Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes feezes.


  • Please log in to reply
9 replies to this topic

#1 JonnyRocket

JonnyRocket

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 16 October 2013 - 08:11 PM

Hello.

My malwarebytes program keeps freezing halfway through, also my HD sometimes is saying its completely full when its really not.  Here are my DDS logs and the other file is attached.  I am looking forward to receiving help whenever you guys get around too it!  Thanks and much appreciated! 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16447  BrowserJavaVersion: 1.6.0_14
Run by Andrew at 20:56:23 on 2013-10-16
#Option Extended Search is enabled.
#Option Whitelisting is disabled.
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3032.1021 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\grasssoft\mouse recorder\MacroService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\program files (x86)\grasssoft\mouse recorder\MacroServiceWnd.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\DellTPad\HidFind.exe
C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\mIRC\mirc.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com?type=586383&fr=spigot-yhp-ie
uLocal Page = C:\Windows\System32\blank.htm
uSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uDefault_Page_URL = hxxp://g.msn.com/USCON/1
mStart Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uProxyOverride = <local>
uURLSearchHooks: Microsoft Url Search Hook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll
mWinlogon: Shell = explorer.exe
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
uRun: [Google Update] "C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
uRun: [Singlesnet] C:\Program Files (x86)\Singlesnet\Singlesnet\Singlesnet.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler
uRun: [Akamai NetSession Interface] "C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe"
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellComms] "C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe" /P DellComms
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\Andrew\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\Andrew\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: disableregistrytools = dword:0
uPolicies-Windows\System: disablecmd = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: ForceActiveDesktopOn = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:1
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableSecureUIAPaths = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ValidateAdminCodeSignatures = dword:0
mPolicies-System: dontdisplaylastusername = dword:0
mPolicies-System: scforceoption = dword:0
mPolicies-System: shutdownwithoutlogon = dword:1
mPolicies-System: undockwithoutlogon = dword:1
mPolicies-System: FilterAdministratorToken = dword:0
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{336ED27F-4716-405B-8179-28984BFF935A} : DHCPNameServer = 172.168.1.161
TCP: Interfaces\{5C7445B1-86C9-4B23-8A4B-373BADD9B8AE} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5C7445B1-86C9-4B23-8A4B-373BADD9B8AE}\243433D284F6473707F647 : DHCPNameServer = 4.2.2.5
TCP: Interfaces\{5C7445B1-86C9-4B23-8A4B-373BADD9B8AE}\348677164756B6 : DHCPNameServer = 24.154.1.68 24.154.1.38 192.168.1.1
TCP: Interfaces\{5C7445B1-86C9-4B23-8A4B-373BADD9B8AE}\35861646F677 : DHCPNameServer = 24.154.1.37 24.154.1.38
TCP: Interfaces\{5C7445B1-86C9-4B23-8A4B-373BADD9B8AE}\4425F4944402E302960586F6E656 : DHCPNameServer = 198.224.145.135 198.224.144.135
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SysWOW64\MSVidCtl.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SysWOW64\MSVidCtl.dll
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
SSODL: WebCheck - <orphaned>
SecurityProviders: SecurityProviders = credssp.dll
LSA: Authentication Packages =  msv1_0
LSA: Notification Packages =  scecli
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 winsrv:ConServerDllInitialization,2 sxssrv,4
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
x64-mStart Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
x64-mLocal Page = C:\Windows\System32\blank.htm
x64-mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
x64-mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mWinlogon: Shell = explorer.exe
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
x64-Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
x64-Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - 
x64-Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
x64-Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll
x64-Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - <orphaned>
x64-Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
x64-Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll
x64-Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - <orphaned>
x64-Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - <orphaned>
x64-Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - <orphaned>
x64-Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll
x64-Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
x64-Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - <orphaned>
x64-Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\unregmp2.exe /ShowWMP
x64-mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
x64-mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\System32\themeui.dll
x64-mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
x64-mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
x64-mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\shell32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\1n92tpmy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com?type=586383&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=586383&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-06-30 14:00; gencrawler@some.com; C:\Users\Andrew\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
FF - ExtSQL: 2012-12-23 10:44; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - ExtSQL: 2013-07-11 04:22; {972ce4c6-7e08-4474-a285-3208198ce6fd}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - ExtSQL: 2013-07-11 04:28; {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}; C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\1n92tpmy.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
.
============= SERVICES / DRIVERS ===============
.
R0 ACPI;Microsoft ACPI Driver;C:\Windows\System32\drivers\acpi.sys [2009-7-13 334416]
R0 amdxata;amdxata;C:\Windows\System32\drivers\amdxata.sys [2012-5-9 27008]
R0 CLFS;Common Log (CLFS);C:\Windows\System32\clfs.sys [2009-7-13 367696]
R0 CNG;CNG;C:\Windows\System32\drivers\cng.sys [2012-8-1 459216]
R0 Compbatt;Microsoft Composite Battery Driver;C:\Windows\System32\drivers\compbatt.sys [2009-7-13 21584]
R0 Disk;Disk Driver;C:\Windows\System32\drivers\disk.sys [2009-7-13 73280]
R0 FileInfo;File Information FS MiniFilter;C:\Windows\System32\drivers\fileinfo.sys [2009-7-13 70224]
R0 FltMgr;FltMgr;C:\Windows\System32\drivers\fltMgr.sys [2009-7-13 290368]
R0 fvevol;Bitlocker Drive Encryption Filter Driver;C:\Windows\System32\drivers\fvevol.sys [2012-5-7 223448]
R0 hwpolicy;Hardware Policy Driver;C:\Windows\System32\drivers\hwpolicy.sys [2009-7-13 14416]
R0 iaStor;Intel AHCI Controller;C:\Windows\System32\drivers\iaStor.sys [2009-9-16 408600]
R0 KSecDD;KSecDD;C:\Windows\System32\drivers\ksecdd.sys [2012-8-1 95088]
R0 KSecPkg;KSecPkg;C:\Windows\System32\drivers\ksecpkg.sys [2012-8-1 152432]
R0 mountmgr;Mount Point Manager;C:\Windows\System32\drivers\mountmgr.sys [2009-7-13 94784]
R0 msisadrv;msisadrv;C:\Windows\System32\drivers\msisadrv.sys [2009-7-13 15424]
R0 Mup;Mup;C:\Windows\System32\drivers\mup.sys [2009-7-13 60496]
R0 NDIS;NDIS System Driver;C:\Windows\System32\drivers\ndis.sys [2009-7-13 947776]
R0 partmgr;Partition Manager;C:\Windows\System32\drivers\partmgr.sys [2012-5-9 75632]
R0 pci;PCI Bus Driver;C:\Windows\System32\drivers\pci.sys [2009-7-13 183872]
R0 pcw;Performance Counters for Windows Driver;C:\Windows\System32\drivers\pcw.sys [2009-7-13 50768]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-9-16 55280]
R0 rdyboost;ReadyBoost;C:\Windows\System32\drivers\rdyboost.sys [2009-7-13 214096]
R0 spldr;Security Processor Loader Driver;C:\Windows\System32\drivers\spldr.sys [2009-7-13 19008]
R0 Tcpip;TCP/IP Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2012-5-9 1895280]
R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;C:\Windows\System32\drivers\vdrvroot.sys [2009-7-13 36432]
R0 volmgr;Volume Manager Driver;C:\Windows\System32\drivers\volmgr.sys [2009-7-13 71760]
R0 volmgrx;Dynamic Volume Manager;C:\Windows\System32\drivers\volmgrx.sys [2009-7-13 363584]
R0 volsnap;Storage volumes;C:\Windows\System32\drivers\volsnap.sys [2009-7-13 294992]
R0 Wdf01000;Kernel Mode Driver Frameworks service;C:\Windows\System32\drivers\Wdf01000.sys [2009-7-13 654928]
R1 AFD;Ancillary Function Driver for Winsock;C:\Windows\System32\drivers\afd.sys [2012-5-7 499200]
R1 Beep;Beep;C:\Windows\System32\drivers\beep.sys [2009-7-13 6656]
R1 blbdrive;blbdrive;C:\Windows\System32\drivers\blbdrive.sys [2009-7-13 45056]
R1 cdrom;CD-ROM Driver;C:\Windows\System32\drivers\cdrom.sys [2009-7-13 147456]
R1 DfsC;DFS Namespace Client Driver;C:\Windows\System32\drivers\dfsc.sys [2012-5-7 102400]
R1 discache;System Attribute Cache;C:\Windows\System32\drivers\discache.sys [2009-7-13 40448]
R1 Msfs;Msfs;C:\Windows\System32\drivers\msfs.sys [2009-7-13 26112]
R1 mssmbios;Microsoft System Management BIOS Driver;C:\Windows\System32\drivers\mssmbios.sys [2009-7-13 32320]
R1 NetBIOS;NetBIOS Interface;C:\Windows\System32\drivers\netbios.sys [2009-7-13 44544]
R1 NetBT;NetBT;C:\Windows\System32\drivers\netbt.sys [2009-7-13 259072]
R1 Npfs;Npfs;C:\Windows\System32\drivers\npfs.sys [2009-7-13 44032]
R1 nsiproxy;NSI proxy service driver.;C:\Windows\System32\drivers\nsiproxy.sys [2009-7-13 24576]
R1 Null;Null;C:\Windows\System32\drivers\null.sys [2009-7-13 6144]
R1 Psched;QoS Packet Scheduler;C:\Windows\System32\drivers\pacer.sys [2009-7-13 131584]
R1 rdbss;Redirected Buffering Sub Sysytem;C:\Windows\System32\drivers\rdbss.sys [2009-7-13 309248]
R1 RDPCDD;RDPCDD;C:\Windows\System32\drivers\RDPCDD.sys [2009-7-13 7680]
R1 RDPENCDD;RDP Encoder Mirror Driver;C:\Windows\System32\drivers\RDPENCDD.sys [2009-7-13 7680]
R1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;C:\Windows\System32\drivers\RDPREFMP.sys [2009-7-13 8192]
R1 tdx;NetIO Legacy TDI Support Driver;C:\Windows\System32\drivers\tdx.sys [2009-7-13 99840]
R1 TermDD;Terminal Device Driver;C:\Windows\System32\drivers\termdd.sys [2009-7-13 62544]
R1 VgaSave;VgaSave;C:\Windows\System32\drivers\vga.sys [2009-7-13 29184]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;C:\Windows\System32\drivers\wanarp.sys [2009-7-13 88576]
R1 WfpLwf;WFP Lightweight Filter;C:\Windows\System32\drivers\wfplwf.sys [2009-7-13 12800]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 AudioSrv;Windows Audio;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 BFE;Base Filtering Engine;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 CryptSvc;Cryptographic Services;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 DcomLaunch;DCOM Server Process Launcher;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 Dhcp;DHCP Client;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 Dnscache;DNS Client;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 DPS;Diagnostic Policy Service;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
R2 eventlog;Windows Event Log;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 EventSystem;COM+ Event System;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R2 gpsvc;Group Policy Client;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 IAANTMON;Intel® Matrix Storage Event Monitor;C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe [2009-9-16 354840]
R2 IKEEXT;IKE and AuthIP IPsec Keying Modules;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 LanmanServer;Server;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 LanmanWorkstation;Workstation;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\Windows\System32\drivers\lltdio.sys [2009-7-13 60928]
R2 lmhosts;TCP/IP NetBIOS Helper;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
R2 luafv;UAC File Virtualization;C:\Windows\System32\drivers\luafv.sys [2009-7-13 113152]
R2 Macro Expert;Macro Expert;C:\Program Files (x86)\GrassSoft\Mouse Recorder\MacroService.exe [2013-7-5 373248]
R2 MMCSS;Multimedia Class Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 NlaSvc;Network Location Awareness;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
R2 nsi;Network Store Interface Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R2 PcaSvc;Program Compatibility Assistant Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 PEAUTH;PEAUTH;C:\Windows\System32\drivers\PEAuth.sys [2009-7-13 651264]
R2 PlugPlay;Plug and Play;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 Power;Power;C:\Windows\System32\svchost.exe -k DcomLaunch [2009-7-13 27136]
R2 ProfSvc;User Profile Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 RpcEptMapper;RPC Endpoint Mapper;C:\Windows\System32\svchost.exe -k RPCSS [2009-7-13 27136]
R2 RpcSs;Remote Procedure Call (RPC);C:\Windows\System32\svchost.exe -k rpcss [2009-7-13 27136]
R2 rspndr;Link-Layer Topology Discovery Responder;C:\Windows\System32\drivers\rspndr.sys [2009-7-13 76800]
R2 SamSs;Security Accounts Manager;C:\Windows\System32\lsass.exe [2012-5-7 31232]
R2 Schedule;Task Scheduler;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 SeaPort;SeaPort;C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-1-14 226656]
R2 secdrv;Security Driver;C:\Windows\System32\drivers\secdrv.sys [2009-7-13 23040]
R2 SENS;System Event Notification Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-9-16 648432]
R2 ShellHWDetection;Shell Hardware Detection;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 Spooler;Print Spooler;C:\Windows\System32\spoolsv.exe [2012-5-7 558592]
R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-5-5 206064]
R2 sprtsvc_DellSupportCenter;SupportSoft Sprocket Service (DellSupportCenter);C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe [2009-5-21 206064]
R2 STacSV;Audio Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe [2009-9-16 240128]
R2 SysMain;Superfetch;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\System32\drivers\tcpipreg.sys [2009-7-13 44544]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-6 2666880]
R2 Themes;Themes;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 TrkWks;Distributed Link Tracking Client;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 UxSms;Desktop Window Manager Session Manager;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 Winmgmt;Windows Management Instrumentation;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R2 Wlansvc;WLAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R2 wltrysvc;Dell Wireless WLAN Tray Service;C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-9-16 33280]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service;C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-7-13 1525248]
R2 WSearch;Windows Search;C:\Windows\System32\SearchIndexer.exe [2012-5-7 593408]
R2 wudfsvc;Windows Driver Foundation - User-mode Driver Framework;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 AeLookupSvc;Application Experience;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows XP/Vista x64;C:\Windows\System32\drivers\Apfiltr.sys [2009-9-16 225328]
R3 BCM42RLY;BCM42RLY;C:\Windows\System32\drivers\bcm42rly.sys [2009-9-16 22520]
R3 BCM43XX;Dell Wireless WLAN Card Driver;C:\Windows\System32\drivers\BCMWL664.SYS [2009-9-16 2769400]
R3 bowser;Browser Support Driver;C:\Windows\System32\drivers\bowser.sys [2012-5-7 90624]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver;C:\Windows\System32\drivers\CmBatt.sys [2009-7-13 17664]
R3 CompositeBus;Composite Bus Enumerator Driver;C:\Windows\System32\drivers\CompositeBus.sys [2009-7-13 38912]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2009-9-16 172704]
R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\System32\drivers\dxgkrnl.sys [2012-5-7 982912]
R3 EapHost;Extensible Authentication Protocol;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
R3 fastfat;FAT12/16/32 File System Driver;C:\Windows\System32\drivers\fastfat.sys [2009-7-13 204800]
R3 fdPHost;Function Discovery Provider Host;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio;C:\Windows\System32\drivers\hdaudbus.sys [2009-7-13 122368]
R3 HidUsb;Microsoft HID Class Driver;C:\Windows\System32\drivers\hidusb.sys [2009-7-13 30208]
R3 HTTP;HTTP;C:\Windows\System32\drivers\http.sys [2009-7-13 751616]
R3 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;C:\Windows\System32\drivers\i8042prt.sys [2009-7-13 105472]
R3 igfx;igfx;C:\Windows\System32\drivers\igdkmd64.sys [2009-9-16 7333472]
R3 intelppm;Intel Processor Driver;C:\Windows\System32\drivers\intelppm.sys [2009-7-13 62464]
R3 kbdclass;Keyboard Class Driver;C:\Windows\System32\drivers\kbdclass.sys [2009-7-13 50768]
R3 KeyIso;CNG Key Isolation;C:\Windows\System32\lsass.exe [2012-5-7 31232]
R3 ksthunk;Kernel Streaming Thunks;C:\Windows\System32\drivers\ksthunk.sys [2009-7-13 20992]
R3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM);C:\Windows\System32\drivers\lmvac.sys [2013-4-18 29424]
R3 monitor;Microsoft Monitor Class Function Driver Service;C:\Windows\System32\drivers\monitor.sys [2009-7-13 30208]
R3 mouclass;Mouse Class Driver;C:\Windows\System32\drivers\mouclass.sys [2009-7-13 49216]
R3 mouhid;Mouse HID Driver;C:\Windows\System32\drivers\mouhid.sys [2009-7-13 31232]
R3 mrxsmb;SMB MiniRedirector Wrapper and Engine;C:\Windows\System32\drivers\mrxsmb.sys [2012-5-7 157696]
R3 mrxsmb10;SMB 1.x MiniRedirector;C:\Windows\System32\drivers\mrxsmb10.sys [2012-5-7 287744]
R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\Windows\System32\drivers\mrxsmb20.sys [2012-5-7 126464]
R3 NativeWifiP;NativeWiFi Filter;C:\Windows\System32\drivers\nwifi.sys [2009-7-13 318976]
R3 NdisTapi;Remote Access NDIS TAPI Driver;C:\Windows\System32\drivers\ndistapi.sys [2009-7-13 24064]
R3 Ndisuio;NDIS Usermode I/O Protocol;C:\Windows\System32\drivers\ndisuio.sys [2009-7-13 56320]
R3 NdisWan;Remote Access NDIS WAN Driver;C:\Windows\System32\drivers\ndiswan.sys [2009-7-13 164352]
R3 NDProxy;NDIS Proxy;C:\Windows\System32\drivers\ndproxy.sys [2009-7-13 57856]
R3 Netman;Network Connections;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
R3 netprofm;Network List Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 Ntfs;Ntfs;C:\Windows\System32\drivers\ntfs.sys [2012-5-9 1657216]
R3 PolicyAgent;IPsec Policy Agent;C:\Windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [2009-7-13 27136]
R3 PptpMiniport;WAN Miniport (PPTP);C:\Windows\System32\drivers\raspptp.sys [2009-7-13 111616]
R3 RasAgileVpn;WAN Miniport (IKEv2);C:\Windows\System32\drivers\agilevpn.sys [2009-7-13 60416]
R3 Rasl2tp;WAN Miniport (L2TP);C:\Windows\System32\drivers\rasl2tp.sys [2009-7-13 130048]
R3 RasPppoe;Remote Access PPPOE Driver;C:\Windows\System32\drivers\raspppoe.sys [2009-7-13 92672]
R3 RasSstp;WAN Miniport (SSTP);C:\Windows\System32\drivers\rassstp.sys [2009-7-13 83968]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-9-16 215552]
R3 srv;Server SMB 1.xxx Driver;C:\Windows\System32\drivers\srv.sys [2012-5-7 461312]
R3 srv2;Server SMB 2.xxx Driver;C:\Windows\System32\drivers\srv2.sys [2012-5-7 399872]
R3 srvnet;srvnet;C:\Windows\System32\drivers\srvnet.sys [2012-5-7 161792]
R3 SSDPSRV;SSDP Discovery;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 STHDA;IDT High Definition Audio CODEC;C:\Windows\System32\drivers\stwrt64.sys [2009-9-16 487424]
R3 swenum;Software Bus Driver;C:\Windows\System32\drivers\swenum.sys [2009-7-13 12496]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver;C:\Windows\System32\drivers\tunnel.sys [2009-7-13 125440]
R3 umbus;UMBus Enumerator Driver;C:\Windows\System32\drivers\umbus.sys [2009-7-13 48640]
R3 upnphost;UPnP Device Host;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 usbccgp;Microsoft USB Generic Parent Driver;C:\Windows\System32\drivers\usbccgp.sys [2012-5-9 98816]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\Windows\System32\drivers\usbehci.sys [2012-5-9 52224]
R3 usbhub;Microsoft USB Standard Hub Driver;C:\Windows\System32\drivers\usbhub.sys [2012-5-9 343040]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\Windows\System32\drivers\usbuhci.sys [2012-5-9 30720]
R3 usbvideo;USB Video Device (WDM);C:\Windows\System32\drivers\usbvideo.sys [2012-5-9 184832]
R3 vwifibus;Virtual WiFi Bus Driver;C:\Windows\System32\drivers\vwifibus.sys [2009-7-13 24576]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
R3 wcncsvc;Windows Connect Now - Config Registrar;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
R3 WdiServiceHost;Diagnostic Service Host;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\Windows\System32\drivers\wmiacpi.sys [2009-7-13 14336]
R3 WudfPf;User Mode Driver Frameworks Platform Driver;C:\Windows\System32\drivers\WUDFPf.sys [2009-7-13 112128]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-16 393728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FDResPub;Function Discovery Resource Publication;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-12 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-12 701512]
S2 sppsvc;Software Protection;C:\Windows\System32\sppsvc.exe [2009-7-13 3524608]
S2 stisvc;Windows Image Acquisition (WIA);C:\Windows\System32\svchost.exe -k imgsvc [2009-7-13 27136]
S3 1394ohci;1394 OHCI Compliant Host Controller;C:\Windows\System32\drivers\1394ohci.sys [2009-7-13 227840]
S3 AcpiPmi;ACPI Power Meter Driver;C:\Windows\System32\drivers\acpipmi.sys [2009-7-13 12288]
S3 Adobe LM Service;Adobe LM Service;C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-10-31 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-22 257416]
S3 adp94xx;adp94xx;C:\Windows\System32\drivers\adp94xx.sys [2009-6-10 491088]
S3 adpahci;adpahci;C:\Windows\System32\drivers\adpahci.sys [2009-7-13 339536]
S3 adpu320;adpu320;C:\Windows\System32\drivers\adpu320.sys [2009-7-13 182864]
S3 agp440;Intel AGP Bus Filter;C:\Windows\System32\drivers\AGP440.sys [2009-7-13 61008]
S3 ALG;Application Layer Gateway Service;C:\Windows\System32\alg.exe [2009-7-13 79360]
S3 aliide;aliide;C:\Windows\System32\drivers\aliide.sys [2009-7-13 15440]
S3 amdide;amdide;C:\Windows\System32\drivers\amdide.sys [2009-7-13 15440]
S3 AmdK8;AMD K8 Processor Driver;C:\Windows\System32\drivers\amdk8.sys [2009-7-13 64512]
S3 AmdPPM;AMD Processor Driver;C:\Windows\System32\drivers\amdppm.sys [2009-7-13 60928]
S3 amdsata;amdsata;C:\Windows\System32\drivers\amdsata.sys [2012-5-9 107904]
S3 amdsbs;amdsbs;C:\Windows\System32\drivers\amdsbs.sys [2009-6-10 194128]
S3 AppID;AppID Driver;C:\Windows\System32\drivers\appid.sys [2009-7-13 61440]
S3 AppIDSvc;Application Identity;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 Appinfo;Application Information;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 arc;arc;C:\Windows\System32\drivers\arc.sys [2009-7-13 87632]
