CtClsFlt - ok
22:27:54.0143 5504 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:27:54.0221 5504 cvhsvc - ok
22:27:54.0268 5504 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:27:54.0268 5504 DcomLaunch - ok
22:27:54.0315 5504 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:27:54.0330 5504 defragsvc - ok
22:27:54.0377 5504 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:27:54.0440 5504 DfsC - ok
22:27:54.0471 5504 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:27:54.0518 5504 Dhcp - ok
22:27:54.0549 5504 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:27:54.0549 5504 discache - ok
22:27:54.0580 5504 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:27:54.0596 5504 Disk - ok
22:27:54.0627 5504 dlea_device - ok
22:27:54.0674 5504 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:27:54.0720 5504 Dnscache - ok
22:27:54.0798 5504 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
22:27:54.0876 5504 DockLoginService - ok
22:27:54.0908 5504 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:27:54.0986 5504 dot3svc - ok
22:27:55.0001 5504 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:27:55.0017 5504 DPS - ok
22:27:55.0048 5504 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:27:55.0048 5504 drmkaud - ok
22:27:55.0110 5504 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:27:55.0188 5504 DXGKrnl - ok
22:27:55.0220 5504 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:27:55.0235 5504 EapHost - ok
22:27:55.0329 5504 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:27:55.0376 5504 ebdrv - ok
22:27:55.0407 5504 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:27:55.0454 5504 EFS - ok
22:27:55.0500 5504 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:27:55.0578 5504 ehRecvr - ok
22:27:55.0610 5504 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:27:55.0625 5504 ehSched - ok
22:27:55.0656 5504 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:27:55.0672 5504 elxstor - ok
22:27:55.0703 5504 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:27:55.0703 5504 ErrDev - ok
22:27:55.0734 5504 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:27:55.0750 5504 EventSystem - ok
22:27:55.0828 5504 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:27:55.0906 5504 EvtEng - ok
22:27:55.0937 5504 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:27:55.0953 5504 exfat - ok
22:27:55.0984 5504 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:27:55.0984 5504 fastfat - ok
22:27:56.0093 5504 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:27:56.0171 5504 Fax - ok
22:27:56.0171 5504 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:27:56.0187 5504 fdc - ok
22:27:56.0202 5504 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:27:56.0218 5504 fdPHost - ok
22:27:56.0249 5504 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:27:56.0249 5504 FDResPub - ok
22:27:56.0265 5504 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:27:56.0280 5504 FileInfo - ok
22:27:56.0296 5504 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:27:56.0296 5504 Filetrace - ok
22:27:56.0312 5504 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:27:56.0312 5504 flpydisk - ok
22:27:56.0358 5504 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:27:56.0405 5504 FltMgr - ok
22:27:56.0468 5504 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:27:56.0514 5504 FontCache - ok
22:27:56.0561 5504 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:27:56.0639 5504 FontCache3.0.0.0 - ok
22:27:56.0670 5504 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:27:56.0686 5504 FsDepends - ok
22:27:56.0717 5504 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:27:56.0811 5504 Fs_Rec - ok
22:27:56.0842 5504 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:27:56.0951 5504 fvevol - ok
22:27:56.0967 5504 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:27:56.0982 5504 gagp30kx - ok
22:27:57.0029 5504 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
22:27:57.0107 5504 GameConsoleService - ok
22:27:57.0170 5504 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
22:27:57.0263 5504 GamesAppService - ok
22:27:57.0341 5504 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
22:27:57.0388 5504 GoToAssist - ok
22:27:57.0450 5504 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:27:57.0513 5504 gpsvc - ok
22:27:57.0606 5504 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:27:57.0684 5504 gupdate - ok
22:27:57.0716 5504 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:27:57.0716 5504 gupdatem - ok
22:27:57.0762 5504 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:27:57.0856 5504 gusvc - ok
22:27:57.0887 5504 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:27:57.0887 5504 hcw85cir - ok
22:27:57.0934 5504 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:27:57.0996 5504 HDAudBus - ok
22:27:58.0028 5504 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:27:58.0090 5504 HECIx64 - ok
22:27:58.0090 5504 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:27:58.0090 5504 HidBatt - ok
22:27:58.0106 5504 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:27:58.0121 5504 HidBth - ok
22:27:58.0121 5504 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:27:58.0137 5504 HidIr - ok
22:27:58.0168 5504 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:27:58.0168 5504 hidserv - ok
22:27:58.0215 5504 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:27:58.0277 5504 HidUsb - ok
22:27:58.0340 5504 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:27:58.0386 5504 HipShieldK - ok
22:27:58.0433 5504 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:27:58.0496 5504 hkmsvc - ok
22:27:58.0527 5504 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:27:58.0605 5504 HomeGroupListener - ok
22:27:58.0636 5504 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:27:58.0683 5504 HomeGroupProvider - ok
22:27:58.0714 5504 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:27:58.0761 5504 HpSAMD - ok
22:27:58.0823 5504 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:27:58.0901 5504 HTTP - ok
22:27:58.0932 5504 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:27:58.0979 5504 hwpolicy - ok
22:27:59.0026 5504 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:27:59.0042 5504 i8042prt - ok
22:27:59.0088 5504 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:27:59.0151 5504 iaStorV - ok
22:27:59.0198 5504 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:27:59.0276 5504 idsvc - ok
22:27:59.0478 5504 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:27:59.0712 5504 igfx - ok
22:27:59.0744 5504 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:27:59.0759 5504 iirsp - ok
22:27:59.0806 5504 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:27:59.0900 5504 IKEEXT - ok
22:27:59.0931 5504 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
22:27:59.0978 5504 Impcd - ok
22:28:00.0009 5504 [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
22:28:00.0071 5504 InstallFilterService - ok
22:28:00.0102 5504 [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:28:00.0165 5504 IntcDAud - ok
22:28:00.0196 5504 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:28:00.0196 5504 intelide - ok
22:28:00.0227 5504 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:28:00.0227 5504 intelppm - ok
22:28:00.0274 5504 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:28:00.0290 5504 IPBusEnum - ok
22:28:00.0321 5504 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:28:00.0399 5504 IpFilterDriver - ok
22:28:00.0430 5504 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:28:00.0492 5504 IPMIDRV - ok
22:28:00.0524 5504 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:28:00.0539 5504 IPNAT - ok
22:28:00.0570 5504 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:28:00.0570 5504 IRENUM - ok
22:28:00.0586 5504 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:28:00.0586 5504 isapnp - ok
