Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Search Redirect/Website Redirect Issues


  • This topic is locked This topic is locked
24 replies to this topic

#1 downwitk

downwitk

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 17 February 2014 - 08:41 PM

When I perform a google search and hover over a result, there is a sudden appearance of search results that are unrelated to my search.  These unrelated search results also appear in abundance on the right side of the google search screen. 

 

Also, the screen jumps up and down as if I am hitting the page up/page down button as I attempt to click on a link. It often takes several attempts before I can successfully click on the link of the desired search result. 

 

I am also experiencing site redirection and a considerable decrease in browser performance (Chrome). I appreciate any and all help. Furthermore, malwarebytes is constantly having to block potentially harmful sites.

 

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.13.2

Run by KedrickGarland at 19:53:20 on 2014-02-17

Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3241.1003 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\IDT\WDM\STacSV.exe

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe

C:\Program Files\Common Files\SPBA\upeksvr.exe

C:\Program Files\IDT\WDM\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe

C:\Windows\system32\IProsetMonitor.exe

C:\Program Files\Intel\Services\IPT\jhi_service.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\mfevtps.exe

C:\Windows\system32\DRIVERS\o2flash.exe

c:\Windows\system32\srvany.exe

c:\Windows\system32\SDIOAssist.exe

C:\Program Files\Palo Alto Networks\Pan Connect\PanInstaller.exe

C:\Program Files\Palo Alto Networks\Pan Connect\PanService.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe

C:\Program Files\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe

C:\Program Files\McAfee\MSC\McAPExe.exe

C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe

C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe

C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\dell\DBRM\Reminder\DbrmTrayicon.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Users\kedrickgarland\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Multi-Tech Systems\FaxFinder Client Software\FaxFinderClient.exe

C:\Users\kedrickgarland\AppData\Local\Autobahn\nexdef.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Multi-Tech Systems\FaxFinder Client Software\FaxFinderPrintCap.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe

C:\Program Files\McAfee\MAT\McPvTray.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE

C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe

C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe

C:\Windows\Explorer.EXE

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\kedrickgarland\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://dell13-comm.msn.com

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

uRun: [googletalk] c:\users\kedrickgarland\appdata\roaming\google\google talk\googletalk.exe /autostart

uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart

uRun: [Spotify Web Helper] "c:\users\kedrickgarland\appdata\roaming\spotify\data\SpotifyWebHelper.exe"

uRunOnce: [Uninstall c:\users\kedrickgarland\appdata\local\microsoft\skydrive\16.4.6013.0910] c:\windows\system32\cmd.exe /q /c rmdir /s /q "c:\users\kedrickgarland\appdata\local\microsoft\skydrive\16.4.6013.0910"

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [IgfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometerp11\FF_Protection.exe

mRun: [IMSS] "c:\program files\intel\intel® management engine components\imss\PIconStartup.exe"

mRun: [Broadcom Wireless Manager UI] c:\program files\dell\dw wlan card\WLTRAY.exe

mRun: [TdmNotify] c:\program files\dell\dell data protection\access\advanced\wave\trusted drive manager\TdmNotify.exe

mRun: [DFEPApplication] c:\program files\dell\feature enhancement pack\DFEPApplication.exe

mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"

mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "c:\program files\roxio\oem\roxio burn\RoxioBurnLauncher.exe"

mRun: [DBRMTray] c:\dell\dbrm\reminder\DbrmTrayIcon.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot

mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [mcpltui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRunOnce: [DBRMTray] c:\dell\dbrm\reminder\TrayApp.exe

StartupFolder: c:\users\kedric~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\nexdef~1.lnk - c:\users\kedrickgarland\appdata\local\autobahn\nexdef.exe

StartupFolder: c:\users\kedric~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\smarts~1.lnk - c:\program files\dell\feature enhancement pack\SmartSettings.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\faxfin~1.lnk - c:\program files\multi-tech systems\faxfinder client software\FaxFinderClient.exe

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: DisableCAD = dword:1

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

TCP: NameServer = 192.168.5.1

TCP: Interfaces\{4E9AD890-049C-487A-B159-006206913861} : DHCPNameServer = 192.168.1.2

TCP: Interfaces\{8686D70E-F894-47D3-A82B-33A1A8F3FCE3} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617} : DHCPNameServer = 192.168.5.1

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\2656C6B696E6E2130316 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\44F627F64786970AD4F6F62756 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\457534336303 : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\45D414D21457469647F62737 : DHCPNameServer = 192.168.1.2

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\B4A402940786F6E656 : DHCPNameServer = 68.29.81.7 68.29.89.7

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\B616073747F6E65623 : DHCPNameServer = 192.168.1.2 24.25.5.60 24.25.5.61

TCP: Interfaces\{EB13C966-F5F3-44AF-A6A5-89C47EC32617}\C4357596C6C69616D637 : DHCPNameServer = 24.178.162.33 97.81.22.195

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

Notify: spba - c:\program files\common files\spba\homefus2.dll

SSODL: WebCheck - <orphaned>

LSA: Authentication Packages =  msv1_0 wvauth

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\kedrickgarland\appdata\roaming\mozilla\firefox\profiles\1nw8us1y.default\

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&type=A111US0&p=

FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll

FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: c:\program files\intel\services\ipt\npIntelWebAPIIPT.dll

FF - plugin: c:\program files\intel\services\ipt\npIntelWebAPIUpdater.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_44.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [2012-11-8 17904]

R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2014-2-14 54776]

R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2012-11-8 81920]

R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2011-12-2 826272]

R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2011-12-2 31648]

R2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\dell\feature enhancement pack\DFEPService.exe [2011-8-24 1568664]

R2 EmbassyService;EmbassyService;c:\program files\dell\dell data protection\access\advanced\wave\embassy client core\EmbassyServer.exe [2012-1-17 179592]

R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-2-14 281560]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2012-11-8 132768]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files\intel\services\ipt\jhi_service.exe [2012-5-21 212984]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-2-14 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-2-14 701512]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-2-14 281560]

R2 McAPExe;McAfee AP Service;c:\program files\mcafee\msc\McAPExe.exe [2014-2-14 145088]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-2-14 281560]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-2-14 281560]

R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-2-14 281560]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-2-14 281560]

R2 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2014-2-14 66296]

R2 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2013-12-5 236000]

R2 mfecore;McAfee Anti-Malware Core;c:\program files\common files\mcafee\amcore\mcshield.exe [2014-2-14 643608]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2014-2-14 169320]

R2 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2013-9-24 572688]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-2-14 174488]

R2 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-12-5 213392]

R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]

R2 O2SDIOAssist;O2SDIOAssist;c:\windows\system32\srvany.exe [2012-11-8 8192]

R2 PanInstaller;PanInstaller;c:\program files\palo alto networks\pan connect\PanInstaller.exe [2011-9-1 234824]

R2 PanService;PanService;c:\program files\palo alto networks\pan connect\PanService.exe [2011-9-1 947528]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-11-8 2594584]

R2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\dell\dell data protection\access\advanced\wave\authentication manager\WaveAMService.exe [2012-1-5 1189376]

R2 wgsslvpnsrc;WatchGuard SSLVPN Service;c:\program files\watchguard\watchguard mobile vpn with ssl\wgsslvpnsrc.exe [2012-11-16 58368]

R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\accelern.sys [2012-11-8 44144]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-12-5 60920]

R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2011-12-2 40040]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2012-11-8 269824]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-2-14 22856]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-11-8 41216]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-12-5 365416]

R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2013-11-26 319808]

R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\o2mdfw7.sys [2012-11-8 60904]

R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\drivers\o2sdjw7.sys [2012-11-8 63976]

R3 PanSvd;Pan Virtual Miniport;c:\windows\system32\drivers\pansvd.sys [2011-9-1 27136]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatch12OEM.exe [2010-11-25 219632]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]

S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2014-2-14 147912]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-2-14 108032]

S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2012-11-8 132480]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2013-12-5 65928]

S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2013-11-26 80752]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-3-26 18432]

S3 netvsc;netvsc;c:\windows\system32\drivers\netvsc60.sys [2010-11-20 126464]

S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2012-11-8 62440]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-15 14848]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 SynthVid;SynthVid;c:\windows\system32\drivers\VMBusVideoM.sys [2010-11-20 19456]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-15 49664]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-15 27136]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-11-15 1343400]

S3 WvPCR;WvPCR;c:\program files\dell\dell data protection\access\advanced\wave\common\WvPCR.exe [2012-1-16 145408]

.

=============== Created Last 30 ================

.

2014-02-18 00:33:18 -------- d-----w- c:\program files\CCleaner

2014-02-16 17:32:54 -------- d-----w- c:\users\kedrickgarland\appdata\local\Evernote

2014-02-15 03:36:16 -------- d-----w- c:\programdata\HitmanPro

2014-02-15 03:10:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-02-15 03:10:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-02-15 02:57:49 -------- d-----w- c:\windows\ERUNT

2014-02-15 02:43:59 -------- d-----w- C:\AdwCleaner

2014-02-14 20:20:45 -------- d-----w- c:\program files\McAfeeMOBK

2014-02-14 20:20:34 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys

2014-02-14 20:20:28 -------- d-----w- c:\program files\McAfee Online Backup

2014-02-14 20:20:15 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2014-02-14 20:20:14 66296 ----a-w- c:\windows\system32\drivers\McPvDrv.sys

2014-02-14 20:20:13 -------- d-----w- c:\users\kedrickgarland\appdata\local\McAfee File Lock

2014-02-14 20:19:21 -------- d-----w- c:\program files\McAfee.com

2014-02-14 19:48:22 -------- d-----w- c:\programdata\Citrix

2014-02-14 19:42:30 -------- d-----w- c:\program files\Citrix

2014-02-14 19:42:18 -------- d-----w- c:\users\kedrickgarland\appdata\local\Citrix

2014-02-14 19:42:17 103832 ----a-w- c:\users\kedrickgarland\GoToAssistDownloadHelper.exe

2014-02-14 18:44:08 -------- d-----w- c:\users\kedrickgarland\appdata\roaming\McAfee

2014-02-14 18:06:03 -------- d-----w- c:\program files\stinger

2014-02-14 18:04:49 174488 ----a-w- c:\windows\system32\mfevtps.exe.c985.deleteme

2014-02-14 18:04:49 174488 ----a-w- c:\windows\system32\mfevtps.exe

2014-02-14 08:08:51 -------- d-----w- C:\ff090a5da7ac3e7c97e189ca0b8a6e4d

2014-02-14 08:02:08 454656 ----a-w- c:\windows\system32\vbscript.dll

2014-02-13 20:43:53 -------- d-----w- c:\users\kedrickgarland\appdata\roaming\LavasoftStatistics

2014-02-13 20:19:22 -------- d-----w- c:\users\kedrickgarland\appdata\roaming\Malwarebytes

2014-02-13 20:18:50 -------- d-----w- c:\programdata\Malwarebytes

2014-02-13 20:10:07 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection

2014-02-13 20:09:55 -------- d-----w- c:\users\kedrickgarland\appdata\roaming\SecureSearch

2014-02-13 20:09:52 -------- d-----w- c:\program files\Lavasoft

2014-02-12 14:02:38 2048 ----a-w- c:\windows\system32\msxml3r.dll

2014-02-12 14:02:38 1237504 ----a-w- c:\windows\system32\msxml3.dll

2014-02-12 14:01:51 1987584 ----a-w- c:\windows\system32\d3d10warp.dll

2014-02-12 14:01:50 3419136 ----a-w- c:\windows\system32\d2d1.dll

2014-02-12 14:01:41 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe

2014-02-12 14:01:41 572416 ----a-w- c:\windows\system32\RMActivate.exe

2014-02-12 14:01:40 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2014-02-12 14:01:39 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2014-02-12 14:01:38 423936 ----a-w- c:\windows\system32\secproc_isv.dll

2014-02-12 14:01:37 428032 ----a-w- c:\windows\system32\secproc.dll

2014-02-12 14:01:37 390144 ----a-w- c:\windows\system32\msdrm.dll

2014-02-12 14:01:36 87040 ----a-w- c:\windows\system32\secproc_ssp.dll

2014-02-12 14:01:35 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2014-02-12 03:36:14 -------- d-----w- c:\programdata\AVAST Software

2014-02-04 13:26:14 -------- d-----w- c:\programdata\fc3effe9082f8f6b

2014-02-04 13:26:11 -------- d-----w- c:\programdata\PPDFConverter

2014-02-04 13:26:09 -------- d-----w- c:\programdata\knibpgoaemkaiakinagkogacaaejfnek

2014-01-20 12:59:58 -------- d-----w- C:\380edb3a3ea04b7628

.

==================== Find3M  ====================

.

2014-02-06 10:20:26 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2014-02-06 10:19:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2014-02-06 10:01:36 61952 ----a-w- c:\windows\system32\iesetup.dll

2014-02-06 10:00:46 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll

2014-02-06 09:47:22 112128 ----a-w- c:\windows\system32\ieUnatt.exe

2014-02-06 09:47:18 108032 ----a-w- c:\windows\system32\ieetwcollector.exe

2014-02-06 09:46:27 553472 ----a-w- c:\windows\system32\jscript9diag.dll

2014-02-06 09:25:36 4244480 ----a-w- c:\windows\system32\jscript9.dll

2014-02-06 09:09:30 1964032 ----a-w- c:\windows\system32\inetcpl.cpl

2014-02-06 08:41:35 1820160 ----a-w- c:\windows\system32\wininet.dll

2014-02-05 16:00:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-02-05 16:00:32 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-12-05 22:29:02 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys

2013-12-05 22:22:20 213392 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2013-12-05 22:16:44 572688 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2013-12-05 22:14:48 365416 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2013-12-05 22:14:02 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2013-12-05 22:13:14 236000 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2013-12-05 22:12:06 133992 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2013-11-27 03:06:42 10152 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys

2013-11-27 03:06:22 80752 ----a-w- c:\windows\system32\drivers\mfencrk.sys

2013-11-27 03:06:00 319808 ----a-w- c:\windows\system32\drivers\mfencbdc.sys

2013-11-27 01:19:19 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-11-27 01:18:56 284672 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-11-27 01:18:41 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-11-27 01:18:35 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-11-27 01:18:33 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-11-27 01:18:31 24576 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-11-27 01:18:29 6016 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-11-26 11:11:29 240576 ----a-w- c:\windows\system32\drivers\netio.sys

2013-11-26 10:10:21 2349056 ----a-w- c:\windows\system32\win32k.sys

2013-11-23 18:26:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll

2012-11-15 22:40:31 4096000 ----a-w- c:\program files\GUT8BCD.tmp

.

