Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection


  • This topic is locked This topic is locked
18 replies to this topic

#1 OKjonnerod

OKjonnerod

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 28 July 2013 - 10:27 PM

Dear Team,

For the last few days I have been experiencing some problems with my computer:

  • Real-Time virus protection by McAfee has been turned off, unable to turn it on.
  • Cannot access certain web pages i.e. download.mcafee.com and mvt.mcafee.com. I recieve "This page cannot be displayed. Please check Your internet connection" Message.
  • Unable to uninstall McAfee Security center.

Below you find the DDS report from a few minutes ago:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Øyvind at 5:15:11 on 2013-07-29
Microsoft Windows 8  6.2.9200.0.1252.47.1044.18.8077.6190 [GMT 2:00]
.
AV: McAfee  Anti-Virus og Anti-Spyware *Disabled/Outdated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee  Anti-Virus og Anti-Spyware *Disabled/Outdated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
C:\windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\windows\system32\mfevtps.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\dwm.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\taskhostex.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
C:\Program Files\Elantech\ETDCtrl.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\igfxext.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\windows\system32\atieclxx.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\windows\explorer.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Øyvind\Downloads\dds.com
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://samsung13.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Spotify Web Helper] "C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\DOW.lnk - C:\ProgramData\Samsung\DeleteOOBEWPP.exe
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send til Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 84.208.20.110 84.208.20.111
TCP: Interfaces\{38017C75-383B-4EE6-9FAC-344D6A8C0693} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6B0FCCD9-05D7-46FD-A170-57E7D7EF8A3B} : DHCPNameServer = 84.208.20.110 84.208.20.111
TCP: Interfaces\{6B0FCCD9-05D7-46FD-A170-57E7D7EF8A3B}\F6A6B6 : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect
x64-Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SRSSA
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\McAfee\MSC\mcsniepl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\Drivers\amdkmpfd.sys [2012-12-5 36520]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-1-23 647736]
R0 intmsd;IntelliMemory Storage Filter Driver;C:\windows\System32\Drivers\intmsd.sys [2013-1-23 104872]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\Drivers\mfehidk.sys [2013-2-19 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\Drivers\mfewfpk.sys [2013-2-19 340216]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-1-23 56336]
R1 intmfs;IntelliMemory File System Filter Driver;C:\windows\System32\Drivers\intmfs.sys [2013-1-23 29096]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\Drivers\MOBK.sys [2013-6-26 66040]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-11-6 171664]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-12-5 239616]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-9-12 772064]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-9-30 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-30 1132480]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]
R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2013-1-14 1594416]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-3-25 99184]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe [2013-1-23 2466448]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-1-23 128896]
R2 IntelliMemory;IntelliMemory;C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [2012-12-21 55720]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-1-23 165760]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2013-6-26 241456]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-6-26 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-6-26 182752]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-7-10 1900728]
R2 SWUpdateService;SW Update Service;C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2013-6-26 2956336]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-1-23 364416]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 3385584]
R3 acpials;Filter for ALS-føler;C:\windows\System32\Drivers\acpials.sys [2012-7-26 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
R3 BthA2DP;Bluetooth-stereo;C:\windows\System32\Drivers\BthA2DP.sys [2013-7-17 117632]
R3 BthLEEnum;Driver for Bluetooth Low Energy;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-10-1 132480]
R3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-10-1 1337216]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\Drivers\cfwids.sys [2013-2-19 70112]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2013-3-25 358768]
R3 ETDSMBus;ETDSMBus;C:\windows\System32\Drivers\ETDSMBus.sys [2013-6-26 21840]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
R3 IntcDAud;Intel® Skjermlyd;C:\windows\System32\Drivers\IntcDAud.sys [2012-11-9 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\Drivers\mfeavfk.sys [2013-2-19 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\Drivers\mfefirek.sys [2013-2-19 515968]
R3 NETwNe64;@oem3.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000-serien kortdriver for Windows 8 64-bit;C:\windows\System32\Drivers\NETwew00.sys [2012-10-10 4309032]
R3 RadioHIDMini;Radio HID Mini-driver;C:\windows\System32\Drivers\RadioHIDMini.sys [2012-11-13 23408]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-1-23 317584]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-1-23 719504]
R3 SensorsAlsDriver;UMDF-reflektortjeneste for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\windows\System32\Drivers\mfeelamk.sys [2013-2-19 69168]
S2 0257621374173445mcinstcleanup;McAfee Application Installer Cleanup (0257621374173445);C:\windows\TEMP\0257621374173445mcinst.exe -cleanup -nolog --> C:\windows\TEMP\0257621374173445mcinst.exe -cleanup -nolog [?]
S2 MOBKbackup;1%;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\Drivers\HipShieldK.sys [2012-4-20 196440]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-9 35296]
S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\Drivers\mferkdet.sys [2013-2-19 106552]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 273136]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]
.
=============== Created Last 30 ================
.
2013-07-28 21:48:37 -------- d-----w- C:\Users\Ïyvind\AppData\Local\Microsoft
2013-07-28 20:34:23 -------- d-----w- C:\Program Files (x86)\ESET
2013-07-28 12:41:41 -------- d-----w- C:\windows\pss
2013-07-28 12:17:49 -------- d-----w- C:\Users\Øyvind\AppData\Roaming\Malwarebytes
2013-07-28 12:17:39 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-07-28 12:17:39 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-28 12:17:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-28 09:47:40 289968 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10211.bin
2013-07-19 08:19:37 -------- d-----w- C:\windows\System32\MRT
2013-07-17 07:08:59 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-07-12 22:37:04 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-12 22:37:04 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-07-09 10:29:37 82944 ----a-w- C:\windows\SysWow64\dskquota.dll
2013-07-09 10:29:33 109568 ----a-w- C:\windows\System32\dskquota.dll
2013-07-07 09:55:31 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2013-07-07 09:55:30 2106216 ----a-w- C:\windows\SysWow64\D3DCompiler_43.dll
2013-07-07 09:55:29 4379984 ----a-w- C:\windows\SysWow64\D3DX9_40.dll
2013-07-07 09:55:28 3426072 ----a-w- C:\windows\SysWow64\d3dx9_32.dll
2013-07-07 09:52:46 -------- d-----w- C:\Users\Øyvind\AppData\Roaming\Origin
2013-07-07 09:52:46 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-07-07 09:52:11 -------- d-----w- C:\ProgramData\Origin
2013-07-07 09:52:11 -------- d-----w- C:\ProgramData\Electronic Arts
2013-07-07 09:52:10 -------- d-----w- C:\Program Files (x86)\Origin
2013-07-03 19:49:20 144384 ----a-w- C:\windows\System32\tssdisai.dll
2013-06-29 19:24:56 368640 ----a-w- C:\windows\System32\sppwinob.dll
2013-06-29 19:06:46 89448 ----a-w- C:\windows\system\PhysXUpdateLoader64.dll
2013-06-29 19:06:46 83816 ----a-w- C:\windows\system\PhysXUpdateLoader.dll
2013-06-29 19:06:46 71832 ----a-w- C:\windows\system\PhysXDevice64.dll
2013-06-29 19:06:46 71528 ----a-w- C:\windows\system\PhysXLoader.dll
2013-06-29 19:06:46 71528 ----a-w- C:\windows\system\PhysXDevice.dll
2013-06-29 19:06:46 63848 ----a-w- C:\windows\system\PhysXLoader64.dll
2013-06-29 19:06:46 608136 ----a-w- C:\windows\system\cudart64_41_22.dll
2013-06-29 19:06:46 437640 ----a-w- C:\windows\system\cudart32_41_22.dll
2013-06-29 19:05:20 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-06-29 18:52:51 -------- d-----w- C:\Program Files (x86)\Skiworld Simulator 2012
2013-06-29 18:34:59 540688 ----a-w- C:\windows\System32\d3dx10_38.dll
2013-06-29 18:33:22 -------- d--h--w- C:\windows\msdownld.tmp
2013-06-29 18:33:14 -------- d-----w- C:\windows\SysWow64\directx
2013-06-29 18:23:20 -------- d-----r- C:\windows\BrowserChoice
2013-06-29 16:51:47 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-29 16:51:47 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
.
==================== Find3M  ====================
.
2013-06-16 22:41:31 997632 ----a-w- C:\windows\System32\drivers\ndis.sys
2013-06-11 23:43:37 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-06-04 07:15:02 103448 ----a-w- C:\windows\System32\drivers\ssudbus.sys
2013-06-04 07:15:00 203672 ----a-w- C:\windows\System32\drivers\ssudmdm.sys
2013-06-01 11:54:16 194816 ----a-w- C:\windows\System32\drivers\sdbus.sys
2013-06-01 11:54:10 125184 ----a-w- C:\windows\System32\drivers\dumpsd.sys
2013-06-01 11:34:21 2391280 ----a-w- C:\windows\explorer.exe
2013-06-01 11:33:13 2233600 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-06-01 11:29:35 337152 ----a-w- C:\windows\System32\drivers\USBXHCI.SYS
2013-06-01 11:29:35 213248 ----a-w- C:\windows\System32\drivers\UCX01000.SYS
2013-06-01 11:26:33 327936 ----a-w- C:\windows\System32\drivers\volsnap.sys
2013-06-01 11:26:31 6987008 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-06-01 10:24:46 2106176 ----a-w- C:\windows\SysWow64\explorer.exe
2013-06-01 09:25:05 67584 ----a-w- C:\windows\SysWow64\samlib.dll
2013-06-01 09:25:03 496640 ----a-w- C:\windows\SysWow64\qedit.dll
2013-06-01 09:24:19 493056 ----a-w- C:\windows\SysWow64\mscms.dll
2013-06-01 09:24:09 850944 ----a-w- C:\windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:24:09 1453568 ----a-w- C:\windows\SysWow64\mfcore.dll
2013-06-01 09:23:46 1842176 ----a-w- C:\windows\SysWow64\dwmcore.dll
2013-06-01 09:23:06 680960 ----a-w- C:\windows\System32\vds.exe
2013-06-01 09:22:47 80896 ----a-w- C:\windows\System32\MbaeParserTask.exe
2013-06-01 09:22:33 523264 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-06-01 09:22:33 446976 ----a-w- C:\windows\System32\wwansvc.dll
2013-06-01 09:22:09 190976 ----a-w- C:\windows\System32\vdsutil.dll
2013-06-01 09:21:39 729600 ----a-w- C:\windows\System32\samsrv.dll
2013-06-01 09:21:39 106496 ----a-w- C:\windows\System32\samlib.dll
2013-06-01 09:21:34 595968 ----a-w- C:\windows\System32\qedit.dll
2013-06-01 09:20:45 583168 ----a-w- C:\windows\System32\mscms.dll
2013-06-01 09:20:34 1527808 ----a-w- C:\windows\System32\mfcore.dll
2013-06-01 09:20:34 1048576 ----a-w- C:\windows\System32\mfasfsrcsnk.dll
2013-06-01 09:20:04 2219520 ----a-w- C:\windows\System32\dwmcore.dll
2013-06-01 09:19:58 207872 ----a-w- C:\windows\System32\DeviceSetupManager.dll
2013-06-01 09:19:42 785408 ----a-w- C:\windows\System32\audiosrv.dll
2013-06-01 03:08:26 117632 ----a-w- C:\windows\System32\drivers\BthA2DP.sys
2013-05-30 23:14:23 4036096 ----a-w- C:\windows\System32\win32k.sys
2013-05-24 22:09:20 1403296 ----a-w- C:\windows\System32\winload.efi
2013-05-24 22:09:20 1271584 ----a-w- C:\windows\System32\winload.exe
2013-05-24 22:09:20 1217352 ----a-w- C:\windows\System32\winresume.efi
2013-05-24 22:09:20 1093904 ----a-w- C:\windows\System32\winresume.exe
2013-05-23 23:01:46 1300992 ----a-w- C:\windows\System32\gdi32.dll
2013-05-23 22:27:05 1022464 ----a-w- C:\windows\SysWow64\gdi32.dll
2013-05-22 18:33:50 4659712 ----a-w- C:\windows\SysWow64\Redemption.dll
2013-05-15 22:37:03 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-05-15 22:35:49 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-05-15 02:25:59 888320 ----a-w- C:\windows\System32\autochk.exe
2013-05-15 02:25:44 542208 ----a-w- C:\windows\System32\untfs.dll
2013-05-15 02:24:10 793088 ----a-w- C:\windows\SysWow64\autochk.exe
2013-05-15 02:24:01 482816 ----a-w- C:\windows\SysWow64\untfs.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-05-14 09:23:31 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-05-04 07:58:17 120736 ----a-w- C:\windows\System32\AuthHost.exe
2013-05-04 07:34:17 446720 ----a-w- C:\windows\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:15 284416 ----a-w- C:\windows\System32\drivers\spaceport.sys
2013-05-04 06:59:56 39424 ----a-w- C:\windows\System32\wuapp.exe
2013-05-04 06:59:51 1483776 ----a-w- C:\windows\System32\VSSVC.exe
2013-05-04 06:59:36 812544 ----a-w- C:\windows\System32\Magnify.exe
2013-05-04 06:59:25 98304 ----a-w- C:\windows\System32\wudriver.dll
2013-05-04 06:59:25 251904 ----a-w- C:\windows\System32\WUSettingsProvider.dll
2013-05-04 06:59:25 141824 ----a-w- C:\windows\System32\wuwebv.dll
2013-05-04 06:59:24 1619968 ----a-w- C:\windows\System32\wucltux.dll
2013-05-04 06:59:21 2842112 ----a-w- C:\windows\System32\WMVDECOD.DLL
2013-05-04 06:59:08 13644288 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54 328192 ----a-w- C:\windows\System32\ubpm.dll
2013-05-04 06:58:54 10116096 ----a-w- C:\windows\System32\twinui.dll
2013-05-04 06:58:49 173568 ----a-w- C:\windows\System32\storewuauth.dll
2013-05-04 06:58:49 1332736 ----a-w- C:\windows\System32\sysmain.dll
2013-05-04 06:58:48 330240 ----a-w- C:\windows\System32\stobject.dll
2013-05-04 06:58:28 93696 ----a-w- C:\windows\System32\psmsrv.dll
2013-05-04 06:58:02 470528 ----a-w- C:\windows\System32\netprofmsvc.dll
2013-05-04 06:58:02 151552 ----a-w- C:\windows\System32\netprofm.dll
2013-05-04 06:58:01 169984 ----a-w- C:\windows\System32\netplwiz.dll
2013-05-04 06:57:59 17408 ----a-w- C:\windows\System32\muifontsetup.dll
2013-05-04 06:57:46 560640 ----a-w- C:\windows\System32\mfmp4srcsnk.dll
2013-05-04 06:57:15 501760 ----a-w- C:\windows\System32\DevicePairing.dll
2013-05-04 06:57:05 179712 ----a-w- C:\windows\System32\bisrv.dll
2013-05-04 06:57:05 122368 ----a-w- C:\windows\System32\biwinrt.dll
2013-05-04 06:57:04 389120 ----a-w- C:\windows\System32\BCP47Langs.dll
2013-05-04 06:57:04 2305024 ----a-w- C:\windows\System32\authui.dll
2013-05-04 06:57:00 708096 ----a-w- C:\windows\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00 1131520 ----a-w- C:\windows\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53 419840 ----a-w- C:\windows\System32\intl.cpl
2013-05-04 04:58:34 34304 ----a-w- C:\windows\SysWow64\wuapp.exe
2013-05-04 04:58:14 758784 ----a-w- C:\windows\SysWow64\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- C:\windows\SysWow64\wudriver.dll
2013-05-04 04:58:02 125952 ----a-w- C:\windows\SysWow64\wuwebv.dll
2013-05-04 04:57:58 2620928 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL
2013-05-04 04:57:49 10788864 ----a-w- C:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- C:\windows\SysWow64\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- C:\windows\SysWow64\ubpm.dll
2013-05-04 04:57:35 303616 ----a-w- C:\windows\SysWow64\stobject.dll
2013-05-04 04:57:16 18432 ----a-w- C:\windows\SysWow64\npmproxy.dll
2013-05-04 04:57:04 151040 ----a-w- C:\windows\SysWow64\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- C:\windows\SysWow64\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- C:\windows\SysWow64\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- C:\windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56:14 449536 ----a-w- C:\windows\SysWow64\DevicePairing.dll
2013-05-04 04:56:06 92160 ----a-w- C:\windows\SysWow64\biwinrt.dll
.
============= FINISH:  5:15:19,05 ===============
 

Thank you in advance for your help in resolving these issues.