22:28:00.0633 5504 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:28:00.0695 5504 iScsiPrt - ok
22:28:00.0726 5504 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:28:00.0726 5504 kbdclass - ok
22:28:00.0789 5504 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:28:00.0851 5504 kbdhid - ok
22:28:00.0867 5504 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:28:00.0867 5504 KeyIso - ok
22:28:00.0898 5504 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:28:00.0929 5504 KSecDD - ok
22:28:00.0960 5504 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:28:01.0038 5504 KSecPkg - ok
22:28:01.0038 5504 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:28:01.0054 5504 ksthunk - ok
22:28:01.0085 5504 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:28:01.0101 5504 KtmRm - ok
22:28:01.0148 5504 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:28:01.0194 5504 LanmanServer - ok
22:28:01.0226 5504 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:28:01.0288 5504 LanmanWorkstation - ok
22:28:01.0335 5504 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:28:01.0350 5504 lltdio - ok
22:28:01.0397 5504 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:28:01.0397 5504 lltdsvc - ok
22:28:01.0413 5504 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:28:01.0413 5504 lmhosts - ok
22:28:01.0475 5504 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:28:01.0584 5504 LMS - ok
22:28:01.0600 5504 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:28:01.0616 5504 LSI_FC - ok
22:28:01.0631 5504 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:28:01.0631 5504 LSI_SAS - ok
22:28:01.0631 5504 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:28:01.0631 5504 LSI_SAS2 - ok
22:28:01.0647 5504 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:28:01.0662 5504 LSI_SCSI - ok
22:28:01.0662 5504 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:28:01.0678 5504 luafv - ok
22:28:01.0756 5504 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
22:28:01.0818 5504 McMPFSvc - ok
22:28:01.0834 5504 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:28:01.0834 5504 mcmscsvc - ok
22:28:01.0834 5504 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:28:01.0834 5504 McNaiAnn - ok
22:28:01.0850 5504 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:28:01.0850 5504 McNASvc - ok
22:28:01.0928 5504 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
22:28:02.0006 5504 McODS - ok
22:28:02.0006 5504 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:28:02.0006 5504 McOobeSv - ok
22:28:02.0021 5504 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
22:28:02.0021 5504 McProxy - ok
22:28:02.0068 5504 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
22:28:02.0146 5504 McShield - ok
22:28:02.0162 5504 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:28:02.0224 5504 Mcx2Svc - ok
22:28:02.0271 5504 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:28:02.0286 5504 megasas - ok
22:28:02.0302 5504 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:28:02.0318 5504 MegaSR - ok
22:28:02.0364 5504 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
22:28:02.0427 5504 mfeapfk - ok
22:28:02.0474 5504 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:28:02.0552 5504 mfeavfk - ok
22:28:02.0567 5504 mfeavfk01 - ok
22:28:02.0630 5504 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:28:02.0692 5504 mfefire - ok
22:28:02.0708 5504 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:28:02.0770 5504 mfefirek - ok
22:28:02.0786 5504 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:28:02.0848 5504 mfehidk - ok
22:28:02.0864 5504 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
22:28:02.0926 5504 mferkdet - ok
22:28:02.0957 5504 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
22:28:03.0020 5504 mfevtp - ok
22:28:03.0035 5504 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
22:28:03.0098 5504 mfewfpk - ok
22:28:03.0129 5504 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:28:03.0129 5504 MMCSS - ok
22:28:03.0160 5504 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:28:03.0160 5504 Modem - ok
22:28:03.0191 5504 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:28:03.0191 5504 monitor - ok
22:28:03.0238 5504 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:28:03.0238 5504 mouclass - ok
22:28:03.0254 5504 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:28:03.0269 5504 mouhid - ok
22:28:03.0316 5504 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:28:03.0378 5504 mountmgr - ok
22:28:03.0410 5504 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:28:03.0457 5504 mpio - ok
22:28:03.0472 5504 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:28:03.0488 5504 mpsdrv - ok
22:28:03.0519 5504 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:28:03.0581 5504 MRxDAV - ok
22:28:03.0628 5504 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:28:03.0675 5504 mrxsmb - ok
22:28:03.0706 5504 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:28:03.0769 5504 mrxsmb10 - ok
22:28:03.0784 5504 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:28:03.0878 5504 mrxsmb20 - ok
22:28:03.0940 5504 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:28:04.0065 5504 msahci - ok
22:28:04.0081 5504 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:28:04.0143 5504 msdsm - ok
22:28:04.0159 5504 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:28:04.0174 5504 MSDTC - ok
22:28:04.0205 5504 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:28:04.0205 5504 Msfs - ok
22:28:04.0237 5504 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:28:04.0237 5504 mshidkmdf - ok
22:28:04.0283 5504 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:28:04.0283 5504 msisadrv - ok
22:28:04.0315 5504 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:28:04.0330 5504 MSiSCSI - ok
22:28:04.0346 5504 msiserver - ok
22:28:04.0361 5504 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:28:04.0377 5504 MSKSSRV - ok
22:28:04.0377 5504 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:28:04.0393 5504 MSPCLOCK - ok
22:28:04.0408 5504 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:28:04.0424 5504 MSPQM - ok
22:28:04.0455 5504 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:28:04.0502 5504 MsRPC - ok
22:28:04.0533 5504 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:28:04.0533 5504 mssmbios - ok
22:28:04.0549 5504 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:28:04.0549 5504 MSTEE - ok
22:28:04.0564 5504 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:28:04.0580 5504 MTConfig - ok
22:28:04.0580 5504 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:28:04.0595 5504 Mup - ok
22:28:04.0627 5504 [ D285D0539016BE299A55FF997B44DA33 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:28:04.0689 5504 MyWiFiDHCPDNS - ok
22:28:04.0736 5504 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:28:04.0798 5504 napagent - ok
22:28:04.0829 5504 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:28:04.0845 5504 NativeWifiP - ok
22:28:04.0907 5504 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:28:04.0970 5504 NDIS - ok
22:28:04.0985 5504 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:28:05.0001 5504 NdisCap - ok
22:28:05.0017 5504 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:28:05.0032 5504 NdisTapi - ok
22:28:05.0048 5504 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:28:05.0110 5504 Ndisuio - ok
22:28:05.0126 5504 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:28:05.0173 5504 NdisWan - ok
22:28:05.0219 5504 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:28:05.0282 5504 NDProxy - ok
22:28:05.0297 5504 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:28:05.0297 5504 NetBIOS - ok
22:28:05.0329 5504 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:28:05.0407 5504 NetBT - ok
22:28:05.0422 5504 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:28:05.0422 5504 Netlogon - ok
22:28:05.0453 5504 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:28:05.0469 5504 Netman - ok