S3 arcsas;arcsas;C:\Windows\System32\drivers\arcsas.sys [2009-7-13 97856]
S3 AsyncMac;RAS Asynchronous Media Driver;C:\Windows\System32\drivers\asyncmac.sys [2009-7-13 23040]
S3 atapi;atapi;C:\Windows\System32\drivers\atapi.sys [2009-7-13 24128]
S3 AxInstSV;ActiveX Installer (AxInstSV);C:\Windows\System32\svchost.exe -k AxInstSVGroup [2009-7-13 27136]
S3 b06bdrv;Broadcom NetXtreme II VBD;C:\Windows\System32\drivers\bxvbda.sys [2009-6-10 468480]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60a.sys [2009-6-10 270848]
S3 BDESVC;BitLocker Drive Encryption Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\Windows\System32\drivers\BrFiltLo.sys [2009-7-13 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\Windows\System32\drivers\BrFiltUp.sys [2009-7-13 8704]
S3 Browser;Computer Browser;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\Windows\System32\drivers\BrSerId.sys [2009-7-13 286720]
S3 BrSerWdm;Brother WDM Serial driver;C:\Windows\System32\drivers\BrSerWdm.sys [2009-7-13 47104]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\Windows\System32\drivers\BrUsbMdm.sys [2009-7-13 14976]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\Windows\System32\drivers\BrUsbSer.sys [2009-7-13 14720]
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\Windows\System32\drivers\bthmodem.sys [2009-7-13 72192]
S3 bthserv;Bluetooth Support Service;C:\Windows\System32\svchost.exe -k bthsvcs [2009-7-13 27136]
S3 CertPropSvc;Certificate Propagation;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 circlass;Consumer IR Devices;C:\Windows\System32\drivers\circlass.sys [2009-7-13 45568]
S3 cmdide;cmdide;C:\Windows\System32\drivers\cmdide.sys [2009-7-13 17488]
S3 COMSysApp;COM+ System Application;C:\Windows\System32\dllhost.exe [2009-7-13 9728]
S3 defragsvc;Disk Defragmenter;C:\Windows\System32\svchost.exe -k defragsvc [2009-7-13 27136]
S3 dot3svc;Wired AutoConfig;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 drmkaud;Microsoft Trusted Audio Drivers;C:\Windows\System32\drivers\drmkaud.sys [2009-7-13 5632]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;C:\Windows\System32\drivers\evbda.sys [2009-6-10 3286016]
S3 EFS;Encrypting File System (EFS);C:\Windows\System32\lsass.exe [2012-5-7 31232]
S3 ehRecvr;Windows Media Center Receiver Service;C:\WINDOWS\ehome\ehrecvr.exe [2012-5-7 696320]
S3 ehSched;Windows Media Center Scheduler Service;C:\WINDOWS\ehome\ehsched.exe [2009-7-13 127488]
S3 elxstor;elxstor;C:\Windows\System32\drivers\elxstor.sys [2009-6-10 530496]
S3 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\System32\drivers\errdev.sys [2009-7-13 9728]
S3 exfat;exFAT File System Driver;C:\Windows\System32\drivers\exfat.sys [2009-7-13 195072]
S3 Fax;Fax;C:\Windows\System32\FXSSVC.exe [2009-7-13 689152]
S3 fdc;Floppy Disk Controller Driver;C:\Windows\System32\drivers\fdc.sys [2009-7-13 29696]
S3 Filetrace;Filetrace;C:\Windows\System32\drivers\filetrace.sys [2009-7-13 34304]
S3 flpydisk;Floppy Disk Driver;C:\Windows\System32\drivers\flpydisk.sys [2009-7-13 24576]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2009-7-13 42840]
S3 FsDepends;File System Dependency Minifilter;C:\Windows\System32\drivers\fsdepends.sys [2009-7-13 55376]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\Windows\System32\drivers\GAGP30KX.SYS [2009-7-13 65088]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver;C:\Windows\System32\drivers\hcw85cir.sys [2009-7-13 31232]
S3 HidBatt;HID UPS Battery Driver;C:\Windows\System32\drivers\hidbatt.sys [2009-7-13 26624]
S3 HidBth;Microsoft Bluetooth HID Miniport;C:\Windows\System32\drivers\hidbth.sys [2009-7-13 100864]
S3 HidIr;Microsoft Infrared HID Driver;C:\Windows\System32\drivers\hidir.sys [2009-7-13 46592]
S3 hidserv;Human Interface Device Access;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 hkmsvc;Health Key and Certificate Management;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 HomeGroupListener;HomeGroup Listener;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 HomeGroupProvider;HomeGroup Provider;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
S3 HpSAMD;HpSAMD;C:\Windows\System32\drivers\HpSAMD.sys [2009-7-13 77888]
S3 iaStorV;Intel RAID Controller Windows 7;C:\Windows\System32\drivers\iaStorV.sys [2012-5-9 410496]
S3 idsvc;Windows CardSpace;C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2009-7-13 856384]
S3 iirsp;iirsp;C:\Windows\System32\drivers\iirsp.sys [2009-7-13 44112]
S3 intelide;intelide;C:\Windows\System32\drivers\intelide.sys [2009-7-13 16960]
S3 IPBusEnum;PnP-X IP Bus Enumerator;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 IpFilterDriver;IP Traffic Filter Driver;C:\Windows\System32\drivers\ipfltdrv.sys [2009-7-13 82944]
S3 IPMIDRV;IPMIDRV;C:\Windows\System32\drivers\IPMIDrv.sys [2009-7-13 78848]
S3 IPNAT;IP Network Address Translator;C:\Windows\System32\drivers\ipnat.sys [2009-7-13 116224]
S3 IRENUM;IR Bus Enumerator;C:\Windows\System32\drivers\irenum.sys [2009-7-13 17920]
S3 isapnp;isapnp;C:\Windows\System32\drivers\isapnp.sys [2009-7-13 20544]
S3 iScsiPrt;iScsiPort Driver;C:\Windows\System32\drivers\msiscsi.sys [2009-7-13 224832]
S3 kbdhid;Keyboard HID Driver;C:\Windows\System32\drivers\kbdhid.sys [2009-7-13 33280]
S3 KtmRm;KtmRm for Distributed Transaction Coordinator;C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [2009-7-13 27136]
S3 lltdsvc;Link-Layer Topology Discovery Mapper;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 LSI_FC;LSI_FC;C:\Windows\System32\drivers\lsi_fc.sys [2009-7-13 114752]
S3 LSI_SAS;LSI_SAS;C:\Windows\System32\drivers\lsi_sas.sys [2009-7-13 106560]
S3 LSI_SAS2;LSI_SAS2;C:\Windows\System32\drivers\lsi_sas2.sys [2009-7-13 65600]
S3 LSI_SCSI;LSI_SCSI;C:\Windows\System32\drivers\lsi_scsi.sys [2009-7-13 115776]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-12 25928]
S3 megasas;megasas;C:\Windows\System32\drivers\megasas.sys [2009-6-10 35392]
S3 MegaSR;MegaSR;C:\Windows\System32\drivers\MegaSR.sys [2009-7-13 284736]
S3 Modem;Modem;C:\Windows\System32\drivers\modem.sys [2009-7-13 40448]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-7-11 118680]
S3 mpio;mpio;C:\Windows\System32\drivers\mpio.sys [2009-7-13 155216]
S3 mpsdrv;Windows Firewall Authorization Driver;C:\Windows\System32\drivers\mpsdrv.sys [2009-7-13 77312]
S3 MRxDAV;WebDav Client Redirector Driver;C:\Windows\System32\drivers\mrxdav.sys [2009-7-13 140800]
S3 msahci;msahci;C:\Windows\System32\drivers\msahci.sys [2009-7-13 30272]
S3 msdsm;msdsm;C:\Windows\System32\drivers\msdsm.sys [2009-7-13 140352]
S3 MSDTC;Distributed Transaction Coordinator;C:\Windows\System32\msdtc.exe [2009-7-13 141824]
S3 mshidkmdf;Pass-through HID to KMDF Filter Driver;C:\Windows\System32\drivers\mshidkmdf.sys [2009-7-13 8192]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 msiserver;Windows Installer;C:\Windows\System32\msiexec.exe [2009-7-13 127488]
S3 MSKSSRV;Microsoft Streaming Service Proxy;C:\Windows\System32\drivers\mskssrv.sys [2009-7-13 11136]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;C:\Windows\System32\drivers\mspclock.sys [2009-7-13 7168]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;C:\Windows\System32\drivers\mspqm.sys [2009-7-13 6784]
S3 MsRPC;MsRPC;C:\Windows\System32\drivers\msrpc.sys [2009-7-13 367168]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;C:\Windows\System32\drivers\mstee.sys [2009-7-13 8064]
S3 MTConfig;Microsoft Input Configuration Driver;C:\Windows\System32\drivers\MTConfig.sys [2009-7-13 15360]
S3 napagent;Network Access Protection Agent;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 NdisCap;NDIS Capture LightWeight Filter;C:\Windows\System32\drivers\ndiscap.sys [2009-7-13 35328]
S3 Netlogon;Netlogon;C:\Windows\System32\lsass.exe [2012-5-7 31232]
S3 nfrd960;nfrd960;C:\Windows\System32\drivers\nfrd960.sys [2009-7-13 51264]
S3 nv_agp;NVIDIA nForce AGP Bus Filter;C:\Windows\System32\drivers\NV_AGP.SYS [2009-7-13 122960]
S3 nvraid;nvraid;C:\Windows\System32\drivers\nvraid.sys [2012-5-9 148352]
S3 nvstor;nvstor;C:\Windows\System32\drivers\nvstor.sys [2012-5-9 166272]
S3 odserv;Microsoft Office Diagnostics Service;C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy);C:\Windows\System32\drivers\ohci1394.sys [2009-7-13 72832]
S3 ose;Office Source Engine;C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;Peer Networking Identity Manager;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 p2psvc;Peer Networking Grouping;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 Parport;Parallel port driver;C:\Windows\System32\drivers\parport.sys [2009-7-13 97280]
S3 pciide;pciide;C:\Windows\System32\drivers\pciide.sys [2009-7-13 12352]
S3 pcmcia;pcmcia;C:\Windows\System32\drivers\pcmcia.sys [2009-7-13 220752]
S3 PerfHost;Performance Counter DLL Host;C:\WINDOWS\SysWOW64\perfhost.exe [2009-7-13 20992]
S3 pla;Performance Logs & Alerts;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 PNRPsvc;Peer Name Resolution Protocol;C:\Windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-13 27136]
S3 Processor;Processor Driver;C:\Windows\System32\drivers\processr.sys [2009-7-13 60416]
S3 ProtectedStorage;Protected Storage;C:\Windows\System32\lsass.exe [2012-5-7 31232]
S3 ql2300;ql2300;C:\Windows\System32\drivers\ql2300.sys [2009-6-10 1524816]
S3 ql40xx;ql40xx;C:\Windows\System32\drivers\ql40xx.sys [2009-7-13 128592]
S3 QWAVE;Quality Windows Audio Video Experience;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 QWAVEdrv;QWAVE driver;C:\Windows\System32\drivers\qwavedrv.sys [2009-7-13 46592]
S3 RasAcd;Remote Access Auto Connection Driver;C:\Windows\System32\drivers\rasacd.sys [2009-7-13 14848]
S3 RasAuto;Remote Access Auto Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 RasMan;Remote Access Connection Manager;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;C:\Windows\System32\drivers\rdpbus.sys [2009-7-13 24064]
S3 RDPWD;RDP Winstation Driver;C:\Windows\System32\drivers\rdpwd.sys [2012-6-18 204800]
S3 RemoteRegistry;Remote Registry;C:\Windows\System32\svchost.exe -k regsvc [2009-7-13 27136]
S3 RpcLocator;Remote Procedure Call (RPC) Locator;C:\Windows\System32\Locator.exe [2009-7-13 10240]
S3 sbp2port;sbp2port;C:\Windows\System32\drivers\sbp2port.sys [2009-7-13 104016]
S3 SCardSvr;Smart Card;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 scfilter;Smart card PnP Class Filter Driver;C:\Windows\System32\drivers\scfilter.sys [2009-7-13 29696]
S3 SCPolicySvc;Smart Card Removal Policy;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 SDRSVC;Windows Backup;C:\Windows\System32\svchost.exe -k SDRSVC [2009-7-13 27136]
S3 seclogon;Secondary Logon;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 SensrSvc;Adaptive Brightness;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 Serenum;Serenum Filter Driver;C:\Windows\System32\drivers\serenum.sys [2009-7-13 23552]
S3 Serial;Serial;C:\Windows\System32\drivers\serial.sys [2009-7-13 94208]
S3 sermouse;Serial Mouse Driver;C:\Windows\System32\drivers\sermouse.sys [2009-7-13 26624]
S3 SessionEnv;Remote Desktop Configuration;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 sffdisk;SFF Storage Class Driver;C:\Windows\System32\drivers\sffdisk.sys [2009-7-13 14336]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;C:\Windows\System32\drivers\sffp_mmc.sys [2009-7-13 13824]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus;C:\Windows\System32\drivers\sffp_sd.sys [2009-7-13 14336]
S3 sfloppy;High-Capacity Floppy Disk Drive;C:\Windows\System32\drivers\sfloppy.sys [2009-7-13 16896]
S3 SiSRaid2;SiSRaid2;C:\Windows\System32\drivers\sisraid2.sys [2009-6-10 43584]
S3 SiSRaid4;SiSRaid4;C:\Windows\System32\drivers\sisraid4.sys [2009-7-13 80464]
S3 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);C:\Windows\System32\drivers\smb.sys [2009-7-13 93184]
S3 SNMPTRAP;SNMP Trap;C:\Windows\System32\snmptrap.exe [2009-7-13 14336]
S3 sppuinotify;SPP Notification Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 SstpSvc;Secure Socket Tunneling Protocol Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 stexstor;stexstor;C:\Windows\System32\drivers\stexstor.sys [2009-7-13 24656]
S3 swprv;Microsoft Software Shadow Copy Provider;C:\Windows\System32\svchost.exe -k swprv [2009-7-13 27136]
S3 TabletInputService;Tablet PC Input Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TapiSrv;Telephony;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 TBS;TPM Base Services;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S3 TCPIP6;Microsoft IPv6 Protocol Driver;C:\Windows\System32\drivers\tcpip.sys [2012-5-9 1895280]
S3 TDPIPE;TDPIPE;C:\Windows\System32\drivers\tdpipe.sys [2009-7-13 15872]
S3 TDTCP;TDTCP;C:\Windows\System32\drivers\tdtcp.sys [2012-5-6 23552]
S3 TermService;Remote Desktop Services;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 THREADORDER;Thread Ordering Server;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 TrustedInstaller;Windows Modules Installer;C:\WINDOWS\servicing\TrustedInstaller.exe [2009-7-13 194048]
S3 tssecsrv;Remote Desktop Services Security Filter Driver;C:\Windows\System32\drivers\tssecsrv.sys [2009-7-13 38400]
S3 uagp35;Microsoft AGPv3.5 Filter;C:\Windows\System32\drivers\UAGP35.SYS [2009-7-13 64080]
S3 UI0Detect;Interactive Services Detection;C:\Windows\System32\UI0Detect.exe [2009-7-13 40960]
S3 uliagpkx;Uli AGP Bus Filter;C:\Windows\System32\drivers\ULIAGPKX.SYS [2009-7-13 64592]
S3 UmPass;Microsoft UMPass Driver;C:\Windows\System32\drivers\umpass.sys [2009-7-13 9728]
S3 usbaudio;USB Audio Driver (WDM);C:\Windows\System32\drivers\USBAUDIO.sys [2009-7-13 109568]
S3 usbcir;eHome Infrared Receiver (USBCIR);C:\Windows\System32\drivers\usbcir.sys [2009-7-13 100352]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver;C:\Windows\System32\drivers\usbohci.sys [2012-5-9 25600]
S3 usbprint;Microsoft USB PRINTER Class;C:\Windows\System32\drivers\usbprint.sys [2009-7-13 25088]
S3 USBSTOR;USB Mass Storage Driver;C:\Windows\System32\drivers\USBSTOR.SYS [2012-5-9 91136]
S3 VaultSvc;Credential Manager;C:\Windows\System32\lsass.exe [2012-5-7 31232]
S3 vds;Virtual Disk;C:\Windows\System32\vds.exe [2009-7-13 532480]
S3 vga;vga;C:\Windows\System32\drivers\vgapnp.sys [2009-7-13 29184]
S3 vhdmp;vhdmp;C:\Windows\System32\drivers\vhdmp.sys [2009-7-13 217680]
S3 viaide;viaide;C:\Windows\System32\drivers\viaide.sys [2009-7-13 17488]
S3 vsmraid;vsmraid;C:\Windows\System32\drivers\vsmraid.sys [2009-6-10 161872]
S3 VSS;Volume Shadow Copy;C:\Windows\System32\VSSVC.exe [2009-7-13 1598976]
S3 W32Time;Windows Time;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\System32\drivers\wacompen.sys [2009-7-13 27776]
S3 WANARP;Remote Access IP ARP Driver;C:\Windows\System32\drivers\wanarp.sys [2009-7-13 88576]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-9 1255736]
S3 wbengine;Block Level Backup Engine Service;C:\Windows\System32\wbengine.exe [2009-7-13 1503744]
S3 WbioSrvc;Windows Biometric Service;C:\Windows\System32\svchost.exe -k WbioSvcGroup [2009-7-13 27136]
S3 WcsPlugInService;Windows Color System;C:\Windows\System32\svchost.exe -k wcssvc [2009-7-13 27136]
S3 Wd;Wd;C:\Windows\System32\drivers\wd.sys [2009-7-13 21056]
S3 WdiSystemHost;Diagnostic System Host;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 WebClient;WebClient;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 Wecsvc;Windows Event Collector;C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S3 WerSvc;Windows Error Reporting Service;C:\Windows\System32\svchost.exe -k WerSvcGroup [2009-7-13 27136]
S3 WimFltr;WimFltr;C:\Windows\System32\drivers\WimFltr.sys [2009-9-16 151656]
S3 WIMMount;WIMMount;C:\Windows\System32\drivers\wimmount.sys [2009-7-13 22096]
S3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service;C:\Windows\System32\svchost.exe -k LocalService [2009-7-13 27136]
S3 WinRM;Windows Remote Management (WS-Management);C:\Windows\System32\svchost.exe -k NetworkService [2009-7-13 27136]
S3 WinUsb;WinUsb;C:\Windows\System32\drivers\winusb.sys [2009-7-13 40448]
S3 wmiApSrv;WMI Performance Adapter;C:\Windows\System32\wbem\WmiApSrv.exe [2009-7-13 203264]
S3 WPCSvc;Parental Controls;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-13 27136]
S3 WPDBusEnum;Portable Device Enumerator Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 WUDFRd;WUDFRd;C:\Windows\System32\drivers\WUDFRd.sys [2009-7-13 172544]
S3 WwanSvc;WWAN AutoConfig;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-13 27136]
S4 cdfs;CD/DVD File System Reader;C:\Windows\System32\drivers\cdfs.sys [2009-7-13 92160]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-7-13 66384]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-7-13 89920]
S4 crcdisk;Crcdisk Filter Driver;C:\Windows\System32\drivers\crcdisk.sys [2009-7-13 24144]
S4 Mcx2Svc;Media Center Extender Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-13 27136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-7-13 116560]
S4 RemoteAccess;Routing and Remote Access;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 27136]
S4 udfs;udfs;C:\Windows\System32\drivers\udfs.sys [2009-7-13 327168]
S4 ws2ifsl;Winsock IFS Driver;C:\Windows\System32\drivers\ws2ifsl.sys [2009-7-13 21504]
.
=============== File Associations ===============
.
FileExt: .bat: batfile="%1" %*
FileExt: .cmd: cmdfile="%1" %*
FileExt: .com: comfile="%1" %*
FileExt: .exe: exefile="%1" %*
FileExt: .pif: piffile="%1" %*
FileExt: .scr: scrfile="%1" /S
FileExt: .reg: regfile=regedit.exe "%1"
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1
FileExt: .ini: inifile=C:\Windows\System32\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: AcroRD32.exe: Read="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "%1"
ShellExec: BitTorrent.exe: open="C:\Program Files (x86)\BitTorrent\BitTorrent.exe" "%1"
ShellExec: ehshell.exe: open="C:\Windows\eHome\ehshell.exe" "%1"
ShellExec: EXCEL.EXE: New="C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e /n
ShellExec: EXCEL.EXE: Open="C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e
ShellExec: EXCEL.EXE: OpenAsReadOnly="C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /h /e
ShellExec: EXCEL.EXE: Print="C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e
ShellExec: EXCEL.EXE: Printto="C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e
ShellExec: iexplore.exe: open="C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
ShellExec: ImageReady.exe: edit="C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\ImageReady.exe" "%1"
ShellExec: ImageReady.exe: open="C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\ImageReady.exe" "%1"
ShellExec: integratedoffice.exe: open="C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe" "%1"
ShellExec: mspaint.exe: edit="C:\Windows\System32\mspaint.exe" "%1"
ShellExec: notepad.exe: edit=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: notepad.exe: open=C:\Windows\System32\NOTEPAD.EXE %1
ShellExec: ois.exe: Edit=C:\PROGRA~2\MICROS~2\Office12\OIS.EXE /shellEdit "%1"
ShellExec: ois.exe: Open=C:\PROGRA~2\MICROS~2\Office12\OIS.EXE /shellOpen "%1"
ShellExec: ois.exe: Preview=C:\PROGRA~2\MICROS~2\Office12\OIS.EXE /shellPreview "%1"
ShellExec: Photoshop.exe: edit="C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe" "%1"
ShellExec: Photoshop.exe: open="C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe" "%1"
ShellExec: photoviewer.dll: open=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: photoviewer.dll: print=C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: QuickTimePlayer.exe: open=C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe "%1"
ShellExec: Winword.exe: edit="C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
ShellExec: wksss.exe: open=C:\PROGRA~2\MICROS~1\wksss.exe "%1"
ShellExec: wkswp.exe: open=C:\PROGRA~2\MICROS~1\WksWP.exe "%1"
ShellExec: WLXPhotoViewer.dll: open=C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1"
ShellExec: wmplayer.exe: open="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "%L"
ShellExec: wmplayer.exe: play="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play "%L"
ShellExec: wordpad.exe: open="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1"
.
=============== Created Last 60 ================
.
2013-10-13 09:35:32 -------- d-----w- C:\Qoobox
2013-10-13 09:34:53 -------- d-----w- C:\Windows\erdnt
2013-10-13 09:34:50 -------- d-s---w- C:\32788R22FWJFW
2013-10-12 21:01:15 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-10-12 21:01:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-09 03:25:44 91544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
2013-10-09 03:25:44 871608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2013-10-09 03:25:44 392600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
2013-10-09 03:25:44 27544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-10-09 03:25:44 273304 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2013-10-09 03:25:44 21527448 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2013-10-09 03:25:44 17816 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2013-10-09 03:25:44 1775000 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
2013-10-09 03:25:44 170232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-10-09 03:25:44 152984 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2013-10-09 03:25:44 107416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-10-09 03:25:43 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2013-10-09 03:25:43 63384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2013-10-09 03:25:43 548760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2013-10-09 03:25:43 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2013-10-09 03:25:43 3279768 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 03:25:43 3215256 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2013-10-09 03:25:43 301464 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
2013-10-09 03:25:43 274840 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2013-10-09 03:25:43 193824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2013-10-09 03:25:43 16280 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2013-10-09 03:25:43 128920 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2013-10-09 03:25:43 118680 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2013-10-09 03:25:42 74648 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2013-10-09 03:25:42 271256 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-10-09 03:25:42 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2013-10-09 03:25:42 116632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
2013-10-09 03:25:41 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2013-10-09 03:25:41 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox
2013-09-14 23:55:17 -------- d-----w- C:\Users\Andrew\AppData\Roaming\RobotSoft
2013-08-19 02:51:00 -------- d-----w- C:\ProgramData\APN
2013-08-18 01:50:35 -------- d-----w- C:\Bovada
.
==================== Find6M  ====================
.
2013-10-10 00:13:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-10 00:13:15 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-26 12:46:45 21840856 ----a-w- C:\Firefox-20Setup-2022.0.exe
2013-06-21 14:49:14 13824 ----a-w- C:\Windows\SysWow64\MacroSAS.exe
.
============= FINISH: 21:03:36.89 ===============
 