============= FINISH: 19:54:20.47 ===============

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional 

Boot Device: \Device\HarddiskVolume2

Install Date: 11/15/2012 2:41:16 PM

System Uptime: 2/17/2014 7:54:48 AM (12 hours ago)

.

Motherboard: Dell Inc. |  | 0K0DNP

Processor: Intel® Core™ i5-2520M CPU @ 2.50GHz | CPU 1 | 1775/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 452 GiB total, 401.274 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: McAfee Inc. mfeapfk

Device ID: ROOT\LEGACY_MFEAPFK\0000

Manufacturer: 

Name: McAfee Inc. mfeapfk

PNP Device ID: ROOT\LEGACY_MFEAPFK\0000

Service: mfeapfk

.

==== System Restore Points ===================

.

RP119: 2/13/2014 3:07:01 PM - AA11

RP120: 2/14/2014 3:01:02 AM - Windows Update

RP121: 2/14/2014 11:39:31 AM - AA11

RP123: 2/14/2014 11:41:57 AM - avast! antivirus system restore point

RP124: 2/14/2014 11:55:32 AM - Removed SumMatch

RP125: 2/16/2014 12:30:10 PM - Installed Evernote v. 5.1.2

RP126: 2/16/2014 12:38:46 PM - Removed Evernote v. 5.1.2

.

==== Installed Programs ======================

.

AccelerometerP11

Adobe Acrobat X Standard - English, Français, Deutsch

Adobe AIR

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

Adobe Shockwave Player 11.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

BioAPI Framework

Bonjour

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco Packet Tracer 6.0

Cisco PEAP Module

Custom

CyberLink PowerDVD 9.5

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Backup and Recovery Manager

Dell Client System Update

Dell ControlVault Host Components Installer

Dell Data Protection | Access

Dell Edoc Viewer

Dell Feature Enhancement Pack

Dell Touchpad

DellAccess

DirectX 9 Runtime

DW WLAN Card Utility

EMBASSY Client Core

FaxFinder Client Software

Gemalto

Google Apps Migration For Microsoft Outlook® 2.3.12.34

Google Apps Sync™ for Microsoft Outlook® 3.2.353.947

Google Chrome

Google Drive

Google Earth

Google Talk (remove only)

Google Update Helper

iCloud

Intel® Control Center

Intel® Identity Protection Technology 1.2.27.0

Intel® Management Engine Components

Intel® Network Connections 16.8.45.00

Intel® Processor Graphics

iTunes

Java 7 Update 13

Java Auto Updater

Junk Mail filter update

Malwarebytes Anti-Malware version 1.75.0.1300

McAfee Online Backup

McAfee Total Protection

McAfee Virtual Technician

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319

Movie Maker

Mozilla Firefox 27.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT110

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetConnect

NetConnect Installer

NTRU TCG Software Stack

O2Micro Flash Memory Card Windows Driver

Office Tab FreeEdition 9.51

PC-CCID

Photo Common

Photo Gallery

PhotoShowExpress

Preboot Manager

Private Information Manager

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

Shared C Run-time for x86

Sonic CinePlayer Decoder Pack

SPBA 5.9

Spotify

swMSM

Trusted Drive Manager

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition

Upek Touchchip Fingerprint Reader

VC80CRTRedist - 8.0.50727.6195

WatchGuard Mobile VPN with SSL client 11.3.4

Wave Infrastructure Installer

Wave Support Software Installer

Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

2/17/2014 6:29:26 PM, Error: Microsoft-Windows-GroupPolicy [1129]  - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

2/17/2014 6:29:12 PM, Error: NETLOGON [5719]  - This computer was not able to set up a secure session with a domain controller in domain DOMAIN due to the following:  There are currently no logon servers available to service the logon request.  This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.   ADDITIONAL INFO  If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

2/16/2014 8:07:53 PM, Error: Service Control Manager [7000]  - The McAfee Inc. mfeapfk service failed to start due to the following error:  The specified service does not exist.

2/16/2014 8:07:51 PM, Error: Service Control Manager [7001]  - The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error:  The operation completed successfully.

2/16/2014 1:37:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wgsslvpnsrc service.

2/15/2014 8:04:18 AM, Error: Service Control Manager [7034]  - The O2SDIOAssist service terminated unexpectedly.  It has done this 1 time(s).

.

==== End Of File ===========================

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 18 February 2014 - 09:00 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, downwitk

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#3 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 18 February 2014 - 09:00 AM

Hello,

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attached)
TDSS Killer log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#4 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 18 February 2014 - 06:23 PM

Attached File  MBR.zip   566bytes   0 downloadsaswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-02-18 18:14:50
-----------------------------
18:14:50.906    OS Version: Windows 6.1.7601 Service Pack 1
18:14:50.907    Number of processors: 4 586 0x2A07
18:14:50.924    ComputerName: KEDRICKGARLAND  UserName: KedrickGarland
18:14:55.742    Initialize success
18:15:17.453    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:15:17.459    Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 8
18:15:17.916    Disk 0 MBR read successfully
18:15:17.920    Disk 0 MBR scan
18:15:17.924    Disk 0 Windows VISTA default MBR code
18:15:17.937    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
18:15:17.976    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        13568 MB offset 81920
18:15:17.993    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       463328 MB offset 27869184
18:15:18.001    Disk 0 scanning sectors +976764928
18:15:18.147    Disk 0 scanning C:\Windows\system32\drivers
18:15:48.770    Service scanning
18:16:02.662    Modules scanning
18:16:13.376    Disk 0 trace - called modules:
18:16:13.395    ntkrnlpa.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys halmacpi.dll iaStor.sys 
18:16:13.729    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87f92030]
18:16:13.743    3 CLASSPNP.SYS[8c39b59e] -> nt!IofCallDriver -> [0x87f91658]
18:16:13.757    5 stdcfltn.sys[8c5d6854] -> nt!IofCallDriver -> [0x86456428]
18:16:13.769    7 ACPI.sys[8bcc83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86459028]
18:16:13.776    Scan finished successfully
18:16:33.624    Disk 0 MBR has been saved successfully to "C:\Users\kedrickgarland\Desktop\MBR.dat"
18:16:33.639    The log file has been saved successfully to "C:\Users\kedrickgarland\Desktop\aswMBR.txt"
 
 
 
 
 