22:28:05.0485 5504 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:28:05.0500 5504 netprofm - ok
22:28:05.0531 5504 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:28:05.0531 5504 NetTcpPortSharing - ok
22:28:05.0687 5504 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
22:28:05.0828 5504 NETw5s64 - ok
22:28:05.0875 5504 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:28:05.0875 5504 nfrd960 - ok
22:28:05.0921 5504 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:28:05.0968 5504 NlaSvc - ok
22:28:05.0984 5504 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:28:05.0999 5504 Npfs - ok
22:28:06.0031 5504 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:28:06.0031 5504 nsi - ok
22:28:06.0046 5504 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:28:06.0046 5504 nsiproxy - ok
22:28:06.0124 5504 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:28:06.0187 5504 Ntfs - ok
22:28:06.0202 5504 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:28:06.0202 5504 Null - ok
22:28:06.0249 5504 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:28:06.0311 5504 nvraid - ok
22:28:06.0327 5504 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:28:06.0374 5504 nvstor - ok
22:28:06.0405 5504 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:28:06.0421 5504 nv_agp - ok
22:28:06.0452 5504 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:28:06.0467 5504 ohci1394 - ok
22:28:06.0499 5504 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:28:06.0592 5504 ose - ok
22:28:06.0701 5504 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:28:06.0795 5504 osppsvc - ok
22:28:06.0842 5504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:28:06.0842 5504 p2pimsvc - ok
22:28:06.0857 5504 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:28:06.0889 5504 p2psvc - ok
22:28:06.0920 5504 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:28:06.0935 5504 Parport - ok
22:28:06.0967 5504 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:28:07.0029 5504 partmgr - ok
22:28:07.0045 5504 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:28:07.0045 5504 PcaSvc - ok
22:28:07.0076 5504 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:28:07.0154 5504 pci - ok
22:28:07.0154 5504 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:28:07.0169 5504 pciide - ok
22:28:07.0185 5504 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:28:07.0185 5504 pcmcia - ok
22:28:07.0201 5504 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:28:07.0216 5504 pcw - ok
22:28:07.0247 5504 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:28:07.0263 5504 PEAUTH - ok
22:28:07.0372 5504 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:28:07.0372 5504 PerfHost - ok
22:28:07.0435 5504 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:28:07.0497 5504 pla - ok
22:28:07.0559 5504 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:28:07.0622 5504 PlugPlay - ok
22:28:07.0653 5504 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:28:07.0669 5504 PNRPAutoReg - ok
22:28:07.0684 5504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:28:07.0700 5504 PNRPsvc - ok
22:28:07.0715 5504 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:28:07.0778 5504 PolicyAgent - ok
22:28:07.0809 5504 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:28:07.0825 5504 Power - ok
22:28:07.0856 5504 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:28:07.0934 5504 PptpMiniport - ok
22:28:07.0949 5504 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:28:07.0965 5504 Processor - ok
22:28:07.0996 5504 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:28:08.0074 5504 ProfSvc - ok
22:28:08.0090 5504 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:28:08.0090 5504 ProtectedStorage - ok
22:28:08.0137 5504 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:28:08.0199 5504 Psched - ok
22:28:08.0246 5504 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:28:08.0324 5504 PxHlpa64 - ok
22:28:08.0371 5504 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:28:08.0402 5504 ql2300 - ok
22:28:08.0417 5504 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:28:08.0433 5504 ql40xx - ok
22:28:08.0464 5504 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:28:08.0464 5504 QWAVE - ok
22:28:08.0480 5504 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:28:08.0495 5504 QWAVEdrv - ok
22:28:08.0495 5504 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:28:08.0511 5504 RasAcd - ok
22:28:08.0542 5504 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:28:08.0542 5504 RasAgileVpn - ok
22:28:08.0558 5504 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:28:08.0558 5504 RasAuto - ok
22:28:08.0605 5504 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:28:08.0667 5504 Rasl2tp - ok
22:28:08.0698 5504 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:28:08.0761 5504 RasMan - ok
22:28:08.0792 5504 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:28:08.0792 5504 RasPppoe - ok
22:28:08.0807 5504 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:28:08.0823 5504 RasSstp - ok
22:28:08.0839 5504 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:28:08.0917 5504 rdbss - ok
22:28:08.0932 5504 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:28:08.0932 5504 rdpbus - ok
22:28:08.0963 5504 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:28:08.0963 5504 RDPCDD - ok
22:28:08.0995 5504 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:28:08.0995 5504 RDPENCDD - ok
22:28:09.0010 5504 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:28:09.0057 5504 RDPREFMP - ok
22:28:09.0088 5504 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:28:09.0151 5504 RDPWD - ok
22:28:09.0197 5504 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:28:09.0260 5504 rdyboost - ok
22:28:09.0322 5504 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:28:09.0400 5504 RegSrvc - ok
22:28:09.0431 5504 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:28:09.0447 5504 RemoteAccess - ok
22:28:09.0463 5504 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:28:09.0478 5504 RemoteRegistry - ok
22:28:09.0509 5504 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
22:28:09.0619 5504 rimmptsk - ok
22:28:09.0634 5504 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
22:28:09.0681 5504 rimspci - ok
22:28:09.0697 5504 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
22:28:09.0743 5504 rimsptsk - ok
22:28:09.0759 5504 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
22:28:09.0806 5504 risdpcie - ok
22:28:09.0821 5504 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
22:28:09.0868 5504 rismxdp - ok
22:28:09.0868 5504 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
22:28:09.0931 5504 rixdpcie - ok
22:28:09.0946 5504 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:28:09.0946 5504 RpcEptMapper - ok
22:28:09.0993 5504 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:28:09.0993 5504 RpcLocator - ok
22:28:10.0040 5504 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:28:10.0055 5504 RpcSs - ok
22:28:10.0087 5504 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:28:10.0102 5504 rspndr - ok
22:28:10.0149 5504 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:28:10.0227 5504 RTL8167 - ok
22:28:10.0243 5504 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:28:10.0243 5504 SamSs - ok
22:28:10.0274 5504 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:28:10.0336 5504 sbp2port - ok
22:28:10.0367 5504 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:28:10.0383 5504 SCardSvr - ok
22:28:10.0414 5504 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:28:10.0477 5504 scfilter - ok
22:28:10.0508 5504 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:28:10.0570 5504 Schedule - ok
22:28:10.0586 5504 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:28:10.0586 5504 SCPolicySvc - ok
22:28:10.0617 5504 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:28:10.0664 5504 SDRSVC - ok