 
 
Of course I spelled Freezes wrong on my topic title and can't figure out how to edit it.  My apologies!

Attached Files


Edited by JonnyRocket, 16 October 2013 - 08:17 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:03 PM

Posted 19 October 2013 - 09:24 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please restart the computer before running this security check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#3 JonnyRocket

JonnyRocket
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 20 October 2013 - 01:23 PM

Alright I got through everything up until ComboFix.  I ran combofix for 30+ hours and it never moved passed stage 4.  It didn't freeze though it just stayed there saying stage 4 complete.  Using my tablet pc I searched on google how long it should take and people were saying somethings not right if its taking 24 hours and that there's a total of 50 stages.  Here are my logs below for the first three programs.

 

RogueKiller V8.7.4 _x64_ [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Andrew [Admin rights]
Mode : Remove -- Date : 10/20/2013 05:29:42
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 1 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][File] Desktop.ini : C:\WINDOWS\assembly\GAC_32\Desktop.ini [-] --> DELETED
[ZeroAccess][File] Desktop.ini : C:\WINDOWS\assembly\GAC_64\Desktop.ini [-] --> DELETED
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection : ZeroAccess ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - TOSHIBA MK2555GSX +++++
--- User ---
[MBR] ccb853aaabcab6c6b5ea8cfdce5e2d72
[BSP] 9b3acc45867630ac3f6291154c4bc36d : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_10202013_052942.txt >>
RKreport[0]_D_10192013_165459.txt;RKreport[0]_S_10192013_165338.txt;RKreport[0]_S_10202013_052917.txt
 
 
 
 
 
 
# AdwCleaner v3.009 - Report created 20/10/2013 at 05:33:57
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : Andrew - ANDREW-PC
# Running from : C:\Users\Andrew\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16447
 
 
-\\ Mozilla Firefox v24.0 (en-US)
 
[ File : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\1n92tpmy.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : search_url
Deleted : keyword
Deleted : icon_url
 
*************************
 
AdwCleaner[R0].txt - [4299 octets] - [19/10/2013 17:01:30]
AdwCleaner[R1].txt - [1070 octets] - [20/10/2013 05:32:25]
AdwCleaner[S0].txt - [4133 octets] - [19/10/2013 17:03:10]
AdwCleaner[S1].txt - [979 octets] - [20/10/2013 05:33:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1038 octets] ##########
 
 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Andrew on Sat 10/19/2013 at 17:07:56.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Andrew\appdata\local\{9c8eda65-b926-9725-176f-c4740d58067f}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Andrew\AppData\Roaming\mozilla\firefox\profiles\1n92tpmy.default\minidumps [57 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Andrew\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/19/2013 at 17:15:13.88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Edited by JonnyRocket, 20 October 2013 - 01:26 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:03 PM

Posted 21 October 2013 - 06:41 AM



Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Download correct tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please post the logs for my review.

#5 JonnyRocket

JonnyRocket
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 22 October 2013 - 12:23 AM