 
18:17:42.0901 0x27f8  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
18:17:47.0177 0x27f8  ============================================================
18:17:47.0177 0x27f8  Current date / time: 2014/02/18 18:17:47.0177
18:17:47.0177 0x27f8  SystemInfo:
18:17:47.0177 0x27f8  
18:17:47.0177 0x27f8  OS Version: 6.1.7601 ServicePack: 1.0
18:17:47.0177 0x27f8  Product type: Workstation
18:17:47.0177 0x27f8  ComputerName: KEDRICKGARLAND
18:17:47.0177 0x27f8  UserName: KedrickGarland
18:17:47.0177 0x27f8  Windows directory: C:\Windows
18:17:47.0177 0x27f8  System windows directory: C:\Windows
18:17:47.0177 0x27f8  Processor architecture: Intel x86
18:17:47.0177 0x27f8  Number of processors: 4
18:17:47.0177 0x27f8  Page size: 0x1000
18:17:47.0177 0x27f8  Boot type: Normal boot
18:17:47.0177 0x27f8  ============================================================
18:17:47.0656 0x27f8  KLMD registered as C:\Windows\system32\drivers\33687778.sys
18:17:48.0221 0x27f8  System UUID: {1CF112CC-4095-FD70-EB1C-DC77DA58491D}
18:17:49.0308 0x27f8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:17:49.0310 0x27f8  ============================================================
18:17:49.0310 0x27f8  \Device\Harddisk0\DR0:
18:17:49.0310 0x27f8  MBR partitions:
18:17:49.0310 0x27f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A80000
18:17:49.0310 0x27f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A94000, BlocksNum 0x388F0000
18:17:49.0310 0x27f8  ============================================================
18:17:49.0343 0x27f8  C: <-> \Device\Harddisk0\DR0\Partition2
18:17:49.0356 0x27f8  ============================================================
18:17:49.0356 0x27f8  Initialize success
18:17:49.0356 0x27f8  ============================================================
18:17:57.0528 0x1dc4  ============================================================
18:17:57.0528 0x1dc4  Scan started
18:17:57.0528 0x1dc4  Mode: Manual; 
18:17:57.0528 0x1dc4  ============================================================
18:17:57.0528 0x1dc4  KSN ping started
18:18:00.0220 0x1dc4  KSN ping finished: true
18:18:00.0338 0x1dc4  ================ Scan system memory ========================
18:18:00.0338 0x1dc4  System memory - ok
18:18:00.0338 0x1dc4  ================ Scan services =============================
18:18:00.0590 0x1dc4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:18:00.0599 0x1dc4  1394ohci - ok
18:18:00.0659 0x1dc4  [ EDC50031D6AB9180B3B3BD1C547C7D0A, E9AB4DDF6CF64974C5DE217BCABD232A9612621527B484E1FC7B4317A49FBB05 ] Acceler         C:\Windows\system32\DRIVERS\accelern.sys
18:18:00.0661 0x1dc4  Acceler - ok
18:18:00.0679 0x1dc4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:18:00.0687 0x1dc4  ACPI - ok
18:18:00.0694 0x1dc4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:18:00.0696 0x1dc4  AcpiPmi - ok
18:18:00.0748 0x1dc4  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:18:00.0782 0x1dc4  AdobeFlashPlayerUpdateSvc - ok
18:18:00.0836 0x1dc4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:18:00.0850 0x1dc4  adp94xx - ok
18:18:00.0885 0x1dc4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:18:00.0896 0x1dc4  adpahci - ok
18:18:00.0911 0x1dc4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:18:00.0917 0x1dc4  adpu320 - ok
18:18:00.0961 0x1dc4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:18:00.0965 0x1dc4  AeLookupSvc - ok
18:18:01.0047 0x1dc4  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Program Files\IDT\WDM\aestsrv.exe
18:18:01.0051 0x1dc4  AESTFilters - ok
18:18:01.0095 0x1dc4  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
18:18:01.0105 0x1dc4  AFD - ok
18:18:01.0113 0x1dc4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
18:18:01.0115 0x1dc4  agp440 - ok
18:18:01.0151 0x1dc4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:18:01.0154 0x1dc4  aic78xx - ok
18:18:01.0181 0x1dc4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
18:18:01.0185 0x1dc4  ALG - ok
18:18:01.0252 0x1dc4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:18:01.0254 0x1dc4  aliide - ok
18:18:01.0265 0x1dc4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:18:01.0268 0x1dc4  amdagp - ok
18:18:01.0297 0x1dc4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:18:01.0298 0x1dc4  amdide - ok
18:18:01.0306 0x1dc4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:18:01.0312 0x1dc4  AmdK8 - ok
18:18:01.0319 0x1dc4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:18:01.0322 0x1dc4  AmdPPM - ok
18:18:01.0343 0x1dc4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:18:01.0348 0x1dc4  amdsata - ok
18:18:01.0369 0x1dc4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:18:01.0377 0x1dc4  amdsbs - ok
18:18:01.0396 0x1dc4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:18:01.0398 0x1dc4  amdxata - ok
18:18:01.0433 0x1dc4  [ 476A6EFB2BB338D2854B3751367F8F71, 48DCCE8278EA7B5B37E974302DE5E6B1173A000F704DD789375FBDAB5DA84830 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
18:18:01.0442 0x1dc4  ApfiltrService - ok
18:18:01.0451 0x1dc4  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
18:18:01.0453 0x1dc4  AppID - ok
18:18:01.0468 0x1dc4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:18:01.0479 0x1dc4  AppIDSvc - ok
18:18:01.0505 0x1dc4  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
18:18:01.0509 0x1dc4  Appinfo - ok
18:18:01.0578 0x1dc4  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:18:01.0586 0x1dc4  Apple Mobile Device - ok
18:18:01.0609 0x1dc4  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:18:01.0615 0x1dc4  AppMgmt - ok
18:18:01.0625 0x1dc4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
18:18:01.0628 0x1dc4  arc - ok
18:18:01.0635 0x1dc4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:18:01.0638 0x1dc4  arcsas - ok
18:18:01.0721 0x1dc4  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:18:01.0753 0x1dc4  aspnet_state - ok
18:18:01.0780 0x1dc4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:18:01.0782 0x1dc4  AsyncMac - ok
18:18:01.0823 0x1dc4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:18:01.0825 0x1dc4  atapi - ok
18:18:01.0865 0x1dc4  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:18:01.0891 0x1dc4  AudioEndpointBuilder - ok
18:18:01.0913 0x1dc4  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:18:01.0927 0x1dc4  Audiosrv - ok
18:18:01.0943 0x1dc4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:18:01.0949 0x1dc4  AxInstSV - ok
18:18:01.0981 0x1dc4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
18:18:01.0993 0x1dc4  b06bdrv - ok
18:18:02.0006 0x1dc4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:18:02.0013 0x1dc4  b57nd60x - ok
18:18:02.0043 0x1dc4  [ 63E991FCB420A3B06E86C58BCFB994BB, 8A843001AE5794D8CF6D4B5CEF6FB05B6E9BE87F71F7B5859CE9B17FA0652593 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
18:18:02.0044 0x1dc4  BCM42RLY - ok
18:18:02.0230 0x1dc4  [ 684320E13CFF66CBAC085654E26ED712, 1C8BB927D05347AF989DCFEB54CE4E59CD08BF0FE8735EEAD6A06FE669426F42 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
18:18:02.0345 0x1dc4  BCM43XX - ok
18:18:02.0408 0x1dc4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
18:18:02.0412 0x1dc4  BDESVC - ok
18:18:02.0427 0x1dc4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:18:02.0428 0x1dc4  Beep - ok
18:18:02.0475 0x1dc4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
18:18:02.0501 0x1dc4  BFE - ok
18:18:02.0544 0x1dc4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
18:18:02.0657 0x1dc4  BITS - ok
18:18:02.0671 0x1dc4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:18:02.0673 0x1dc4  blbdrive - ok
18:18:02.0715 0x1dc4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:18:02.0731 0x1dc4  Bonjour Service - ok
18:18:02.0758 0x1dc4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:18:02.0760 0x1dc4  bowser - ok
18:18:02.0776 0x1dc4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:18:02.0777 0x1dc4  BrFiltLo - ok
18:18:02.0782 0x1dc4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:18:02.0783 0x1dc4  BrFiltUp - ok
18:18:02.0813 0x1dc4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
18:18:02.0818 0x1dc4  Browser - ok
18:18:02.0848 0x1dc4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:18:02.0856 0x1dc4  Brserid - ok
18:18:02.0869 0x1dc4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:18:02.0872 0x1dc4  BrSerWdm - ok
18:18:02.0882 0x1dc4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:18:02.0884 0x1dc4  BrUsbMdm - ok
18:18:02.0892 0x1dc4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:18:02.0893 0x1dc4  BrUsbSer - ok
18:18:02.0902 0x1dc4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:18:02.0904 0x1dc4  BTHMODEM - ok
18:18:02.0928 0x1dc4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
18:18:02.0933 0x1dc4  bthserv - ok
18:18:02.0955 0x1dc4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:18:02.0959 0x1dc4  cdfs - ok
18:18:02.0993 0x1dc4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:18:02.0998 0x1dc4  cdrom - ok
18:18:03.0018 0x1dc4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:18:03.0023 0x1dc4  CertPropSvc - ok
18:18:03.0081 0x1dc4  [ D87DC1E827C1CDE355D5E251CC31E81C, 878151929615690F37373C12D62E9FAA28AAF4E4DE1B243FB012F0E52724CF04 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
18:18:03.0083 0x1dc4  cfwids - ok
18:18:03.0095 0x1dc4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:18:03.0097 0x1dc4  circlass - ok
18:18:03.0117 0x1dc4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
18:18:03.0125 0x1dc4  CLFS - ok
18:18:03.0165 0x1dc4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:18:03.0169 0x1dc4  clr_optimization_v2.0.50727_32 - ok
18:18:03.0213 0x1dc4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:18:03.0258 0x1dc4  clr_optimization_v4.0.30319_32 - ok
18:18:03.0280 0x1dc4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:18:03.0282 0x1dc4  CmBatt - ok
18:18:03.0314 0x1dc4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:18:03.0315 0x1dc4  cmdide - ok
18:18:03.0356 0x1dc4  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:18:03.0373 0x1dc4  CNG - ok
18:18:03.0398 0x1dc4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:18:03.0400 0x1dc4  Compbatt - ok
18:18:03.0436 0x1dc4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:18:03.0438 0x1dc4  CompositeBus - ok
18:18:03.0467 0x1dc4  COMSysApp - ok
18:18:03.0476 0x1dc4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:18:03.0478 0x1dc4  crcdisk - ok
18:18:03.0558 0x1dc4  [ 097F4D3CB82C3E580CBB6EB1F544EAE1, 35A7630585357AED77761A0878F19269AFBE68C330822B81AC841A94E62F222E ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
18:18:03.0612 0x1dc4  Credential Vault Host Control Service - ok
18:18:03.0634 0x1dc4  [ 873F52026FF3AF94A9C1D9E40FE21FAB, 0135A747DDF9E475B9E4EF37857AA0AAFBBA3CFC9FDEF4F391559B0DB3A07488 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
18:18:03.0637 0x1dc4  Credential Vault Host Storage - ok
18:18:03.0692 0x1dc4  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:18:03.0702 0x1dc4  CryptSvc - ok
18:18:03.0760 0x1dc4  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
18:18:03.0774 0x1dc4  CSC - ok
18:18:03.0819 0x1dc4  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
18:18:03.0858 0x1dc4  CscService - ok
18:18:03.0882 0x1dc4  [ 1D9E586031D6250DD0F1ACFB23A5EF51, 09E270C3E9F70DC02F73A5E0F81C7C3F38E6A4D357D6551A5175E75E5CF4FFEF ] cvusbdrv        C:\Windows\system32\Drivers\cvusbdrv.sys
18:18:03.0885 0x1dc4  cvusbdrv - ok
18:18:03.0932 0x1dc4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:18:03.0964 0x1dc4  DcomLaunch - ok
18:18:04.0015 0x1dc4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
18:18:04.0024 0x1dc4  defragsvc - ok
18:18:04.0169 0x1dc4  [ 5953ED0990B6F10C9C4C36C7B80941FE, 6548A4D4853230702AA2C577CD1F02772709E091A4B6204B3655B4F8D06DFABE ] DFEPService     c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
18:18:04.0237 0x1dc4  DFEPService - ok
18:18:04.0255 0x1dc4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:18:04.0258 0x1dc4  DfsC - ok
18:18:04.0287 0x1dc4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:18:04.0297 0x1dc4  Dhcp - ok
18:18:04.0318 0x1dc4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
18:18:04.0320 0x1dc4  discache - ok
18:18:04.0359 0x1dc4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
18:18:04.0362 0x1dc4  Disk - ok
18:18:04.0387 0x1dc4  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:18:04.0391 0x1dc4  dmvsc - ok
18:18:04.0426 0x1dc4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:18:04.0437 0x1dc4  Dnscache - ok
18:18:04.0455 0x1dc4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:18:04.0467 0x1dc4  dot3svc - ok
18:18:04.0501 0x1dc4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
18:18:04.0509 0x1dc4  DPS - ok
18:18:04.0560 0x1dc4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:18:04.0561 0x1dc4  drmkaud - ok
18:18:04.0620 0x1dc4  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:18:04.0644 0x1dc4  DXGKrnl - ok
18:18:04.0722 0x1dc4  [ 884870CD3BF7BA07E57605685AAC3785, 407419F6EC3EDBAEC853E9745EACFE0606377022F15DC1BE778BDD7B02A0CA1C ] e1cexpress      C:\Windows\system32\DRIVERS\e1c6232.sys
18:18:04.0732 0x1dc4  e1cexpress - ok
18:18:04.0760 0x1dc4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
18:18:04.0766 0x1dc4  EapHost - ok
18:18:04.0899 0x1dc4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
18:18:04.0982 0x1dc4  ebdrv - ok
18:18:05.0019 0x1dc4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
18:18:05.0022 0x1dc4  EFS - ok
18:18:05.0081 0x1dc4  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:18:05.0107 0x1dc4  ehRecvr - ok
18:18:05.0125 0x1dc4  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
18:18:05.0130 0x1dc4  ehSched - ok
18:18:05.0157 0x1dc4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:18:05.0170 0x1dc4  elxstor - ok
18:18:05.0246 0x1dc4  [ B49FD82B6412B98A162627817E5F1C8E, C70CEC301351A1932389FC40A239209E386C9680CD8C6B7FD64CE33CD229B8A9 ] EmbassyService  C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
18:18:05.0252 0x1dc4  EmbassyService - ok
18:18:05.0264 0x1dc4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:18:05.0265 0x1dc4  ErrDev - ok
18:18:05.0305 0x1dc4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
18:18:05.0320 0x1dc4  EventSystem - ok
18:18:05.0338 0x1dc4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:18:05.0343 0x1dc4  exfat - ok
18:18:05.0367 0x1dc4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:18:05.0373 0x1dc4  fastfat - ok
18:18:05.0416 0x1dc4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
18:18:05.0460 0x1dc4  Fax - ok
18:18:05.0475 0x1dc4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
18:18:05.0478 0x1dc4  fdc - ok
18:18:05.0495 0x1dc4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
18:18:05.0498 0x1dc4  fdPHost - ok
18:18:05.0507 0x1dc4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:18:05.0510 0x1dc4  FDResPub - ok
18:18:05.0522 0x1dc4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:18:05.0525 0x1dc4  FileInfo - ok
18:18:05.0539 0x1dc4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:18:05.0541 0x1dc4  Filetrace - ok
18:18:05.0562 0x1dc4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:18:05.0564 0x1dc4  flpydisk - ok
18:18:05.0585 0x1dc4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:18:05.0591 0x1dc4  FltMgr - ok
18:18:05.0655 0x1dc4  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
18:18:05.0698 0x1dc4  FontCache - ok
18:18:05.0736 0x1dc4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:18:05.0739 0x1dc4  FontCache3.0.0.0 - ok
18:18:05.0751 0x1dc4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:18:05.0754 0x1dc4  FsDepends - ok