 

Kind regards

Øyvind Kjønnerød

Attached Files


Edited by OKjonnerod, 28 July 2013 - 10:29 PM.


BC AdBot (Login to Remove)

 


#2 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 29 July 2013 - 02:49 PM

Hello OKjonnerod,

 

My name is Cody and I'll be helping you clean up your computer.

 

First off, I want to say thank you for your organized, detailed initial post. Keep it up for the both of us! :)

 

It looks long and unnecessary, but what's below is very important information. Please take the time to read it before we get started.

 

I will reply as soon as possible (typically within 24 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.

 

I am in Orlando, Florida at GMT-5 Hours (Eastern Standard Time). As previously stated, I normally respond within 24 hours, but I am a university student currently working full time. If I do not respond within 48 hours, feel free to send me a private message.

 

Some points for you to keep in mind:

 

-Do NOT run any tools unless instructed to do so.

-We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

-Do not attach logs or use code boxes, just copy and paste the text.

-I cannot see your computer.

-Periodically update me on the condition of your computer, and provide detail in every post.

-Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.

 

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

 

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#3 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 29 July 2013 - 02:51 PM

Please re-run DDS, and upon launching it, place a checkmark next to the box "extras.txt" if it is not already there.

 

While it's good to have that initial DDS log, since it has been a day, an updated log is always better.

 

Include both the DDS.txt and extras.txt in your next reply.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#4 OKjonnerod

OKjonnerod
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 29 July 2013 - 03:06 PM

Hello Cody, and thank you for Your quick reply.

 

I could not find the extras.txt check Box, is it the attach.txt? You find both reports below.

 

DDS.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Øyvind at 21:58:10 on 2013-07-29
Microsoft Windows 8  6.2.9200.0.1252.47.1044.18.8077.6293 [GMT 2:00]
.
AV: McAfee  Anti-Virus og Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee  Anti-Virus og Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
C:\windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\windows\system32\mfevtps.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\dwm.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
C:\windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\igfxext.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
C:\Users\Øyvind\Downloads\dds.com
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\program files\mcafee.com\agent\mcupdate.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://samsung13.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Spotify Web Helper] "C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\DOW.lnk - C:\ProgramData\Samsung\DeleteOOBEWPP.exe
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send til Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 84.208.20.110 84.208.20.111
TCP: Interfaces\{38017C75-383B-4EE6-9FAC-344D6A8C0693} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6B0FCCD9-05D7-46FD-A170-57E7D7EF8A3B} : DHCPNameServer = 84.208.20.110 84.208.20.111
TCP: Interfaces\{6B0FCCD9-05D7-46FD-A170-57E7D7EF8A3B}\F6A6B6 : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect
x64-Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SRSSA
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\McAfee\MSC\mcsniepl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\Drivers\amdkmpfd.sys [2012-12-5 36520]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-1-23 647736]
R0 intmsd;IntelliMemory Storage Filter Driver;C:\windows\System32\Drivers\intmsd.sys [2013-1-23 104872]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\Drivers\mfehidk.sys [2013-2-19 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\Drivers\mfewfpk.sys [2013-2-19 340216]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-1-23 56336]
R1 intmfs;IntelliMemory File System Filter Driver;C:\windows\System32\Drivers\intmfs.sys [2013-1-23 29096]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\Drivers\MOBK.sys [2013-6-26 66040]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-11-6 171664]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-12-5 239616]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-9-12 772064]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-9-30 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-30 1132480]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]
R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2013-1-14 1594416]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-3-25 99184]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe [2013-1-23 2466448]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-1-23 128896]
R2 IntelliMemory;IntelliMemory;C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [2012-12-21 55720]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-1-23 165760]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-31 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2013-6-26 241456]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-6-26 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-6-26 182752]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-7-10 1900728]
R2 SWUpdateService;SW Update Service;C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [2013-6-26 2956336]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-1-23 364416]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 3385584]
R3 acpials;Filter for ALS-føler;C:\windows\System32\Drivers\acpials.sys [2012-7-26 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
R3 BthA2DP;Bluetooth-stereo;C:\windows\System32\Drivers\BthA2DP.sys [2013-7-17 117632]
R3 BthLEEnum;Driver for Bluetooth Low Energy;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-10-1 132480]
R3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-10-1 1337216]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\Drivers\cfwids.sys [2013-2-19 70112]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2013-3-25 358768]
R3 ETDSMBus;ETDSMBus;C:\windows\System32\Drivers\ETDSMBus.sys [2013-6-26 21840]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
R3 IntcDAud;Intel® Skjermlyd;C:\windows\System32\Drivers\IntcDAud.sys [2012-11-9 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\Drivers\mfeavfk.sys [2013-2-19 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\Drivers\mfefirek.sys [2013-2-19 515968]
R3 NETwNe64;@oem3.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000-serien kortdriver for Windows 8 64-bit;C:\windows\System32\Drivers\NETwew00.sys [2012-10-10 4309032]
R3 RadioHIDMini;Radio HID Mini-driver;C:\windows\System32\Drivers\RadioHIDMini.sys [2012-11-13 23408]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-1-23 317584]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-1-23 719504]
R3 SensorsAlsDriver;UMDF-reflektortjeneste for SensorsAlsDriver;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\windows\System32\Drivers\mfeelamk.sys [2013-2-19 69168]
S2 0257621374173445mcinstcleanup;McAfee Application Installer Cleanup (0257621374173445);C:\windows\TEMP\0257621374173445mcinst.exe -cleanup -nolog --> C:\windows\TEMP\0257621374173445mcinst.exe -cleanup -nolog [?]
S2 MOBKbackup;1%;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\Drivers\HipShieldK.sys [2012-4-20 196440]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2012-10-9 35296]
S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\Drivers\mferkdet.sys [2013-2-19 106552]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 273136]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]
.
=============== Created Last 30 ================
.
2013-07-29 19:54:40 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-28 21:48:37 -------- d-----w- C:\Users\Ïyvind\AppData\Local\Microsoft
2013-07-28 20:34:23 -------- d-----w- C:\Program Files (x86)\ESET
2013-07-28 12:41:41 -------- d-----w- C:\windows\pss
2013-07-28 12:17:49 -------- d-----w- C:\Users\Øyvind\AppData\Roaming\Malwarebytes
2013-07-28 12:17:39 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-07-28 12:17:39 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-28 12:17:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-28 09:47:40 289968 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10211.bin
2013-07-19 08:19:37 -------- d-----w- C:\windows\System32\MRT
2013-07-17 07:08:59 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-07-12 22:37:04 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-12 22:37:04 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-07-09 10:29:37 82944 ----a-w- C:\windows\SysWow64\dskquota.dll
2013-07-09 10:29:33 109568 ----a-w- C:\windows\System32\dskquota.dll
2013-07-07 09:55:31 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2013-07-07 09:55:30 2106216 ----a-w- C:\windows\SysWow64\D3DCompiler_43.dll
2013-07-07 09:55:29 4379984 ----a-w- C:\windows\SysWow64\D3DX9_40.dll
2013-07-07 09:55:28 3426072 ----a-w- C:\windows\SysWow64\d3dx9_32.dll
2013-07-07 09:52:46 -------- d-----w- C:\Users\Øyvind\AppData\Roaming\Origin
2013-07-07 09:52:46 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-07-07 09:52:11 -------- d-----w- C:\ProgramData\Origin
2013-07-07 09:52:11 -------- d-----w- C:\ProgramData\Electronic Arts
2013-07-07 09:52:10 -------- d-----w- C:\Program Files (x86)\Origin
2013-07-03 19:49:20 144384 ----a-w- C:\windows\System32\tssdisai.dll
.
==================== Find3M  ====================
.
2013-06-29 16:51:43 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-29 16:51:43 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-06-16 22:41:31 997632 ----a-w- C:\windows\System32\drivers\ndis.sys
2013-06-11 23:43:37 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-06-04 07:15:02 103448 ----a-w- C:\windows\System32\drivers\ssudbus.sys
2013-06-04 07:15:00 203672 ----a-w- C:\windows\System32\drivers\ssudmdm.sys
2013-06-01 11:54:16 194816 ----a-w- C:\windows\System32\drivers\sdbus.sys
2013-06-01 11:54:10 125184 ----a-w- C:\windows\System32\drivers\dumpsd.sys
2013-06-01 11:34:21 2391280 ----a-w- C:\windows\explorer.exe
2013-06-01 11:33:13 2233600 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-06-01 11:29:35 337152 ----a-w- C:\windows\System32\drivers\USBXHCI.SYS
2013-06-01 11:29:35 213248 ----a-w- C:\windows\System32\drivers\UCX01000.SYS
2013-06-01 11:26:33 327936 ----a-w- C:\windows\System32\drivers\volsnap.sys
2013-06-01 11:26:31 6987008 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-06-01 10:24:46 2106176 ----a-w- C:\windows\SysWow64\explorer.exe
2013-06-01 09:25:05 67584 ----a-w- C:\windows\SysWow64\samlib.dll
2013-06-01 09:25:03 496640 ----a-w- C:\windows\SysWow64\qedit.dll
2013-06-01 09:24:19 493056 ----a-w- C:\windows\SysWow64\mscms.dll
2013-06-01 09:24:09 850944 ----a-w- C:\windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:24:09 1453568 ----a-w- C:\windows\SysWow64\mfcore.dll
2013-06-01 09:23:46 1842176 ----a-w- C:\windows\SysWow64\dwmcore.dll
2013-06-01 09:23:06 680960 ----a-w- C:\windows\System32\vds.exe
2013-06-01 09:22:47 80896 ----a-w- C:\windows\System32\MbaeParserTask.exe
2013-06-01 09:22:33 523264 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-06-01 09:22:33 446976 ----a-w- C:\windows\System32\wwansvc.dll
2013-06-01 09:22:09 190976 ----a-w- C:\windows\System32\vdsutil.dll
2013-06-01 09:21:39 729600 ----a-w- C:\windows\System32\samsrv.dll
2013-06-01 09:21:39 106496 ----a-w- C:\windows\System32\samlib.dll
2013-06-01 09:21:34 595968 ----a-w- C:\windows\System32\qedit.dll
2013-06-01 09:20:45 583168 ----a-w- C:\windows\System32\mscms.dll
2013-06-01 09:20:34 1527808 ----a-w- C:\windows\System32\mfcore.dll
2013-06-01 09:20:34 1048576 ----a-w- C:\windows\System32\mfasfsrcsnk.dll
2013-06-01 09:20:04 2219520 ----a-w- C:\windows\System32\dwmcore.dll
2013-06-01 09:19:58 207872 ----a-w- C:\windows\System32\DeviceSetupManager.dll
2013-06-01 09:19:42 785408 ----a-w- C:\windows\System32\audiosrv.dll
2013-06-01 03:08:26 117632 ----a-w- C:\windows\System32\drivers\BthA2DP.sys
2013-05-30 23:14:23 4036096 ----a-w- C:\windows\System32\win32k.sys
2013-05-24 22:09:20 1403296 ----a-w- C:\windows\System32\winload.efi
2013-05-24 22:09:20 1271584 ----a-w- C:\windows\System32\winload.exe
2013-05-24 22:09:20 1217352 ----a-w- C:\windows\System32\winresume.efi
2013-05-24 22:09:20 1093904 ----a-w- C:\windows\System32\winresume.exe
2013-05-23 23:01:46 1300992 ----a-w- C:\windows\System32\gdi32.dll
2013-05-23 22:27:05 1022464 ----a-w- C:\windows\SysWow64\gdi32.dll
2013-05-22 18:33:50 4659712 ----a-w- C:\windows\SysWow64\Redemption.dll
2013-05-15 22:37:03 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-05-15 22:35:49 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-05-15 02:25:59 888320 ----a-w- C:\windows\System32\autochk.exe
2013-05-15 02:25:44 542208 ----a-w- C:\windows\System32\untfs.dll
2013-05-15 02:24:10 793088 ----a-w- C:\windows\SysWow64\autochk.exe
2013-05-15 02:24:01 482816 ----a-w- C:\windows\SysWow64\untfs.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-05-14 09:23:31 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-05-04 07:58:17 120736 ----a-w- C:\windows\System32\AuthHost.exe
2013-05-04 07:34:17 446720 ----a-w- C:\windows\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:15 284416 ----a-w- C:\windows\System32\drivers\spaceport.sys
2013-05-04 06:59:56 39424 ----a-w- C:\windows\System32\wuapp.exe
2013-05-04 06:59:51 1483776 ----a-w- C:\windows\System32\VSSVC.exe
2013-05-04 06:59:36 812544 ----a-w- C:\windows\System32\Magnify.exe
2013-05-04 06:59:25 98304 ----a-w- C:\windows\System32\wudriver.dll
2013-05-04 06:59:25 251904 ----a-w- C:\windows\System32\WUSettingsProvider.dll
2013-05-04 06:59:25 141824 ----a-w- C:\windows\System32\wuwebv.dll
2013-05-04 06:59:24 1619968 ----a-w- C:\windows\System32\wucltux.dll
2013-05-04 06:59:21 2842112 ----a-w- C:\windows\System32\WMVDECOD.DLL
2013-05-04 06:59:08 13644288 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54 328192 ----a-w- C:\windows\System32\ubpm.dll
2013-05-04 06:58:54 10116096 ----a-w- C:\windows\System32\twinui.dll
2013-05-04 06:58:49 173568 ----a-w- C:\windows\System32\storewuauth.dll
2013-05-04 06:58:49 1332736 ----a-w- C:\windows\System32\sysmain.dll
2013-05-04 06:58:48 330240 ----a-w- C:\windows\System32\stobject.dll
2013-05-04 06:58:28 93696 ----a-w- C:\windows\System32\psmsrv.dll
2013-05-04 06:58:02 470528 ----a-w- C:\windows\System32\netprofmsvc.dll
2013-05-04 06:58:02 151552 ----a-w- C:\windows\System32\netprofm.dll
2013-05-04 06:58:01 169984 ----a-w- C:\windows\System32\netplwiz.dll
2013-05-04 06:57:59 17408 ----a-w- C:\windows\System32\muifontsetup.dll
2013-05-04 06:57:46 560640 ----a-w- C:\windows\System32\mfmp4srcsnk.dll
2013-05-04 06:57:15 501760 ----a-w- C:\windows\System32\DevicePairing.dll
2013-05-04 06:57:05 179712 ----a-w- C:\windows\System32\bisrv.dll
2013-05-04 06:57:05 122368 ----a-w- C:\windows\System32\biwinrt.dll
2013-05-04 06:57:04 389120 ----a-w- C:\windows\System32\BCP47Langs.dll
2013-05-04 06:57:04 2305024 ----a-w- C:\windows\System32\authui.dll
2013-05-04 06:57:00 708096 ----a-w- C:\windows\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00 1131520 ----a-w- C:\windows\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53 419840 ----a-w- C:\windows\System32\intl.cpl
2013-05-04 04:58:34 34304 ----a-w- C:\windows\SysWow64\wuapp.exe
2013-05-04 04:58:14 758784 ----a-w- C:\windows\SysWow64\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- C:\windows\SysWow64\wudriver.dll
2013-05-04 04:58:02 125952 ----a-w- C:\windows\SysWow64\wuwebv.dll
2013-05-04 04:57:58 2620928 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL
2013-05-04 04:57:49 10788864 ----a-w- C:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- C:\windows\SysWow64\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- C:\windows\SysWow64\ubpm.dll
2013-05-04 04:57:35 303616 ----a-w- C:\windows\SysWow64\stobject.dll
2013-05-04 04:57:16 18432 ----a-w- C:\windows\SysWow64\npmproxy.dll
2013-05-04 04:57:04 151040 ----a-w- C:\windows\SysWow64\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- C:\windows\SysWow64\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- C:\windows\SysWow64\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- C:\windows\SysWow64\mfmp4srcsnk.dll
.
============= FINISH: 21:58:17,98 ===============
 

Attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 26.06.2013 20:18:11
System Uptime: 28.07.2013 21:25:08 (24 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | NP770Z5E-S02SE
Processor: Intel® Core™ i7-3635QM CPU @ 2.40GHz | SOCKET 0 | 2401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 216 GiB total, 160,106 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP9: 12.07.2013 08:50:37 - Windows Update
RP10: 15.07.2013 09:37:38 - Windows Update
RP11: 19.07.2013 10:19:25 - Windows Update
RP12: 23.07.2013 22:31:40 - Installed SW Update
RP13: 27.07.2013 14:07:52 - Gjenopprettingsoperasjon
RP14: 28.07.2013 20:07:45 - Removed Java 7 Update 25
.
==== Installed Programs ======================
.
Absolute Reminder
Adobe Photoshop Elements 11
Adobe Reader X (10.1.7) MUI
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CyberLink PowerDVD 10
D3DX10
E-POP
Easy File Share
Elements 11 Organizer
ETDWare X64 11.7.10.4_WHQL
Fotogalleri
Fotogalleriet
Google Earth
Google Update Helper
Help Desk
Intel AppUp(SM) center
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software Driver
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® WiDi
Intel® PROSet/Wireless-programvare
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
IntelliMemory
Malwarebytes Anti-Malware versjon 1.75.0.1300
McAfee Internet Security
McAfee Online Backup
Microsoft Application Error Reporting
Microsoft Office 365 Home Premium - nb-no
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
MyFreeCodec
NVIDIA PhysX
OEM Application Profile
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Origin
Photo Common
Photo Gallery
PowerXpressHybrid
PSE11 STI Installer
PX Profile Update
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB Card Reader
Recovery
S Agent
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Settings
Shared C Run-time for x64
SimCity™
Skiworld Simulator 2012
Spotify
SRS Premium Sound
Support Center
Support Center FAQ
SW Update
User Guide
Valokuvavalikoima
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Liven peruspaketti
.
==== End Of File ===========================
 

A couple more issues With McAfee i have discovered but unfortunately forgot in the initial post:

  • Cannot update virus definition file
  • Unable to execute manual scan.

Again, thank you very much.



#5 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 29 July 2013 - 08:28 PM

Hello OKjonnerod,

 

I could not find the extras.txt check Box, is it the attach.txt? You find both reports below.

Yes, that is what I meant. Sorry for the mix-up.

 

I will reply with your next steps either tonight or tomorrow pending instructor approval.

 

Again, thank you very much.

You're welcome, I enjoy doing it. :)


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#6 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 30 July 2013 - 02:08 PM

Hello OKjonnerod,

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#7 OKjonnerod

OKjonnerod
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 30 July 2013 - 02:39 PM

Hello Cody.

 

Below is the tdskiller report.

 