09:57:42.0943 0x0e6c  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
09:57:46.0574 0x0e6c  ============================================================
09:57:46.0574 0x0e6c  Current date / time: 2013/10/21 09:57:46.0574
09:57:46.0574 0x0e6c  SystemInfo:
09:57:46.0574 0x0e6c  
09:57:46.0574 0x0e6c  OS Version: 6.1.7600 ServicePack: 0.0
09:57:46.0574 0x0e6c  Product type: Workstation
09:57:46.0574 0x0e6c  ComputerName: ANDREW-PC
09:57:46.0574 0x0e6c  UserName: Andrew
09:57:46.0574 0x0e6c  Windows directory: C:\Windows
09:57:46.0574 0x0e6c  System windows directory: C:\Windows
09:57:46.0574 0x0e6c  Running under WOW64
09:57:46.0574 0x0e6c  Processor architecture: Intel x64
09:57:46.0574 0x0e6c  Number of processors: 2
09:57:46.0574 0x0e6c  Page size: 0x1000
09:57:46.0574 0x0e6c  Boot type: Normal boot
09:57:46.0574 0x0e6c  ============================================================
09:57:46.0882 0x0e6c  System UUID: {1C8D3131-D54A-1D9D-9C79-7D2A67E43A62}
09:57:47.0467 0x0e6c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:57:47.0471 0x0e6c  ============================================================
09:57:47.0471 0x0e6c  \Device\Harddisk0\DR0:
09:57:47.0472 0x0e6c  MBR partitions:
09:57:47.0472 0x0e6c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:57:47.0472 0x0e6c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
09:57:47.0472 0x0e6c  ============================================================
09:57:47.0505 0x0e6c  C: <-> \Device\Harddisk0\DR0\Partition2
09:57:47.0505 0x0e6c  ============================================================
09:57:47.0505 0x0e6c  Initialize success
09:57:47.0505 0x0e6c  ============================================================
09:58:36.0669 0x1338  ============================================================
09:58:36.0669 0x1338  Scan started
09:58:36.0669 0x1338  Mode: Manual; SigCheck; TDLFS; 
09:58:36.0669 0x1338  ============================================================
09:58:36.0669 0x1338  KSN ping started
09:58:39.0407 0x1338  KSN ping finished: true
09:58:39.0845 0x1338  ================ Scan system memory ========================
09:58:39.0845 0x1338  System memory - ok
09:58:39.0846 0x1338  ================ Scan services =============================
09:58:40.0070 0x1338  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
09:58:40.0240 0x1338  1394ohci - ok
09:58:40.0300 0x1338  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
09:58:40.0354 0x1338  ACPI - ok
09:58:40.0410 0x1338  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
09:58:40.0512 0x1338  AcpiPmi - ok
09:58:40.0655 0x1338  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:58:40.0695 0x1338  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:43.0671 0x1338  Detect skipped due to KSN trusted
09:58:43.0672 0x1338  Adobe LM Service - ok
09:58:43.0797 0x1338  [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:58:43.0816 0x1338  AdobeARMservice - ok
09:58:43.0935 0x1338  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:58:43.0963 0x1338  AdobeFlashPlayerUpdateSvc - ok
09:58:44.0051 0x1338  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:58:44.0079 0x1338  adp94xx - ok
09:58:44.0163 0x1338  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:58:44.0186 0x1338  adpahci - ok
09:58:44.0222 0x1338  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:58:44.0240 0x1338  adpu320 - ok
09:58:44.0271 0x1338  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:58:44.0507 0x1338  AeLookupSvc - ok
09:58:44.0579 0x1338  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
09:58:44.0681 0x1338  AFD - ok
09:58:44.0738 0x1338  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
09:58:44.0755 0x1338  agp440 - ok
09:58:44.0810 0x1338  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:58:44.0918 0x1338  ALG - ok
09:58:44.0971 0x1338  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
09:58:44.0989 0x1338  aliide - ok
09:58:45.0008 0x1338  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
09:58:45.0021 0x1338  amdide - ok
09:58:45.0041 0x1338  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:58:45.0109 0x1338  AmdK8 - ok
09:58:45.0184 0x1338  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:58:45.0238 0x1338  AmdPPM - ok
09:58:45.0333 0x1338  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
09:58:45.0352 0x1338  amdsata - ok
09:58:45.0412 0x1338  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:58:45.0432 0x1338  amdsbs - ok
09:58:45.0454 0x1338  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
09:58:45.0472 0x1338  amdxata - ok
09:58:45.0526 0x1338  [ 1412E9A88FE1F7E35CE6058A2EF03664, 5670F8189C91E6F449EFB2A91F689F785D8757DF70534DCE3C9D3A556722EACA ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
09:58:45.0549 0x1338  ApfiltrService - ok
09:58:45.0617 0x1338  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
09:58:45.0734 0x1338  AppID - ok
09:58:45.0784 0x1338  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:58:45.0871 0x1338  AppIDSvc - ok
09:58:45.0923 0x1338  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
09:58:45.0995 0x1338  Appinfo - ok
09:58:46.0055 0x1338  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:58:46.0083 0x1338  arc - ok
09:58:46.0121 0x1338  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:58:46.0136 0x1338  arcsas - ok
09:58:46.0148 0x1338  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:58:46.0243 0x1338  AsyncMac - ok
09:58:46.0290 0x1338  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
09:58:46.0306 0x1338  atapi - ok
09:58:46.0370 0x1338  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:58:46.0451 0x1338  AudioEndpointBuilder - ok
09:58:46.0475 0x1338  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:58:46.0543 0x1338  AudioSrv - ok
09:58:46.0604 0x1338  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:58:46.0693 0x1338  AxInstSV - ok
09:58:46.0793 0x1338  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:58:46.0871 0x1338  b06bdrv - ok
09:58:46.0949 0x1338  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:58:47.0009 0x1338  b57nd60a - ok
09:58:47.0049 0x1338  [ E001DD475A7C27EBE5A0DB45C11BAD71, BA6A13E49F30BBBAB9FB0C7686FA6FD0376D506A51CEDB2829E3EF3C728394BA ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
09:58:47.0068 0x1338  BCM42RLY - ok
09:58:47.0359 0x1338  [ 37394D3553E220FB732C21E217E1BD8B, 1B4ACDDDD2A2D9771240778A47BA067F0F6C7C40C84BC8BFD5852E5772EAB298 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
09:58:47.0466 0x1338  BCM43XX - ok
09:58:47.0551 0x1338  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:58:47.0626 0x1338  BDESVC - ok
09:58:47.0668 0x1338  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:58:47.0737 0x1338  Beep - ok
09:58:47.0821 0x1338  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
09:58:47.0901 0x1338  BFE - ok
09:58:48.0025 0x1338  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
09:58:48.0148 0x1338  BITS - ok
09:58:48.0177 0x1338  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:58:48.0213 0x1338  blbdrive - ok
09:58:48.0270 0x1338  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:58:48.0333 0x1338  bowser - ok
09:58:48.0384 0x1338  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:58:48.0437 0x1338  BrFiltLo - ok
09:58:48.0442 0x1338  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:58:48.0470 0x1338  BrFiltUp - ok
09:58:48.0514 0x1338  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
09:58:48.0575 0x1338  BridgeMP - ok
09:58:48.0599 0x1338  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
09:58:48.0647 0x1338  Browser - ok
09:58:48.0686 0x1338  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:58:48.0726 0x1338  Brserid - ok
09:58:48.0764 0x1338  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:58:48.0808 0x1338  BrSerWdm - ok
09:58:48.0849 0x1338  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:58:48.0924 0x1338  BrUsbMdm - ok
09:58:48.0972 0x1338  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:58:49.0020 0x1338  BrUsbSer - ok
09:58:49.0039 0x1338  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:58:49.0071 0x1338  BTHMODEM - ok
09:58:49.0116 0x1338  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:58:49.0183 0x1338  bthserv - ok
09:58:49.0217 0x1338  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:58:49.0283 0x1338  cdfs - ok
09:58:49.0344 0x1338  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:58:49.0407 0x1338  cdrom - ok
09:58:49.0474 0x1338  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:58:49.0555 0x1338  CertPropSvc - ok
09:58:49.0620 0x1338  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:58:49.0666 0x1338  circlass - ok
09:58:49.0704 0x1338  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:58:49.0734 0x1338  CLFS - ok
09:58:49.0789 0x1338  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:58:49.0811 0x1338  clr_optimization_v2.0.50727_32 - ok
09:58:49.0845 0x1338  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:58:49.0866 0x1338  clr_optimization_v2.0.50727_64 - ok
09:58:49.0976 0x1338  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:58:49.0996 0x1338  clr_optimization_v4.0.30319_32 - ok
09:58:50.0061 0x1338  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:58:50.0083 0x1338  clr_optimization_v4.0.30319_64 - ok
09:58:50.0145 0x1338  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:58:50.0194 0x1338  CmBatt - ok
09:58:50.0220 0x1338  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
09:58:50.0236 0x1338  cmdide - ok
09:58:50.0314 0x1338  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:58:50.0365 0x1338  CNG - ok
09:58:50.0416 0x1338  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:58:50.0438 0x1338  Compbatt - ok
09:58:50.0455 0x1338  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:58:50.0528 0x1338  CompositeBus - ok
09:58:50.0547 0x1338  COMSysApp - ok
09:58:50.0588 0x1338  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:58:50.0602 0x1338  crcdisk - ok
09:58:50.0676 0x1338  [ F02786B66375292E58C8777082D4396D, EE7BCD10C014A16A06619EFD47226FAA1460A67CD7687EA8C38D63C71DBCD51B ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:58:50.0741 0x1338  CryptSvc - ok
09:58:50.0792 0x1338  [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:58:50.0850 0x1338  CtClsFlt - ok
09:58:50.0919 0x1338  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:58:51.0007 0x1338  DcomLaunch - ok
09:58:51.0105 0x1338  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:58:51.0170 0x1338  defragsvc - ok
09:58:51.0234 0x1338  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:58:51.0309 0x1338  DfsC - ok
09:58:51.0377 0x1338  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:58:51.0492 0x1338  Dhcp - ok
09:58:51.0516 0x1338  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:58:51.0582 0x1338  discache - ok
09:58:51.0629 0x1338  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:58:51.0645 0x1338  Disk - ok
09:58:51.0718 0x1338  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:58:51.0802 0x1338  Dnscache - ok
09:58:51.0948 0x1338  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:58:51.0985 0x1338  DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
09:58:54.0833 0x1338  Detect skipped due to KSN trusted
09:58:54.0833 0x1338  DockLoginService - ok
09:58:54.0923 0x1338  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:58:54.0986 0x1338  dot3svc - ok
09:58:55.0029 0x1338  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
09:58:55.0102 0x1338  DPS - ok
09:58:55.0155 0x1338  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:58:55.0175 0x1338  drmkaud - ok
09:58:55.0272 0x1338  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:58:55.0312 0x1338  DXGKrnl - ok
09:58:55.0371 0x1338  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:58:55.0488 0x1338  EapHost - ok
09:58:55.0749 0x1338  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:58:55.0964 0x1338  ebdrv - ok
09:58:56.0029 0x1338  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
09:58:56.0131 0x1338  EFS - ok
09:58:56.0233 0x1338  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:58:56.0322 0x1338  ehRecvr - ok
09:58:56.0373 0x1338  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:58:56.0428 0x1338  ehSched - ok
09:58:56.0530 0x1338  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:58:56.0569 0x1338  elxstor - ok
09:58:56.0573 0x1338  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
09:58:56.0640 0x1338  ErrDev - ok
09:58:56.0696 0x1338  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:58:56.0773 0x1338  EventSystem - ok
09:58:56.0827 0x1338  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:58:56.0910 0x1338  exfat - ok
09:58:56.0933 0x1338  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:58:56.0979 0x1338  fastfat - ok
09:58:57.0042 0x1338  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
09:58:57.0129 0x1338  Fax - ok
09:58:57.0202 0x1338  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:58:57.0255 0x1338  fdc - ok
09:58:57.0304 0x1338  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:58:57.0416 0x1338  fdPHost - ok
09:58:57.0438 0x1338  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:58:57.0511 0x1338  FDResPub - ok
09:58:57.0536 0x1338  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:58:57.0550 0x1338  FileInfo - ok
09:58:57.0581 0x1338  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:58:57.0661 0x1338  Filetrace - ok
09:58:57.0697 0x1338  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:58:57.0733 0x1338  flpydisk - ok
09:58:57.0768 0x1338  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:58:57.0797 0x1338  FltMgr - ok
09:58:57.0897 0x1338  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
09:58:58.0024 0x1338  FontCache - ok
09:58:58.0086 0x1338  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:58:58.0101 0x1338  FontCache3.0.0.0 - ok
09:58:58.0139 0x1338  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:58:58.0179 0x1338  FsDepends - ok
09:58:58.0242 0x1338  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:58:58.0261 0x1338  Fs_Rec - ok
09:58:58.0328 0x1338  [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:58:58.0355 0x1338  fvevol - ok
09:58:58.0418 0x1338  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:58:58.0435 0x1338  gagp30kx - ok
09:58:58.0504 0x1338  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:58:58.0616 0x1338  gpsvc - ok
09:58:58.0685 0x1338  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:58:58.0766 0x1338  hcw85cir - ok
09:58:58.0817 0x1338  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:58:58.0868 0x1338  HDAudBus - ok
09:58:58.0919 0x1338  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:58:58.0942 0x1338  HidBatt - ok
09:58:58.0950 0x1338  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:58:58.0991 0x1338  HidBth - ok
09:58:58.0998 0x1338  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:58:59.0038 0x1338  HidIr - ok
09:58:59.0078 0x1338  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
09:58:59.0154 0x1338  hidserv - ok
09:58:59.0202 0x1338  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:58:59.0245 0x1338  HidUsb - ok
09:58:59.0304 0x1338  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:58:59.0376 0x1338  hkmsvc - ok
09:58:59.0410 0x1338  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:58:59.0495 0x1338  HomeGroupListener - ok
09:58:59.0559 0x1338  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:58:59.0653 0x1338  HomeGroupProvider - ok
09:58:59.0739 0x1338  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
09:58:59.0762 0x1338  HpSAMD - ok
09:58:59.0827 0x1338  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:58:59.0900 0x1338  HTTP - ok
09:58:59.0920 0x1338  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:58:59.0942 0x1338  hwpolicy - ok
09:58:59.0986 0x1338  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:59:00.0013 0x1338  i8042prt - ok
09:59:00.0083 0x1338  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:59:00.0108 0x1338  IAANTMON - ok
09:59:00.0154 0x1338  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:59:00.0187 0x1338  iaStor - ok
09:59:00.0262 0x1338  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
09:59:00.0295 0x1338  iaStorV - ok
09:59:00.0388 0x1338  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:59:00.0425 0x1338  idsvc - ok
09:59:00.0767 0x1338  [ BABD5F9B2BCC82CE556A0BAF1AE208A7, FC58521140B7DA6B847C524CBA79183CEEC044C0A5DFE13165DBD46D34438CD0 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:59:01.0074 0x1338  igfx - ok
09:59:01.0150 0x1338  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:59:01.0174 0x1338  iirsp - ok
09:59:01.0282 0x1338  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
09:59:01.0357 0x1338  IKEEXT - ok
09:59:01.0382 0x1338  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
09:59:01.0399 0x1338  intelide - ok
09:59:01.0453 0x1338  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:59:01.0486 0x1338  intelppm - ok
09:59:01.0523 0x1338  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:59:01.0602 0x1338  IPBusEnum - ok
09:59:01.0630 0x1338  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:59:01.0685 0x1338  IpFilterDriver - ok
09:59:01.0722 0x1338  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:59:01.0759 0x1338  IPMIDRV - ok
09:59:01.0816 0x1338  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:59:01.0908 0x1338  IPNAT - ok
09:59:01.0932 0x1338  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:59:01.0962 0x1338  IRENUM - ok
09:59:01.0966 0x1338  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
09:59:01.0980 0x1338  isapnp - ok
09:59:02.0028 0x1338  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:59:02.0056 0x1338  iScsiPrt - ok
09:59:02.0109 0x1338  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:59:02.0133 0x1338  kbdclass - ok
09:59:02.0171 0x1338  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:59:02.0221 0x1338  kbdhid - ok
09:59:02.0251 0x1338  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
09:59:02.0268 0x1338  KeyIso - ok
09:59:02.0310 0x1338  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:59:02.0337 0x1338  KSecDD - ok
09:59:02.0360 0x1338  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:59:02.0390 0x1338  KSecPkg - ok
09:59:02.0425 0x1338  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:59:02.0486 0x1338  ksthunk - ok
09:59:02.0533 0x1338  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:59:02.0601 0x1338  KtmRm - ok
09:59:02.0660 0x1338  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:59:02.0749 0x1338  LanmanServer - ok
09:59:02.0790 0x1338  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:59:02.0877 0x1338  LanmanWorkstation - ok
09:59:02.0930 0x1338  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:59:02.0979 0x1338  lltdio - ok
09:59:03.0030 0x1338  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:59:03.0086 0x1338  lltdsvc - ok
09:59:03.0106 0x1338  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:59:03.0146 0x1338  lmhosts - ok
09:59:03.0198 0x1338  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:59:03.0225 0x1338  LSI_FC - ok
09:59:03.0231 0x1338  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:59:03.0247 0x1338  LSI_SAS - ok
09:59:03.0252 0x1338  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:59:03.0266 0x1338  LSI_SAS2 - ok
09:59:03.0272 0x1338  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:59:03.0288 0x1338  LSI_SCSI - ok
09:59:03.0355 0x1338  [ 9326A954048720BBED419C333B1608DD, 12F5360FBE568766DAA6BB9586CA0C340248E8FEF6CD331C6E653F8A68378F96 ] LTXMD_VAC       C:\Windows\system32\drivers\lmvac.sys
09:59:03.0374 0x1338  LTXMD_VAC - ok
09:59:03.0409 0x1338  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:59:03.0478 0x1338  luafv - ok
09:59:03.0606 0x1338  [ B666C46C7D07DCB11536E4140913B71B, 357D366D03BF5D0EE947B193B316F66CF243091C5A8A8F785253897902A96A95 ] Macro Expert    c:\program files (x86)\grasssoft\mouse recorder\MacroService.exe
09:59:03.0656 0x1338  Macro Expert - detected UnsignedFile.Multi.Generic ( 1 )
09:59:06.0697 0x1338  Detect skipped due to KSN trusted
09:59:06.0697 0x1338  Macro Expert - ok
09:59:06.0778 0x1338  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:59:06.0801 0x1338  MBAMProtector - ok
09:59:06.0865 0x1338  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:59:06.0896 0x1338  MBAMScheduler - ok
09:59:06.0982 0x1338  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:59:07.0020 0x1338  MBAMService - ok
09:59:07.0058 0x1338  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:59:07.0094 0x1338  Mcx2Svc - ok
09:59:07.0127 0x1338  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:59:07.0141 0x1338  megasas - ok
09:59:07.0173 0x1338  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:59:07.0196 0x1338  MegaSR - ok
09:59:07.0230 0x1338  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:59:07.0296 0x1338  MMCSS - ok
09:59:07.0323 0x1338  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:59:07.0408 0x1338  Modem - ok
09:59:07.0450 0x1338  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:59:07.0490 0x1338  monitor - ok
09:59:07.0516 0x1338  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:59:07.0530 0x1338  mouclass - ok
09:59:07.0568 0x1338  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:59:07.0615 0x1338  mouhid - ok
09:59:07.0647 0x1338  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:59:07.0674 0x1338  mountmgr - ok
09:59:07.0766 0x1338  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:59:07.0788 0x1338  MozillaMaintenance - ok
09:59:07.0866 0x1338  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
09:59:07.0896 0x1338  mpio - ok
09:59:07.0925 0x1338  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:59:07.0980 0x1338  mpsdrv - ok
09:59:07.0988 0x1338  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:59:08.0027 0x1338  MRxDAV - ok
09:59:08.0066 0x1338  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:59:08.0131 0x1338  mrxsmb - ok
09:59:08.0163 0x1338  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:59:08.0226 0x1338  mrxsmb10 - ok
09:59:08.0247 0x1338  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:59:08.0287 0x1338  mrxsmb20 - ok
09:59:08.0334 0x1338  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
09:59:08.0357 0x1338  msahci - ok
09:59:08.0367 0x1338  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
09:59:08.0390 0x1338  msdsm - ok
09:59:08.0460 0x1338  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:59:08.0520 0x1338  MSDTC - ok
09:59:08.0554 0x1338  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:59:08.0606 0x1338  Msfs - ok
09:59:08.0657 0x1338  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:59:08.0734 0x1338  mshidkmdf - ok
09:59:08.0751 0x1338  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
09:59:08.0766 0x1338  msisadrv - ok
09:59:08.0810 0x1338  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:59:08.0875 0x1338  MSiSCSI - ok
09:59:08.0879 0x1338  msiserver - ok
09:59:08.0921 0x1338  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:59:08.0999 0x1338  MSKSSRV - ok
09:59:09.0034 0x1338  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:59:09.0098 0x1338  MSPCLOCK - ok
09:59:09.0119 0x1338  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:59:09.0200 0x1338  MSPQM - ok
09:59:09.0224 0x1338  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:59:09.0258 0x1338  MsRPC - ok
09:59:09.0287 0x1338  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:59:09.0303 0x1338  mssmbios - ok
09:59:09.0348 0x1338  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:59:09.0445 0x1338  MSTEE - ok
09:59:09.0466 0x1338  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:59:09.0516 0x1338  MTConfig - ok
09:59:09.0563 0x1338  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:59:09.0588 0x1338  Mup - ok
09:59:09.0638 0x1338  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
09:59:09.0707 0x1338  napagent - ok
09:59:09.0776 0x1338  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:59:09.0820 0x1338  NativeWifiP - ok
09:59:09.0889 0x1338  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:59:09.0930 0x1338  NDIS - ok
09:59:09.0981 0x1338  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:59:10.0104 0x1338  NdisCap - ok
09:59:10.0146 0x1338  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:59:10.0217 0x1338  NdisTapi - ok
09:59:10.0249 0x1338  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:59:10.0313 0x1338  Ndisuio - ok
09:59:10.0371 0x1338  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:59:10.0424 0x1338  NdisWan - ok