18:18:05.0775 0x1dc4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:18:05.0777 0x1dc4  Fs_Rec - ok
18:18:05.0826 0x1dc4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:18:05.0840 0x1dc4  fvevol - ok
18:18:05.0866 0x1dc4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:18:05.0869 0x1dc4  gagp30kx - ok
18:18:05.0913 0x1dc4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:18:05.0915 0x1dc4  GEARAspiWDM - ok
18:18:05.0946 0x1dc4  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:18:06.0008 0x1dc4  gpsvc - ok
18:18:06.0059 0x1dc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:18:06.0064 0x1dc4  gupdate - ok
18:18:06.0071 0x1dc4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:18:06.0075 0x1dc4  gupdatem - ok
18:18:06.0104 0x1dc4  [ FCF70F44BBA64A2EB1B87D8A54101DCA, B9958FD7E5A444EA99BABB2CB306958798BED64639AD044254E82A213FDBA72D ] HBtnKey         C:\Windows\system32\drivers\HBtnKey.sys
18:18:06.0105 0x1dc4  HBtnKey - ok
18:18:06.0119 0x1dc4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:18:06.0120 0x1dc4  hcw85cir - ok
18:18:06.0146 0x1dc4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:18:06.0151 0x1dc4  HDAudBus - ok
18:18:06.0180 0x1dc4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:18:06.0183 0x1dc4  HidBatt - ok
18:18:06.0206 0x1dc4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:18:06.0211 0x1dc4  HidBth - ok
18:18:06.0222 0x1dc4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:18:06.0224 0x1dc4  HidIr - ok
18:18:06.0248 0x1dc4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
18:18:06.0252 0x1dc4  hidserv - ok
18:18:06.0282 0x1dc4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:18:06.0284 0x1dc4  HidUsb - ok
18:18:06.0337 0x1dc4  [ 156765F692192EA9039A6C4A809312FD, 73400BC5E5C92A2E7834CB8EB33B3D78BF73C875C98B1AD91B0112FBB8DB19E3 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
18:18:06.0348 0x1dc4  HipShieldK - ok
18:18:06.0379 0x1dc4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:18:06.0389 0x1dc4  hkmsvc - ok
18:18:06.0413 0x1dc4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:18:06.0422 0x1dc4  HomeGroupListener - ok
18:18:06.0443 0x1dc4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:18:06.0452 0x1dc4  HomeGroupProvider - ok
18:18:06.0560 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] HomeNetSvc      C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:06.0587 0x1dc4  HomeNetSvc - ok
18:18:06.0622 0x1dc4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:18:06.0626 0x1dc4  HpSAMD - ok
18:18:06.0669 0x1dc4  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:18:06.0723 0x1dc4  HTTP - ok
18:18:06.0746 0x1dc4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:18:06.0749 0x1dc4  hwpolicy - ok
18:18:06.0779 0x1dc4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:18:06.0782 0x1dc4  i8042prt - ok
18:18:06.0824 0x1dc4  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
18:18:06.0835 0x1dc4  iaStor - ok
18:18:06.0880 0x1dc4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:18:06.0890 0x1dc4  iaStorV - ok
18:18:06.0963 0x1dc4  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:18:07.0006 0x1dc4  idsvc - ok
18:18:07.0024 0x1dc4  IEEtwCollectorService - ok
18:18:07.0459 0x1dc4  [ 721A8D48B2DC8C1C58C61CB948491EA8, 2E13D8922EE7E636DB9174FCFB5C4EB4DEA0771C9B6C8954D4FE6EFD5F5BCDA8 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
18:18:07.0746 0x1dc4  igfx - ok
18:18:07.0818 0x1dc4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:18:07.0820 0x1dc4  iirsp - ok
18:18:07.0894 0x1dc4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:18:07.0946 0x1dc4  IKEEXT - ok
18:18:08.0001 0x1dc4  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\drivers\Impcd.sys
18:18:08.0006 0x1dc4  Impcd - ok
18:18:08.0090 0x1dc4  [ 5576AD2F0039D2BCCCA3567FC0BF981C, 4C782738B211B236DBDD0066BA0EDBA04E6BC5A97EF3227F2C7DAD7EBABF4C73 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:18:08.0105 0x1dc4  IntcDAud - ok
18:18:08.0144 0x1dc4  [ 386F3F1AD783F3312C057FB8699AE09B, 8C046B9300C981EFEDA7EB0606BE3D527D243C390AD683EA0C571702F2ED7BF3 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
18:18:08.0151 0x1dc4  Intel® PROSet Monitoring Service - ok
18:18:08.0181 0x1dc4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:18:08.0182 0x1dc4  intelide - ok
18:18:08.0210 0x1dc4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:18:08.0215 0x1dc4  intelppm - ok
18:18:08.0246 0x1dc4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:18:08.0254 0x1dc4  IPBusEnum - ok
18:18:08.0270 0x1dc4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:18:08.0273 0x1dc4  IpFilterDriver - ok
18:18:08.0323 0x1dc4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:18:08.0349 0x1dc4  iphlpsvc - ok
18:18:08.0355 0x1dc4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:18:08.0358 0x1dc4  IPMIDRV - ok
18:18:08.0372 0x1dc4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:18:08.0376 0x1dc4  IPNAT - ok
18:18:08.0419 0x1dc4  [ FE56897B27ED266F9C4E7D90A0B5DA47, 6B39D25FAFBA886ACF3ABC0A2946E053914B80C3F4769AD36279126C5D4970B6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:18:08.0464 0x1dc4  iPod Service - ok
18:18:08.0490 0x1dc4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:18:08.0491 0x1dc4  IRENUM - ok
18:18:08.0508 0x1dc4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:18:08.0511 0x1dc4  isapnp - ok
18:18:08.0534 0x1dc4  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:18:08.0541 0x1dc4  iScsiPrt - ok
18:18:08.0575 0x1dc4  [ 2170317581575FF7D73562F6AFEF2D57, 6A1470274D7B567BC1C41CACFB7539AF36217745EF7F9B9A8A3F125954DA4477 ] jhi_service     C:\Program Files\Intel\Services\IPT\jhi_service.exe
18:18:08.0584 0x1dc4  jhi_service - ok
18:18:08.0597 0x1dc4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:18:08.0599 0x1dc4  kbdclass - ok
18:18:08.0618 0x1dc4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:18:08.0619 0x1dc4  kbdhid - ok
18:18:08.0628 0x1dc4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
18:18:08.0631 0x1dc4  KeyIso - ok
18:18:08.0658 0x1dc4  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:18:08.0661 0x1dc4  KSecDD - ok
18:18:08.0697 0x1dc4  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:18:08.0702 0x1dc4  KSecPkg - ok
18:18:08.0740 0x1dc4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:18:08.0757 0x1dc4  KtmRm - ok
18:18:08.0782 0x1dc4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:18:08.0791 0x1dc4  LanmanServer - ok
18:18:08.0817 0x1dc4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:18:08.0832 0x1dc4  LanmanWorkstation - ok
18:18:08.0857 0x1dc4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:18:08.0859 0x1dc4  lltdio - ok
18:18:08.0880 0x1dc4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:18:08.0917 0x1dc4  lltdsvc - ok
18:18:08.0924 0x1dc4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:18:08.0928 0x1dc4  lmhosts - ok
18:18:08.0974 0x1dc4  [ 4518070BDE0BB3636EB9E7B70AD9D7C6, 1B3E612E933F1B1011D1800701D9FB8FFF61D8ACEDC29090311D6998E6051042 ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:18:08.0989 0x1dc4  LMS - ok
18:18:09.0009 0x1dc4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:18:09.0013 0x1dc4  LSI_FC - ok
18:18:09.0023 0x1dc4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:18:09.0026 0x1dc4  LSI_SAS - ok
18:18:09.0034 0x1dc4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:18:09.0036 0x1dc4  LSI_SAS2 - ok
18:18:09.0048 0x1dc4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:18:09.0051 0x1dc4  LSI_SCSI - ok
18:18:09.0071 0x1dc4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:18:09.0074 0x1dc4  luafv - ok
18:18:09.0128 0x1dc4  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:18:09.0130 0x1dc4  MBAMProtector - ok
18:18:09.0194 0x1dc4  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:18:09.0236 0x1dc4  MBAMScheduler - ok
18:18:09.0298 0x1dc4  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:18:09.0331 0x1dc4  MBAMService - ok
18:18:09.0382 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:09.0390 0x1dc4  McAfee SiteAdvisor Service - ok
18:18:09.0478 0x1dc4  [ 5467B4D77044E4FF56E8FEB9D2F6FE5A, 71B828F526A59391979A528BF4D0C705C2077C65A32100C29979E1185675176D ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
18:18:09.0484 0x1dc4  McAPExe - ok
18:18:09.0533 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] McMPFSvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:09.0552 0x1dc4  McMPFSvc - ok
18:18:09.0589 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] McNaiAnn        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:09.0598 0x1dc4  McNaiAnn - ok
18:18:09.0736 0x1dc4  [ 3A01047FFF666D33EBDE3513D20DA1F5, 360A1D6C2CBDF9C25E72B872ACE36E69D43218E532248A08753490ED6C266CBE ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
18:18:09.0774 0x1dc4  McODS - ok
18:18:09.0811 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] mcpltsvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:09.0824 0x1dc4  mcpltsvc - ok
18:18:09.0868 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] McProxy         C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:09.0878 0x1dc4  McProxy - ok
18:18:09.0917 0x1dc4  [ 263418671C2F112C72524B6B236E7518, B72AFC0D87F8F369254552F06186E66E67361D0A98ACE2BDCF2048E04F552193 ] McPvDrv         C:\Windows\system32\drivers\McPvDrv.sys
18:18:09.0920 0x1dc4  McPvDrv - ok
18:18:09.0943 0x1dc4  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:18:09.0948 0x1dc4  Mcx2Svc - ok
18:18:09.0972 0x1dc4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:18:09.0974 0x1dc4  megasas - ok
18:18:09.0991 0x1dc4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:18:09.0999 0x1dc4  MegaSR - ok
18:18:10.0020 0x1dc4  [ 34A6E8BABFF9A3F5342976B9EA0E4899, 4563B1C0D22474083B0CFCFCDB8A066495CEF1C4EC66CBC0C72D50299342789C ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
18:18:10.0022 0x1dc4  MEI - ok
18:18:10.0068 0x1dc4  [ DFA113CDCD56D09D7BDA31A8F2AA50B5, F5B36EDF8DB084BC7707E4B01B42DED852FD6A59FD4F02E8D9D16A1019FF6A50 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
18:18:10.0073 0x1dc4  mfeapfk - ok
18:18:10.0107 0x1dc4  [ 741B4949BA8A73C7ABE0B91D3F8BB463, 4482857C18069E33C9BA9A517CD444D2917DE4D0E132175118B2E528C5A83133 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
18:18:10.0115 0x1dc4  mfeavfk - ok
18:18:10.0147 0x1dc4  [ 4479FE620DA28AE1D7CADF77B17CD3B1, E5FADDFF6ABDBFAACE2479D68162076D7E9D5308C233FE48B8E85F10DE6115EC ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
18:18:10.0149 0x1dc4  mfebopk - ok
18:18:10.0215 0x1dc4  [ BA3C435E9D1A7BF921C56013F26AE9E6, 37EABC516C67E18AA7FDA204CC620C0F9639F34AF8F78044C5B9125A5087C376 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
18:18:10.0250 0x1dc4  mfecore - ok
18:18:10.0321 0x1dc4  [ E53BFE95FACE5906D88E45499F7AA17C, 4C357AE8AF2D6798612C548A2B32BF5156E2887FAF87FF0C698919D5E2F91FE9 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:18:10.0327 0x1dc4  mfefire - ok
18:18:10.0363 0x1dc4  [ DA53270BD19F30967616B9E99DD3F616, 51A877391BB3442986548693579F7899E7530B1999E97035EBA0700CFAC511CD ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
18:18:10.0389 0x1dc4  mfefirek - ok
18:18:10.0458 0x1dc4  [ 0C71D79297828D479CACBA086E982C6E, F286268C61B638A0956FC6FDD7905F064501E3F3E7B7E3E6428E81E193FB3780 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
18:18:10.0475 0x1dc4  mfehidk - ok
18:18:10.0523 0x1dc4  [ 286C46ADBF17272A479C91116FA50524, A2A47A99CE547FD1EC833177A171CAA8453491F4FC8C07C986654E536A5B76AA ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
18:18:10.0537 0x1dc4  mfencbdc - ok
18:18:10.0573 0x1dc4  [ 0C9EA2919A7EB871FF9BAFB3A11C145E, 8B1E37DE44676F223F317F05526743C2D82BA011DF4422FBF2B093B3F4B15542 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
18:18:10.0581 0x1dc4  mfencrk - ok
18:18:10.0612 0x1dc4  [ 19A75589D26C0D74C3361D6B2FC14858, 009AF3AEE4773A2E53C3CF25CB27A5C787FD780628D295455F9728F4F3287359 ] mfevtp          C:\Windows\system32\mfevtps.exe
18:18:10.0620 0x1dc4  mfevtp - ok
18:18:10.0664 0x1dc4  [ 23BD0C25A4EFA092D5D58FD1A514478F, DED43597CCDFAF19A5FFAA43328232B36B15FD443B3F9C81C9439C5FD61E75A5 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
18:18:10.0670 0x1dc4  mfewfpk - ok
18:18:10.0693 0x1dc4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
18:18:10.0698 0x1dc4  MMCSS - ok
18:18:10.0772 0x1dc4  [ 35176FA09A0FC58DB630991A81A0BA39, 190FCA6C60C8E8431BAC916D6190E7D68DCEA8ED42554A35F495143F6C7A85A6 ] MOBKbackup      C:\Program Files\McAfee Online Backup\MOBKbackup.exe
18:18:10.0785 0x1dc4  MOBKbackup - ok
18:18:10.0823 0x1dc4  [ E896775837A8BCE436348DF460522394, FF912F42CDF9FAB7BDF1C22B692201B707CF3A4DF7DD515AF8B9C4CCCE593CF8 ] MOBKFilter      C:\Windows\system32\DRIVERS\MOBK.sys
18:18:10.0826 0x1dc4  MOBKFilter - ok
18:18:10.0852 0x1dc4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
18:18:10.0854 0x1dc4  Modem - ok
18:18:10.0887 0x1dc4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:18:10.0889 0x1dc4  monitor - ok
18:18:10.0914 0x1dc4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:18:10.0917 0x1dc4  mouclass - ok
18:18:10.0933 0x1dc4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:18:10.0935 0x1dc4  mouhid - ok
18:18:10.0955 0x1dc4  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:18:10.0960 0x1dc4  mountmgr - ok
18:18:10.0995 0x1dc4  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:18:11.0002 0x1dc4  MozillaMaintenance - ok
18:18:11.0014 0x1dc4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:18:11.0020 0x1dc4  mpio - ok
18:18:11.0064 0x1dc4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:18:11.0068 0x1dc4  mpsdrv - ok
18:18:11.0105 0x1dc4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:18:11.0142 0x1dc4  MpsSvc - ok
18:18:11.0175 0x1dc4  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:18:11.0179 0x1dc4  MRxDAV - ok
18:18:11.0212 0x1dc4  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:18:11.0216 0x1dc4  mrxsmb - ok
18:18:11.0238 0x1dc4  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:18:11.0245 0x1dc4  mrxsmb10 - ok
18:18:11.0264 0x1dc4  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:18:11.0268 0x1dc4  mrxsmb20 - ok
18:18:11.0295 0x1dc4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:18:11.0297 0x1dc4  msahci - ok
18:18:11.0319 0x1dc4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:18:11.0323 0x1dc4  msdsm - ok
18:18:11.0342 0x1dc4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
18:18:11.0350 0x1dc4  MSDTC - ok
18:18:11.0370 0x1dc4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:18:11.0371 0x1dc4  Msfs - ok
18:18:11.0382 0x1dc4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:18:11.0383 0x1dc4  mshidkmdf - ok
18:18:11.0404 0x1dc4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:18:11.0405 0x1dc4  msisadrv - ok
18:18:11.0434 0x1dc4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:18:11.0440 0x1dc4  MSiSCSI - ok
18:18:11.0446 0x1dc4  msiserver - ok
18:18:11.0491 0x1dc4  [ 5007E21208DA68F60EBF43352BDFE6D0, 698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] MSK80Service    C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
18:18:11.0499 0x1dc4  MSK80Service - ok
18:18:11.0518 0x1dc4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:18:11.0520 0x1dc4  MSKSSRV - ok
18:18:11.0535 0x1dc4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:18:11.0536 0x1dc4  MSPCLOCK - ok
18:18:11.0541 0x1dc4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:18:11.0543 0x1dc4  MSPQM - ok
18:18:11.0559 0x1dc4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:18:11.0564 0x1dc4  MsRPC - ok
18:18:11.0583 0x1dc4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:18:11.0585 0x1dc4  mssmbios - ok