22:28:10.0695 5504 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:28:10.0695 5504 secdrv - ok
22:28:10.0726 5504 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:28:10.0773 5504 seclogon - ok
22:28:10.0789 5504 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:28:10.0789 5504 SENS - ok
22:28:10.0804 5504 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:28:10.0804 5504 SensrSvc - ok
22:28:10.0820 5504 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:28:10.0820 5504 Serenum - ok
22:28:10.0867 5504 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:28:10.0867 5504 Serial - ok
22:28:10.0913 5504 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:28:10.0913 5504 sermouse - ok
22:28:10.0960 5504 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:28:11.0007 5504 SessionEnv - ok
22:28:11.0038 5504 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:28:11.0038 5504 sffdisk - ok
22:28:11.0054 5504 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:28:11.0069 5504 sffp_mmc - ok
22:28:11.0069 5504 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:28:11.0132 5504 sffp_sd - ok
22:28:11.0147 5504 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:28:11.0147 5504 sfloppy - ok
22:28:11.0194 5504 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
22:28:11.0272 5504 Sftfs - ok
22:28:11.0350 5504 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:28:11.0428 5504 sftlist - ok
22:28:11.0444 5504 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:28:11.0491 5504 Sftplay - ok
22:28:11.0522 5504 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:28:11.0569 5504 Sftredir - ok
22:28:11.0662 5504 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
22:28:11.0771 5504 SftService - ok
22:28:11.0787 5504 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
22:28:11.0834 5504 Sftvol - ok
22:28:11.0849 5504 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:28:11.0912 5504 sftvsa - ok
22:28:11.0943 5504 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:28:12.0005 5504 ShellHWDetection - ok
22:28:12.0052 5504 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:28:12.0068 5504 SiSRaid2 - ok
22:28:12.0083 5504 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:28:12.0083 5504 SiSRaid4 - ok
22:28:12.0161 5504 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:28:18.0089 5504 SkypeUpdate - ok
22:28:18.0152 5504 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:28:18.0167 5504 Smb - ok
22:28:18.0214 5504 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:28:18.0230 5504 SNMPTRAP - ok
22:28:18.0245 5504 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:28:18.0261 5504 spldr - ok
22:28:18.0308 5504 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:28:18.0370 5504 Spooler - ok
22:28:18.0464 5504 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:28:18.0557 5504 sppsvc - ok
22:28:18.0573 5504 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:28:18.0589 5504 sppuinotify - ok
22:28:18.0620 5504 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
22:28:18.0713 5504 sprtsvc_DellSupportCenter - ok
22:28:18.0760 5504 sprtsvc_verizondm - ok
22:28:18.0807 5504 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:28:18.0885 5504 srv - ok
22:28:18.0901 5504 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:28:18.0947 5504 srv2 - ok
22:28:18.0963 5504 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:28:19.0025 5504 srvnet - ok
22:28:19.0057 5504 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:28:19.0057 5504 SSDPSRV - ok
22:28:19.0072 5504 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:28:19.0088 5504 SstpSvc - ok
22:28:19.0197 5504 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
22:28:19.0275 5504 STacSV - ok
22:28:19.0337 5504 [ C48E0745D33897C7A73394214F2B9B4F ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
22:28:19.0400 5504 stdflt - ok
22:28:19.0431 5504 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:28:19.0431 5504 stexstor - ok
22:28:19.0462 5504 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
22:28:19.0540 5504 STHDA - ok
22:28:19.0603 5504 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:28:19.0649 5504 stisvc - ok
22:28:19.0681 5504 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:28:19.0681 5504 swenum - ok
22:28:19.0727 5504 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:28:19.0759 5504 swprv - ok
22:28:19.0805 5504 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:28:19.0883 5504 SynTP - ok
22:28:19.0961 5504 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:28:20.0024 5504 SysMain - ok
22:28:20.0039 5504 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:28:20.0102 5504 TabletInputService - ok
22:28:20.0133 5504 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:28:20.0180 5504 TapiSrv - ok
22:28:20.0195 5504 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:28:20.0195 5504 TBS - ok
22:28:20.0258 5504 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:28:20.0320 5504 Tcpip - ok
22:28:20.0351 5504 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:28:20.0367 5504 TCPIP6 - ok
22:28:20.0383 5504 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:28:20.0429 5504 tcpipreg - ok
22:28:20.0461 5504 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:28:20.0476 5504 TDPIPE - ok
22:28:20.0507 5504 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:28:20.0570 5504 TDTCP - ok
22:28:20.0601 5504 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:28:20.0648 5504 tdx - ok
22:28:20.0679 5504 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:28:20.0710 5504 TermDD - ok
22:28:20.0741 5504 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:28:20.0788 5504 TermService - ok
22:28:20.0804 5504 tgsrvc_verizondm - ok
22:28:20.0835 5504 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:28:20.0851 5504 Themes - ok
22:28:20.0882 5504 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:28:20.0882 5504 THREADORDER - ok
22:28:20.0897 5504 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:28:20.0913 5504 TrkWks - ok
22:28:20.0975 5504 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:28:21.0038 5504 TrustedInstaller - ok
22:28:21.0085 5504 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:28:21.0131 5504 tssecsrv - ok
22:28:21.0163 5504 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:28:21.0209 5504 TsUsbFlt - ok
22:28:21.0256 5504 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:28:21.0319 5504 tunnel - ok
22:28:21.0350 5504 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:28:21.0365 5504 uagp35 - ok
22:28:21.0397 5504 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:28:21.0459 5504 udfs - ok
22:28:21.0490 5504 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:28:21.0490 5504 UI0Detect - ok
22:28:21.0521 5504 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:28:21.0537 5504 uliagpkx - ok
22:28:21.0568 5504 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:28:21.0646 5504 umbus - ok
22:28:21.0662 5504 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:28:21.0662 5504 UmPass - ok
22:28:21.0771 5504 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:28:21.0880 5504 UNS - ok
22:28:21.0896 5504 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:28:21.0896 5504 upnphost - ok
22:28:21.0943 5504 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:28:22.0005 5504 usbccgp - ok
22:28:22.0036 5504 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:28:22.0052 5504 usbcir - ok
22:28:22.0067 5504 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:28:22.0130 5504 usbehci - ok
22:28:22.0145 5504 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:28:22.0192 5504 usbhub - ok
22:28:22.0208 5504 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:28:22.0255 5504 usbohci - ok
22:28:22.0301 5504 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:28:22.0317 5504 usbprint - ok
22:28:22.0364 5504 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:28:22.0364 5504 usbscan - ok