09:59:10.0439 0x1338  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:59:10.0491 0x1338  NDProxy - ok
09:59:10.0524 0x1338  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:59:10.0592 0x1338  NetBIOS - ok
09:59:10.0626 0x1338  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:59:10.0730 0x1338  NetBT - ok
09:59:10.0751 0x1338  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
09:59:10.0766 0x1338  Netlogon - ok
09:59:10.0810 0x1338  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:59:10.0875 0x1338  Netman - ok
09:59:10.0903 0x1338  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:59:10.0973 0x1338  netprofm - ok
09:59:11.0004 0x1338  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:59:11.0017 0x1338  NetTcpPortSharing - ok
09:59:11.0069 0x1338  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:59:11.0092 0x1338  nfrd960 - ok
09:59:11.0151 0x1338  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:59:11.0225 0x1338  NlaSvc - ok
09:59:11.0247 0x1338  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:59:11.0305 0x1338  Npfs - ok
09:59:11.0332 0x1338  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:59:11.0412 0x1338  nsi - ok
09:59:11.0422 0x1338  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:59:11.0492 0x1338  nsiproxy - ok
09:59:11.0585 0x1338  [ 378E0E0DFEA67D98AE6EA53ADBBD76BC, 2A78A36A729B271FE54A54E507EBC9AD9B9D764DBCB58AC3CBB8FC76D0075391 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:59:11.0654 0x1338  Ntfs - ok
09:59:11.0690 0x1338  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:59:11.0732 0x1338  Null - ok
09:59:11.0789 0x1338  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
09:59:11.0817 0x1338  nvraid - ok
09:59:11.0873 0x1338  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
09:59:11.0903 0x1338  nvstor - ok
09:59:11.0963 0x1338  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
09:59:11.0988 0x1338  nv_agp - ok
09:59:12.0136 0x1338  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:59:12.0169 0x1338  odserv - ok
09:59:12.0206 0x1338  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:59:12.0262 0x1338  ohci1394 - ok
09:59:12.0321 0x1338  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:59:12.0343 0x1338  ose - ok
09:59:12.0394 0x1338  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:59:12.0478 0x1338  p2pimsvc - ok
09:59:12.0544 0x1338  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:59:12.0589 0x1338  p2psvc - ok
09:59:12.0646 0x1338  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:59:12.0676 0x1338  Parport - ok
09:59:12.0715 0x1338  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:59:12.0730 0x1338  partmgr - ok
09:59:12.0754 0x1338  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:59:12.0813 0x1338  PcaSvc - ok
09:59:12.0848 0x1338  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
09:59:12.0880 0x1338  pci - ok
09:59:12.0910 0x1338  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
09:59:12.0931 0x1338  pciide - ok
09:59:12.0944 0x1338  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:59:12.0977 0x1338  pcmcia - ok
09:59:13.0006 0x1338  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:59:13.0029 0x1338  pcw - ok
09:59:13.0095 0x1338  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:59:13.0225 0x1338  PEAUTH - ok
09:59:13.0323 0x1338  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:59:13.0361 0x1338  PerfHost - ok
09:59:13.0452 0x1338  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
09:59:13.0558 0x1338  pla - ok
09:59:13.0616 0x1338  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:59:13.0709 0x1338  PlugPlay - ok
09:59:13.0760 0x1338  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:59:13.0808 0x1338  PNRPAutoReg - ok
09:59:13.0850 0x1338  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:59:13.0882 0x1338  PNRPsvc - ok
09:59:13.0936 0x1338  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:59:14.0007 0x1338  PolicyAgent - ok
09:59:14.0040 0x1338  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:59:14.0095 0x1338  Power - ok
09:59:14.0124 0x1338  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:59:14.0203 0x1338  PptpMiniport - ok
09:59:14.0240 0x1338  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:59:14.0294 0x1338  Processor - ok
09:59:14.0352 0x1338  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll
09:59:14.0416 0x1338  ProfSvc - ok
09:59:14.0452 0x1338  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:59:14.0476 0x1338  ProtectedStorage - ok
09:59:14.0508 0x1338  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:59:14.0559 0x1338  Psched - ok
09:59:14.0582 0x1338  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
09:59:14.0595 0x1338  PxHlpa64 - ok
09:59:14.0721 0x1338  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:59:14.0780 0x1338  ql2300 - ok
09:59:14.0817 0x1338  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:59:14.0844 0x1338  ql40xx - ok
09:59:14.0889 0x1338  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:59:14.0954 0x1338  QWAVE - ok
09:59:14.0984 0x1338  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:59:15.0014 0x1338  QWAVEdrv - ok
09:59:15.0046 0x1338  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:59:15.0111 0x1338  RasAcd - ok
09:59:15.0148 0x1338  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:59:15.0205 0x1338  RasAgileVpn - ok
09:59:15.0239 0x1338  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:59:15.0326 0x1338  RasAuto - ok
09:59:15.0349 0x1338  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:59:15.0421 0x1338  Rasl2tp - ok
09:59:15.0480 0x1338  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
09:59:15.0570 0x1338  RasMan - ok
09:59:15.0607 0x1338  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:59:15.0687 0x1338  RasPppoe - ok
09:59:15.0719 0x1338  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:59:15.0782 0x1338  RasSstp - ok
09:59:15.0833 0x1338  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:59:15.0911 0x1338  rdbss - ok
09:59:15.0939 0x1338  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:59:15.0999 0x1338  rdpbus - ok
09:59:16.0023 0x1338  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:59:16.0074 0x1338  RDPCDD - ok
09:59:16.0098 0x1338  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:59:16.0168 0x1338  RDPENCDD - ok
09:59:16.0190 0x1338  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:59:16.0230 0x1338  RDPREFMP - ok
09:59:16.0286 0x1338  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:59:16.0379 0x1338  RDPWD - ok
09:59:16.0433 0x1338  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:59:16.0462 0x1338  rdyboost - ok
09:59:16.0513 0x1338  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:59:16.0573 0x1338  RemoteAccess - ok
09:59:16.0629 0x1338  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:59:16.0707 0x1338  RemoteRegistry - ok
09:59:16.0721 0x1338  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:59:16.0797 0x1338  RpcEptMapper - ok
09:59:16.0843 0x1338  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:59:16.0896 0x1338  RpcLocator - ok
09:59:16.0929 0x1338  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
09:59:17.0026 0x1338  RpcSs - ok
09:59:17.0072 0x1338  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:59:17.0138 0x1338  rspndr - ok
09:59:17.0178 0x1338  [ 4A25DC970C58104602ED274DACAFD784, 38377570346385E9035568694638719475607B62968C5E3D0D9CBCDD04A5BD52 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
09:59:17.0236 0x1338  RSUSBSTOR - ok
09:59:17.0251 0x1338  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
09:59:17.0270 0x1338  SamSs - ok
09:59:17.0321 0x1338  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
09:59:17.0341 0x1338  sbp2port - ok
09:59:17.0389 0x1338  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:59:17.0447 0x1338  SCardSvr - ok
09:59:17.0454 0x1338  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:59:17.0506 0x1338  scfilter - ok
09:59:17.0597 0x1338  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
09:59:17.0702 0x1338  Schedule - ok
09:59:17.0762 0x1338  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:59:17.0819 0x1338  SCPolicySvc - ok
09:59:17.0854 0x1338  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:59:17.0927 0x1338  SDRSVC - ok
09:59:18.0019 0x1338  [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
09:59:18.0037 0x1338  SeaPort - ok
09:59:18.0077 0x1338  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:59:18.0126 0x1338  secdrv - ok
09:59:18.0159 0x1338  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
09:59:18.0237 0x1338  seclogon - ok
09:59:18.0260 0x1338  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:59:18.0330 0x1338  SENS - ok
09:59:18.0377 0x1338  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:59:18.0433 0x1338  SensrSvc - ok
09:59:18.0509 0x1338  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:59:18.0566 0x1338  Serenum - ok
09:59:18.0574 0x1338  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:59:18.0593 0x1338  Serial - ok
09:59:18.0598 0x1338  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:59:18.0629 0x1338  sermouse - ok
09:59:18.0679 0x1338  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:59:18.0732 0x1338  SessionEnv - ok
09:59:18.0756 0x1338  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
09:59:18.0814 0x1338  sffdisk - ok
09:59:18.0834 0x1338  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
09:59:18.0863 0x1338  sffp_mmc - ok
09:59:18.0890 0x1338  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
09:59:18.0917 0x1338  sffp_sd - ok
09:59:18.0975 0x1338  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:59:19.0034 0x1338  sfloppy - ok
09:59:19.0138 0x1338  [ 52434693713BDD905972617E21AC0CFC, 44F50441E2FF03AB39F63C2EB462257D52533FA2338A81C078E560C329FD81DA ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:59:19.0178 0x1338  SftService - ok
09:59:19.0242 0x1338  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:59:19.0301 0x1338  ShellHWDetection - ok
09:59:19.0349 0x1338  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:59:19.0373 0x1338  SiSRaid2 - ok
09:59:19.0402 0x1338  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:59:19.0418 0x1338  SiSRaid4 - ok
09:59:19.0438 0x1338  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:59:19.0488 0x1338  Smb - ok
09:59:19.0557 0x1338  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:59:19.0585 0x1338  SNMPTRAP - ok
09:59:19.0620 0x1338  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:59:19.0637 0x1338  spldr - ok
09:59:19.0694 0x1338  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:59:19.0836 0x1338  Spooler - ok
09:59:20.0058 0x1338  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
09:59:20.0243 0x1338  sppsvc - ok
09:59:20.0285 0x1338  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:59:20.0339 0x1338  sppuinotify - ok
09:59:20.0405 0x1338  [ D630B6F2E8379B6F10DC16E82A426552, 9F7949B11BCEF55B38119ED45BD92117A8551BEC8A2BCD88EA89707C48120F1B ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
09:59:20.0428 0x1338  sprtsvc_DellComms - ok
09:59:20.0499 0x1338  [ D630B6F2E8379B6F10DC16E82A426552, 9F7949B11BCEF55B38119ED45BD92117A8551BEC8A2BCD88EA89707C48120F1B ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
09:59:20.0513 0x1338  sprtsvc_DellSupportCenter - ok
09:59:20.0577 0x1338  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:59:20.0647 0x1338  srv - ok
09:59:20.0682 0x1338  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:59:20.0741 0x1338  srv2 - ok
09:59:20.0788 0x1338  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:59:20.0828 0x1338  srvnet - ok
09:59:20.0875 0x1338  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:59:20.0966 0x1338  SSDPSRV - ok
09:59:20.0983 0x1338  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:59:21.0027 0x1338  SstpSvc - ok
09:59:21.0139 0x1338  [ 444109453A2B87E6C16BCDA5953E81A9, 96BAC1470A6D60EB6E5F11058A8C137245246730A171961026AF5B08A059E373 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
09:59:21.0200 0x1338  STacSV - ok
09:59:21.0244 0x1338  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:59:21.0266 0x1338  stexstor - ok
09:59:21.0351 0x1338  [ 02E784FA49032F84964DB90A3ED81890, 93519BE6706F33E35755A357DEBF489B2985553C33188EFD1F3B516702D6695B ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
09:59:21.0420 0x1338  STHDA - ok
09:59:21.0472 0x1338  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
09:59:21.0538 0x1338  stisvc - ok
09:59:21.0574 0x1338  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:59:21.0592 0x1338  swenum - ok
09:59:21.0657 0x1338  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:59:21.0751 0x1338  swprv - ok
09:59:21.0864 0x1338  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
09:59:21.0954 0x1338  SysMain - ok
09:59:21.0996 0x1338  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:59:22.0047 0x1338  TabletInputService - ok
09:59:22.0082 0x1338  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:59:22.0147 0x1338  TapiSrv - ok
09:59:22.0185 0x1338  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:59:22.0237 0x1338  TBS - ok
09:59:22.0349 0x1338  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:59:22.0467 0x1338  Tcpip - ok
09:59:22.0573 0x1338  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:59:22.0635 0x1338  TCPIP6 - ok
09:59:22.0666 0x1338  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:59:22.0706 0x1338  tcpipreg - ok
09:59:22.0732 0x1338  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:59:22.0816 0x1338  TDPIPE - ok
09:59:22.0829 0x1338  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:59:22.0850 0x1338  TDTCP - ok
09:59:22.0883 0x1338  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:59:22.0945 0x1338  tdx - ok
09:59:23.0113 0x1338  [ A4D2CE94B028EF1E437CF4AC3D8FF26C, 29608E86188BF7CC06938421B820522A9AB22A850A1F41ABE0265BC6918637B0 ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
09:59:23.0263 0x1338  TeamViewer7 - ok
09:59:23.0321 0x1338  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:59:23.0346 0x1338  TermDD - ok
09:59:23.0416 0x1338  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
09:59:23.0519 0x1338  TermService - ok
09:59:23.0548 0x1338  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:59:23.0600 0x1338  Themes - ok
09:59:23.0642 0x1338  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:59:23.0702 0x1338  THREADORDER - ok
09:59:23.0737 0x1338  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:59:23.0832 0x1338  TrkWks - ok
09:59:23.0907 0x1338  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:59:23.0932 0x1338  TrustedInstaller - ok
09:59:23.0967 0x1338  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:59:24.0040 0x1338  tssecsrv - ok
09:59:24.0101 0x1338  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:59:24.0167 0x1338  tunnel - ok
09:59:24.0203 0x1338  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:59:24.0219 0x1338  uagp35 - ok
09:59:24.0267 0x1338  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:59:24.0385 0x1338  udfs - ok
09:59:24.0422 0x1338  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:59:24.0446 0x1338  UI0Detect - ok
09:59:24.0494 0x1338  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
09:59:24.0517 0x1338  uliagpkx - ok
09:59:24.0575 0x1338  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:59:24.0600 0x1338  umbus - ok
09:59:24.0606 0x1338  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:59:24.0659 0x1338  UmPass - ok
09:59:24.0695 0x1338  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:59:24.0794 0x1338  upnphost - ok
09:59:24.0861 0x1338  [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:59:24.0918 0x1338  usbaudio - ok
09:59:24.0961 0x1338  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:59:25.0037 0x1338  usbccgp - ok
09:59:25.0109 0x1338  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
09:59:25.0173 0x1338  usbcir - ok
09:59:25.0213 0x1338  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:59:25.0240 0x1338  usbehci - ok
09:59:25.0272 0x1338  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:59:25.0303 0x1338  usbhub - ok
09:59:25.0332 0x1338  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:59:25.0378 0x1338  usbohci - ok
09:59:25.0440 0x1338  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:59:25.0494 0x1338  usbprint - ok
09:59:25.0542 0x1338  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:59:25.0632 0x1338  USBSTOR - ok
09:59:25.0665 0x1338  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:59:25.0715 0x1338  usbuhci - ok
09:59:25.0754 0x1338  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:59:25.0804 0x1338  usbvideo - ok
09:59:25.0825 0x1338  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:59:25.0912 0x1338  UxSms - ok
09:59:25.0940 0x1338  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
09:59:25.0956 0x1338  VaultSvc - ok
09:59:25.0996 0x1338  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
09:59:26.0018 0x1338  vdrvroot - ok
09:59:26.0059 0x1338  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
09:59:26.0118 0x1338  vds - ok
09:59:26.0174 0x1338  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:59:26.0203 0x1338  vga - ok
09:59:26.0234 0x1338  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:59:26.0291 0x1338  VgaSave - ok
09:59:26.0300 0x1338  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
09:59:26.0319 0x1338  vhdmp - ok
09:59:26.0359 0x1338  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
09:59:26.0380 0x1338  viaide - ok
09:59:26.0410 0x1338  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
09:59:26.0434 0x1338  volmgr - ok
09:59:26.0462 0x1338  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:59:26.0485 0x1338  volmgrx - ok
09:59:26.0529 0x1338  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
09:59:26.0563 0x1338  volsnap - ok
09:59:26.0612 0x1338  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:59:26.0640 0x1338  vsmraid - ok
09:59:26.0786 0x1338  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
09:59:26.0876 0x1338  VSS - ok
09:59:26.0917 0x1338  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:59:26.0952 0x1338  vwifibus - ok
09:59:26.0991 0x1338  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:59:27.0020 0x1338  vwififlt - ok
09:59:27.0040 0x1338  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:59:27.0097 0x1338  vwifimp - ok
09:59:27.0163 0x1338  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:59:27.0230 0x1338  W32Time - ok
09:59:27.0285 0x1338  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:59:27.0337 0x1338  WacomPen - ok
09:59:27.0376 0x1338  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:59:27.0466 0x1338  WANARP - ok
09:59:27.0486 0x1338  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:59:27.0539 0x1338  Wanarpv6 - ok
09:59:27.0676 0x1338  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:59:27.0728 0x1338  WatAdminSvc - ok
09:59:27.0848 0x1338  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
09:59:27.0966 0x1338  wbengine - ok
09:59:28.0026 0x1338  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:59:28.0066 0x1338  WbioSrvc - ok
09:59:28.0113 0x1338  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:59:28.0219 0x1338  wcncsvc - ok
09:59:28.0268 0x1338  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:59:28.0309 0x1338  WcsPlugInService - ok
09:59:28.0363 0x1338  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:59:28.0386 0x1338  Wd - ok
09:59:28.0451 0x1338  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:59:28.0495 0x1338  Wdf01000 - ok
09:59:28.0540 0x1338  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:59:28.0592 0x1338  WdiServiceHost - ok
09:59:28.0599 0x1338  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:59:28.0623 0x1338  WdiSystemHost - ok
09:59:28.0669 0x1338  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
09:59:28.0750 0x1338  WebClient - ok
09:59:28.0820 0x1338  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:59:28.0906 0x1338  Wecsvc - ok
09:59:28.0948 0x1338  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:59:29.0008 0x1338  wercplsupport - ok
09:59:29.0054 0x1338  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:59:29.0106 0x1338  WerSvc - ok
09:59:29.0134 0x1338  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:59:29.0196 0x1338  WfpLwf - ok
09:59:29.0261 0x1338  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
09:59:29.0291 0x1338  WimFltr - ok
09:59:29.0319 0x1338  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:59:29.0341 0x1338  WIMMount - ok
09:59:29.0384 0x1338  WinDefend - ok
09:59:29.0390 0x1338  WinHttpAutoProxySvc - ok
09:59:29.0442 0x1338  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:59:29.0506 0x1338  Winmgmt - ok
09:59:29.0650 0x1338  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:59:29.0761 0x1338  WinRM - ok
09:59:29.0849 0x1338  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:59:29.0891 0x1338  WinUsb - ok
09:59:29.0970 0x1338  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:59:30.0052 0x1338  Wlansvc - ok
09:59:30.0124 0x1338  [ 13B0A570E1AE451C92DA550085D72CF3, 4C67F000EE65B3B1DF17D228C93E9F2D3E13EAB2FD125806A16F70FF365097AC ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
09:59:30.0150 0x1338  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
09:59:33.0025 0x1338  Detect skipped due to KSN trusted
09:59:33.0025 0x1338  wltrysvc - ok
09:59:33.0093 0x1338  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:59:33.0111 0x1338  WmiAcpi - ok
09:59:33.0157 0x1338  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:59:33.0208 0x1338  wmiApSrv - ok
09:59:33.0250 0x1338  WMPNetworkSvc - ok
09:59:33.0309 0x1338  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:59:33.0364 0x1338  WPCSvc - ok
09:59:33.0404 0x1338  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:59:33.0455 0x1338  WPDBusEnum - ok
09:59:33.0497 0x1338  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:59:33.0569 0x1338  ws2ifsl - ok
09:59:33.0644 0x1338  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\system32\wscsvc.dll
09:59:33.0705 0x1338  wscsvc - ok
09:59:33.0710 0x1338  WSearch - ok
09:59:33.0884 0x1338  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:59:33.0974 0x1338  wuauserv - ok
09:59:34.0004 0x1338  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:59:34.0073 0x1338  WudfPf - ok
09:59:34.0153 0x1338  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:59:34.0211 0x1338  WUDFRd - ok
09:59:34.0265 0x1338  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:59:34.0343 0x1338  wudfsvc - ok
09:59:34.0369 0x1338  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:59:34.0417 0x1338  WwanSvc - ok
09:59:34.0471 0x1338  [ 79D9CE9614C955DD31AA2556B4014662, 2692681268A5DEE2E07B0F848D76B330CD3AB065451EC9E35653066015EEF135 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
09:59:34.0548 0x1338  yukonw7 - ok
09:59:34.0576 0x1338  ================ Scan global ===============================
09:59:34.0610 0x1338  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:59:34.0663 0x1338  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
09:59:34.0688 0x1338  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
09:59:34.0723 0x1338  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:59:34.0778 0x1338  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:59:34.0794 0x1338  [ Global ] - ok
09:59:34.0795 0x1338  ================ Scan MBR ==================================
09:59:34.0811 0x1338  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:59:35.0845 0x1338  \Device\Harddisk0\DR0 - ok
09:59:35.0845 0x1338  ================ Scan VBR ==================================
09:59:35.0878 0x1338  [ D6F66A4799A81078EEE3EB4855343D7A ] \Device\Harddisk0\DR0\Partition1
09:59:35.0880 0x1338  \Device\Harddisk0\DR0\Partition1 - ok
09:59:35.0892 0x1338  [ AC1DAB5948F5F1CE363C021573951892 ] \Device\Harddisk0\DR0\Partition2
09:59:35.0894 0x1338  \Device\Harddisk0\DR0\Partition2 - ok
09:59:35.0895 0x1338  Waiting for KSN requests completion. In queue: 12
09:59:36.0895 0x1338  Waiting for KSN requests completion. In queue: 12
09:59:37.0896 0x1338  Waiting for KSN requests completion. In queue: 12
09:59:38.0896 0x1338  Waiting for KSN requests completion. In queue: 12
09:59:39.0911 0x1338  Win FW state via NFP2: enabled
09:59:42.0871 0x1338  ============================================================
09:59:42.0871 0x1338  Scan finished
09:59:42.0871 0x1338  ============================================================
09:59:42.0878 0x167c  Detected object count: 0
09:59:42.0878 0x167c  Actual detected object count: 0
10:03:49.0126 0x12e0  Deinitialize success
 