18:18:11.0590 0x1dc4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:18:11.0592 0x1dc4  MSTEE - ok
18:18:11.0597 0x1dc4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:18:11.0599 0x1dc4  MTConfig - ok
18:18:11.0612 0x1dc4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:18:11.0614 0x1dc4  Mup - ok
18:18:11.0646 0x1dc4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
18:18:11.0672 0x1dc4  napagent - ok
18:18:11.0701 0x1dc4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:18:11.0709 0x1dc4  NativeWifiP - ok
18:18:11.0760 0x1dc4  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:18:11.0779 0x1dc4  NDIS - ok
18:18:11.0796 0x1dc4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:18:11.0797 0x1dc4  NdisCap - ok
18:18:11.0824 0x1dc4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:18:11.0825 0x1dc4  NdisTapi - ok
18:18:11.0855 0x1dc4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:18:11.0857 0x1dc4  Ndisuio - ok
18:18:11.0866 0x1dc4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:18:11.0870 0x1dc4  NdisWan - ok
18:18:11.0902 0x1dc4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:18:11.0905 0x1dc4  NDProxy - ok
18:18:11.0939 0x1dc4  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
18:18:11.0940 0x1dc4  Netaapl - ok
18:18:11.0956 0x1dc4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:18:11.0958 0x1dc4  NetBIOS - ok
18:18:11.0992 0x1dc4  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:18:11.0998 0x1dc4  NetBT - ok
18:18:12.0019 0x1dc4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
18:18:12.0022 0x1dc4  Netlogon - ok
18:18:12.0056 0x1dc4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
18:18:12.0072 0x1dc4  Netman - ok
18:18:12.0125 0x1dc4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:18:12.0166 0x1dc4  NetMsmqActivator - ok
18:18:12.0186 0x1dc4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:18:12.0193 0x1dc4  NetPipeActivator - ok
18:18:12.0228 0x1dc4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
18:18:12.0253 0x1dc4  netprofm - ok
18:18:12.0261 0x1dc4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:18:12.0265 0x1dc4  NetTcpActivator - ok
18:18:12.0275 0x1dc4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:18:12.0279 0x1dc4  NetTcpPortSharing - ok
18:18:12.0328 0x1dc4  [ 104BE93F0607C6AA0D85319581F96EC2, D91DCEF02D28868CF3E21246F47CDBFE0FA89788F68517ABE2D8118F84D22C7F ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
18:18:12.0332 0x1dc4  netvsc - ok
18:18:12.0358 0x1dc4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:18:12.0360 0x1dc4  nfrd960 - ok
18:18:12.0390 0x1dc4  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:18:12.0418 0x1dc4  NlaSvc - ok
18:18:12.0444 0x1dc4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:18:12.0446 0x1dc4  Npfs - ok
18:18:12.0462 0x1dc4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
18:18:12.0467 0x1dc4  nsi - ok
18:18:12.0483 0x1dc4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:18:12.0486 0x1dc4  nsiproxy - ok
18:18:12.0641 0x1dc4  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:18:12.0679 0x1dc4  Ntfs - ok
18:18:12.0700 0x1dc4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
18:18:12.0702 0x1dc4  Null - ok
18:18:12.0749 0x1dc4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:18:12.0755 0x1dc4  nvraid - ok
18:18:12.0833 0x1dc4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:18:12.0839 0x1dc4  nvstor - ok
18:18:12.0885 0x1dc4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:18:12.0891 0x1dc4  nv_agp - ok
18:18:12.0954 0x1dc4  [ 4E37455DB16AEC75862B1D0BC35B589E, F60FCE0C3E6C1559B0A8E0A032AFD30216E1DE2142E8E4C181C43DB6C4B5A443 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
18:18:12.0959 0x1dc4  O2FLASH - ok
18:18:13.0006 0x1dc4  [ 5F63917FCC257ED11E828230BE594194, 25CE216077DF06F00FB3EE996A4833868670EC4ACC66DFF1BDAF5830D83F7218 ] O2MDFRDR        C:\Windows\system32\DRIVERS\O2MDFw7.sys
18:18:13.0009 0x1dc4  O2MDFRDR - ok
18:18:13.0022 0x1dc4  [ FDC901900D9B1B671B3388C3023BD2EA, 890AA5F358615E198DFE093E9C867E35999F9F4428B1A18DA8C5E753CFCC6C30 ] O2MDRRDR        C:\Windows\system32\drivers\O2MDRw7.sys
18:18:13.0025 0x1dc4  O2MDRRDR - ok
18:18:13.0053 0x1dc4  [ 4635935FC972C582632BF45C26BFCB0E, ABD4AFD71B3C2BD3F741BBE3CEC52C4FA63AC78D353101D2E7DC4DE2725D1CA1 ] O2SDIOAssist    c:\Windows\system32\srvany.exe
18:18:13.0057 0x1dc4  O2SDIOAssist - ok
18:18:13.0069 0x1dc4  [ D5A27C1ECD36564FED061EFB78BD0A62, FFC81A5E7657242F970CFE90F274389100D80887EA1DCB26232FF6C17D4A6637 ] O2SDJRDR        C:\Windows\system32\DRIVERS\o2sdjw7.sys
18:18:13.0072 0x1dc4  O2SDJRDR - ok
18:18:13.0082 0x1dc4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:18:13.0084 0x1dc4  ohci1394 - ok
18:18:13.0134 0x1dc4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:18:13.0159 0x1dc4  ose - ok
18:18:13.0621 0x1dc4  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:18:13.0829 0x1dc4  osppsvc - ok
18:18:13.0889 0x1dc4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:18:13.0905 0x1dc4  p2pimsvc - ok
18:18:13.0947 0x1dc4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:18:13.0984 0x1dc4  p2psvc - ok
18:18:14.0058 0x1dc4  [ F6B71D5EA11F122D6632F2A911A43299, 80AC5FB1F3CB3C83D0A622F5B1F53DE365EE1AFF1F7F6FA862F6A49B6AB57BC0 ] PanInstaller    C:\Program Files\Palo Alto Networks\Pan Connect\PanInstaller.exe
18:18:14.0089 0x1dc4  PanInstaller - ok
18:18:14.0205 0x1dc4  [ 102DAE917A16A95D419A7DBBD8F74EBA, 9EDCCF8B3E84FDD6E06004011FE1BFA9CE41D604B01931C371EE25250228B4F3 ] PanService      C:\Program Files\Palo Alto Networks\Pan Connect\PanService.exe
18:18:14.0250 0x1dc4  PanService - ok
18:18:14.0262 0x1dc4  [ CE6200037F6A18CE7410349FB7FD75D1, 479CD2E0F5077BF70CC658AFC761E32794D31A450BC2E06128003F7083165683 ] PanSvd          C:\Windows\system32\DRIVERS\pansvd.sys
18:18:14.0264 0x1dc4  PanSvd - ok
18:18:14.0289 0x1dc4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:18:14.0293 0x1dc4  Parport - ok
18:18:14.0314 0x1dc4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:18:14.0317 0x1dc4  partmgr - ok
18:18:14.0330 0x1dc4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
18:18:14.0331 0x1dc4  Parvdm - ok
18:18:14.0352 0x1dc4  [ 4088C1ECD1F54281A92FA663B0FDC36F, DF6EF6C6ACBF7604681D86D352773E8C11937995C512761C66D50DB126F581C2 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
18:18:14.0353 0x1dc4  PBADRV - ok
18:18:14.0374 0x1dc4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:18:14.0384 0x1dc4  PcaSvc - ok
18:18:14.0412 0x1dc4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
18:18:14.0417 0x1dc4  pci - ok
18:18:14.0448 0x1dc4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:18:14.0449 0x1dc4  pciide - ok
18:18:14.0470 0x1dc4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:18:14.0476 0x1dc4  pcmcia - ok
18:18:14.0491 0x1dc4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:18:14.0495 0x1dc4  pcw - ok
18:18:14.0559 0x1dc4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:18:14.0602 0x1dc4  PEAUTH - ok
18:18:14.0661 0x1dc4  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:18:14.0704 0x1dc4  PeerDistSvc - ok
18:18:14.0792 0x1dc4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
18:18:14.0859 0x1dc4  pla - ok
18:18:14.0895 0x1dc4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:18:14.0910 0x1dc4  PlugPlay - ok
18:18:14.0939 0x1dc4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:18:14.0944 0x1dc4  PNRPAutoReg - ok
18:18:14.0963 0x1dc4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:18:14.0973 0x1dc4  PNRPsvc - ok
18:18:15.0069 0x1dc4  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:18:15.0100 0x1dc4  PolicyAgent - ok
18:18:15.0128 0x1dc4  [ AC42F771CC29727BD1663F211E9AC507, FA08F63C1A3279EC0FAF9B25E24A9C6CCB63BE415636A1B55A5275AF2BDB317D ] Power           C:\Windows\system32\umpo.dll
18:18:15.0135 0x1dc4  Power - ok
18:18:15.0156 0x1dc4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:18:15.0159 0x1dc4  PptpMiniport - ok
18:18:15.0166 0x1dc4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
18:18:15.0168 0x1dc4  Processor - ok
18:18:15.0192 0x1dc4  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:18:15.0200 0x1dc4  ProfSvc - ok
18:18:15.0211 0x1dc4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:18:15.0214 0x1dc4  ProtectedStorage - ok
18:18:15.0233 0x1dc4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:18:15.0236 0x1dc4  Psched - ok
18:18:15.0259 0x1dc4  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
18:18:15.0261 0x1dc4  PxHelp20 - ok
18:18:15.0331 0x1dc4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:18:15.0368 0x1dc4  ql2300 - ok
18:18:15.0382 0x1dc4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:18:15.0386 0x1dc4  ql40xx - ok
18:18:15.0412 0x1dc4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
18:18:15.0421 0x1dc4  QWAVE - ok
18:18:15.0435 0x1dc4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:18:15.0437 0x1dc4  QWAVEdrv - ok
18:18:15.0444 0x1dc4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:18:15.0445 0x1dc4  RasAcd - ok
18:18:15.0493 0x1dc4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:18:15.0495 0x1dc4  RasAgileVpn - ok
18:18:15.0508 0x1dc4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
18:18:15.0521 0x1dc4  RasAuto - ok
18:18:15.0546 0x1dc4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:18:15.0553 0x1dc4  Rasl2tp - ok
18:18:15.0577 0x1dc4  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
18:18:15.0593 0x1dc4  RasMan - ok
18:18:15.0615 0x1dc4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:18:15.0618 0x1dc4  RasPppoe - ok
18:18:15.0636 0x1dc4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:18:15.0639 0x1dc4  RasSstp - ok
18:18:15.0664 0x1dc4  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:18:15.0673 0x1dc4  rdbss - ok
18:18:15.0686 0x1dc4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:18:15.0688 0x1dc4  rdpbus - ok
18:18:15.0698 0x1dc4  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:18:15.0699 0x1dc4  RDPCDD - ok
18:18:15.0737 0x1dc4  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:18:15.0741 0x1dc4  RDPDR - ok
18:18:15.0761 0x1dc4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:18:15.0762 0x1dc4  RDPENCDD - ok
18:18:15.0771 0x1dc4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:18:15.0772 0x1dc4  RDPREFMP - ok
18:18:15.0799 0x1dc4  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:18:15.0801 0x1dc4  RdpVideoMiniport - ok
18:18:15.0837 0x1dc4  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:18:15.0844 0x1dc4  RDPWD - ok
18:18:15.0885 0x1dc4  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:18:15.0890 0x1dc4  rdyboost - ok
18:18:15.0933 0x1dc4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:18:15.0943 0x1dc4  RemoteAccess - ok
18:18:15.0965 0x1dc4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:18:15.0981 0x1dc4  RemoteRegistry - ok
18:18:16.0090 0x1dc4  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:18:16.0172 0x1dc4  RoxMediaDB12OEM - ok
18:18:16.0214 0x1dc4  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:18:16.0223 0x1dc4  RoxWatch12 - ok
18:18:16.0235 0x1dc4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:18:16.0240 0x1dc4  RpcEptMapper - ok
18:18:16.0271 0x1dc4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
18:18:16.0274 0x1dc4  RpcLocator - ok
18:18:16.0314 0x1dc4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
18:18:16.0351 0x1dc4  RpcSs - ok
18:18:16.0379 0x1dc4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:18:16.0384 0x1dc4  rspndr - ok
18:18:16.0414 0x1dc4  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:18:16.0415 0x1dc4  s3cap - ok
18:18:16.0427 0x1dc4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
18:18:16.0431 0x1dc4  SamSs - ok
18:18:16.0457 0x1dc4  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:18:16.0461 0x1dc4  sbp2port - ok
18:18:16.0477 0x1dc4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:18:16.0485 0x1dc4  SCardSvr - ok
18:18:16.0492 0x1dc4  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:18:16.0494 0x1dc4  scfilter - ok
18:18:16.0548 0x1dc4  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
18:18:16.0588 0x1dc4  Schedule - ok
18:18:16.0609 0x1dc4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:18:16.0612 0x1dc4  SCPolicySvc - ok
18:18:16.0633 0x1dc4  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:18:16.0641 0x1dc4  SDRSVC - ok
18:18:16.0657 0x1dc4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:18:16.0659 0x1dc4  secdrv - ok
18:18:16.0681 0x1dc4  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
18:18:16.0685 0x1dc4  seclogon - ok
18:18:17.0027 0x1dc4  [ 657B2004CAD6D17C6C2F6278600E5832, 4E208EE9F3B9B9474AC78E75E624ED006517826341BE0F9E9BBE5C42018C68BB ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
18:18:17.0079 0x1dc4  SecureStorageService - ok
18:18:17.0105 0x1dc4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
18:18:17.0110 0x1dc4  SENS - ok
18:18:17.0129 0x1dc4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:18:17.0133 0x1dc4  SensrSvc - ok
18:18:17.0150 0x1dc4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:18:17.0152 0x1dc4  Serenum - ok
18:18:17.0159 0x1dc4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
18:18:17.0163 0x1dc4  Serial - ok
18:18:17.0171 0x1dc4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:18:17.0173 0x1dc4  sermouse - ok
18:18:17.0198 0x1dc4  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:18:17.0205 0x1dc4  SessionEnv - ok
18:18:17.0210 0x1dc4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:18:17.0212 0x1dc4  sffdisk - ok
18:18:17.0225 0x1dc4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:18:17.0226 0x1dc4  sffp_mmc - ok
18:18:17.0238 0x1dc4  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:18:17.0239 0x1dc4  sffp_sd - ok
18:18:17.0249 0x1dc4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:18:17.0250 0x1dc4  sfloppy - ok
18:18:17.0296 0x1dc4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:18:17.0319 0x1dc4  SharedAccess - ok
18:18:17.0367 0x1dc4  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:18:17.0398 0x1dc4  ShellHWDetection - ok
18:18:17.0415 0x1dc4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:18:17.0417 0x1dc4  sisagp - ok
18:18:17.0424 0x1dc4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:18:17.0426 0x1dc4  SiSRaid2 - ok
18:18:17.0435 0x1dc4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:18:17.0438 0x1dc4  SiSRaid4 - ok
18:18:17.0447 0x1dc4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:18:17.0450 0x1dc4  Smb - ok
18:18:17.0471 0x1dc4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:18:17.0475 0x1dc4  SNMPTRAP - ok
18:18:17.0480 0x1dc4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:18:17.0482 0x1dc4  spldr - ok
18:18:17.0528 0x1dc4  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
18:18:17.0553 0x1dc4  Spooler - ok
18:18:17.0842 0x1dc4  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
18:18:17.0988 0x1dc4  sppsvc - ok
18:18:18.0004 0x1dc4  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:18:18.0009 0x1dc4  sppuinotify - ok
18:18:18.0038 0x1dc4  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:18:18.0050 0x1dc4  srv - ok
18:18:18.0077 0x1dc4  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:18:18.0087 0x1dc4  srv2 - ok
18:18:18.0110 0x1dc4  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:18:18.0114 0x1dc4  srvnet - ok
18:18:18.0133 0x1dc4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:18:18.0142 0x1dc4  SSDPSRV - ok
18:18:18.0171 0x1dc4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:18:18.0178 0x1dc4  SstpSvc - ok