22:28:22.0379 5504 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:28:22.0457 5504 USBSTOR - ok
22:28:22.0489 5504 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:28:22.0535 5504 usbuhci - ok
22:28:22.0567 5504 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:28:22.0629 5504 usbvideo - ok
22:28:22.0676 5504 [ 622FCF264119F7DF127BE353F796B319 ] UtilityChest_49Service C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
22:28:22.0738 5504 UtilityChest_49Service - ok
22:28:22.0769 5504 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:28:22.0769 5504 UxSms - ok
22:28:22.0785 5504 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:28:22.0785 5504 VaultSvc - ok
22:28:22.0832 5504 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:28:22.0847 5504 vdrvroot - ok
22:28:22.0879 5504 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:28:22.0941 5504 vds - ok
22:28:22.0972 5504 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:28:22.0972 5504 vga - ok
22:28:22.0988 5504 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:28:23.0003 5504 VgaSave - ok
22:28:23.0035 5504 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:28:23.0113 5504 vhdmp - ok
22:28:23.0128 5504 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:28:23.0128 5504 viaide - ok
22:28:23.0144 5504 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:28:23.0191 5504 volmgr - ok
22:28:23.0237 5504 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:28:23.0315 5504 volmgrx - ok
22:28:23.0331 5504 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:28:23.0393 5504 volsnap - ok
22:28:23.0409 5504 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:28:23.0425 5504 vsmraid - ok
22:28:23.0487 5504 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:28:23.0549 5504 VSS - ok
22:28:23.0581 5504 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:28:23.0581 5504 vwifibus - ok
22:28:23.0596 5504 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:28:23.0596 5504 vwififlt - ok
22:28:23.0627 5504 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:28:23.0643 5504 vwifimp - ok
22:28:23.0674 5504 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:28:23.0690 5504 W32Time - ok
22:28:23.0737 5504 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:28:23.0737 5504 WacomPen - ok
22:28:23.0783 5504 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:28:23.0877 5504 WANARP - ok
22:28:23.0877 5504 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:28:23.0877 5504 Wanarpv6 - ok
22:28:23.0939 5504 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:28:24.0017 5504 WatAdminSvc - ok
22:28:24.0080 5504 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:28:24.0142 5504 wbengine - ok
22:28:24.0173 5504 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:28:24.0173 5504 WbioSrvc - ok
22:28:24.0205 5504 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:28:24.0267 5504 wcncsvc - ok
22:28:24.0298 5504 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:28:24.0298 5504 WcsPlugInService - ok
22:28:24.0361 5504 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:28:24.0407 5504 Wd - ok
22:28:24.0595 5504 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:28:24.0688 5504 Wdf01000 - ok
22:28:24.0704 5504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:28:24.0719 5504 WdiServiceHost - ok
22:28:24.0719 5504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:28:24.0719 5504 WdiSystemHost - ok
22:28:24.0751 5504 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:28:24.0813 5504 WebClient - ok
22:28:24.0829 5504 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:28:24.0844 5504 Wecsvc - ok
22:28:24.0860 5504 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:28:24.0860 5504 wercplsupport - ok
22:28:24.0891 5504 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:28:24.0907 5504 WerSvc - ok
22:28:24.0922 5504 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:28:24.0922 5504 WfpLwf - ok
22:28:24.0969 5504 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
22:28:25.0031 5504 WimFltr - ok
22:28:25.0047 5504 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:28:25.0047 5504 WIMMount - ok
22:28:25.0047 5504 WinHttpAutoProxySvc - ok
22:28:25.0109 5504 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:28:25.0125 5504 Winmgmt - ok
22:28:25.0203 5504 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:28:25.0281 5504 WinRM - ok
22:28:25.0375 5504 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:28:25.0390 5504 Wlansvc - ok
22:28:25.0421 5504 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:28:25.0437 5504 WmiAcpi - ok
22:28:25.0453 5504 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:28:25.0453 5504 wmiApSrv - ok
22:28:25.0499 5504 WMPNetworkSvc - ok
22:28:25.0515 5504 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:28:25.0531 5504 WPCSvc - ok
22:28:25.0562 5504 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:28:25.0624 5504 WPDBusEnum - ok
22:28:25.0640 5504 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:28:25.0640 5504 ws2ifsl - ok
22:28:25.0655 5504 WSearch - ok
22:28:25.0733 5504 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:28:25.0796 5504 wuauserv - ok
22:28:25.0827 5504 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:28:25.0889 5504 WudfPf - ok
22:28:25.0936 5504 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:28:25.0999 5504 WUDFRd - ok
22:28:26.0030 5504 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:28:26.0077 5504 wudfsvc - ok
22:28:26.0123 5504 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:28:26.0139 5504 WwanSvc - ok
22:28:26.0170 5504 ================ Scan global ===============================
22:28:26.0201 5504 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:28:26.0248 5504 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:28:26.0311 5504 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:28:26.0342 5504 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:28:26.0389 5504 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:28:26.0389 5504 [Global] - ok
22:28:26.0389 5504 ================ Scan MBR ==================================
22:28:26.0404 5504 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:28:27.0293 5504 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:28:27.0293 5504 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:28:27.0293 5504 ================ Scan VBR ==================================
22:28:27.0325 5504 [ B6B637B6121CE3E96930D1AC52232F58 ] \Device\Harddisk0\DR0\Partition1
22:28:27.0340 5504 \Device\Harddisk0\DR0\Partition1 - ok
22:28:27.0340 5504 [ E471480002A65896B6FF6DC8684391EF ] \Device\Harddisk0\DR0\Partition2
22:28:27.0340 5504 \Device\Harddisk0\DR0\Partition2 - ok
22:28:27.0356 5504 ============================================================
22:28:27.0356 5504 Scan finished
22:28:27.0356 5504 ============================================================
22:28:27.0356 5484 Detected object count: 1
22:28:27.0356 5484 Actual detected object count: 1
22:29:00.0048 5484 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
22:29:00.0048 5484 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
22:29:00.0079 5484 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:29:00.0095 5484 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:29:00.0095 5484 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
22:29:00.0095 5484 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
22:29:00.0095 5484 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
22:29:00.0095 5484 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:29:00.0110 5484 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:29:00.0141 5484 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
22:29:00.0141 5484 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
22:29:00.0141 5484 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
22:29:00.0141 5484 \Device\Harddisk0\DR0\TDLFS - deleted
22:29:00.0141 5484 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
22:29:20.0671 3244 Deinitialize success