 
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2013
Ran by Andrew (administrator) on ANDREW-PC on 22-10-2013 01:15:15
Running from C:\Users\Andrew\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
(Grass Software) c:\program files (x86)\grasssoft\mouse recorder\MacroService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(SupportSoft, Inc.) C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Grass Software) c:\program files (x86)\grasssoft\mouse recorder\MacroServiceWnd.exe
(Grass Software) c:\program files (x86)\grasssoft\mouse recorder\MacroServiceWnd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(BitTorrent, Inc.) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Akamai Technologies, Inc.) C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
() C:\Bovada\Lobby.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(mIRC Co. Ltd.) C:\Program Files (x86)\mIRC\mirc.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [305664 2009-01-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-06] (Google Inc.)
HKCU\...\Run: [BitTorrent] - C:\Program Files (x86)\BitTorrent\BitTorrent.exe [980376 2013-01-08] (BitTorrent, Inc.)
HKCU\...\Run: [Singlesnet] - C:\Program Files (x86)\Singlesnet\Singlesnet\Singlesnet.exe
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
MountPoints2: E - E:\ToolLauncher-Bootstrap.exe
MountPoints2: F - F:\ToolLauncher-Bootstrap.exe
MountPoints2: {0cca0276-be5f-11e2-84ef-002564528592} - E:\VZW_Software_upgrade_assistant_installer.exe
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [494064 2009-06-18] ()
HKLM-x32\...\Run: [DellComms] - C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe [206064 2009-05-05] (SupportSoft, Inc.)
HKLM-x32\...\Run: [DellSupportCenter] - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [googletalk] - C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-29] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=586383&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {CADFE4E1-0BFF-4A4D-9D00-510180D6030B} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {08BF00D2-2DBF-4187-BC56-7B19E47E6756} URL = 
SearchScopes: HKCU - {6B202473-D23A-43F6-84D4-D935352C5D42} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=586383&p={searchTerms}
SearchScopes: HKCU - {CADFE4E1-0BFF-4A4D-9D00-510180D6030B} URL = 
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553542500} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9-x64 10 mswsock.dll File Not found (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\1n92tpmy.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://search.yahoo.com?type=586383&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=586383&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: iMacros for Firefox - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\1n92tpmy.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
 