21:34:03.0165 4540  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
21:34:03.0165 4540  UEFI system
21:34:05.0167 4540  ============================================================
21:34:05.0167 4540  Current date / time: 2013/07/30 21:34:05.0167
21:34:05.0167 4540  SystemInfo:
21:34:05.0167 4540 
21:34:05.0167 4540  OS Version: 6.2.9200 ServicePack: 0.0
21:34:05.0167 4540  Product type: Workstation
21:34:05.0167 4540  ComputerName: MIN-PC
21:34:05.0168 4540  UserName: Øyvind
21:34:05.0168 4540  Windows directory: C:\windows
21:34:05.0168 4540  System windows directory: C:\windows
21:34:05.0168 4540  Running under WOW64
21:34:05.0168 4540  Processor architecture: Intel x64
21:34:05.0168 4540  Number of processors: 8
21:34:05.0168 4540  Page size: 0x1000
21:34:05.0168 4540  Boot type: Normal boot
21:34:05.0168 4540  ============================================================
21:34:05.0501 4540  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:05.0505 4540  ============================================================
21:34:05.0505 4540  \Device\Harddisk0\DR0:
21:34:05.0505 4540  GPT partitions:
21:34:05.0505 4540  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8CEA7063-3117-4CFE-B7AB-BBFD9229C9AC}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
21:34:05.0505 4540  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C7389423-5C68-44D7-8DC0-7E70468BA89F}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x96000
21:34:05.0505 4540  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {09DED1CE-F9D5-42B3-B8B7-A1BE064B9665}, Name: Microsoft reserved partition, StartLBA 0x190000, BlocksNum 0x40000
21:34:05.0505 4540  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5144B963-2310-4C08-BDF6-81EE13953546}, Name: Basic data partition, StartLBA 0x1D0000, BlocksNum 0x1AF7A001
21:34:05.0505 4540  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1B54CBB6-33E9-4854-8252-EF2994160BDC}, Name: Basic data partition, StartLBA 0x1B14A001, BlocksNum 0x29A9000
21:34:05.0506 4540  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BDB93F60-A373-4855-4173-636C65706975}, Name: Basic data partition, StartLBA 0x1DAF3001, BlocksNum 0x200000
21:34:05.0506 4540  MBR partitions:
21:34:05.0506 4540  ============================================================
21:34:05.0507 4540  C: <-> \Device\Harddisk0\DR0\Partition4
21:34:05.0507 4540  ============================================================
21:34:05.0507 4540  Initialize success
21:34:05.0507 4540  ============================================================
21:35:34.0321 1212  ============================================================
21:35:34.0321 1212  Scan started
21:35:34.0321 1212  Mode: Manual;
21:35:34.0321 1212  ============================================================
21:35:34.0433 1212  ================ Scan system memory ========================
21:35:34.0433 1212  System memory - ok
21:35:34.0433 1212  ================ Scan services =============================
21:35:34.0450 1212  0257621374173445mcinstcleanup - ok
21:35:34.0482 1212  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
21:35:34.0485 1212  1394ohci - ok
21:35:34.0489 1212  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
21:35:34.0490 1212  3ware - ok
21:35:34.0497 1212  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
21:35:34.0500 1212  ACPI - ok
21:35:34.0504 1212  [ E3530CCC4018BBFC39176E579E438BE6 ] acpials         C:\windows\system32\DRIVERS\acpials.sys
21:35:34.0504 1212  acpials - ok
21:35:34.0508 1212  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
21:35:34.0509 1212  acpiex - ok
21:35:34.0512 1212  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
21:35:34.0513 1212  acpipagr - ok
21:35:34.0516 1212  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
21:35:34.0517 1212  AcpiPmi - ok
21:35:34.0520 1212  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
21:35:34.0520 1212  acpitime - ok
21:35:34.0526 1212  [ C4B1D322567F73BB5A687F907EA25507 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
21:35:34.0529 1212  AdobeActiveFileMonitor11.0 - ok
21:35:34.0533 1212  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:34.0534 1212  AdobeARMservice - ok
21:35:34.0541 1212  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
21:35:34.0544 1212  adp94xx - ok
21:35:34.0549 1212  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
21:35:34.0552 1212  adpahci - ok
21:35:34.0556 1212  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
21:35:34.0557 1212  adpu320 - ok
21:35:34.0562 1212  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
21:35:34.0564 1212  AeLookupSvc - ok
21:35:34.0570 1212  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\windows\system32\drivers\afd.sys
21:35:34.0573 1212  AFD - ok
21:35:34.0576 1212  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
21:35:34.0578 1212  agp440 - ok
21:35:34.0581 1212  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
21:35:34.0582 1212  ALG - ok
21:35:34.0585 1212  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
21:35:34.0586 1212  AllUserInstallAgent - ok
21:35:34.0590 1212  [ 6F76014987E89A317656C94154C6CF9B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:35:34.0592 1212  AMD External Events Utility - ok
21:35:34.0595 1212  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
21:35:34.0597 1212  AmdK8 - ok
21:35:34.0668 1212  [ 8C0DA976F45C67E75067DD7CDF92C3E0 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
21:35:34.0724 1212  amdkmdag - ok
21:35:34.0732 1212  [ DC29F77488F29E9AA61E2022574583D1 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
21:35:34.0735 1212  amdkmdap - ok
21:35:34.0738 1212  [ 2D01D8CC6221A75EDB8CFABBBBA879DD ] amdkmpfd        C:\windows\system32\drivers\amdkmpfd.sys
21:35:34.0738 1212  amdkmpfd - ok
21:35:34.0741 1212  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
21:35:34.0742 1212  AmdPPM - ok
21:35:34.0745 1212  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
21:35:34.0746 1212  amdsata - ok
21:35:34.0750 1212  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
21:35:34.0752 1212  amdsbs - ok
21:35:34.0755 1212  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
21:35:34.0756 1212  amdxata - ok
21:35:34.0759 1212  [ 5451A638FACAA57F2F179837BC29A543 ] AMPPAL          C:\windows\System32\drivers\AMPPAL.sys
21:35:34.0761 1212  AMPPAL - ok
21:35:34.0764 1212  [ 5451A638FACAA57F2F179837BC29A543 ] AMPPALP         C:\windows\system32\DRIVERS\amppal.sys
21:35:34.0765 1212  AMPPALP - ok
21:35:34.0773 1212  [ CCB61487A9D9416EC8985279E37608BF ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:35:34.0778 1212  AMPPALR3 - ok
21:35:34.0781 1212  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
21:35:34.0783 1212  AppID - ok
21:35:34.0785 1212  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
21:35:34.0786 1212  AppIDSvc - ok
21:35:34.0789 1212  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\windows\System32\appinfo.dll
21:35:34.0790 1212  Appinfo - ok
21:35:34.0792 1212  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
21:35:34.0794 1212  arc - ok
21:35:34.0797 1212  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
21:35:34.0799 1212  arcsas - ok
21:35:34.0801 1212  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
21:35:34.0802 1212  AsyncMac - ok
21:35:34.0804 1212  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
21:35:34.0805 1212  atapi - ok
21:35:34.0809 1212  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
21:35:34.0811 1212  AudioEndpointBuilder - ok
21:35:34.0819 1212  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\windows\System32\Audiosrv.dll
21:35:34.0824 1212  Audiosrv - ok
21:35:34.0827 1212  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
21:35:34.0828 1212  AxInstSV - ok
21:35:34.0834 1212  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
21:35:34.0838 1212  b06bdrv - ok
21:35:34.0841 1212  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
21:35:34.0842 1212  BasicDisplay - ok
21:35:34.0844 1212  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
21:35:34.0845 1212  BasicRender - ok
21:35:34.0849 1212  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\windows\System32\bdesvc.dll
21:35:34.0851 1212  BDESVC - ok
21:35:34.0854 1212  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
21:35:34.0855 1212  Beep - ok
21:35:34.0862 1212  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\windows\System32\bfe.dll
21:35:34.0866 1212  BFE - ok
21:35:34.0875 1212  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
21:35:34.0880 1212  BITS - ok
21:35:34.0892 1212  [ BAE8683BE3463B25E51875B380AB695A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:35:34.0899 1212  Bluetooth Device Monitor - ok
21:35:34.0910 1212  [ AF06006C7A8B6CE409ABD351867A9544 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:35:34.0917 1212  Bluetooth OBEX Service - ok
21:35:34.0920 1212  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
21:35:34.0922 1212  bowser - ok
21:35:34.0926 1212  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
21:35:34.0927 1212  BrokerInfrastructure - ok
21:35:34.0931 1212  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
21:35:34.0932 1212  Browser - ok
21:35:34.0935 1212  [ D4FA5A33E345CFB6D635579A8EE02399 ] BthA2DP         C:\windows\system32\drivers\BthA2DP.sys
21:35:34.0936 1212  BthA2DP - ok
21:35:34.0939 1212  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
21:35:34.0940 1212  BthAvrcpTg - ok
21:35:34.0942 1212  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
21:35:34.0943 1212  BthEnum - ok
21:35:34.0946 1212  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
21:35:34.0947 1212  BthHFEnum - ok
21:35:34.0950 1212  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
21:35:34.0951 1212  bthhfhid - ok
21:35:34.0954 1212  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
21:35:34.0956 1212  BthLEEnum - ok
21:35:34.0959 1212  [ EB4CBCB3288233CD964716D0A5E1CFC5 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
21:35:34.0960 1212  BTHMODEM - ok
21:35:34.0963 1212  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
21:35:34.0965 1212  BthPan - ok
21:35:34.0975 1212  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
21:35:34.0981 1212  BTHPORT - ok
21:35:34.0984 1212  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
21:35:34.0986 1212  bthserv - ok
21:35:34.0989 1212  [ D30286FF3C7B6318C024D2BC2955C1BF ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:35:34.0990 1212  BTHSSecurityMgr - ok
21:35:34.0992 1212  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
21:35:34.0993 1212  BTHUSB - ok
21:35:34.0997 1212  [ 8F5E4E166C19A1B60F508057CF2FF96E ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
21:35:34.0999 1212  btmaux - ok
21:35:35.0010 1212  [ FD6DCB9E986D4B88655370C7F3976F78 ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
21:35:35.0018 1212  btmhsf - ok
21:35:35.0021 1212  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
21:35:35.0022 1212  cdfs - ok
21:35:35.0026 1212  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
21:35:35.0027 1212  cdrom - ok
21:35:35.0031 1212  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
21:35:35.0032 1212  CertPropSvc - ok
21:35:35.0035 1212  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\windows\system32\drivers\cfwids.sys
21:35:35.0036 1212  cfwids - ok
21:35:35.0039 1212  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
21:35:35.0040 1212  circlass - ok
21:35:35.0045 1212  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
21:35:35.0047 1212  CLFS - ok
21:35:35.0054 1212  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
21:35:35.0055 1212  CmBatt - ok
21:35:35.0060 1212  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\windows\system32\Drivers\cng.sys
21:35:35.0064 1212  CNG - ok
21:35:35.0068 1212  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
21:35:35.0069 1212  CompositeBus - ok
21:35:35.0071 1212  COMSysApp - ok
21:35:35.0074 1212  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
21:35:35.0075 1212  condrv - ok
21:35:35.0094 1212  [ 4A4E4057EDE3E1F578B3EF0048420F3E ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
21:35:35.0097 1212  cphs - ok
21:35:35.0101 1212  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\windows\system32\cryptsvc.dll
21:35:35.0102 1212  CryptSvc - ok
21:35:35.0106 1212  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\windows\system32\drivers\dam.sys
21:35:35.0107 1212  dam - ok
21:35:35.0116 1212  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
21:35:35.0122 1212  DcomLaunch - ok
21:35:35.0127 1212  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
21:35:35.0130 1212  defragsvc - ok
21:35:35.0135 1212  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
21:35:35.0137 1212  DeviceAssociationService - ok
21:35:35.0141 1212  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
21:35:35.0142 1212  DeviceInstall - ok
21:35:35.0146 1212  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
21:35:35.0147 1212  Dfsc - ok
21:35:35.0150 1212  [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
21:35:35.0151 1212  dg_ssudbus - ok
21:35:35.0155 1212  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\windows\system32\dhcpcore.dll
21:35:35.0159 1212  Dhcp - ok
21:35:35.0162 1212  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
21:35:35.0163 1212  discache - ok
21:35:35.0165 1212  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\windows\system32\drivers\disk.sys
21:35:35.0167 1212  disk - ok
21:35:35.0170 1212  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
21:35:35.0170 1212  dmvsc - ok
21:35:35.0174 1212  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
21:35:35.0175 1212  Dnscache - ok
21:35:35.0180 1212  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
21:35:35.0182 1212  dot3svc - ok
21:35:35.0186 1212  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
21:35:35.0188 1212  DPS - ok
21:35:35.0191 1212  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
21:35:35.0192 1212  drmkaud - ok
21:35:35.0195 1212  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
21:35:35.0197 1212  DsmSvc - ok
21:35:35.0211 1212  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
21:35:35.0218 1212  DXGKrnl - ok
21:35:35.0222 1212  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
21:35:35.0224 1212  Eaphost - ok
21:35:35.0239 1212  [ 3329D28D0C69723652466971B7598E0E ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
21:35:35.0248 1212  Easy Launcher - ok
21:35:35.0273 1212  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
21:35:35.0291 1212  ebdrv - ok
21:35:35.0294 1212  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
21:35:35.0296 1212  EFS - ok
21:35:35.0298 1212  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
21:35:35.0300 1212  EhStorClass - ok
21:35:35.0303 1212  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
21:35:35.0304 1212  EhStorTcgDrv - ok
21:35:35.0306 1212  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
21:35:35.0307 1212  ErrDev - ok
21:35:35.0314 1212  [ D7C857ED4612D2144C9EAF0B3444BF59 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
21:35:35.0316 1212  ETD - ok
21:35:35.0319 1212  [ 82288CD683B9186D7085FFFC275E66F1 ] ETDService      C:\Program Files\Elantech\ETDService.exe
21:35:35.0320 1212  ETDService - ok
21:35:35.0323 1212  [ 18EA24468F7EA31489C93B2BB30F00C0 ] ETDSMBus        C:\windows\System32\drivers\ETDSMBus.sys
21:35:35.0325 1212  ETDSMBus - ok
21:35:35.0332 1212  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
21:35:35.0335 1212  EventSystem - ok
21:35:35.0342 1212  [ 66C0B8E98DA9469EFC040272BE3341DE ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:35:35.0347 1212  EvtEng - ok
21:35:35.0351 1212  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
21:35:35.0352 1212  exfat - ok
21:35:35.0356 1212  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
21:35:35.0358 1212  fastfat - ok
21:35:35.0366 1212  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
21:35:35.0370 1212  Fax - ok
21:35:35.0372 1212  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
21:35:35.0374 1212  fdc - ok
21:35:35.0376 1212  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
21:35:35.0378 1212  fdPHost - ok
21:35:35.0380 1212  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
21:35:35.0381 1212  FDResPub - ok
21:35:35.0384 1212  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
21:35:35.0386 1212  fhsvc - ok
21:35:35.0389 1212  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
21:35:35.0389 1212  FileInfo - ok
21:35:35.0391 1212  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
21:35:35.0392 1212  Filetrace - ok
21:35:35.0396 1212  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
21:35:35.0397 1212  flpydisk - ok
21:35:35.0402 1212  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
21:35:35.0405 1212  FltMgr - ok
21:35:35.0416 1212  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\windows\system32\FntCache.dll
21:35:35.0424 1212  FontCache - ok
21:35:35.0427 1212  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:35:35.0428 1212  FontCache3.0.0.0 - ok
21:35:35.0431 1212  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
21:35:35.0441 1212  FsDepends - ok
21:35:35.0444 1212  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
21:35:35.0444 1212  Fs_Rec - ok
21:35:35.0449 1212  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
21:35:35.0452 1212  fvevol - ok
21:35:35.0455 1212  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
21:35:35.0456 1212  FxPPM - ok
21:35:35.0459 1212  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
21:35:35.0461 1212  gagp30kx - ok
21:35:35.0463 1212  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
21:35:35.0464 1212  gencounter - ok
21:35:35.0466 1212  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
21:35:35.0468 1212  GPIOClx0101 - ok
21:35:35.0480 1212  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
21:35:35.0488 1212  gpsvc - ok
21:35:35.0491 1212  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:35.0492 1212  gupdate - ok
21:35:35.0494 1212  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:35.0495 1212  gupdatem - ok
21:35:35.0501 1212  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:35:35.0503 1212  HdAudAddService - ok
21:35:35.0506 1212  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
21:35:35.0507 1212  HDAudBus - ok
21:35:35.0509 1212  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
21:35:35.0511 1212  HidBatt - ok
21:35:35.0513 1212  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\windows\System32\drivers\hidbth.sys
21:35:35.0514 1212  HidBth - ok
21:35:35.0517 1212  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
21:35:35.0518 1212  hidi2c - ok
21:35:35.0520 1212  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
21:35:35.0522 1212  HidIr - ok
21:35:35.0524 1212  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
21:35:35.0526 1212  hidserv - ok
21:35:35.0528 1212  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
21:35:35.0529 1212  HidUsb - ok
21:35:35.0532 1212  [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys
21:35:35.0535 1212  HipShieldK - ok
21:35:35.0538 1212  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
21:35:35.0539 1212  hkmsvc - ok
21:35:35.0543 1212  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:35:35.0545 1212  HomeGroupListener - ok
21:35:35.0551 1212  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:35:35.0555 1212  HomeGroupProvider - ok
21:35:35.0558 1212  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
21:35:35.0560 1212  HpSAMD - ok
21:35:35.0568 1212  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\windows\system32\drivers\HTTP.sys
21:35:35.0573 1212  HTTP - ok
21:35:35.0576 1212  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
21:35:35.0577 1212  hwpolicy - ok
21:35:35.0580 1212  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
21:35:35.0580 1212  hyperkbd - ok
21:35:35.0583 1212  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
21:35:35.0583 1212  HyperVideo - ok
21:35:35.0586 1212  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
21:35:35.0587 1212  i8042prt - ok
21:35:35.0596 1212  [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
21:35:35.0598 1212  iaStorA - ok
21:35:35.0604 1212  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
21:35:35.0606 1212  iaStorV - ok