Malwarebytes log:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Studio15 :: STUDIO15-PC [administrator]

11/20/2012 10:31:58 PM
mbam-log-2012-11-20 (22-31-58).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 463708
Time elapsed: 1 hour(s), 32 minute(s), 7 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe (PUP.MyWebSearch) -> 3520 -> Delete on reboot.

Memory Modules Detected: 4
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.

Registry Keys Detected: 57
HKLM\SYSTEM\CurrentControlSet\Services\UtilityChest_49Service (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{06e05b40-77fa-40b6-9077-ed1a7577b1ef} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E05B40-77FA-40B6-9077-ED1A7577B1EF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{c86bfadb-406f-47c7-a8d8-faa37b39089f} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8efee482-37bc-4f3d-83e6-cb5bbe077e43} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{BD9509D4-C4C7-40F7-BD26-BA176E7D2627} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{268ca04c-106c-4636-b707-95e8cd5859e0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ce1482c8-e8fd-4277-9a4f-094d712f6b60} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{268CA04C-106C-4636-B707-95E8CD5859E0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{268CA04C-106C-4636-B707-95E8CD5859E0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{58f7b5ca-1162-42e8-8bbc-d543b4edd780} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{f8e1bdab-f48f-46f9-8693-4eecb83d1ad7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{929825df-a1b4-40c9-8f3c-6da06badc150} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{103e3c9a-e8ae-4b19-a339-01fe9439763e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{717062D8-45BC-429D-B219-E00F944BB754} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{23699b0b-c14d-4054-a545-fc0927bb0879} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{59e5bdb9-126f-4575-901e-d32132a19b94} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{A9911991-D082-40A3-A109-B7FF86D5A03B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{6aafd84d-5f7f-42e5-9fb4-157925c3ed2f} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{698e7aa1-a28e-4064-a9ab-822171af4ef4} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{24486ce9-7bc2-4516-b743-39ffdd4f861b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{698E7AA1-A28E-4064-A9AB-822171AF4EF4} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{35274adf-b8de-4909-80d1-a26269216903} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39d884bb-2881-4f3a-b9b9-2d3af4c2c191} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{47777C44-BCBD-4DBD-B96E-55FB9A8D3B62} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.RadioSettings.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.RadioSettings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{3f2f1b3c-eda7-46ec-a1ca-12a67cd00a82} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{9f19923d-2a4c-45ef-a026-ae7dee5d022c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{f66f6a81-e727-4774-b461-8a5cb7f7de07} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{4D2FB757-EF95-4DC5-ADBF-DA75D6FDBBB9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{83ce5d73-e3de-4dc5-82c2-3b65dfd0a849} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\UtilityChest_49.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|UtilityChest_49 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\UTILIT~2\bar\1.bin\49brmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Utility Chest Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 31
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49auxstb.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49dlghk.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49dyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49feedmg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49highin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49hkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49httpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49idle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49impipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49mlbtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49msg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49radio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49regfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49reghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49regiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49script.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49skplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49tpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49uabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\T8RES.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\20.11.2012_22.26.32\tdlfs0000\tsk0002.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\0.9433708774187773.exe (Exploit.Drop.UR.2) -> Quarantined and deleted successfully.