18:18:18.0243 0x1dc4  [ A97FCA92BE4E62BC589371058CBC769E, 0C147290BC8B264969D4219B2291C357F9076E21BE8C1D9C59D6EA507D3195D5 ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
18:18:18.0277 0x1dc4  STacSV - ok
18:18:18.0317 0x1dc4  [ D8FC8D47FBFCB3852E40F5D5058ABC6A, C460EAC21443F73E5102E3891A06715E3E7DF82268E03786D53580F2C12CFF8E ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
18:18:18.0319 0x1dc4  stdcfltn - ok
18:18:18.0346 0x1dc4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:18:18.0347 0x1dc4  stexstor - ok
18:18:18.0377 0x1dc4  [ D5D73B49D53FCC47E2828D6805DFA0F6, 2DD32DDDD0AEFE3C3A2B42D946849000F91C249170445305DE79CABCBAD0660B ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
18:18:18.0389 0x1dc4  STHDA - ok
18:18:18.0415 0x1dc4  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
18:18:18.0442 0x1dc4  StiSvc - ok
18:18:18.0475 0x1dc4  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:18:18.0479 0x1dc4  stllssvr - ok
18:18:18.0508 0x1dc4  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
18:18:18.0512 0x1dc4  StorSvc - ok
18:18:18.0546 0x1dc4  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:18:18.0547 0x1dc4  storvsc - ok
18:18:18.0562 0x1dc4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:18:18.0564 0x1dc4  swenum - ok
18:18:18.0586 0x1dc4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
18:18:18.0611 0x1dc4  swprv - ok
18:18:18.0635 0x1dc4  [ 04990C25043705985F1EC40BF704AAAC, 095F3209A08F7D81F7AE9E3602715124312B07F78BE1577570123A2C7D771EAC ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
18:18:18.0636 0x1dc4  SynthVid - ok
18:18:18.0711 0x1dc4  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
18:18:18.0775 0x1dc4  SysMain - ok
18:18:18.0795 0x1dc4  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
18:18:18.0801 0x1dc4  TabletInputService - ok
18:18:18.0824 0x1dc4  [ 7BD3EF7BA8D1044132CA4869AA8D5297, 6DB47C8E75F523238935E41F0FDACECA9D90E8251CD1FA76F70AD07D78FCC1EB ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:18:18.0826 0x1dc4  tap0901 - ok
18:18:18.0847 0x1dc4  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:18:18.0863 0x1dc4  TapiSrv - ok
18:18:18.0884 0x1dc4  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
18:18:18.0889 0x1dc4  TBS - ok
18:18:18.0958 0x1dc4  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:18:18.0993 0x1dc4  Tcpip - ok
18:18:19.0051 0x1dc4  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:18:19.0086 0x1dc4  TCPIP6 - ok
18:18:19.0120 0x1dc4  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:18:19.0122 0x1dc4  tcpipreg - ok
18:18:19.0261 0x1dc4  [ BD7964E9019C6E60CF806922BB4577D0, 5CAE591A1B8CF513DF6F64508E2E8ABAB40314AF286D4EE144C33D3523DC8511 ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:18:19.0327 0x1dc4  tcsd_win32.exe - ok
18:18:20.0540 0x1dc4  [ 219FEF4AE160298559A4E0C16880F351, FC09DE15FBF6BBDB7A57CE0C9867EE0F8A60E6A1B567E73E5259E71944C103AA ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
18:18:20.0699 0x1dc4  TdmService - ok
18:18:20.0737 0x1dc4  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:18:20.0739 0x1dc4  TDPIPE - ok
18:18:20.0756 0x1dc4  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:18:20.0757 0x1dc4  TDTCP - ok
18:18:20.0774 0x1dc4  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:18:20.0777 0x1dc4  tdx - ok
18:18:20.0788 0x1dc4  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:18:20.0790 0x1dc4  TermDD - ok
18:18:20.0833 0x1dc4  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
18:18:20.0876 0x1dc4  TermService - ok
18:18:20.0897 0x1dc4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
18:18:20.0901 0x1dc4  Themes - ok
18:18:20.0917 0x1dc4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:18:20.0921 0x1dc4  THREADORDER - ok
18:18:20.0947 0x1dc4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
18:18:20.0953 0x1dc4  TrkWks - ok
18:18:21.0037 0x1dc4  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:18:21.0044 0x1dc4  TrustedInstaller - ok
18:18:21.0084 0x1dc4  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:18:21.0086 0x1dc4  tssecsrv - ok
18:18:21.0114 0x1dc4  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:18:21.0117 0x1dc4  TsUsbFlt - ok
18:18:21.0147 0x1dc4  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:18:21.0149 0x1dc4  TsUsbGD - ok
18:18:21.0175 0x1dc4  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:18:21.0179 0x1dc4  tunnel - ok
18:18:21.0190 0x1dc4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:18:21.0192 0x1dc4  uagp35 - ok
18:18:21.0232 0x1dc4  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:18:21.0239 0x1dc4  udfs - ok
18:18:21.0256 0x1dc4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:18:21.0261 0x1dc4  UI0Detect - ok
18:18:21.0308 0x1dc4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:18:21.0311 0x1dc4  uliagpkx - ok
18:18:21.0334 0x1dc4  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:18:21.0337 0x1dc4  umbus - ok
18:18:21.0347 0x1dc4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:18:21.0348 0x1dc4  UmPass - ok
18:18:21.0414 0x1dc4  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:18:21.0424 0x1dc4  UmRdpService - ok
18:18:21.0694 0x1dc4  [ EA9C8B5A8EDC28F2060676F388E33A6F, D11359AC0BB3837AFC194A9D81932127CCCA849B3F8130A9F75AFA27046B62DA ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:18:21.0893 0x1dc4  UNS - ok
18:18:21.0998 0x1dc4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
18:18:22.0026 0x1dc4  upnphost - ok
18:18:22.0068 0x1dc4  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
18:18:22.0071 0x1dc4  USBAAPL - ok
18:18:22.0102 0x1dc4  [ 5620619CE693AADF8767CDA00F940BEE, 3B20D7FBDDE8E0E1D36BC444CCFB825380E39F40A63325608A5D1FA385072906 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:18:22.0105 0x1dc4  usbccgp - ok
18:18:22.0157 0x1dc4  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:18:22.0160 0x1dc4  usbcir - ok
18:18:22.0207 0x1dc4  [ 3735F2A99C5EA762D869748333C83CE8, 11EA3D8611A24D3ECDD79BAF7673D94ED1606F6CB4130C72F2C4CB2DB515DA73 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:18:22.0212 0x1dc4  usbehci - ok
18:18:22.0263 0x1dc4  [ 7DE31B21FA92EE427C058C44CEB7859B, A2CB53B01F7277F192AEA23BD2F215CEAD53CC7C09211F98C01D7947948865E0 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:18:22.0271 0x1dc4  usbhub - ok
18:18:22.0292 0x1dc4  [ E83AF87457337D459F48139FAC8A1994, 734B47BFEB6C3E9FED86B91C9E65A048134F891A2BD3BC08A91BF56925461AFB ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:18:22.0294 0x1dc4  usbohci - ok
18:18:22.0327 0x1dc4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:18:22.0328 0x1dc4  usbprint - ok
18:18:22.0342 0x1dc4  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:18:22.0344 0x1dc4  USBSTOR - ok
18:18:22.0376 0x1dc4  [ 876A815194383359F9F22833D4057138, EF072CC5DDEB354E425A53DC136BA7574509D52BB351561BBCBC4E2AF1A27B59 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:18:22.0380 0x1dc4  usbuhci - ok
18:18:22.0417 0x1dc4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
18:18:22.0422 0x1dc4  UxSms - ok
18:18:22.0452 0x1dc4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
18:18:22.0455 0x1dc4  VaultSvc - ok
18:18:22.0502 0x1dc4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:18:22.0503 0x1dc4  vdrvroot - ok
18:18:22.0539 0x1dc4  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
18:18:22.0574 0x1dc4  vds - ok
18:18:22.0594 0x1dc4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:18:22.0596 0x1dc4  vga - ok
18:18:22.0615 0x1dc4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:18:22.0617 0x1dc4  VgaSave - ok
18:18:22.0628 0x1dc4  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:18:22.0633 0x1dc4  vhdmp - ok
18:18:22.0641 0x1dc4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:18:22.0643 0x1dc4  viaagp - ok
18:18:22.0651 0x1dc4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
18:18:22.0653 0x1dc4  ViaC7 - ok
18:18:22.0691 0x1dc4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:18:22.0693 0x1dc4  viaide - ok
18:18:22.0723 0x1dc4  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:18:22.0725 0x1dc4  VMBusHID - ok
18:18:22.0738 0x1dc4  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:18:22.0740 0x1dc4  volmgr - ok
18:18:22.0777 0x1dc4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:18:22.0786 0x1dc4  volmgrx - ok
18:18:22.0845 0x1dc4  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:18:22.0852 0x1dc4  volsnap - ok
18:18:22.0929 0x1dc4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:18:22.0940 0x1dc4  vsmraid - ok
18:18:23.0156 0x1dc4  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
18:18:23.0204 0x1dc4  VSS - ok
18:18:23.0228 0x1dc4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:18:23.0230 0x1dc4  vwifibus - ok
18:18:23.0268 0x1dc4  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:18:23.0270 0x1dc4  vwififlt - ok
18:18:23.0330 0x1dc4  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:18:23.0333 0x1dc4  vwifimp - ok
18:18:23.0418 0x1dc4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
18:18:23.0433 0x1dc4  W32Time - ok
18:18:23.0461 0x1dc4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:18:23.0462 0x1dc4  WacomPen - ok
18:18:23.0547 0x1dc4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:18:23.0553 0x1dc4  WANARP - ok
18:18:23.0574 0x1dc4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:18:23.0581 0x1dc4  Wanarpv6 - ok
18:18:23.0776 0x1dc4  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:18:23.0822 0x1dc4  WatAdminSvc - ok
18:18:24.0312 0x1dc4  [ 54F65FAC962F006019CFE0137CC16FD2, 286AD158CF3727C8C084C9058016D2065E26BC976A133600CCCCB6C1B3352547 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
18:18:24.0366 0x1dc4  Wave Authentication Manager Service - ok
18:18:24.0659 0x1dc4  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
18:18:24.0727 0x1dc4  wbengine - ok
18:18:24.0749 0x1dc4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:18:24.0758 0x1dc4  WbioSrvc - ok
18:18:24.0778 0x1dc4  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:18:24.0794 0x1dc4  wcncsvc - ok
18:18:24.0807 0x1dc4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:18:24.0812 0x1dc4  WcsPlugInService - ok
18:18:24.0828 0x1dc4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
18:18:24.0830 0x1dc4  Wd - ok
18:18:24.0878 0x1dc4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:18:24.0893 0x1dc4  Wdf01000 - ok
18:18:24.0912 0x1dc4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:18:24.0919 0x1dc4  WdiServiceHost - ok
18:18:24.0926 0x1dc4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:18:24.0932 0x1dc4  WdiSystemHost - ok
18:18:24.0986 0x1dc4  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
18:18:25.0005 0x1dc4  WebClient - ok
18:18:25.0039 0x1dc4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:18:25.0052 0x1dc4  Wecsvc - ok
18:18:25.0066 0x1dc4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:18:25.0071 0x1dc4  wercplsupport - ok
18:18:25.0094 0x1dc4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
18:18:25.0100 0x1dc4  WerSvc - ok
18:18:25.0117 0x1dc4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:18:25.0118 0x1dc4  WfpLwf - ok
18:18:25.0165 0x1dc4  [ C5767C65BC256839355C2C45E8479D34, E580461EC88529A8423BB7CD71B321CA4C957D77BD6937CA39C6E6AE8F8F25C9 ] wgsslvpnsrc     C:\Program Files\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
18:18:25.0168 0x1dc4  wgsslvpnsrc - ok
18:18:25.0184 0x1dc4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:18:25.0188 0x1dc4  WIMMount - ok
18:18:25.0258 0x1dc4  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:18:25.0292 0x1dc4  WinDefend - ok
18:18:25.0306 0x1dc4  WinHttpAutoProxySvc - ok
18:18:25.0359 0x1dc4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:18:25.0365 0x1dc4  Winmgmt - ok
18:18:25.0419 0x1dc4  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
18:18:25.0469 0x1dc4  WinRM - ok
18:18:25.0505 0x1dc4  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
18:18:25.0506 0x1dc4  WinUsb - ok
18:18:25.0579 0x1dc4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:18:25.0617 0x1dc4  Wlansvc - ok
18:18:25.0728 0x1dc4  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:18:25.0795 0x1dc4  wlidsvc - ok
18:18:25.0817 0x1dc4  [ 54950D34613936FEE2D50FDC8A810FEB, E9961C9295319B432CA6C9823061985193CCDFA3D9A142520B2DB977B3FF85A6 ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
18:18:25.0820 0x1dc4  wltrysvc - ok
18:18:25.0843 0x1dc4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:18:25.0844 0x1dc4  WmiAcpi - ok
18:18:25.0870 0x1dc4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:18:25.0875 0x1dc4  wmiApSrv - ok
18:18:25.0937 0x1dc4  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:18:25.0996 0x1dc4  WMPNetworkSvc - ok
18:18:26.0011 0x1dc4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:18:26.0016 0x1dc4  WPCSvc - ok
18:18:26.0030 0x1dc4  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:18:26.0037 0x1dc4  WPDBusEnum - ok
18:18:26.0047 0x1dc4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:18:26.0048 0x1dc4  ws2ifsl - ok
18:18:26.0065 0x1dc4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:18:26.0071 0x1dc4  wscsvc - ok
18:18:26.0078 0x1dc4  WSearch - ok
18:18:26.0176 0x1dc4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:18:26.0252 0x1dc4  wuauserv - ok
18:18:26.0278 0x1dc4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:18:26.0281 0x1dc4  WudfPf - ok
18:18:26.0301 0x1dc4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:18:26.0306 0x1dc4  WUDFRd - ok
18:18:26.0321 0x1dc4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:18:26.0327 0x1dc4  wudfsvc - ok
18:18:26.0366 0x1dc4  [ 78CB45CE99F0EC3F96C64AC185D8233B, 76DD6D450D19524C5EAD3409D4AD950DEF9D21780DBB3DD6495A4004F7A9397E ] WvPCR           C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
18:18:26.0378 0x1dc4  WvPCR - ok
18:18:26.0429 0x1dc4  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:18:26.0464 0x1dc4  WwanSvc - ok
18:18:26.0499 0x1dc4  ================ Scan global ===============================
18:18:26.0525 0x1dc4  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
18:18:26.0563 0x1dc4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:18:26.0611 0x1dc4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:18:26.0635 0x1dc4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
18:18:26.0668 0x1dc4  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
18:18:26.0702 0x1dc4  [ Global ] - ok
18:18:26.0703 0x1dc4  ================ Scan MBR ==================================
18:18:26.0715 0x1dc4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:18:27.0033 0x1dc4  \Device\Harddisk0\DR0 - ok
18:18:27.0035 0x1dc4  ================ Scan VBR ==================================
18:18:27.0039 0x1dc4  [ D120854D2839A7A71BBA5A884AA2623F ] \Device\Harddisk0\DR0\Partition1
18:18:27.0040 0x1dc4  \Device\Harddisk0\DR0\Partition1 - ok
18:18:27.0047 0x1dc4  [ BA937B3942DF9498B2F46E0D9596A302 ] \Device\Harddisk0\DR0\Partition2
18:18:27.0049 0x1dc4  \Device\Harddisk0\DR0\Partition2 - ok
18:18:27.0052 0x1dc4  Waiting for KSN requests completion. In queue: 74
18:18:28.0052 0x1dc4  Waiting for KSN requests completion. In queue: 74
18:18:29.0052 0x1dc4  Waiting for KSN requests completion. In queue: 74
18:18:30.0135 0x1dc4  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
18:18:30.0145 0x1dc4  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
18:18:32.0767 0x1dc4  ============================================================
18:18:32.0767 0x1dc4  Scan finished
18:18:32.0767 0x1dc4  ============================================================
18:18:32.0794 0x2dec  Detected object count: 0
18:18:32.0794 0x2dec  Actual detected object count: 0
18:20:29.0209 0x2e74  Deinitialize success
 