21:35:35.0609 1212  [ C430482AC892D52CED021EDDD4D368A2 ] ibtfltcoex      C:\windows\system32\DRIVERS\iBtFltCoex.sys
21:35:35.0611 1212  ibtfltcoex - ok
21:35:35.0628 1212  [ ACD1812E8A531E1CEA09BA3991371E48 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe
21:35:35.0642 1212  IconMan_R - ok
21:35:35.0681 1212  [ FCAA07539A6137EF78AAB39CC455CC5E ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
21:35:35.0710 1212  igfx - ok
21:35:35.0714 1212  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
21:35:35.0715 1212  iirsp - ok
21:35:35.0725 1212  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\windows\System32\ikeext.dll
21:35:35.0731 1212  IKEEXT - ok
21:35:35.0735 1212  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
21:35:35.0736 1212  intaud_WaveExtensible - ok
21:35:35.0760 1212  [ E2E6FB83D55DF0BDA9D453EABA3F893B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:35:35.0778 1212  IntcAzAudAddService - ok
21:35:35.0784 1212  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
21:35:35.0787 1212  IntcDAud - ok
21:35:35.0793 1212  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:35:35.0797 1212  Intel® Capability Licensing Service Interface - ok
21:35:35.0800 1212  [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
21:35:35.0802 1212  Intel® ME Service - ok
21:35:35.0805 1212  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
21:35:35.0806 1212  intelide - ok
21:35:35.0808 1212  [ 50CECF39DE3B0963452A6CE0F9923D1B ] IntelliMemory   C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
21:35:35.0809 1212  IntelliMemory - ok
21:35:35.0812 1212  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\windows\System32\drivers\intelppm.sys
21:35:35.0813 1212  intelppm - ok
21:35:35.0816 1212  [ 6FEA9DB21D79E2660B747DBDF63799BE ] intmfs          C:\windows\system32\DRIVERS\intmfs.sys
21:35:35.0817 1212  intmfs - ok
21:35:35.0819 1212  [ 66508F908D2B8FF0636C6745C4FEB99A ] intmsd          C:\windows\system32\DRIVERS\intmsd.sys
21:35:35.0821 1212  intmsd - ok
21:35:35.0825 1212  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
21:35:35.0826 1212  IpFilterDriver - ok
21:35:35.0835 1212  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
21:35:35.0841 1212  iphlpsvc - ok
21:35:35.0844 1212  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
21:35:35.0845 1212  IPMIDRV - ok
21:35:35.0847 1212  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
21:35:35.0849 1212  IPNAT - ok
21:35:35.0852 1212  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
21:35:35.0853 1212  IRENUM - ok
21:35:35.0855 1212  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
21:35:35.0857 1212  isapnp - ok
21:35:35.0861 1212  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
21:35:35.0863 1212  iScsiPrt - ok
21:35:35.0866 1212  [ C59B9CE2855E667809F9E63C20FC44A5 ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
21:35:35.0867 1212  iwdbus - ok
21:35:35.0870 1212  [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:35:35.0871 1212  jhi_service - ok
21:35:35.0874 1212  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
21:35:35.0876 1212  kbdclass - ok
21:35:35.0878 1212  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
21:35:35.0879 1212  kbdhid - ok
21:35:35.0882 1212  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
21:35:35.0882 1212  kdnic - ok
21:35:35.0885 1212  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
21:35:35.0886 1212  KeyIso - ok
21:35:35.0889 1212  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
21:35:35.0889 1212  KSecDD - ok
21:35:35.0893 1212  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
21:35:35.0895 1212  KSecPkg - ok
21:35:35.0898 1212  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
21:35:35.0899 1212  ksthunk - ok
21:35:35.0904 1212  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
21:35:35.0907 1212  KtmRm - ok
21:35:35.0911 1212  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
21:35:35.0915 1212  LanmanServer - ok
21:35:35.0918 1212  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:35:35.0920 1212  LanmanWorkstation - ok
21:35:35.0924 1212  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
21:35:35.0925 1212  lltdio - ok
21:35:35.0930 1212  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
21:35:35.0932 1212  lltdsvc - ok
21:35:35.0934 1212  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
21:35:35.0936 1212  lmhosts - ok
21:35:35.0940 1212  [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:35:35.0942 1212  LMS - ok
21:35:35.0946 1212  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
21:35:35.0947 1212  LSI_SAS - ok
21:35:35.0950 1212  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
21:35:35.0951 1212  LSI_SAS2 - ok
21:35:35.0954 1212  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
21:35:35.0956 1212  LSI_SCSI - ok
21:35:35.0959 1212  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
21:35:35.0960 1212  LSI_SSS - ok
21:35:35.0965 1212  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
21:35:35.0968 1212  LSM - ok
21:35:35.0971 1212  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
21:35:35.0973 1212  luafv - ok
21:35:35.0977 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:35.0978 1212  McAfee SiteAdvisor Service - ok
21:35:35.0981 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:35.0982 1212  McMPFSvc - ok
21:35:35.0985 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:35.0986 1212  mcmscsvc - ok
21:35:35.0989 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:35.0990 1212  McNaiAnn - ok
21:35:35.0993 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:35.0994 1212  McNASvc - ok
21:35:36.0000 1212  [ 5D57D4B57CCC07450F97C4E929D0483F ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:35:36.0002 1212  McODS - ok
21:35:36.0005 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:36.0006 1212  McProxy - ok
21:35:36.0010 1212  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:35:36.0012 1212  McShield - ok
21:35:36.0015 1212  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
21:35:36.0016 1212  megasas - ok
21:35:36.0021 1212  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
21:35:36.0023 1212  MegaSR - ok
21:35:36.0026 1212  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
21:35:36.0027 1212  MEIx64 - ok
21:35:36.0030 1212  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
21:35:36.0032 1212  mfeapfk - ok
21:35:36.0037 1212  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
21:35:36.0039 1212  mfeavfk - ok
21:35:36.0042 1212  mfeavfk01 - ok
21:35:36.0046 1212  [ AF83010055E18126067D0560069BF11A ] mfeelamk        C:\windows\system32\drivers\mfeelamk.sys
21:35:36.0047 1212  mfeelamk - ok
21:35:36.0050 1212  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:35:36.0052 1212  mfefire - ok
21:35:36.0058 1212  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\windows\system32\drivers\mfefirek.sys
21:35:36.0061 1212  mfefirek - ok
21:35:36.0069 1212  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
21:35:36.0074 1212  mfehidk - ok
21:35:36.0077 1212  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\windows\system32\drivers\mferkdet.sys
21:35:36.0078 1212  mferkdet - ok
21:35:36.0082 1212  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\windows\system32\mfevtps.exe
21:35:36.0084 1212  mfevtp - ok
21:35:36.0089 1212  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
21:35:36.0091 1212  mfewfpk - ok
21:35:36.0094 1212  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
21:35:36.0096 1212  MMCSS - ok
21:35:36.0099 1212  [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup      C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
21:35:36.0100 1212  MOBKbackup - ok
21:35:36.0103 1212  [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter      C:\windows\system32\DRIVERS\MOBK.sys
21:35:36.0105 1212  MOBKFilter - ok
21:35:36.0107 1212  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
21:35:36.0108 1212  Modem - ok
21:35:36.0110 1212  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\windows\System32\drivers\monitor.sys
21:35:36.0112 1212  monitor - ok
21:35:36.0114 1212  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
21:35:36.0115 1212  mouclass - ok
21:35:36.0117 1212  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\windows\System32\drivers\mouhid.sys
21:35:36.0118 1212  mouhid - ok
21:35:36.0121 1212  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
21:35:36.0122 1212  mountmgr - ok
21:35:36.0125 1212  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
21:35:36.0126 1212  mpsdrv - ok
21:35:36.0134 1212  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\windows\system32\mpssvc.dll
21:35:36.0140 1212  MpsSvc - ok
21:35:36.0145 1212  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
21:35:36.0147 1212  MRxDAV - ok
21:35:36.0152 1212  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
21:35:36.0155 1212  mrxsmb - ok
21:35:36.0159 1212  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
21:35:36.0162 1212  mrxsmb10 - ok
21:35:36.0165 1212  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
21:35:36.0167 1212  mrxsmb20 - ok
21:35:36.0171 1212  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
21:35:36.0172 1212  MsBridge - ok
21:35:36.0175 1212  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
21:35:36.0177 1212  MSDTC - ok
21:35:36.0181 1212  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
21:35:36.0183 1212  Msfs - ok
21:35:36.0185 1212  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
21:35:36.0186 1212  msgpiowin32 - ok
21:35:36.0188 1212  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
21:35:36.0189 1212  mshidkmdf - ok
21:35:36.0191 1212  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
21:35:36.0192 1212  mshidumdf - ok
21:35:36.0195 1212  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
21:35:36.0196 1212  msisadrv - ok
21:35:36.0199 1212  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
21:35:36.0201 1212  MSiSCSI - ok
21:35:36.0203 1212  msiserver - ok
21:35:36.0206 1212  [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:35:36.0207 1212  MSK80Service - ok
21:35:36.0210 1212  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
21:35:36.0210 1212  MSKSSRV - ok
21:35:36.0213 1212  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
21:35:36.0214 1212  MsLldp - ok
21:35:36.0216 1212  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
21:35:36.0217 1212  MSPCLOCK - ok
21:35:36.0219 1212  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
21:35:36.0220 1212  MSPQM - ok
21:35:36.0225 1212  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
21:35:36.0227 1212  MsRPC - ok
21:35:36.0231 1212  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
21:35:36.0232 1212  mssmbios - ok
21:35:36.0234 1212  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
21:35:36.0235 1212  MSTEE - ok
21:35:36.0237 1212  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
21:35:36.0239 1212  MTConfig - ok
21:35:36.0242 1212  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
21:35:36.0242 1212  Mup - ok
21:35:36.0245 1212  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
21:35:36.0246 1212  mvumis - ok
21:35:36.0250 1212  [ EC42D7EE4A7ADCC481D35CCE842E1BA2 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:35:36.0252 1212  MyWiFiDHCPDNS - ok
21:35:36.0257 1212  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
21:35:36.0261 1212  napagent - ok
21:35:36.0266 1212  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
21:35:36.0270 1212  NativeWifiP - ok
21:35:36.0273 1212  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
21:35:36.0275 1212  NcaSvc - ok
21:35:36.0278 1212  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
21:35:36.0279 1212  NcdAutoSetup - ok
21:35:36.0289 1212  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\windows\system32\drivers\ndis.sys
21:35:36.0294 1212  NDIS - ok
21:35:36.0297 1212  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
21:35:36.0299 1212  NdisCap - ok
21:35:36.0302 1212  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
21:35:36.0302 1212  NdisImPlatform - ok
21:35:36.0305 1212  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
21:35:36.0306 1212  NdisTapi - ok
21:35:36.0308 1212  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
21:35:36.0310 1212  Ndisuio - ok
21:35:36.0313 1212  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
21:35:36.0314 1212  NdisWan - ok
21:35:36.0317 1212  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
21:35:36.0318 1212  NDISWANLEGACY - ok
21:35:36.0320 1212  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
21:35:36.0321 1212  NDProxy - ok
21:35:36.0324 1212  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
21:35:36.0326 1212  Ndu - ok
21:35:36.0328 1212  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
21:35:36.0329 1212  NetBIOS - ok
21:35:36.0334 1212  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
21:35:36.0337 1212  NetBT - ok
21:35:36.0339 1212  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
21:35:36.0340 1212  Netlogon - ok
21:35:36.0343 1212  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
21:35:36.0346 1212  Netman - ok
21:35:36.0352 1212  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\windows\System32\netprofmsvc.dll
21:35:36.0355 1212  netprofm - ok
21:35:36.0362 1212  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:36.0363 1212  NetTcpPortSharing - ok
21:35:36.0394 1212  [ 8CEF52F56EE6E9C4DDD374CE8E2E3DC6 ] NETwNe64        C:\windows\system32\DRIVERS\NETwew00.sys
21:35:36.0417 1212  NETwNe64 - ok
21:35:36.0420 1212  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
21:35:36.0422 1212  nfrd960 - ok
21:35:36.0427 1212  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
21:35:36.0430 1212  NlaSvc - ok
21:35:36.0432 1212  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
21:35:36.0433 1212  Npfs - ok
21:35:36.0435 1212  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
21:35:36.0437 1212  npsvctrig - ok
21:35:36.0440 1212  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
21:35:36.0441 1212  nsi - ok
21:35:36.0443 1212  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
21:35:36.0444 1212  nsiproxy - ok
21:35:36.0460 1212  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
21:35:36.0471 1212  Ntfs - ok
21:35:36.0474 1212  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
21:35:36.0475 1212  Null - ok
21:35:36.0560 1212  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
21:35:36.0632 1212  nvlddmkm - ok
21:35:36.0637 1212  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
21:35:36.0638 1212  nvraid - ok
21:35:36.0642 1212  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
21:35:36.0643 1212  nvstor - ok
21:35:36.0646 1212  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
21:35:36.0648 1212  nv_agp - ok
21:35:36.0664 1212  [ CE8AD6748DBA78A9D3CBB7094176D6C8 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
21:35:36.0675 1212  OfficeSvc - ok
21:35:36.0678 1212  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:35:36.0679 1212  ose - ok
21:35:36.0685 1212  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
21:35:36.0687 1212  p2pimsvc - ok
21:35:36.0693 1212  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
21:35:36.0697 1212  p2psvc - ok
21:35:36.0700 1212  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
21:35:36.0701 1212  Parport - ok
21:35:36.0704 1212  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
21:35:36.0705 1212  partmgr - ok
21:35:36.0710 1212  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\windows\System32\pcasvc.dll
21:35:36.0714 1212  PcaSvc - ok
21:35:36.0718 1212  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
21:35:36.0720 1212  pci - ok
21:35:36.0722 1212  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
21:35:36.0723 1212  pciide - ok
21:35:36.0726 1212  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
21:35:36.0728 1212  pcmcia - ok
21:35:36.0731 1212  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
21:35:36.0732 1212  pcw - ok
21:35:36.0735 1212  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\windows\system32\drivers\pdc.sys
21:35:36.0736 1212  pdc - ok
21:35:36.0744 1212  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
21:35:36.0748 1212  PEAUTH - ok
21:35:36.0769 1212  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
21:35:36.0770 1212  PerfHost - ok
21:35:36.0785 1212  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
21:35:36.0793 1212  pla - ok
21:35:36.0797 1212  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
21:35:36.0799 1212  PlugPlay - ok
21:35:36.0802 1212  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
21:35:36.0803 1212  PNRPAutoReg - ok
21:35:36.0808 1212  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
21:35:36.0810 1212  PNRPsvc - ok
21:35:36.0815 1212  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
21:35:36.0819 1212  PolicyAgent - ok
21:35:36.0823 1212  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
21:35:36.0825 1212  Power - ok
21:35:36.0828 1212  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
21:35:36.0829 1212  PptpMiniport - ok
21:35:36.0851 1212  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:35:36.0865 1212  PrintNotify - ok
21:35:36.0869 1212  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\windows\System32\drivers\processr.sys
21:35:36.0870 1212  Processor - ok
21:35:36.0874 1212  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
21:35:36.0876 1212  ProfSvc - ok
21:35:36.0880 1212  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
21:35:36.0881 1212  Psched - ok
21:35:36.0884 1212  [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
21:35:36.0885 1212  PxHlpa64 - ok
21:35:36.0889 1212  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
21:35:36.0893 1212  QWAVE - ok
21:35:36.0895 1212  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
21:35:36.0896 1212  QWAVEdrv - ok
21:35:36.0898 1212  [ 194ED3C117525613E701FF257882303E ] RadioHIDMini    C:\windows\System32\drivers\RadioHIDMini.sys
21:35:36.0900 1212  RadioHIDMini - ok
21:35:36.0902 1212  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
21:35:36.0903 1212  RasAcd - ok
21:35:36.0906 1212  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
21:35:36.0906 1212  RasAgileVpn - ok
21:35:36.0909 1212  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
21:35:36.0911 1212  RasAuto - ok
21:35:36.0914 1212  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
21:35:36.0916 1212  Rasl2tp - ok
21:35:36.0921 1212  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
21:35:36.0924 1212  RasMan - ok
21:35:36.0927 1212  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
21:35:36.0928 1212  RasPppoe - ok
21:35:36.0931 1212  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
21:35:36.0932 1212  RasSstp - ok
21:35:36.0937 1212  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
21:35:36.0940 1212  rdbss - ok
21:35:36.0944 1212  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
21:35:36.0946 1212  rdpbus - ok
21:35:36.0949 1212  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
21:35:36.0951 1212  RDPDR - ok
21:35:36.0956 1212  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
21:35:36.0956 1212  RdpVideoMiniport - ok
21:35:36.0960 1212  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
21:35:36.0961 1212  RDPWD - ok
21:35:36.0965 1212  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
21:35:36.0967 1212  rdyboost - ok
21:35:36.0971 1212  [ 75F18D3406E3C7262EC88F4E965BDD84 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:35:36.0973 1212  RegSrvc - ok
21:35:36.0976 1212  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\windows\System32\mprdim.dll
21:35:36.0977 1212  RemoteAccess - ok
21:35:36.0981 1212  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
21:35:36.0983 1212  RemoteRegistry - ok
21:35:36.0987 1212  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
21:35:36.0988 1212  RFCOMM - ok
21:35:36.0991 1212  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
21:35:36.0993 1212  RpcEptMapper - ok
21:35:36.0995 1212  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
21:35:36.0997 1212  RpcLocator - ok
21:35:37.0004 1212  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
21:35:37.0008 1212  RpcSs - ok
21:35:37.0011 1212  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