(end)
MINITOOLBOX LOG:
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Studio15 (administrator) on 21-11-2012 at 00:19:48
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Studio15-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : myhome.westell.com

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-23-14-AA-5A-31
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-23-14-AA-5A-31
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 00-23-14-AA-5A-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3583:a471:9ccb:515a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.47(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 21, 2012 12:08:55 AM
Lease Expires . . . . . . . . . . : Thursday, November 22, 2012 12:08:55 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 184558356
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-F5-80-87-F0-4D-A2-45-7D-EC
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : myhome.westell.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F0-4D-A2-45-7D-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dslrouter
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1000
74.125.226.230
74.125.226.224
74.125.226.233
74.125.226.238
74.125.226.226
74.125.226.228
74.125.226.231
74.125.226.227
74.125.226.229
74.125.226.232
74.125.226.225


Pinging google.com [74.125.226.230] with 32 bytes of data:
Reply from 74.125.226.230: bytes=32 time=48ms TTL=56
Reply from 74.125.226.230: bytes=32 time=44ms TTL=56

Ping statistics for 74.125.226.230:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 48ms, Average = 46ms
Server: dslrouter
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=141ms TTL=57
Reply from 72.30.38.140: bytes=32 time=140ms TTL=57

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 140ms, Maximum = 141ms, Average = 140ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 23 14 aa 5a 31 ......Microsoft Virtual WiFi Miniport Adapter #2
12...00 23 14 aa 5a 31 ......Microsoft Virtual WiFi Miniport Adapter
11...00 23 14 aa 5a 30 ......Intel® Centrino® Advanced-N 6200 AGN
10...f0 4d a2 45 7d ec ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.47 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.47 281
192.168.1.47 255.255.255.255 On-link 192.168.1.47 281
192.168.1.255 255.255.255.255 On-link 192.168.1.47 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.47 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.47 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::3583:a471:9ccb:515a/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/20/2012 11:08:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 11:08:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 08:02:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 08:02:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 07:48:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 07:48:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 07:48:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 07:48:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/20/2012 07:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/20/2012 07:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (11/21/2012 00:11:15 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (11/21/2012 00:11:15 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (11/21/2012 00:09:30 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/21/2012 00:09:30 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/21/2012 00:08:48 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (11/21/2012 00:08:47 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/21/2012 00:08:47 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (11/21/2012 00:08:47 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (11/21/2012 00:08:46 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (11/20/2012 11:59:29 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (11/20/2012 11:08:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 11:08:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 08:02:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 08:02:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 07:48:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 07:48:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 07:48:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 07:48:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (11/20/2012 07:48:18 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (11/20/2012 07:48:18 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


CodeIntegrity Errors:
===================================
Date: 2012-11-20 22:33:24.047
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-20 22:33:24.047
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-20 22:33:24.047
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:57:09.572
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:57:09.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:57:09.432
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:57:09.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:57:09.276
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:57:09.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-04-21 19:55:12.680
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wintrust.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Accelerometer (Version: 1.06.08.17)
Accidental Damage Services Agreement (Version: 2.0.0)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
Ask Toolbar (Version: 1.13.1.0)
Blackboard IM 4.0.1-C (Version: 4.0.1-C)
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.4323.24051)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Toolbar (Version: 1.8.12.0)
Dell Touchpad (Version: 14.0.2.0)
Dell V310-V510 Series
Dell Webcam Central (Version: 1.40.05)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Google Chrome (Version: 23.0.1271.64)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist Corporate (Version: 9.1.0.615)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2097)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.00.0000)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
LoJack Factory Installer (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee SecurityCenter (Version: 11.6.435)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 14.0.1468.721)
Quickset64 (Version: 9.6.18)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Burn (Version: 1.01)
Shared C Run-time for x64 (Version: 10.0.0)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Verizon Download Manager (Version: 9)
WebEx
WildTangent Games (Version: 1.0.0.71)
WildTangent Games App (Dell Games) (Version: 4.0.5.36)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3892.52 MB
Available physical RAM: 2354.15 MB
Total Pagefile: 7783.24 MB
Available Pagefile: 5845.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.55 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:448.14 GB) (Free:362.37 GB) NTFS

========================= Users: ========================================

User accounts for \\STUDIO15-PC

Administrator Guest Studio15

========================= Restore Points ==================================

28-10-2012 23:00:08 Windows Backup
05-11-2012 00:12:17 Windows Backup
12-11-2012 00:00:09 Windows Backup
17-11-2012 00:06:20 Windows Update
17-11-2012 12:07:41 Windows Update
17-11-2012 14:47:24 Windows Update
19-11-2012 00:00:11 Windows Backup

**** End of log ****
FARBAR LOG:
Farbar Service Scanner Version: 09-11-2012
Ran by Studio15 (administrator) on 21-11-2012 at 00:22:18
Running from "C:\Users\Studio15\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-16 18:29] - [2012-10-03 12:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
adware log
# AdwCleaner v2.008 - Logfile created 11/21/2012 at 00:24:30
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Studio15 - STUDIO15-PC
# Boot Mode : Normal
# Running from : C:\Users\Studio15\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Studio15\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\Studio15\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Studio15\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Studio15\AppData\LocalLow\searchquband
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Studio15\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4448 octets] - [21/11/2012 00:24:30]

########## EOF - C:\AdwCleaner[S1].txt - [4508 octets] ##########


Junkware Log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.3.8 (11.20.2012)
OS: Windows 7 Home Premium x64
Ran by Studio15 on Wed 11/21/2012 at 0:30:57.63
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{cf67755f-9265-449c-87cf-b945519e073b}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{cf67755f-9265-449c-87cf-b945519e073b}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Studio15\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Studio15\appdata\locallow\utilitychest_49"
Successfully deleted: [Folder] "C:\Program Files (x86)\utilitychest_49"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/21/2012 at 0:35:32.80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 21 November 2012 - 01:00 AM

Restart the PC,run malwarebytes scan again and post the clean log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 Ann M

Ann M
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 21 November 2012 - 12:24 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.21.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Studio15 :: STUDIO15-PC [administrator]

11/21/2012 10:25:38 AM
mbam-log-2012-11-21 (10-25-38).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 469469
Time elapsed: 1 hour(s), 24 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Farbar Service Scanner Version: 09-11-2012
Ran by Studio15 (administrator) on 21-11-2012 at 12:00:28
Running from "C:\Users\Studio15\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-16 18:29] - [2012-10-03 12:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/21/2012 12:04:20 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Studio15\AppData\Local\{70837657-e4e9-c568-c4be-a642d552eb3a}\ [ZA Dir]
* C:\Users\Studio15\AppData\Local\{70837657-e4e9-c568-c4be-a642d552eb3a}\L\ [ZA Dir]
* C:\Users\Studio15\AppData\Local\{70837657-e4e9-c568-c4be-a642d552eb3a}\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/21/2012 12:04:43 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)

Here is the autoruns log.After I extracted the files there was two applications autoruns and autorunsc. I clicked autoruns(the 1st one). I am not sure if I used this program correctly because it seemed to have alot of options.I allowed it to run and saved the file as a text.