 



#5 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 18 February 2014 - 10:48 PM

Hi,

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#6 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 19 February 2014 - 07:41 PM

ComboFix 14-02-19.01 - KedrickGarland 02/19/2014  19:12:27.1.4 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3241.1987 [GMT -5:00]
Running from: c:\users\kedrickgarland\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\_ctypes.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\_elementtree.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\_hashlib.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\_multiprocessing.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\_socket.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\_ssl.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\pyexpat.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\pysqlite2._sqlite.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\python27.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\pythoncom27.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\PyWinTypes27.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\select.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\unicodedata.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32api.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32com.shell.shell.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32crypt.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32event.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32file.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32inet.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32pdh.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32pipe.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32process.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32profile.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32security.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\win32ts.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\windows._lib_cacheinvalidation.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._controls_.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._core_.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._gdi_.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._html2.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._misc_.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._windows_.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wx._wizard.pyd
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wxbase294u_net_vc90.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wxbase294u_vc90.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wxmsw294u_adv_vc90.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wxmsw294u_core_vc90.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wxmsw294u_html_vc90.dll
c:\users\KEDRIC~1\AppData\Local\Temp\_MEI57562\wxmsw294u_webview_vc90.dll
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe10F1.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe1334.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe145D.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe16BE.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe1826.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe1950.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe1C0F.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe1F2B.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe2209.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe247A.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe268E.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe29AA.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe2B60.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exe2BBF.tmp
c:\users\KEDRIC~1\AppData\Local\Temp\exerb\exeF9B9.tmp
c:\users\kedrickgarland\AppData\Local\assembly\tmp
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_1\background.html
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_1\content.js
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_1\lsdb.js
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_1\manifest.json
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_1\S488.js
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knibpgoaemkaiakinagkogacaaejfnek_0.localstorage-journal
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knibpgoaemkaiakinagkogacaaejfnek_0.localstorage
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\_ctypes.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\_elementtree.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\_hashlib.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\_multiprocessing.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\_socket.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\_ssl.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\pyexpat.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\pysqlite2._sqlite.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\python27.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\pythoncom27.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\PyWinTypes27.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\select.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\unicodedata.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32api.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32com.shell.shell.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32crypt.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32event.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32file.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32inet.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32pdh.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32pipe.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32process.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32profile.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32security.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\win32ts.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\windows._lib_cacheinvalidation.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._controls_.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._core_.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._gdi_.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._html2.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._misc_.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._windows_.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wx._wizard.pyd
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wxbase294u_net_vc90.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wxbase294u_vc90.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wxmsw294u_adv_vc90.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wxmsw294u_core_vc90.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wxmsw294u_html_vc90.dll
c:\users\kedrickgarland\AppData\Local\Temp\_MEI57562\wxmsw294u_webview_vc90.dll
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe10F1.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe1334.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe145D.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe16BE.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe1826.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe1950.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe1C0F.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe1F2B.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe2209.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe247A.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe268E.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe29AA.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe2B60.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exe2BBF.tmp
c:\users\kedrickgarland\AppData\Local\Temp\exerb\exeF9B9.tmp
c:\users\kedrickgarland\GoToAssistDownloadHelper.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-20 to 2014-02-20  )))))))))))))))))))))))))))))))
.
.
2014-02-20 00:23 . 2014-02-20 00:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-18 00:33 . 2014-02-18 00:33 -------- d-----w- c:\program files\CCleaner
2014-02-16 17:32 . 2014-02-16 17:32 -------- d-----w- c:\users\kedrickgarland\AppData\Local\Evernote
2014-02-15 03:36 . 2014-02-15 03:47 -------- d-----w- c:\programdata\HitmanPro
2014-02-15 03:10 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-15 03:10 . 2014-02-15 03:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-15 02:57 . 2014-02-15 02:57 -------- d-----w- c:\windows\ERUNT
2014-02-15 02:43 . 2014-02-15 13:17 -------- d-----w- C:\AdwCleaner
2014-02-14 20:20 . 2014-02-14 20:20 -------- d-----w- c:\program files\McAfeeMOBK
2014-02-14 20:20 . 2010-04-14 01:10 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys
2014-02-14 20:20 . 2014-02-14 20:20 -------- d-----w- c:\program files\McAfee Online Backup
2014-02-14 20:20 . 2013-09-23 18:48 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2014-02-14 20:20 . 2013-09-09 16:11 66296 ----a-w- c:\windows\system32\drivers\McPvDrv.sys
2014-02-14 20:20 . 2014-02-14 20:20 -------- d-----w- c:\users\kedrickgarland\AppData\Local\McAfee File Lock
2014-02-14 20:19 . 2014-02-14 20:19 -------- d-----w- c:\program files\McAfee.com
2014-02-14 19:48 . 2014-02-14 19:48 -------- d-----w- c:\programdata\Citrix
2014-02-14 19:42 . 2014-02-14 19:42 -------- d-----w- c:\program files\Citrix
2014-02-14 19:42 . 2014-02-14 19:42 -------- d-----w- c:\users\kedrickgarland\AppData\Local\Citrix
2014-02-14 18:44 . 2014-02-14 18:44 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\McAfee
2014-02-14 18:06 . 2014-02-14 19:56 -------- d-----w- c:\program files\stinger
2014-02-14 18:04 . 2013-12-05 22:21 174488 ----a-w- c:\windows\system32\mfevtps.exe
2014-02-14 08:08 . 2014-02-14 08:12 -------- d-----w- C:\ff090a5da7ac3e7c97e189ca0b8a6e4d
2014-02-14 08:02 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-02-13 20:43 . 2014-02-13 20:43 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\LavasoftStatistics
2014-02-13 20:19 . 2014-02-13 20:19 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\Malwarebytes
2014-02-13 20:18 . 2014-02-13 20:18 -------- d-----w- c:\programdata\Malwarebytes
2014-02-13 20:10 . 2014-02-14 18:00 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2014-02-13 20:09 . 2014-02-13 20:09 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\SecureSearch
2014-02-13 20:09 . 2014-02-14 16:40 -------- d-----w- c:\program files\Lavasoft
2014-02-13 20:06 . 2014-02-13 20:06 -------- d-----w- c:\programdata\Lavasoft
2014-02-12 14:02 . 2013-12-06 02:02 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-12 14:02 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-02-12 14:01 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-12 14:01 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-02-12 14:01 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-02-12 14:01 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2014-02-12 14:01 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 14:01 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-02-12 14:01 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2014-02-12 14:01 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2014-02-12 14:01 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2014-02-12 14:01 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-02-12 14:01 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-02-12 03:36 . 2014-02-14 18:48 -------- d-----w- c:\programdata\AVAST Software
2014-02-04 13:26 . 2014-02-04 13:26 -------- d-----w- c:\programdata\fc3effe9082f8f6b
2014-02-04 13:26 . 2014-02-14 16:30 -------- d-----w- c:\programdata\PPDFConverter
2014-02-04 13:26 . 2014-02-04 13:26 -------- d-----w- c:\programdata\knibpgoaemkaiakinagkogacaaejfnek
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 16:00 . 2012-11-08 19:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 16:00 . 2012-11-08 19:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 08:01 . 2013-12-11 08:01 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-11 08:01 . 2013-12-11 08:01 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-11 08:01 . 2013-12-11 08:01 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-11 08:01 . 2013-12-11 08:01 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-11 08:01 . 2013-12-11 08:01 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-11 08:01 . 2013-12-11 08:01 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-12-11 08:01 . 2013-12-11 08:01 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-11 08:01 . 2013-12-11 08:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-11 08:01 . 2013-12-11 08:01 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-12-11 08:01 . 2013-12-11 08:01 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 08:01 . 2013-12-11 08:01 337408 ----a-w- c:\windows\system32\html.iec
2013-12-11 08:01 . 2013-12-11 08:01 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-11 08:01 . 2013-12-11 08:01 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-12-11 08:01 . 2013-12-11 08:01 182272 ----a-w- c:\windows\system32\msls31.dll
2013-12-11 08:01 . 2013-12-11 08:01 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-12-11 08:01 . 2013-12-11 08:01 139264 ----a-w- c:\windows\system32\wextract.exe
2013-12-11 08:01 . 2013-12-11 08:01 13312 ----a-w- c:\windows\system32\mshta.exe
2013-12-11 08:01 . 2013-12-11 08:01 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-11 08:01 . 2013-12-11 08:01 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-05 22:29 . 2013-12-05 22:29 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-12-05 22:22 . 2013-12-05 22:22 213392 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2013-12-05 22:16 . 2013-09-25 01:45 572688 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-12-05 22:14 . 2013-12-05 22:14 365416 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-12-05 22:14 . 2013-12-05 22:14 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-12-05 22:13 . 2013-12-05 22:13 236000 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-12-05 22:12 . 2013-09-25 01:42 133992 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-11-27 03:06 . 2013-11-27 03:06 10152 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
2013-11-27 03:06 . 2013-11-27 03:06 80752 ----a-w- c:\windows\system32\drivers\mfencrk.sys
2013-11-27 03:06 . 2013-11-27 03:06 319808 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
2013-11-27 01:19 . 2014-01-15 14:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:18 . 2014-01-15 14:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:18 . 2014-01-15 14:29 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:18 . 2014-01-15 14:29 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:18 . 2014-01-15 14:29 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:18 . 2014-01-15 14:29 24576 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:18 . 2014-01-15 14:29 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 11:11 . 2014-01-15 14:29 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:10 . 2014-01-15 14:29 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-11 16:39 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2012-11-15 22:40 . 2012-11-15 22:40 4096000 ----a-w- c:\program files\GUT8BCD.tmp
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-04-25 01:50 222808 ----a-w- c:\users\kedrickgarland\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-04-25 01:50 222808 ----a-w- c:\users\kedrickgarland\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-04-25 01:50 222808 ----a-w- c:\users\kedrickgarland\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-12-08 16:38 121208 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-12-08 16:38 121208 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\kedrickgarland\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"Spotify Web Helper"="c:\users\kedrickgarland\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-09 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 505720]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-01-25 536668]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 142616]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 177432]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 176408]
"FreeFallProtection"="c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704]
"IMSS"="c:\program files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-04-17 112408]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-15 5955072]
"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-12-08 323952]
"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 6306712]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 516912]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-12-01 296096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 516912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
c:\users\kedrickgarland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
NexDef Plug-in.lnk - c:\users\kedrickgarland\AppData\Local\Autobahn\nexdef.exe [2013-3-14 15500800]
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FaxFinder Client.lnk - c:\program files\Multi-Tech Systems\FaxFinder Client Software\FaxFinderClient.exe [2010-6-21 3616864]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2010-09-15 17:11 1971536 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ   msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-09-23 147912]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 132480]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2013-11-27 80752]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-20 126464]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2011-01-04 62440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-20 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-15 1343400]
R3 WvPCR;WvPCR;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-01-16 145408]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 17904]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-14 54776]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-12-02 826272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-12-02 31648]
S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 1568664]
S2 EmbassyService;EmbassyService;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-01-17 179592]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 132768]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files\Intel\Services\IPT\jhi_service.exe [2012-05-21 212984]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe [2013-11-28 145088]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2013-09-09 66296]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2013-12-11 643608]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-12-05 169320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-12-05 174488]
S2 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-12-05 213392]
S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-04-14 229688]
S2 O2SDIOAssist;O2SDIOAssist;c:\windows\system32\srvany.exe [2003-04-19 8192]
S2 PanInstaller;PanInstaller;c:\program files\Palo Alto Networks\Pan Connect\PanInstaller.exe [2011-09-01 234824]
S2 PanService;PanService;c:\program files\Palo Alto Networks\Pan Connect\PanService.exe [2011-09-01 947528]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-04-17 2594584]
S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-01-05 1189376]
S2 wgsslvpnsrc;WatchGuard SSLVPN Service;c:\program files\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [2011-03-28 58368]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 44144]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-12-05 60920]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2011-12-02 40040]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2011-09-22 41216]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-12-05 365416]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2013-11-27 319808]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7.sys [2011-01-04 60904]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
S3 PanSvd;Pan Virtual Miniport;c:\windows\system32\DRIVERS\pansvd.sys [2011-09-01 27136]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 16:00]
.
2014-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-15 22:40]
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ceca2061bab430.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-15 22:40]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279479454-131192676-2465658032-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-15 22:06]
.
2014-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279479454-131192676-2465658032-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-15 22:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.5.1
FF - ProfilePath - c:\users\kedrickgarland\AppData\Roaming\Mozilla\Firefox\Profiles\1nw8us1y.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&type=A111US0&p=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{B23B186E-B902-4EBC-A309-0FC857C34C9B} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-DivXMediaServer - c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(572)
c:\windows\system32\wvauth.DLL
.
- - - - - - - > 'Explorer.exe'(9104)
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\McAfee Online Backup\MOBKshell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\program files\Dell\DW WLAN Card\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\SPBA\upeksvr.exe
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\windows\system32\SDIOAssist.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Dell\DW WLAN Card\bcmwltry.exe
c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\windows\system32\vssvc.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\McAfee\Platform\mcuicnt.exe
c:\program files\McAfee\MAT\McPvTray.exe
.
**************************************************************************
.
Completion time: 2014-02-19  19:29:59 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-20 00:29
.
Pre-Run: 430,163,595,264 bytes free
Post-Run: 429,825,908,736 bytes free
.
- - End Of File - - 72A3A2CBCEC219F8A4F8586FBB50F140
5C616939100B85E558DA92B899A0FC36