21:35:37.0012 1212  rspndr - ok
21:35:37.0017 1212  [ F0B1E5B1AF1B47EF90A79E2E1E2BA8B3 ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
21:35:37.0020 1212  RSUSBVSTOR - ok
21:35:37.0027 1212  [ 10E5083E288A113782A25BEA3B64B0AC ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
21:35:37.0031 1212  RTL8168 - ok
21:35:37.0034 1212  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
21:35:37.0035 1212  s3cap - ok
21:35:37.0037 1212  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
21:35:37.0038 1212  SamSs - ok
21:35:37.0042 1212  SBIOSIO - ok
21:35:37.0045 1212  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
21:35:37.0046 1212  sbp2port - ok
21:35:37.0050 1212  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
21:35:37.0052 1212  SCardSvr - ok
21:35:37.0055 1212  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
21:35:37.0057 1212  scfilter - ok
21:35:37.0066 1212  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\windows\system32\schedsvc.dll
21:35:37.0075 1212  Schedule - ok
21:35:37.0079 1212  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
21:35:37.0080 1212  SCPolicySvc - ok
21:35:37.0084 1212  [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus           C:\windows\System32\drivers\sdbus.sys
21:35:37.0085 1212  sdbus - ok
21:35:37.0089 1212  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
21:35:37.0091 1212  SDRSVC - ok
21:35:37.0094 1212  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\windows\System32\drivers\sdstor.sys
21:35:37.0095 1212  sdstor - ok
21:35:37.0098 1212  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
21:35:37.0099 1212  secdrv - ok
21:35:37.0101 1212  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
21:35:37.0103 1212  seclogon - ok
21:35:37.0106 1212  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
21:35:37.0107 1212  SENS - ok
21:35:37.0110 1212  [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsAlsDriver C:\windows\system32\DRIVERS\WUDFRd.sys
21:35:37.0113 1212  SensorsAlsDriver - ok
21:35:37.0116 1212  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
21:35:37.0118 1212  SensrSvc - ok
21:35:37.0121 1212  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
21:35:37.0122 1212  SerCx - ok
21:35:37.0124 1212  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
21:35:37.0126 1212  Serenum - ok
21:35:37.0128 1212  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
21:35:37.0129 1212  Serial - ok
21:35:37.0131 1212  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
21:35:37.0133 1212  sermouse - ok
21:35:37.0140 1212  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
21:35:37.0144 1212  SessionEnv - ok
21:35:37.0146 1212  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
21:35:37.0147 1212  sfloppy - ok
21:35:37.0152 1212  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
21:35:37.0155 1212  SharedAccess - ok
21:35:37.0162 1212  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:35:37.0166 1212  ShellHWDetection - ok
21:35:37.0169 1212  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
21:35:37.0171 1212  SiSRaid2 - ok
21:35:37.0173 1212  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
21:35:37.0174 1212  SiSRaid4 - ok
21:35:37.0179 1212  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
21:35:37.0181 1212  SNMPTRAP - ok
21:35:37.0185 1212  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\windows\system32\drivers\spaceport.sys
21:35:37.0187 1212  spaceport - ok
21:35:37.0190 1212  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
21:35:37.0191 1212  SpbCx - ok
21:35:37.0199 1212  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
21:35:37.0204 1212  Spooler - ok
21:35:37.0237 1212  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\windows\system32\sppsvc.exe
21:35:37.0265 1212  sppsvc - ok
21:35:37.0271 1212  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
21:35:37.0274 1212  srv - ok
21:35:37.0280 1212  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
21:35:37.0285 1212  srv2 - ok
21:35:37.0288 1212  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
21:35:37.0290 1212  srvnet - ok
21:35:37.0294 1212  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
21:35:37.0298 1212  SSDPSRV - ok
21:35:37.0301 1212  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
21:35:37.0303 1212  SstpSvc - ok
21:35:37.0307 1212  [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
21:35:37.0308 1212  ssudmdm - ok
21:35:37.0311 1212  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
21:35:37.0312 1212  stexstor - ok
21:35:37.0318 1212  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
21:35:37.0323 1212  stisvc - ok
21:35:37.0326 1212  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\windows\system32\drivers\storahci.sys
21:35:37.0327 1212  storahci - ok
21:35:37.0329 1212  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
21:35:37.0330 1212  storflt - ok
21:35:37.0333 1212  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
21:35:37.0335 1212  StorSvc - ok
21:35:37.0338 1212  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
21:35:37.0339 1212  storvsc - ok
21:35:37.0341 1212  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
21:35:37.0343 1212  svsvc - ok
21:35:37.0345 1212  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
21:35:37.0346 1212  swenum - ok
21:35:37.0352 1212  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
21:35:37.0356 1212  swprv - ok
21:35:37.0359 1212  SWUpdateService - ok
21:35:37.0370 1212  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\windows\system32\sysmain.dll
21:35:37.0378 1212  SysMain - ok
21:35:37.0381 1212  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
21:35:37.0383 1212  SystemEventsBroker - ok
21:35:37.0387 1212  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
21:35:37.0389 1212  TabletInputService - ok
21:35:37.0394 1212  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
21:35:37.0397 1212  TapiSrv - ok
21:35:37.0414 1212  [ 0D05E0147C1329C53AAF97882DEDD96A ] Tcpip           C:\windows\system32\drivers\tcpip.sys
21:35:37.0426 1212  Tcpip - ok
21:35:37.0445 1212  [ 0D05E0147C1329C53AAF97882DEDD96A ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
21:35:37.0453 1212  TCPIP6 - ok
21:35:37.0458 1212  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
21:35:37.0459 1212  tcpipreg - ok
21:35:37.0463 1212  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
21:35:37.0464 1212  tdx - ok
21:35:37.0467 1212  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
21:35:37.0468 1212  terminpt - ok
21:35:37.0476 1212  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
21:35:37.0481 1212  TermService - ok
21:35:37.0484 1212  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
21:35:37.0485 1212  Themes - ok
21:35:37.0488 1212  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
21:35:37.0489 1212  THREADORDER - ok
21:35:37.0493 1212  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
21:35:37.0495 1212  TimeBroker - ok
21:35:37.0499 1212  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\windows\system32\drivers\tpm.sys
21:35:37.0500 1212  TPM - ok
21:35:37.0504 1212  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
21:35:37.0505 1212  TrkWks - ok
21:35:37.0508 1212  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:35:37.0509 1212  TrustedInstaller - ok
21:35:37.0513 1212  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
21:35:37.0514 1212  TsUsbFlt - ok
21:35:37.0516 1212  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
21:35:37.0517 1212  TsUsbGD - ok
21:35:37.0521 1212  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
21:35:37.0523 1212  tunnel - ok
21:35:37.0525 1212  TVICPORT - ok
21:35:37.0528 1212  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
21:35:37.0529 1212  uagp35 - ok
21:35:37.0532 1212  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
21:35:37.0534 1212  UASPStor - ok
21:35:37.0537 1212  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
21:35:37.0539 1212  UCX01000 - ok
21:35:37.0545 1212  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
21:35:37.0547 1212  udfs - ok
21:35:37.0552 1212  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
21:35:37.0553 1212  UI0Detect - ok
21:35:37.0555 1212  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
21:35:37.0557 1212  uliagpkx - ok
21:35:37.0560 1212  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
21:35:37.0561 1212  umbus - ok
21:35:37.0563 1212  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
21:35:37.0563 1212  UmPass - ok
21:35:37.0567 1212  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
21:35:37.0571 1212  UmRdpService - ok
21:35:37.0576 1212  [ DBE2E6388379D5CC78099650541E9566 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:35:37.0579 1212  UNS - ok
21:35:37.0585 1212  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
21:35:37.0589 1212  upnphost - ok
21:35:37.0592 1212  [ 8047D8AFA070A4C3B9FCBDBF77A84C45 ] usb3Hub         C:\windows\System32\drivers\usb3Hub.sys
21:35:37.0593 1212  usb3Hub - ok
21:35:37.0596 1212  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
21:35:37.0597 1212  usbccgp - ok
21:35:37.0600 1212  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\windows\System32\drivers\usbcir.sys
21:35:37.0601 1212  usbcir - ok
21:35:37.0605 1212  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\windows\System32\drivers\usbehci.sys
21:35:37.0606 1212  usbehci - ok
21:35:37.0612 1212  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\windows\System32\drivers\usbhub.sys
21:35:37.0615 1212  usbhub - ok
21:35:37.0621 1212  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
21:35:37.0624 1212  USBHUB3 - ok
21:35:37.0627 1212  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
21:35:37.0628 1212  usbohci - ok
21:35:37.0631 1212  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\windows\System32\drivers\usbprint.sys
21:35:37.0631 1212  usbprint - ok
21:35:37.0634 1212  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
21:35:37.0636 1212  USBSTOR - ok
21:35:37.0639 1212  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
21:35:37.0640 1212  usbuhci - ok
21:35:37.0643 1212  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
21:35:37.0645 1212  usbvideo - ok
21:35:37.0650 1212  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
21:35:37.0653 1212  USBXHCI - ok
21:35:37.0656 1212  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
21:35:37.0656 1212  VaultSvc - ok
21:35:37.0659 1212  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
21:35:37.0659 1212  vdrvroot - ok
21:35:37.0666 1212  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\windows\System32\vds.exe
21:35:37.0671 1212  vds - ok
21:35:37.0674 1212  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
21:35:37.0676 1212  VerifierExt - ok
21:35:37.0682 1212  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
21:35:37.0686 1212  vhdmp - ok
21:35:37.0688 1212  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
21:35:37.0689 1212  viaide - ok
21:35:37.0693 1212  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
21:35:37.0694 1212  vmbus - ok
21:35:37.0697 1212  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
21:35:37.0697 1212  VMBusHID - ok
21:35:37.0703 1212  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
21:35:37.0706 1212  vmicheartbeat - ok
21:35:37.0710 1212  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
21:35:37.0711 1212  vmickvpexchange - ok
21:35:37.0715 1212  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
21:35:37.0717 1212  vmicrdv - ok
21:35:37.0721 1212  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
21:35:37.0723 1212  vmicshutdown - ok
21:35:37.0727 1212  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
21:35:37.0729 1212  vmictimesync - ok
21:35:37.0733 1212  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
21:35:37.0735 1212  vmicvss - ok
21:35:37.0738 1212  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
21:35:37.0739 1212  volmgr - ok
21:35:37.0744 1212  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
21:35:37.0746 1212  volmgrx - ok
21:35:37.0750 1212  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\windows\system32\drivers\volsnap.sys
21:35:37.0753 1212  volsnap - ok
21:35:37.0756 1212  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
21:35:37.0757 1212  vpci - ok
21:35:37.0760 1212  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
21:35:37.0762 1212  vsmraid - ok
21:35:37.0774 1212  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\windows\system32\vssvc.exe
21:35:37.0783 1212  VSS - ok
21:35:37.0789 1212  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
21:35:37.0791 1212  VSTXRAID - ok
21:35:37.0793 1212  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
21:35:37.0795 1212  vwifibus - ok
21:35:37.0798 1212  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
21:35:37.0798 1212  vwififlt - ok
21:35:37.0800 1212  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
21:35:37.0801 1212  vwifimp - ok
21:35:37.0807 1212  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
21:35:37.0810 1212  W32Time - ok
21:35:37.0812 1212  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
21:35:37.0814 1212  WacomPen - ok
21:35:37.0817 1212  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
21:35:37.0817 1212  Wanarp - ok
21:35:37.0820 1212  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
21:35:37.0821 1212  Wanarpv6 - ok
21:35:37.0832 1212  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
21:35:37.0843 1212  wbengine - ok
21:35:37.0848 1212  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
21:35:37.0851 1212  WbioSrvc - ok
21:35:37.0855 1212  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
21:35:37.0859 1212  Wcmsvc - ok
21:35:37.0864 1212  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\windows\System32\wcncsvc.dll
21:35:37.0868 1212  wcncsvc - ok
21:35:37.0871 1212  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:35:37.0873 1212  WcsPlugInService - ok
21:35:37.0875 1212  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
21:35:37.0876 1212  Wd - ok
21:35:37.0879 1212  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
21:35:37.0880 1212  WdBoot - ok
21:35:37.0887 1212  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
21:35:37.0892 1212  Wdf01000 - ok
21:35:37.0896 1212  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
21:35:37.0898 1212  WdFilter - ok
21:35:37.0902 1212  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
21:35:37.0904 1212  WdiServiceHost - ok
21:35:37.0906 1212  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
21:35:37.0908 1212  WdiSystemHost - ok
21:35:37.0911 1212  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\windows\System32\webclnt.dll
21:35:37.0914 1212  WebClient - ok
21:35:37.0919 1212  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
21:35:37.0921 1212  Wecsvc - ok
21:35:37.0924 1212  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
21:35:37.0926 1212  wercplsupport - ok
21:35:37.0929 1212  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
21:35:37.0931 1212  WerSvc - ok
21:35:37.0934 1212  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
21:35:37.0935 1212  WFPLWFS - ok
21:35:37.0938 1212  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
21:35:37.0940 1212  WiaRpc - ok
21:35:37.0943 1212  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
21:35:37.0944 1212  WIMMount - ok
21:35:37.0946 1212  WinDefend - ok
21:35:37.0956 1212  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
21:35:37.0961 1212  WinHttpAutoProxySvc - ok
21:35:37.0968 1212  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
21:35:37.0970 1212  Winmgmt - ok
21:35:37.0992 1212  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
21:35:38.0008 1212  WinRM - ok
21:35:38.0013 1212  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
21:35:38.0015 1212  WinUsb - ok
21:35:38.0027 1212  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\windows\System32\wlansvc.dll
21:35:38.0036 1212  WlanSvc - ok
21:35:38.0053 1212  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
21:35:38.0064 1212  wlidsvc - ok
21:35:38.0067 1212  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
21:35:38.0068 1212  WmiAcpi - ok
21:35:38.0073 1212  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
21:35:38.0075 1212  wmiApSrv - ok
21:35:38.0077 1212  WMPNetworkSvc - ok
21:35:38.0082 1212  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
21:35:38.0083 1212  wpcfltr - ok
21:35:38.0086 1212  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
21:35:38.0088 1212  WPCSvc - ok
21:35:38.0090 1212  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
21:35:38.0093 1212  WPDBusEnum - ok
21:35:38.0096 1212  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
21:35:38.0096 1212  WpdUpFltr - ok
21:35:38.0099 1212  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
21:35:38.0100 1212  ws2ifsl - ok
21:35:38.0103 1212  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\windows\System32\wscsvc.dll
21:35:38.0105 1212  wscsvc - ok
21:35:38.0107 1212  WSearch - ok
21:35:38.0126 1212  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\windows\System32\WSService.dll
21:35:38.0139 1212  WSService - ok
21:35:38.0164 1212  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\windows\system32\wuaueng.dll
21:35:38.0182 1212  wuauserv - ok
21:35:38.0186 1212  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
21:35:38.0187 1212  WudfPf - ok
21:35:38.0191 1212  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
21:35:38.0192 1212  WUDFRd - ok
21:35:38.0195 1212  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
21:35:38.0196 1212  WUDFSensorLP - ok
21:35:38.0200 1212  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
21:35:38.0202 1212  wudfsvc - ok
21:35:38.0206 1212  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
21:35:38.0207 1212  WUDFWpdFs - ok
21:35:38.0210 1212  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
21:35:38.0211 1212  WUDFWpdMtp - ok
21:35:38.0217 1212  [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc         C:\windows\System32\wwansvc.dll
21:35:38.0221 1212  WwanSvc - ok
21:35:38.0225 1212  [ 24E57041608ED6A9D7FDAD0D9EC214E2 ] XHCIPort        C:\windows\System32\drivers\XHCIPort.sys
21:35:38.0226 1212  XHCIPort - ok
21:35:38.0251 1212  [ 903FFC88097C1E83E2F1A90093B5A96F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:35:38.0269 1212  ZeroConfigService - ok
21:35:38.0278 1212  ================ Scan global ===============================
21:35:38.0282 1212  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
21:35:38.0286 1212  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
21:35:38.0290 1212  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
21:35:38.0296 1212  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
21:35:38.0300 1212  [Global] - ok
21:35:38.0301 1212  ================ Scan MBR ==================================
21:35:38.0302 1212  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:35:38.0305 1212  \Device\Harddisk0\DR0 - ok
21:35:38.0306 1212  ================ Scan VBR ==================================
21:35:38.0307 1212  [ 5B00F2B09B1F5786FD18760D8CC24914 ] \Device\Harddisk0\DR0\Partition1
21:35:38.0308 1212  \Device\Harddisk0\DR0\Partition1 - ok
21:35:38.0310 1212  [ A106FA5D5EF1683FC238393E9B8E4AA4 ] \Device\Harddisk0\DR0\Partition2
21:35:38.0310 1212  \Device\Harddisk0\DR0\Partition2 - ok
21:35:38.0312 1212  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
21:35:38.0312 1212  \Device\Harddisk0\DR0\Partition3 - ok
21:35:38.0314 1212  [ 44E8BDAF72A16A9A2BFE7472720C5E57 ] \Device\Harddisk0\DR0\Partition4
21:35:38.0315 1212  \Device\Harddisk0\DR0\Partition4 - ok
21:35:38.0317 1212  [ 67792A684330C2F86D4AC96CC2933F24 ] \Device\Harddisk0\DR0\Partition5
21:35:38.0318 1212  \Device\Harddisk0\DR0\Partition5 - ok
21:35:38.0319 1212  [ 4E648FB7AA716273C291CB295C1233F9 ] \Device\Harddisk0\DR0\Partition6
21:35:38.0320 1212  \Device\Harddisk0\DR0\Partition6 - ok
21:35:38.0320 1212  ============================================================
21:35:38.0320 1212  Scan finished
21:35:38.0320 1212  ============================================================
21:35:38.0325 4312  Detected object count: 0
21:35:38.0325 4312  Actual detected object count: 0
21:35:54.0362 1552  Deinitialize success
 