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "dleamon.exe" "" "" "File not found: .EXE""
+ "EzPrint" "" "" "File not found: T.EXE""
+ "FreeFallProtection" "" "" "File not found: .EXE"
+ "HotKeysCmds" "" "" "File not found: DOWS\SYSTEM32\HKCMD.EXE"
+ "IgfxTray" "" "" "File not found: DOWS\SYSTEM32\IGFXTRAY.EXE"
+ "IntelWireless" "" "" "File not found: TEL"
+ "Persistence" "" "" "File not found: DOWS\SYSTEM32\IGFXPERS.EXE"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "" "" "File not found: H.EXE"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Dell DataSafe Online" "DataSafeOnline" "" "c:\program files (x86)\dell datasafe online\datasafeonline.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "VERIZONDM" "" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\sprtcmd.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
"C:\Users\Studio15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\studio15\appdata\local\facebook\update\facebookupdate.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\studio15\appdata\local\google\update\googleupdate.exe"
+ "pronto" "" "" "c:\users\studio15\blackboard im\blackboardim.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120627211037.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Dell Toolbar" "" "" "c:\program files\dell printable web\toolband.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120627211038.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Windows Live Toolbar" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
+ "Dell Toolbar" "" "" "c:\program files\dell printable web\toolband.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\FacebookUpdateTaskUserS-1-5-21-145277124-2044463625-4118866100-1001Core" "Facebook Installer" "Facebook Inc." "c:\users\studio15\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-145277124-2044463625-4118866100-1001UA" "Facebook Installer" "Facebook Inc." "c:\users\studio15\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-145277124-2044463625-4118866100-1001Core" "Google Installer" "Google Inc." "c:\users\studio15\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-145277124-2044463625-4118866100-1001UA" "Google Installer" "Google Inc." "c:\users\studio15\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-145277124-2044463625-4118866100-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-145277124-2044463625-4118866100-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\{727CEAFF-D505-4020-98E3-7C038F9DFAB8}" "Microsoft Office Client Virtualization Handler" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvh.exe"
+ "\{851DB53B-DC60-4453-A2DA-E1E49C2C1C0E}" "Microsoft Office Client Virtualization Handler" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvh.exe"
+ "\{85BF6FD5-EF6D-41FA-BCF8-7EE0866740B5}" "Microsoft Office Client Virtualization Handler" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvh.exe"
+ "\{9A2DF0BB-9054-4E1E-8F02-73B04C1DAE0A}" "Microsoft Office Client Virtualization Handler" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvh.exe"
+ "\{B72D27A6-A22B-41DB-A1CC-78DCA7CCD2B4}" "Microsoft Office Client Virtualization Handler" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvh.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\aestsr64.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "dlea_device" "Printer Communication System" " " "c:\windows\system32\dleacoms.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\wildtangent\dell games\dell game console\gameconsoleservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\615\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "InstallFilterService" "This service installs the FF filter on IDE disks found in the system" "" "c:\program files (x86)\stmicroelectronics\accelerometer\installfilterservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfevtps.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "sprtsvc_verizondm" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\sprtsvc.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe"
+ "tgsrvc_verizondm" "SupportSoft Repair Service" "SupportSoft, Inc." "c:\program files (x86)\verizondm\bin\tgsrvc.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Acceler" "Accelerometer Port I/O" "ST Microelectronics" "c:\windows\system32\drivers\acceler.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH MMC Driver" "REDC" "c:\windows\system32\drivers\rimmpx64.sys"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspe64.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspx64.sys"
+ "risdpcie" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\risdpe64.sys"
+ "rismxdp" "RICOH xD SM Driver" "REDC" "c:\windows\system32\drivers\rixdpx64.sys"
+ "rixdpcie" "RICOH PCIe XD Driver" "REDC" "c:\windows\system32\drivers\rixdpe64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stdflt" "Disk Filter Driver for Accelerometer" "ST Microelectronics" "c:\windows\system32\drivers\stdflt.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "V310-V510 Series Port" "Printer Communication System" " " "c:\windows\system32\dlealmpm.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 21 November 2012 - 03:41 PM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 22 November 2012 - 06:03 AM.


#11 Ann M

Ann M
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 22 November 2012 - 01:46 AM

I downloaded RogueKiller,hit scan and hit delete. The program showed a list of items in green. Some were deleted but others indicated errors occured. When I used the program a website page from the creator popped up with links to video instructions on how to remove zeroaccess.I assume that is part of the application.

So far today my computer has not had any issues with the firewall/antivirus shutting off but when Mcafee began its scheduled scan of the entire computer it took several hours to complete.

RKILL LOG:
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/22/2012 01:32:31 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/22/2012 01:32:52 AM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 22 November 2012 - 06:03 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 Ann M

Ann M
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 23 November 2012 - 01:38 PM

Thank you for your help. My computer seems to be working normally now.Although I have a couple other issues I need help with.

When I was checking logs in the C drive I noticed a folder whose name is a sequence of numbers and letters. I tried opening it but I do not have access. Is it just a system folder? It was last modified on Saturday.

Secondly how do I remove some of the programs I installed to clean my computer?

Finally, I don't know how it happened, but my desktop now has icons for recycle bin, my computer, and a main folder. I never had these on my desktop and want to remove them but obviously I don't want them actually deleted, just not on my desktop. These are not 'shortcuts' because they do not have the little arrow on the side of the icon. I'm using a Dell computer with windows 7. It has a 'dock' on top of the desktop that has my recycle bin so theres no reason for it to be in two places.

Thank you for your assistance.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:37 AM

Posted 23 November 2012 - 03:34 PM

When I was checking logs in the C drive I noticed a folder whose name is a sequence of numbers and letters. I tried opening it but I do not have access. Is it just a system folder? It was last modified on Saturday.


It is probably a system folder

Secondly how do I remove some of the programs I installed to clean my computer?


Except for ESET online scanner,other tools can be removed manually. For ESET online scanner go to control panel-add or remove programs and uninstall it


You can remove recyclebin and my computer from desktop.Copy main folder from desktop to C drive.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users