Chrome: 
=======
CHR HomePage: hxxp://www.unleashedfear.com/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSuggestURL: (Search the web (Babylon)) -       "suggest_url": "",
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.140.8) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U14) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Andrew\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Auto Refresh Plus) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih\1.8.9.22_0
CHR Extension: (Gmail) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Andrew\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-10-31] (Adobe Systems)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation)
R2 Macro Expert; c:\program files (x86)\grasssoft\mouse recorder\MacroService.exe [373248 2013-07-05] (Grass Software)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2009-07-13] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [33280 2009-07-16] ()
R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [428032 2011-05-04] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 LTXMD_VAC; C:\Windows\System32\drivers\lmvac.sys [29424 2012-05-05] (Windows ® Win 7 DDK provider)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
U3 aswMBR; \??\C:\Users\Andrew\AppData\Local\Temp\aswMBR.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-10-22 01:14 - 2013-10-22 01:14 - 01954682 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64.exe
2013-10-22 01:14 - 2013-10-22 01:14 - 00000000 ____D C:\FRST
2013-10-21 20:56 - 2013-10-21 20:57 - 00000000 ____D C:\Users\Andrew\Desktop\New folder (2)
2013-10-21 11:33 - 2013-10-21 11:35 - 27024112 _____ (Microsoft Corporation) C:\Users\Andrew\Downloads\PowerPointViewer.exe
2013-10-21 10:51 - 2013-10-21 11:35 - 00004072 _____ C:\Users\Andrew\Desktop\aswMBR.txt
2013-10-21 10:51 - 2013-10-21 11:35 - 00000512 _____ C:\Users\Andrew\Desktop\MBR.dat
2013-10-21 10:03 - 2013-10-21 10:03 - 04745728 _____ (AVAST Software) C:\Users\Andrew\Desktop\aswMBR.exe
2013-10-21 09:56 - 2013-10-21 09:57 - 00000022 _____ C:\Users\Andrew\Downloads\tdsskiller.zip
2013-10-20 05:52 - 2013-10-20 06:01 - 00000000 ___SD C:\ComboFix
2013-10-20 05:31 - 2013-10-20 05:32 - 01056666 _____ C:\Users\Andrew\Downloads\adwcleaner.exe
2013-10-20 05:29 - 2013-10-20 05:29 - 00001777 _____ C:\Users\Andrew\Desktop\RKreport[0]_D_10202013_052942.txt
2013-10-20 05:29 - 2013-10-20 05:29 - 00001733 _____ C:\Users\Andrew\Desktop\RKreport[0]_S_10202013_052917.txt
2013-10-19 17:18 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-19 17:18 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-19 17:18 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-19 17:18 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-19 17:18 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-19 17:18 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-19 17:18 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-19 17:18 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-19 17:16 - 2013-10-19 17:16 - 05135479 ____R (Swearware) C:\Users\Andrew\Desktop\ComboFix.exe
2013-10-19 17:07 - 2013-10-19 17:07 - 00000000 ____D C:\Windows\ERUNT
2013-10-19 17:06 - 2013-10-19 17:06 - 01033335 _____ (Thisisu) C:\Users\Andrew\Desktop\JRT.exe
2013-10-19 17:01 - 2013-10-20 05:34 - 00000000 ____D C:\AdwCleaner
2013-10-19 16:54 - 2013-10-19 16:55 - 00005490 _____ C:\Users\Andrew\Desktop\RKreport[0]_D_10192013_165459.txt
2013-10-19 16:50 - 2013-10-20 05:29 - 00000000 ____D C:\Users\Andrew\Desktop\RK_Quarantine
2013-10-19 16:48 - 2013-10-19 16:49 - 03989504 _____ C:\Users\Andrew\Desktop\RogueKillerX64.exe
2013-10-16 21:04 - 2013-10-21 09:55 - 00000000 ____D C:\Users\Andrew\Desktop\bleepingcomputer
2013-10-16 21:03 - 2013-10-16 21:03 - 00068488 _____ C:\Users\Andrew\Desktop\dds.txt
2013-10-16 21:03 - 2013-10-16 21:03 - 00013226 _____ C:\Users\Andrew\Desktop\attach.txt
2013-10-15 15:37 - 2013-10-21 09:57 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Andrew\Desktop\TDSSKiller.exe
2013-10-14 21:39 - 2013-10-14 21:54 - 00000000 ____D C:\Users\Andrew\Downloads\28.Days.Later[2002]DvDrip[Eng]-aXXo
2013-10-13 21:44 - 2013-10-13 21:44 - 00000953 _____ C:\Users\Public\Desktop\mIRC.lnk
2013-10-13 15:35 - 2013-10-13 15:35 - 01191834 _____ C:\Users\Andrew\Downloads\ProcessExplorer.zip
2013-10-13 15:35 - 2013-10-13 15:35 - 00000000 ____D C:\Users\Andrew\Downloads\ProcessExplorer
2013-10-13 05:35 - 2013-10-13 05:35 - 00000000 ____D C:\Qoobox
2013-10-13 05:34 - 2013-10-13 05:34 - 00000000 ____D C:\Windows\erdnt
2013-10-12 17:01 - 2013-10-12 17:01 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-12 17:01 - 2013-10-12 17:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-12 17:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-08 23:25 - 2013-10-09 00:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified Files and Folders =======
 
2013-10-22 01:14 - 2013-10-22 01:14 - 01954682 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64.exe
2013-10-22 01:14 - 2013-10-22 01:14 - 00000000 ____D C:\FRST
2013-10-22 01:13 - 2012-05-06 15:32 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\BitTorrent
2013-10-22 01:13 - 2012-05-06 14:00 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001UA.job
2013-10-22 01:11 - 2012-06-30 11:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-22 00:11 - 2012-05-06 15:02 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\mIRC
2013-10-21 20:57 - 2013-10-21 20:56 - 00000000 ____D C:\Users\Andrew\Desktop\New folder (2)
2013-10-21 19:45 - 2013-08-17 21:50 - 00000000 ____D C:\Bovada
2013-10-21 18:25 - 2009-07-14 01:10 - 02044415 _____ C:\Windows\WindowsUpdate.log
2013-10-21 15:19 - 2012-05-06 14:00 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001Core.job
2013-10-21 11:35 - 2013-10-21 11:33 - 27024112 _____ (Microsoft Corporation) C:\Users\Andrew\Downloads\PowerPointViewer.exe
2013-10-21 11:35 - 2013-10-21 10:51 - 00004072 _____ C:\Users\Andrew\Desktop\aswMBR.txt
2013-10-21 11:35 - 2013-10-21 10:51 - 00000512 _____ C:\Users\Andrew\Desktop\MBR.dat
2013-10-21 10:03 - 2013-10-21 10:03 - 04745728 _____ (AVAST Software) C:\Users\Andrew\Desktop\aswMBR.exe
2013-10-21 09:57 - 2013-10-21 09:56 - 00000022 _____ C:\Users\Andrew\Downloads\tdsskiller.zip
2013-10-21 09:57 - 2013-10-15 15:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Andrew\Desktop\TDSSKiller.exe
2013-10-21 09:55 - 2013-10-16 21:04 - 00000000 ____D C:\Users\Andrew\Desktop\bleepingcomputer
2013-10-21 03:58 - 2012-06-30 07:44 - 00034596 _____ C:\Windows\setupact.log
2013-10-21 03:00 - 2009-09-16 19:29 - 00000000 ____D C:\dell
2013-10-21 02:19 - 2009-07-14 00:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-21 02:19 - 2009-07-14 00:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-21 02:12 - 2012-10-06 01:24 - 00000000 ____D C:\Users\Andrew\Tracing
2013-10-21 02:12 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-21 02:11 - 2009-09-16 18:54 - 00724254 _____ C:\Windows\PFRO.log
2013-10-21 01:09 - 2013-10-20 01:57 - 00000000 ____D C:\Users\Andrew\Downloads\XXXXX1
2013-10-20 06:01 - 2013-10-20 05:52 - 00000000 ___SD C:\ComboFix
2013-10-20 05:34 - 2013-10-19 17:01 - 00000000 ____D C:\AdwCleaner
2013-10-20 05:32 - 2013-10-20 05:31 - 01056666 _____ C:\Users\Andrew\Downloads\adwcleaner.exe
2013-10-20 05:29 - 2013-10-20 05:29 - 00001777 _____ C:\Users\Andrew\Desktop\RKreport[0]_D_10202013_052942.txt
2013-10-20 05:29 - 2013-10-20 05:29 - 00001733 _____ C:\Users\Andrew\Desktop\RKreport[0]_S_10202013_052917.txt
2013-10-20 05:29 - 2013-10-19 16:50 - 00000000 ____D C:\Users\Andrew\Desktop\RK_Quarantine
2013-10-20 01:28 - 2013-10-20 01:28 - 00024988 _____ C:\Users\Andrew\Downloads\
2013-10-19 21:02 - 2013-04-18 01:11 - 00000000 ____D C:\Users\Andrew\AppData\Local\CrashDumps
2013-10-19 17:16 - 2013-10-19 17:16 - 05135479 ____R (Swearware) C:\Users\Andrew\Desktop\ComboFix.exe
2013-10-19 17:07 - 2013-10-19 17:07 - 00000000 ____D C:\Windows\ERUNT
2013-10-19 17:07 - 2013-08-18 00:01 - 00000000 ____D C:\Users\Andrew\Desktop\MR pic
2013-10-19 17:06 - 2013-10-19 17:06 - 01033335 _____ (Thisisu) C:\Users\Andrew\Desktop\JRT.exe
2013-10-19 16:55 - 2013-10-19 16:54 - 00005490 _____ C:\Users\Andrew\Desktop\RKreport[0]_D_10192013_165459.txt
2013-10-19 16:49 - 2013-10-19 16:48 - 03989504 _____ C:\Users\Andrew\Desktop\RogueKillerX64.exe
2013-10-18 22:47 - 2013-07-12 04:03 - 00002703 _____ C:\Users\Andrew\Desktop\SHOT REPORTsss.txt
2013-10-16 21:03 - 2013-10-16 21:03 - 00068488 _____ C:\Users\Andrew\Desktop\dds.txt
2013-10-16 21:03 - 2013-10-16 21:03 - 00013226 _____ C:\Users\Andrew\Desktop\attach.txt
2013-10-16 19:41 - 2012-05-06 14:02 - 00002374 _____ C:\Users\Andrew\Desktop\Google Chrome.lnk
2013-10-16 19:32 - 2012-05-06 15:02 - 00000000 ____D C:\Program Files (x86)\mIRC
2013-10-14 21:54 - 2013-10-14 21:39 - 00000000 ____D C:\Users\Andrew\Downloads\28.Days.Later[2002]DvDrip[Eng]-aXXo
2013-10-13 21:44 - 2013-10-13 21:44 - 00000953 _____ C:\Users\Public\Desktop\mIRC.lnk
2013-10-13 20:22 - 2009-07-14 01:13 - 00726142 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-13 15:59 - 2009-07-14 01:08 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-13 15:35 - 2013-10-13 15:35 - 01191834 _____ C:\Users\Andrew\Downloads\ProcessExplorer.zip
2013-10-13 15:35 - 2013-10-13 15:35 - 00000000 ____D C:\Users\Andrew\Downloads\ProcessExplorer
2013-10-13 05:35 - 2013-10-13 05:35 - 00000000 ____D C:\Qoobox
2013-10-13 05:34 - 2013-10-13 05:34 - 00000000 ____D C:\Windows\erdnt
2013-10-12 17:01 - 2013-10-12 17:01 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-12 17:01 - 2013-10-12 17:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-12 15:08 - 2012-05-06 14:00 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001UA
2013-10-12 15:08 - 2012-05-06 14:00 - 00003492 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001Core
2013-10-12 02:25 - 2012-05-06 13:50 - 00161864 _____ C:\Users\Andrew\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-12 02:24 - 2013-07-11 04:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-12 02:24 - 2009-07-14 00:45 - 00631576 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 19:44 - 2013-08-16 15:58 - 00255168 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-10-09 20:13 - 2012-06-30 11:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 20:13 - 2012-06-22 17:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 20:13 - 2012-06-22 17:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 16:10 - 2013-09-09 06:17 - 00008086 _____ C:\Users\Andrew\Desktop\ws.txt
2013-10-09 00:40 - 2013-10-08 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-09 00:40 - 2012-05-06 15:11 - 00000000 ____D C:\Users\Andrew\AppData\Local\Mozilla
2013-10-08 23:01 - 2012-12-06 02:45 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-10-08 23:01 - 2012-12-06 02:43 - 00000000 ____D C:\Program Files\Autodesk
2013-10-08 23:01 - 2012-12-06 02:26 - 00000000 ____D C:\ProgramData\Autodesk
 