#8 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 31 July 2013 - 01:44 PM

Hello OKjonnerod,

 

Please launch Malwarebyte's Antimalware (already installed on your computer). Make sure to perform a Quick Scan.

 

Make sure to also download updates if the option is given.

 

Once the scan is complete, a log in notepad should appear. Copy and paste the contents of that log in your next reply. If the log does not appear, you can manually access it by clicking the Logs tab.

 

When finished, exit the program.

 

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#9 OKjonnerod

OKjonnerod
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 31 July 2013 - 04:47 PM

Here is the report:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.31.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Øyvind :: MIN-PC [administrator]

31.07.2013 23:43:24
mbam-log-2013-07-31 (23-43-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220421
Time elapsed: 1 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#10 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 01 August 2013 - 07:27 AM

Hello OKjonnerod,

 

Nothing has shown up so far, but that doesn't mean there's nothing there.

 

Just checking in on the status of the computer, are you still experiencing all the original symptoms you mentioned?

 

-------------------------------------------------------------------------------------------------

 

We need to create an OTL Report

  • Please download OTL from one of the following mirrors:

  • Save it to your desktop.

  • Double click on the otlicon.png icon on your desktop.

  • Click the "Scan All Users" checkbox.

  • Push the runscan.png button.

  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened

    • Extra.txt <-- Will be minimized



CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#11 OKjonnerod

OKjonnerod
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 01 August 2013 - 09:34 AM

Hello Cody,

 

I am now able to Connect to the download sites at McAfee (including the Virtual technician). But the other problems are still there (I have not tried to uninstall McAfee tho). It does seem that the computer takes a a while longer to finnish after login to Wiindows.

 

Here are the two OTL reports you requested:

 

OTL.txt:

 

OTL logfile created on: 01.08.2013 16:22:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Øyvind\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
 
7,89 Gb Total Physical Memory | 6,20 Gb Available Physical Memory | 78,55% Memory free
9,20 Gb Paging File | 7,43 Gb Available in Paging File | 80,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,74 Gb Total Space | 160,97 Gb Free Space | 74,61% Space Free | Partition Type: NTFS
 
Computer Name: MIN-PC | User Name: Øyvind | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.08.01 16:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Øyvind\Desktop\OTL.exe
PRC - [2013.07.12 22:34:02 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013.07.10 07:51:10 | 000,448,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
PRC - [2013.07.06 23:42:15 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.05.23 15:17:00 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.05.23 15:16:56 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.05.23 15:16:52 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.05.15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.01.14 05:13:40 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2013.01.14 05:13:34 | 000,085,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2013.01.14 05:13:16 | 002,624,048 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012.11.06 00:18:56 | 000,171,664 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012.09.30 05:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.30 05:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.08.15 13:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.07.18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012.07.18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012.07.18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.07.18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.29 05:33:37 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\05b44a1e63e3783b11917d612cf75d5f\System.Xaml.ni.dll
MOD - [2013.07.29 05:33:36 | 018,545,152 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\f7eb12f973b31390974c3858523fd3cb\PresentationFramework.ni.dll
MOD - [2013.07.29 05:33:27 | 007,566,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a78b71db2984a6ec1cf110e4118603f3\System.Xml.ni.dll
MOD - [2013.07.29 05:33:24 | 016,547,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013.07.13 10:20:34 | 000,220,160 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\803f4ee6893c9a3f08e9fcaa6349967a\System.ServiceProcess.ni.dll
MOD - [2013.07.13 10:20:23 | 000,786,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\b870ab514ef224fd59cd5c72554152cf\System.Runtime.Remoting.ni.dll
MOD - [2013.07.13 10:20:16 | 000,964,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5f9957f3dee5c7bc9f1bef69a923cf9d\System.Configuration.ni.dll
MOD - [2013.07.13 10:20:08 | 010,926,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\df2f0c372aad4d363f071625a9df28e7\PresentationCore.ni.dll
MOD - [2013.07.13 10:20:03 | 003,910,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6531f34b3e528a70be121dee8ee129fa\WindowsBase.ni.dll
MOD - [2013.07.13 10:20:00 | 006,998,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\2753f437d6e45747bcf7077d338fd8a3\System.Core.ni.dll
MOD - [2013.07.13 10:19:57 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\9823be5b56f36a3be7905df81b9c3683\System.ni.dll
MOD - [2013.07.10 07:49:32 | 000,358,056 | ---- | M] () -- C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
MOD - [2013.07.10 07:49:32 | 000,313,000 | ---- | M] () -- C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
MOD - [2013.01.14 05:13:44 | 000,111,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2013.01.14 05:13:32 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2013.01.14 05:13:18 | 000,060,976 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2013.01.14 05:13:04 | 000,103,472 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2013.01.14 05:13:04 | 000,027,184 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.06.09 23:09:24 | 001,900,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.25 11:41:54 | 000,099,184 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.25 23:05:10 | 000,384,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013.02.19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013.02.19 13:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013.02.19 13:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.12.21 02:15:50 | 000,055,720 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe -- (IntelliMemory)
SRV:64bit: - [2012.11.26 16:48:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.09.24 09:03:12 | 003,385,584 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.24 09:02:54 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.24 09:02:42 | 000,621,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.09.24 09:02:16 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.12 21:33:50 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012.08.15 10:08:14 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.04.20 07:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013.05.15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.14 05:13:40 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012.11.08 14:51:36 | 000,277,048 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.11.06 00:18:56 | 000,171,664 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.09.30 05:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.30 05:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.09.13 04:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012.07.18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2010.04.13 20:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.06.01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.06.01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.06.01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.06.01 05:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.04.11 02:13:20 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013.04.11 02:13:20 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013.03.25 18:58:30 | 000,021,840 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETDSMBus.sys -- (ETDSMBus)
DRV:64bit: - [2013.03.25 11:42:00 | 000,358,768 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.19 13:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013.02.19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013.02.19 13:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013.02.19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013.02.19 13:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013.02.19 13:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013.02.19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013.02.19 13:40:52 | 000,069,168 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.12.21 02:15:58 | 000,104,872 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\intmsd.sys -- (intmsd)
DRV:64bit: - [2012.12.21 02:15:58 | 000,029,096 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\intmfs.sys -- (intmfs)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.26 17:38:54 | 010,699,264 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.11.26 16:26:36 | 000,459,776 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.06 17:00:26 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.15 10:51:00 | 000,317,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.10 04:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.10.09 11:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 11:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 11:48:48 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 11:48:48 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.01 07:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.01 07:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.13 09:12:38 | 000,036,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012.09.06 18:25:26 | 000,719,504 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.09.01 11:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.09 20:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.08.06 04:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.27 14:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:28:02 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\acpials.sys -- (acpials)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.03 01:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.18 23:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.04.20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2010.04.13 20:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MOBK.sys -- (MOBKFilter)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{97456B5E-D6F9-4168-A00B-82F8F60A812E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{97456B5E-D6F9-4168-A00B-82F8F60A812E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com/
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\..\SearchScopes,DefaultScope = {97456B5E-D6F9-4168-A00B-82F8F60A812E}
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\program files\mcafee\msc\npmcsnffpl64.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\program files (x86)\mcafee\msc\npmcsnffpl.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.07.27 15:01:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.07.27 14:55:55 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [Spotify Web Helper] C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send til Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send til Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.208.20.110 84.208.20.111
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38017C75-383B-4EE6-9FAC-344D6A8C0693}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B0FCCD9-05D7-46FD-A170-57E7D7EF8A3B}: DhcpNameServer = 84.208.20.110 84.208.20.111
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.08.01 16:20:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Øyvind\Desktop\OTL.exe
[2013.08.01 00:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013.07.30 21:32:03 | 002,240,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Øyvind\Desktop\tdsskiller.exe
[2013.07.29 21:55:23 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\Desktop\Old files
[2013.07.28 22:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.07.28 14:41:41 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013.07.28 14:17:49 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Roaming\Malwarebytes
[2013.07.28 14:17:39 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.07.28 14:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.28 14:17:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.28 14:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.28 14:17:08 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\Programs
[2013.07.27 10:34:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.19 10:19:37 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013.07.17 09:09:04 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2013.07.17 09:09:04 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2013.07.17 09:09:03 | 006,987,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.07.17 09:09:03 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2013.07.17 09:09:03 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2013.07.17 09:09:03 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2013.07.17 09:09:02 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll
[2013.07.17 09:09:02 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll
[2013.07.17 09:09:02 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2013.07.17 09:09:01 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2013.07.17 09:09:01 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2013.07.17 09:09:01 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2013.07.17 09:09:01 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013.07.17 09:09:00 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2013.07.17 09:08:59 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfasfsrcsnk.dll
[2013.07.17 09:08:59 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013.07.17 09:08:56 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\UCX01000.SYS
[2013.07.17 09:08:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samlib.dll
[2013.07.17 09:08:55 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfasfsrcsnk.dll
[2013.07.17 09:08:55 | 000,337,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS
[2013.07.17 09:08:55 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceSetupManager.dll
[2013.07.17 09:08:55 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MbaeParserTask.exe
[2013.07.17 09:08:54 | 000,194,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013.07.17 09:08:54 | 000,125,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2013.07.17 09:08:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2013.07.17 09:08:53 | 000,117,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthA2DP.sys
[2013.07.13 17:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.07.13 17:53:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.07.13 17:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.07.13 00:37:04 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.07.13 00:37:04 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.11 08:25:18 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.07.11 08:25:17 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2013.07.11 08:25:17 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2013.07.11 08:25:14 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013.07.11 08:25:14 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013.07.11 08:25:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.07.11 08:25:04 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.07.11 08:25:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.07.11 08:25:03 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.07.11 08:25:03 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.07.10 16:49:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.07.10 16:43:48 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\CrashDumps
[2013.07.10 16:37:08 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\Documents\SelfMV
[2013.07.10 15:51:48 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\ElevatedDiagnostics
[2013.07.09 12:29:37 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquota.dll
[2013.07.09 12:29:33 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquota.dll
[2013.07.08 15:29:18 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2013.07.07 11:55:57 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\Documents\SimCity
[2013.07.07 11:55:31 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013.07.07 11:55:30 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2013.07.07 11:55:29 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013.07.07 11:55:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2013.07.07 11:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013.07.07 11:52:46 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Roaming\Origin
[2013.07.07 11:52:40 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\Origin
[2013.07.07 11:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.07.07 11:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.07.07 11:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.07.03 21:49:20 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2013.06.26 23:51:09 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.08.01 16:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Øyvind\Desktop\OTL.exe
[2013.08.01 16:15:38 | 000,001,002 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.01 16:10:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.07.31 23:39:01 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.30 21:32:04 | 002,240,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Øyvind\Desktop\tdsskiller.exe
[2013.07.28 21:29:22 | 001,362,464 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.07.28 21:29:22 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.07.28 21:29:22 | 000,449,912 | ---- | M] () -- C:\windows\SysNative\perfh014.dat
[2013.07.28 21:29:22 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.07.28 21:29:22 | 000,077,052 | ---- | M] () -- C:\windows\SysNative\perfc014.dat
[2013.07.28 21:25:11 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.07.28 21:25:10 | 2480,422,911 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.28 17:49:56 | 000,032,768 | ---- | M] () -- C:\cache.dat
[2013.07.28 17:49:55 | 000,004,096 | ---- | M] () -- C:\conf.dat
[2013.07.28 17:49:55 | 000,000,000 | ---- | M] () -- C:\manifest.dat
[2013.07.28 14:17:39 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.18 09:23:13 | 003,433,984 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.07.10 16:51:22 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.07.07 11:55:31 | 000,001,290 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.28 17:49:56 | 000,032,768 | ---- | C] () -- C:\cache.dat
[2013.07.28 17:49:55 | 000,004,096 | ---- | C] () -- C:\conf.dat
[2013.07.28 17:49:55 | 000,000,000 | ---- | C] () -- C:\manifest.dat
[2013.07.28 14:17:39 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.18 09:23:10 | 003,433,984 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.07.17 09:08:53 | 000,386,642 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013.07.10 16:51:22 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.07.07 11:55:31 | 000,001,290 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013.06.26 23:51:09 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013.06.26 20:19:20 | 000,001,492 | ---- | C] () -- C:\Users\Øyvind\AppData\Roaming\AbsoluteReminder.xml
[2013.05.22 20:43:52 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013.01.23 23:48:31 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013.01.23 23:48:30 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2013.01.23 23:45:31 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2013.01.23 23:25:56 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012.12.05 06:23:47 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012.12.05 06:23:47 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012.12.05 06:23:46 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2012.11.09 10:24:56 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.11.09 10:24:54 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012.11.09 10:24:54 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.05.02 06:58:10 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012.04.20 06:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013.01.23 23:50:21 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

EXTRAS.txt

 

OTL logfile created on: 01.08.2013 16:22:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Øyvind\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
 
7,89 Gb Total Physical Memory | 6,20 Gb Available Physical Memory | 78,55% Memory free
9,20 Gb Paging File | 7,43 Gb Available in Paging File | 80,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,74 Gb Total Space | 160,97 Gb Free Space | 74,61% Space Free | Partition Type: NTFS
 
Computer Name: MIN-PC | User Name: Øyvind | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.08.01 16:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Øyvind\Desktop\OTL.exe
PRC - [2013.07.12 22:34:02 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013.07.10 07:51:10 | 000,448,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
PRC - [2013.07.06 23:42:15 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.05.23 15:17:00 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.05.23 15:16:56 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.05.23 15:16:52 | 001,561,968 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.05.15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.01.14 05:13:40 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2013.01.14 05:13:34 | 000,085,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2013.01.14 05:13:16 | 002,624,048 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012.11.06 00:18:56 | 000,171,664 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012.09.30 05:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.30 05:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.08.15 13:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.07.18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012.07.18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012.07.18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.07.18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.29 05:33:37 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\05b44a1e63e3783b11917d612cf75d5f\System.Xaml.ni.dll
MOD - [2013.07.29 05:33:36 | 018,545,152 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\f7eb12f973b31390974c3858523fd3cb\PresentationFramework.ni.dll
MOD - [2013.07.29 05:33:27 | 007,566,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a78b71db2984a6ec1cf110e4118603f3\System.Xml.ni.dll
MOD - [2013.07.29 05:33:24 | 016,547,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013.07.13 10:20:34 | 000,220,160 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\803f4ee6893c9a3f08e9fcaa6349967a\System.ServiceProcess.ni.dll
MOD - [2013.07.13 10:20:23 | 000,786,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\b870ab514ef224fd59cd5c72554152cf\System.Runtime.Remoting.ni.dll
MOD - [2013.07.13 10:20:16 | 000,964,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5f9957f3dee5c7bc9f1bef69a923cf9d\System.Configuration.ni.dll
MOD - [2013.07.13 10:20:08 | 010,926,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\df2f0c372aad4d363f071625a9df28e7\PresentationCore.ni.dll
MOD - [2013.07.13 10:20:03 | 003,910,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6531f34b3e528a70be121dee8ee129fa\WindowsBase.ni.dll
MOD - [2013.07.13 10:20:00 | 006,998,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\2753f437d6e45747bcf7077d338fd8a3\System.Core.ni.dll
MOD - [2013.07.13 10:19:57 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\9823be5b56f36a3be7905df81b9c3683\System.ni.dll
MOD - [2013.07.10 07:49:32 | 000,358,056 | ---- | M] () -- C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
MOD - [2013.07.10 07:49:32 | 000,313,000 | ---- | M] () -- C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
MOD - [2013.01.14 05:13:44 | 000,111,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2013.01.14 05:13:32 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2013.01.14 05:13:18 | 000,060,976 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2013.01.14 05:13:04 | 000,103,472 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2013.01.14 05:13:04 | 000,027,184 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.06.09 23:09:24 | 001,900,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.25 11:41:54 | 000,099,184 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.25 23:05:10 | 000,384,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013.02.19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013.02.19 13:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013.02.19 13:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.12.21 02:15:50 | 000,055,720 | ---- | M] (Condusiv Technologies) [Auto | Running] -- C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe -- (IntelliMemory)
SRV:64bit: - [2012.11.26 16:48:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.09.24 09:03:12 | 003,385,584 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.24 09:02:54 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.24 09:02:42 | 000,621,296 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.09.24 09:02:16 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.12 21:33:50 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012.08.31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012.08.15 10:08:14 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.04.20 07:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013.05.15 14:23:06 | 002,956,336 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe -- (SWUpdateService)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.14 05:13:40 | 001,594,416 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012.11.08 14:51:36 | 000,277,048 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.11.06 00:18:56 | 000,171,664 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.09.30 05:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.30 05:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.09.13 04:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012.07.18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2010.04.13 20:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.06.01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.06.01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.06.01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.06.01 05:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.04.11 02:13:20 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013.04.11 02:13:20 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013.03.25 18:58:30 | 000,021,840 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETDSMBus.sys -- (ETDSMBus)
DRV:64bit: - [2013.03.25 11:42:00 | 000,358,768 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.19 13:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013.02.19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013.02.19 13:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013.02.19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013.02.19 13:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013.02.19 13:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013.02.19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013.02.19 13:40:52 | 000,069,168 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.12.21 02:15:58 | 000,104,872 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\intmsd.sys -- (intmsd)
DRV:64bit: - [2012.12.21 02:15:58 | 000,029,096 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\intmfs.sys -- (intmfs)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.26 17:38:54 | 010,699,264 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.11.26 16:26:36 | 000,459,776 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.06 17:00:26 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.15 10:51:00 | 000,317,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.10 04:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.10.09 11:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 11:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 11:48:48 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 11:48:48 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.01 07:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.01 07:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.13 09:12:38 | 000,036,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012.09.06 18:25:26 | 000,719,504 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.09.01 11:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.09 20:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.08.06 04:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.27 14:00:03 | 000,023,408 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:28:02 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\acpials.sys -- (acpials)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.03 01:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.18 23:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.04.20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2010.04.13 20:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MOBK.sys -- (MOBKFilter)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{97456B5E-D6F9-4168-A00B-82F8F60A812E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{97456B5E-D6F9-4168-A00B-82F8F60A812E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com/
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\..\SearchScopes,DefaultScope = {97456B5E-D6F9-4168-A00B-82F8F60A812E}
IE - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\program files\mcafee\msc\npmcsnffpl64.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\program files (x86)\mcafee\msc\npmcsnffpl.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.07.27 15:01:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.07.27 14:55:55 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_SRSSA] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1151843795-1881513283-2569723818-1001..\Run: [Spotify Web Helper] C:\Users\Øyvind\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send til Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send til Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.208.20.110 84.208.20.111
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38017C75-383B-4EE6-9FAC-344D6A8C0693}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B0FCCD9-05D7-46FD-A170-57E7D7EF8A3B}: DhcpNameServer = 84.208.20.110 84.208.20.111
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.08.01 16:20:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Øyvind\Desktop\OTL.exe
[2013.08.01 00:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013.07.30 21:32:03 | 002,240,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Øyvind\Desktop\tdsskiller.exe
[2013.07.29 21:55:23 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\Desktop\Old files
[2013.07.28 22:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.07.28 14:41:41 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013.07.28 14:17:49 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Roaming\Malwarebytes
[2013.07.28 14:17:39 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.07.28 14:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.28 14:17:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.28 14:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.28 14:17:08 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\Programs
[2013.07.27 10:34:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.19 10:19:37 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013.07.17 09:09:04 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2013.07.17 09:09:04 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2013.07.17 09:09:03 | 006,987,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.07.17 09:09:03 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2013.07.17 09:09:03 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2013.07.17 09:09:03 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2013.07.17 09:09:02 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll
[2013.07.17 09:09:02 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll
[2013.07.17 09:09:02 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2013.07.17 09:09:01 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2013.07.17 09:09:01 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2013.07.17 09:09:01 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2013.07.17 09:09:01 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013.07.17 09:09:00 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscms.dll
[2013.07.17 09:08:59 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfasfsrcsnk.dll
[2013.07.17 09:08:59 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013.07.17 09:08:56 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\UCX01000.SYS
[2013.07.17 09:08:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samlib.dll
[2013.07.17 09:08:55 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfasfsrcsnk.dll
[2013.07.17 09:08:55 | 000,337,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS
[2013.07.17 09:08:55 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceSetupManager.dll
[2013.07.17 09:08:55 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MbaeParserTask.exe
[2013.07.17 09:08:54 | 000,194,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013.07.17 09:08:54 | 000,125,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2013.07.17 09:08:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2013.07.17 09:08:53 | 000,117,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthA2DP.sys
[2013.07.13 17:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.07.13 17:53:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.07.13 17:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.07.13 00:37:04 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.07.13 00:37:04 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.11 08:25:18 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.07.11 08:25:17 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2013.07.11 08:25:17 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2013.07.11 08:25:14 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013.07.11 08:25:14 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013.07.11 08:25:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.07.11 08:25:04 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.07.11 08:25:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.07.11 08:25:03 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.07.11 08:25:03 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.07.10 16:49:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.07.10 16:43:48 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\CrashDumps
[2013.07.10 16:37:08 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\Documents\SelfMV
[2013.07.10 15:51:48 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\ElevatedDiagnostics
[2013.07.09 12:29:37 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquota.dll
[2013.07.09 12:29:33 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquota.dll
[2013.07.08 15:29:18 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2013.07.07 11:55:57 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\Documents\SimCity
[2013.07.07 11:55:31 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013.07.07 11:55:30 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2013.07.07 11:55:29 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013.07.07 11:55:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2013.07.07 11:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013.07.07 11:52:46 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Roaming\Origin
[2013.07.07 11:52:40 | 000,000,000 | ---D | C] -- C:\Users\Øyvind\AppData\Local\Origin
[2013.07.07 11:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.07.07 11:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.07.07 11:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.07.03 21:49:20 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2013.06.26 23:51:09 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.08.01 16:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Øyvind\Desktop\OTL.exe
[2013.08.01 16:15:38 | 000,001,002 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.01 16:10:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.07.31 23:39:01 | 000,001,006 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.30 21:32:04 | 002,240,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Øyvind\Desktop\tdsskiller.exe
[2013.07.28 21:29:22 | 001,362,464 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.07.28 21:29:22 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.07.28 21:29:22 | 000,449,912 | ---- | M] () -- C:\windows\SysNative\perfh014.dat
[2013.07.28 21:29:22 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.07.28 21:29:22 | 000,077,052 | ---- | M] () -- C:\windows\SysNative\perfc014.dat
[2013.07.28 21:25:11 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.07.28 21:25:10 | 2480,422,911 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.28 17:49:56 | 000,032,768 | ---- | M] () -- C:\cache.dat
[2013.07.28 17:49:55 | 000,004,096 | ---- | M] () -- C:\conf.dat
[2013.07.28 17:49:55 | 000,000,000 | ---- | M] () -- C:\manifest.dat
[2013.07.28 14:17:39 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.18 09:23:13 | 003,433,984 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.07.10 16:51:22 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.07.07 11:55:31 | 000,001,290 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.28 17:49:56 | 000,032,768 | ---- | C] () -- C:\cache.dat
[2013.07.28 17:49:55 | 000,004,096 | ---- | C] () -- C:\conf.dat
[2013.07.28 17:49:55 | 000,000,000 | ---- | C] () -- C:\manifest.dat
[2013.07.28 14:17:39 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.18 09:23:10 | 003,433,984 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.07.17 09:08:53 | 000,386,642 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013.07.10 16:51:22 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.07.07 11:55:31 | 000,001,290 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013.06.26 23:51:09 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013.06.26 20:19:20 | 000,001,492 | ---- | C] () -- C:\Users\Øyvind\AppData\Roaming\AbsoluteReminder.xml
[2013.05.22 20:43:52 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2013.01.23 23:48:31 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013.01.23 23:48:30 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2013.01.23 23:45:31 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2013.01.23 23:25:56 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012.12.05 06:23:47 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012.12.05 06:23:47 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012.12.05 06:23:46 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2012.11.09 10:24:56 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.11.09 10:24:54 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012.11.09 10:24:54 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.05.02 06:58:10 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012.04.20 06:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013.01.23 23:50:21 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >



#12 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 02 August 2013 - 12:43 PM

Hello OKjonnerod,

 

I'm still reviewing your log, I should be able to post the final results and your next steps later today.

 

For now though, can I please have a full update on the status of your computer?

 

What symptoms are you experiencing?

 

Which out of the original symptoms you gave me are still an issue?

 

Can you connect to all websites you want? Is your computer still slow? etc.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#13 OKjonnerod

OKjonnerod
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 02 August 2013 - 01:33 PM

Hello Cody,

 

I was able to run the update and that fixed the real time protection issue (it is now turned on) I ran a quick scan and that worked too. I also managed to Connect to the McAfee sites and download/run the Virtual technician. It found and fixed a registry issue in the AV protection and reported missing files in the anti spam function and the site advisor. I guess I will have to run a full uninstall/install later to fix this. I have not tried to uninstal the program now.

 

The startup sequence after login takes longer now than before the innitial issues started. And i just noticed that the McAfee icon was missing in the bottom right corner (don't know what that is called in English) after restart and had to go to the App screen in Win8 to start it.

 

Also, I had trouble connecting to my WiFi just now. I had to run the "troubleshoot" to make it work.

 

Regards

 

Øyvind


Edited by OKjonnerod, 02 August 2013 - 01:34 PM.


#14 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:10 AM

Posted 03 August 2013 - 12:29 PM

Hello OKjonnerod,
 

I was able to run the update and that fixed the real time protection issue (it is now turned on) I ran a quick scan and that worked too. I also managed to Connect to the McAfee sites and download/run the Virtual technician. It found and fixed a registry issue in the AV protection and reported missing files in the anti spam function and the site advisor.

Do not forget this part of my initial post:
 

-Do NOT run any tools unless instructed to do so.

Though it sounds like it may have fixed some issues for you, there is a procedure to malware removal and running scans that I don't instruct can impede our progress in multiple ways.

Please do not run any other antivirus/antimalware/antispyware/etc. scans without my go-ahead or until after we are finished and I post my "all-clean" message to you.

 

------------------------------------------------------------------------------------------

 

I suspect some of your issues may be related to McAfee, as I do not see any signs of malware on your system based on that last log. Note that this is not my "all-clean" message though, just what I'm seeing based off the previous log.

 

Are you aware the Windows 8 comes with an adequate antivirus program pre-installed? Windows Defender in Windows 8 is unlike the Windows Defender in previous versions of Windows.

 

Windows Defender in Windows 8 is essentially Microsoft Security Essentials which is what I suggest to most users and is what I use on all my personal computers, so I highly recommend it.

 

Please temporarily uninstall McAfee using the McAfee Removal Tool.

 

Once you've done that, Enable Windows Defender.

 

Reboot the system and update me on its condition.

 

Also note, that since McAfee is a paid antivirus, I'm not asking you to remove the program from your system permanently and then you be out the money you have spent. I just wanted to make you aware of a free, built-in alternative and troubleshoot your current issues. :)

 

If you choose to download and install McAfee again, you can do so from here.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#15 OKjonnerod

OKjonnerod
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 03 August 2013 - 01:27 PM

Hello,

 

Really sorry about that, but it occured to me a little late.

 

I have uninstalled McAfee and enabled Windows defender and the Windows Firewall.

 

The startup was much faster now. Loading pages is also much quicker.

 

My Version of McAfee is supplied to me through my Bank Connection, so its free of charge. No Money spent on that program.

 

Regards,

 

Ø K






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users