Some content of TEMP:
====================
C:\Users\Andrew\AppData\Local\Temp\AcDeltree.exe
C:\Users\Andrew\AppData\Local\Temp\BackupSetup.exe
C:\Users\Andrew\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Andrew\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Andrew\AppData\Local\Temp\htmlayout.dll
C:\Users\Andrew\AppData\Local\Temp\mirc732.exe
C:\Users\Andrew\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Andrew\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Andrew\AppData\Local\Temp\procexp64.exe
C:\Users\Andrew\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrew\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_2ec49d69-a4e1-4a59-9a78-78f68e0a2087_TX_PR_.exe
C:\Users\Andrew\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_963a6511-5d56-4b89-b7bc-4244f5408b38_TX_PR_ (1).exe
C:\Users\Andrew\AppData\Local\Temp\Setup.X86.en-us_O365HomePremRetail_963a6511-5d56-4b89-b7bc-4244f5408b38_TX_PR_.exe
C:\Users\Andrew\AppData\Local\Temp\tsszgete.dll
C:\Users\Andrew\AppData\Local\Temp\utt7AAA.tmp.exe
C:\Users\Andrew\AppData\Local\Temp\uttE713.tmp.exe
C:\Users\Andrew\AppData\Local\Temp\winziprosetup-WZRO6_20130221.exe
C:\Users\Andrew\AppData\Local\Temp\{6BF1BACE-9801-4DE0-B1D4-1F3A31702747}-30.0.1599.69_29.0.1547.76_chrome_updater.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-10-21 16:38
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2013
Ran by Andrew at 2013-10-22 01:17:40
Running from C:\Users\Andrew\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
Adobe Bridge 1.0 (x32 Version: 001.000.000)
Adobe Common File Installer (x32 Version: 1.00.0000)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Help Center 1.0 (x32 Version: 001.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader X (10.1.3) (x32 Version: 10.1.3)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000)
Advanced Audio FX Engine (x32 Version: 1.12.05)
Advanced Key and Mouse Recorder (x32 Version: 2)
Akamai NetSession Interface (HKCU)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Autodesk Inventor 2013 Quick Uninstaller (Version: 17.0.13800.0000)
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) (Version: 17.0.13800.0000)
Autodesk Inventor Fusion for Inventor 2013 Add-in (Version: 1.0.0.111)
Autodesk Material Library Base Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
Autodesk Vault Basic 2013 (Client) (Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) (x32 Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) English Language Pack (Version: 17.0.61.0)
BetOnline Client (remove only) (x32 Version: 1.0)
BetOnline Poker 8.2 (x32 Version: 8.2.10.201209281300)
BitTorrent (HKCU Version: 7.8.1.30016)
Bovada Casino  (x32 Version: )
BovadaPoker (x32 Version:  )
CarbonPoker (HKCU Version: 6.0)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Dell Communications (Support Software) (x32 Version: 1.0.09094)
Dell DataSafe Local Backup - Support Software (x32 Version: 2.25)
Dell DataSafe Local Backup (x32 Version: 9.3.24)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell Support Center (Support Software) (x32 Version: 2.5.09100)
Dell Touchpad (Version: 7.104.115.102)
Dell Webcam Central (x32 Version: 1.40.05)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
DivX Setup (x32 Version: 2.6.1.22)
Eco Materials Adviser for Autodesk Inventor 2013 (Version: 3.9.12.0)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Talk (remove only) (x32)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 14 (x32 Version: 6.0.140)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Live! Cam Avatar Creator (x32 Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.4518.1014)
Microsoft Office Professional 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
mIRC (x32 Version: 7.32)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 14.0.1468.721)
PowerDVD DX (x32 Version: 8.3.5424)
Protected Music Converter version 1.9.7.5 (x32 Version: 1.9.7.5)
Quickset64 (Version: 9.6.6)
QuickTime (x32 Version: 7.73.80.64)
Roxio Burn (x32 Version: 1.0)
Roxio Burn (x32 Version: 1.0.0)
Roxio Update Manager (x32 Version: 6.0.0)
TeamViewer 7 (x32 Version: 7.0.12979)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office Word 2007 (KB974631) (x32)
VBA (2627.01) (x32 Version: 6.03.00.9402)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Photo Gallery (x32 Version: 14.0.8117.416)
Windows Live Toolbar (x32 Version: 14.0.8117.416)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029)
Windows Live Writer (x32 Version: 14.0.8117.0416)
XNote Stopwatch (x32 Version: 1.66)
 
==================== Restore Points  =========================
 
20-10-2013 09:52:39 ComboFix created restore point
21-10-2013 15:35:50 Installed Microsoft Office PowerPoint Viewer 2007 (English)
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {5812CD1B-9B6E-423C-B46A-45CEFC6A9359} - System32\Tasks\DHJLTXJ1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {5FF9B8D9-3CAD-4FAD-B62E-2E2A9680F0BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001Core => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
Task: {96ED9C08-FEE9-440E-864B-DF84B6A86E7E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {A6B9B29D-4C9E-4708-8294-3D4714B8957F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C5FE750E-88E0-40CF-B000-5DDE452DD4B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DED84853-A73F-4C02-8A49-F927D870C4CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001UA => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001Core.job => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113806799-593797785-1445144787-1001UA.job => C:\Users\Andrew\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-09-16 17:04 - 2009-07-16 21:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2011-10-12 11:15 - 2011-10-12 11:15 - 00075776 _____ () c:\program files (x86)\grasssoft\mouse recorder\mk_nt.dll
2009-09-16 17:11 - 2009-07-16 11:58 - 00115952 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-09-16 17:11 - 2009-07-16 11:59 - 00128240 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2012-11-29 22:07 - 2012-11-29 22:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 02293760 _____ () C:\Bovada\QtCore4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 08223744 _____ () C:\Bovada\QtGui4.dll
2013-08-17 21:50 - 2013-10-08 18:37 - 00142848 _____ () C:\Bovada\base.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00975360 _____ () C:\Bovada\QtNetwork4.dll
2013-08-17 21:50 - 2013-10-08 18:37 - 01856512 _____ () C:\Bovada\common.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00339968 _____ () C:\Bovada\QtXml4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 10837504 _____ () C:\Bovada\QtWebKit4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00266752 _____ () C:\Bovada\phonon4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00102912 _____ () C:\Bovada\QtTest4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00025088 _____ () C:\Bovada\GPSound.dll
2013-08-17 21:50 - 2013-08-17 21:52 - 00008192 _____ () C:\Bovada\winutils.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00026624 _____ () C:\Bovada\imageformats\qgif4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00028672 _____ () C:\Bovada\imageformats\qico4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00196608 _____ () C:\Bovada\imageformats\qjpeg4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00220672 _____ () C:\Bovada\imageformats\qmng4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00284672 _____ () C:\Bovada\imageformats\qtiff4.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 00069632 _____ () C:\Bovada\FASLib.dll
2013-08-17 21:50 - 2013-08-17 21:50 - 09818272 _____ () C:\Bovada\Plugins\NPSWF32.dll
2013-10-16 19:41 - 2013-10-08 20:01 - 00698832 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-16 19:41 - 2013-10-08 20:01 - 00099792 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-16 19:41 - 2013-10-08 20:02 - 04055504 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-16 19:41 - 2013-10-08 20:02 - 00415184 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-16 19:41 - 2013-10-08 20:01 - 01604560 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-16 19:41 - 2013-10-08 20:02 - 13584336 _____ () C:\Users\Andrew\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:C39E55C5
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/21/2013 04:40:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (10/21/2013 11:32:32 AM) (Source: Application Hang) (User: )
Description: The program POWERPNT.EXE version 12.0.4518.1014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 101c
 
Start Time: 01cece72a6c0395e
 
Termination Time: 33
 
Application Path: C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
 
Report Id: f78e437e-3a65-11e3-a96a-002564528592
 
Error: (10/21/2013 11:31:52 AM) (Source: Microsoft Office 12) (User: )
Description: Accepted Safe Mode action : Microsoft Office PowerPoint.
 
Error: (10/21/2013 02:10:50 AM) (Source: Application Hang) (User: )
Description: The program Lobby.exe version 4.13.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: b78
 
Start Time: 01cece243bb6c367
 
Termination Time: 12
 
Application Path: C:\Bovada\Lobby.exe
 
Report Id: 86bbb337-3a17-11e3-a92b-002564528592
 
Error: (10/21/2013 02:10:16 AM) (Source: Application Hang) (User: )
Description: The program Lobby.exe version 4.13.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ca0
 
Start Time: 01cece24198b9eb3
 
Termination Time: 14
 
Application Path: C:\Bovada\Lobby.exe
 
Report Id: 717c16a1-3a17-11e3-a92b-002564528592
 
Error: (10/21/2013 02:09:22 AM) (Source: Application Hang) (User: )
Description: The program Lobby.exe version 4.13.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 83c
 
Start Time: 01cece23ff82cf5d
 
Termination Time: 46
 
Application Path: C:\Bovada\Lobby.exe
 
Report Id: 525c8fa8-3a17-11e3-a92b-002564528592
 
Error: (10/21/2013 02:08:38 AM) (Source: Application Hang) (User: )
Description: The program Lobby.exe version 4.13.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ef4
 
Start Time: 01cecdc0a3d41c0c
 
Termination Time: 20
 
Application Path: C:\Bovada\Lobby.exe
 
Report Id: 377d5a5d-3a17-11e3-a92b-002564528592
 
Error: (10/20/2013 02:10:12 PM) (Source: Application Hang) (User: )
Description: The program CF30971.3XE version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 114c
 
Start Time: 01cecd7a143c7251
 
Termination Time: 0
 
Application Path: C:\ComboFix\CF30971.3XE
 
Report Id:
 
 
System errors:
=============
Error: (10/21/2013 08:48:07 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (10/21/2013 08:48:07 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (10/21/2013 02:13:28 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (10/21/2013 02:13:28 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (10/21/2013 02:12:20 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (10/21/2013 02:12:09 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (10/20/2013 02:12:27 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891
 
Error: (10/20/2013 02:12:27 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
Error: (10/20/2013 02:11:35 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error: 
%%1060
 
Error: (10/20/2013 02:11:22 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 67%
Total physical RAM: 3032.36 MB
Available physical RAM: 991.01 MB
Total Pagefile: 6062.87 MB
Available Pagefile: 3509.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:1.51 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 2B391CB6)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
 
 

Attached Files

  • Attached File  MBR.zip   571bytes   0 downloads

Edited by JonnyRocket, 22 October 2013 - 12:31 AM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:03 PM

Posted 22 October 2013 - 09:07 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {08BF00D2-2DBF-4187-BC56-7B19E47E6756} URL =
SearchScopes: HKCU - {CADFE4E1-0BFF-4A4D-9D00-510180D6030B} URL =
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

end
Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

Restart the computer normally.

Can you now run ComboFix and post the log?

#7 JonnyRocket

JonnyRocket
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 22 October 2013 - 12:48 PM

Here's the fixlog.txt.  I'm going to reboot and try running combo fix again I will let you know the results.
 
 
 
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2013
Ran by Andrew at 2013-10-22 13:45:59 Run:1
Running from C:\Users\Andrew\Desktop\New folder (3)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {08BF00D2-2DBF-4187-BC56-7B19E47E6756} URL =
SearchScopes: HKCU - {CADFE4E1-0BFF-4A4D-9D00-510180D6030B} URL =
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 02 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
end
*****************
 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{08BF00D2-2DBF-4187-BC56-7B19E47E6756} => Key deleted successfully.
HKCR\CLSID\{08BF00D2-2DBF-4187-BC56-7B19E47E6756} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CADFE4E1-0BFF-4A4D-9D00-510180D6030B} => Key deleted successfully.
HKCR\CLSID\{CADFE4E1-0BFF-4A4D-9D00-510180D6030B} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5 entry 000000000002\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000002\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
 
==== End of Fixlog ====


#8 JonnyRocket

JonnyRocket
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 23 October 2013 - 08:27 AM

Alright ComboFix says completed stage 50 and has been sitting there for a few hours now.  I ran it over night I dont know if its finished or not?



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,227 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:03 PM

Posted 23 October 2013 - 09:56 AM

Close the application and look for the log.

If no log run it one more time. If it's stall your clock will stop working. That's the signal that you it's stock. Stop the application.

Other than the ComboFix issue how is the computer performing?

#10 JonnyRocket

JonnyRocket
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 09 November 2013 - 01:52 PM

Sorry for the late response I was out of town.   I never got a log so I will try and run it over night again.  I will get back to you with the results. Computer seems to be running better though thank you so much for all your help so far :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users