#7 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 20 February 2014 - 04:28 AM

Hi,

Please follow all previous instructions regarding security programs.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
File::
c:\program files\GUT8BCD.tmp

Folder::
c:\programdata\knibpgoaemkaiakinagkogacaaejfnek

In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.Close all browser/windows first.

When finished, it shall produce a log for you. Please post that log, C:\ComboFix.txt, in your next reply.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

CFScriptB-4.gif
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#8 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 20 February 2014 - 03:28 PM

ComboFix 14-02-20.01 - KedrickGarland 02/20/2014  15:05:16.2.4 - x86

Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3241.1960 [GMT -5:00]
Running from: c:\users\kedrickgarland\Downloads\ComboFix.exe
Command switches used :: c:\users\kedrickgarland\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\GUT8BCD.tmp"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\knibpgoaemkaiakinagkogacaaejfnek
c:\programdata\knibpgoaemkaiakinagkogacaaejfnek\knibpgoaemkaiakinagkogacaaejfnek.crx
c:\programdata\knibpgoaemkaiakinagkogacaaejfnek\update.xml
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_0\background.html
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_0\content.js
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_0\lsdb.js
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_0\manifest.json
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Extensions\knibpgoaemkaiakinagkogacaaejfnek\1.0_0\S488.js
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knibpgoaemkaiakinagkogacaaejfnek_0.localstorage-journal
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knibpgoaemkaiakinagkogacaaejfnek_0.localstorage
c:\users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-20 to 2014-02-20  )))))))))))))))))))))))))))))))
.
.
2014-02-20 20:16 . 2014-02-20 20:16 -------- d-----w- c:\users\kedrickgarland\AppData\Local\temp
2014-02-20 20:16 . 2014-02-20 20:16 -------- d-----w- c:\users\user\AppData\Local\temp
2014-02-20 20:16 . 2014-02-20 20:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-20 20:16 . 2014-02-20 20:16 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-02-18 00:33 . 2014-02-18 00:33 -------- d-----w- c:\program files\CCleaner
2014-02-16 17:32 . 2014-02-16 17:32 -------- d-----w- c:\users\kedrickgarland\AppData\Local\Evernote
2014-02-15 03:36 . 2014-02-15 03:47 -------- d-----w- c:\programdata\HitmanPro
2014-02-15 03:10 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-15 03:10 . 2014-02-15 03:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-15 02:57 . 2014-02-15 02:57 -------- d-----w- c:\windows\ERUNT
2014-02-15 02:43 . 2014-02-15 13:17 -------- d-----w- C:\AdwCleaner
2014-02-14 20:20 . 2014-02-14 20:20 -------- d-----w- c:\program files\McAfeeMOBK
2014-02-14 20:20 . 2010-04-14 01:10 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys
2014-02-14 20:20 . 2014-02-14 20:20 -------- d-----w- c:\program files\McAfee Online Backup
2014-02-14 20:20 . 2013-09-23 18:48 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2014-02-14 20:20 . 2013-09-09 16:11 66296 ----a-w- c:\windows\system32\drivers\McPvDrv.sys
2014-02-14 20:20 . 2014-02-14 20:20 -------- d-----w- c:\users\kedrickgarland\AppData\Local\McAfee File Lock
2014-02-14 20:19 . 2014-02-14 20:19 -------- d-----w- c:\program files\McAfee.com
2014-02-14 19:48 . 2014-02-14 19:48 -------- d-----w- c:\programdata\Citrix
2014-02-14 19:42 . 2014-02-14 19:42 -------- d-----w- c:\program files\Citrix
2014-02-14 19:42 . 2014-02-14 19:42 -------- d-----w- c:\users\kedrickgarland\AppData\Local\Citrix
2014-02-14 18:44 . 2014-02-14 18:44 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\McAfee
2014-02-14 18:06 . 2014-02-14 19:56 -------- d-----w- c:\program files\stinger
2014-02-14 18:04 . 2014-01-27 14:11 175480 ----a-w- c:\windows\system32\mfevtps.exe
2014-02-14 08:08 . 2014-02-14 08:12 -------- d-----w- C:\ff090a5da7ac3e7c97e189ca0b8a6e4d
2014-02-14 08:02 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-02-13 20:43 . 2014-02-13 20:43 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\LavasoftStatistics
2014-02-13 20:19 . 2014-02-13 20:19 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\Malwarebytes
2014-02-13 20:18 . 2014-02-13 20:18 -------- d-----w- c:\programdata\Malwarebytes
2014-02-13 20:10 . 2014-02-14 18:00 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2014-02-13 20:09 . 2014-02-13 20:09 -------- d-----w- c:\users\kedrickgarland\AppData\Roaming\SecureSearch
2014-02-13 20:09 . 2014-02-14 16:40 -------- d-----w- c:\program files\Lavasoft
2014-02-13 20:06 . 2014-02-13 20:06 -------- d-----w- c:\programdata\Lavasoft
2014-02-12 14:02 . 2013-12-06 02:02 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-12 14:02 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-02-12 14:01 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-12 14:01 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-02-12 14:01 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-02-12 14:01 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2014-02-12 14:01 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 14:01 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-02-12 14:01 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2014-02-12 14:01 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2014-02-12 14:01 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2014-02-12 14:01 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-02-12 14:01 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-02-12 03:36 . 2014-02-14 18:48 -------- d-----w- c:\programdata\AVAST Software
2014-02-04 13:26 . 2014-02-04 13:26 -------- d-----w- c:\programdata\fc3effe9082f8f6b
2014-02-04 13:26 . 2014-02-14 16:30 -------- d-----w- c:\programdata\PPDFConverter
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 16:00 . 2012-11-08 19:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 16:00 . 2012-11-08 19:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-27 14:18 . 2013-12-05 22:29 61400 ----a-w- c:\windows\system32\drivers\cfwids.sys
2014-01-27 14:12 . 2013-12-05 22:22 214216 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2014-01-27 14:06 . 2013-09-25 01:45 573840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2014-01-27 14:04 . 2013-12-05 22:14 366248 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2014-01-27 14:04 . 2013-12-05 22:14 66408 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2014-01-27 14:03 . 2013-12-05 22:13 236480 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2014-01-27 14:02 . 2013-09-25 01:42 134568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-12-11 08:01 . 2013-12-11 08:01 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-11 08:01 . 2013-12-11 08:01 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-11 08:01 . 2013-12-11 08:01 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-11 08:01 . 2013-12-11 08:01 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-11 08:01 . 2013-12-11 08:01 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-11 08:01 . 2013-12-11 08:01 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-12-11 08:01 . 2013-12-11 08:01 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-11 08:01 . 2013-12-11 08:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-11 08:01 . 2013-12-11 08:01 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-12-11 08:01 . 2013-12-11 08:01 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 08:01 . 2013-12-11 08:01 337408 ----a-w- c:\windows\system32\html.iec
2013-12-11 08:01 . 2013-12-11 08:01 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-11 08:01 . 2013-12-11 08:01 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-12-11 08:01 . 2013-12-11 08:01 182272 ----a-w- c:\windows\system32\msls31.dll
2013-12-11 08:01 . 2013-12-11 08:01 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-12-11 08:01 . 2013-12-11 08:01 139264 ----a-w- c:\windows\system32\wextract.exe
2013-12-11 08:01 . 2013-12-11 08:01 13312 ----a-w- c:\windows\system32\mshta.exe
2013-12-11 08:01 . 2013-12-11 08:01 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-11 08:01 . 2013-12-11 08:01 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-27 03:06 . 2013-11-27 03:06 10152 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
2013-11-27 03:06 . 2013-11-27 03:06 80752 ----a-w- c:\windows\system32\drivers\mfencrk.sys
2013-11-27 03:06 . 2013-11-27 03:06 319808 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
2013-11-27 01:19 . 2014-01-15 14:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:18 . 2014-01-15 14:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:18 . 2014-01-15 14:29 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:18 . 2014-01-15 14:29 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:18 . 2014-01-15 14:29 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:18 . 2014-01-15 14:29 24576 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:18 . 2014-01-15 14:29 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 11:11 . 2014-01-15 14:29 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:10 . 2014-01-15 14:29 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-11 16:39 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2012-11-15 22:40 . 2012-11-15 22:40 4096000 ----a-w- c:\program files\GUT8BCD.tmp
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-04-25 01:50 222808 ----a-w- c:\users\kedrickgarland\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-04-25 01:50 222808 ----a-w- c:\users\kedrickgarland\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-04-25 01:50 222808 ----a-w- c:\users\kedrickgarland\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-12-08 16:38 121208 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 20:47 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-12-08 16:38 121208 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\kedrickgarland\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"Spotify Web Helper"="c:\users\kedrickgarland\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-09 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-20 505720]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-01-25 536668]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-28 142616]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-28 177432]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-28 176408]
"FreeFallProtection"="c:\program files\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2011-07-25 686704]
"IMSS"="c:\program files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-04-17 112408]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-01-15 5955072]
"TdmNotify"="c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" [2011-12-08 323952]
"DFEPApplication"="c:\program files\Dell\Feature Enhancement Pack\DFEPApplication.exe" [2011-08-24 6306712]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-01-28 517392]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-12-01 296096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-01-28 517392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
c:\users\kedrickgarland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
NexDef Plug-in.lnk - c:\users\kedrickgarland\AppData\Local\Autobahn\nexdef.exe [2013-3-14 15500800]
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FaxFinder Client.lnk - c:\program files\Multi-Tech Systems\FaxFinder Client Software\FaxFinderClient.exe [2010-6-21 3616864]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Smart Settings.lnk - c:\program files\Dell\Feature Enhancement Pack\SmartSettings.exe [2011-8-24 494488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2010-09-15 17:11 1971536 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ   msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 0208031392875975mcinstcleanup;McAfee Application Installer Cleanup (0208031392875975);c:\windows\TEMP\020803~1.EXE [x]
R2 O2SDIOAssist;O2SDIOAssist;c:\windows\system32\srvany.exe [2003-04-19 8192]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 wgsslvpnsrc;WatchGuard SSLVPN Service;c:\program files\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [2011-03-28 58368]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-09-23 147912]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 132480]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2013-11-27 80752]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-20 126464]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2011-01-04 62440]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-20 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-15 1343400]
R3 WvPCR;WvPCR;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2012-01-16 145408]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 17904]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-14 54776]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-12-02 826272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-12-02 31648]
S2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\Dell\Feature Enhancement Pack\DFEPService.exe [2011-08-24 1568664]
S2 EmbassyService;EmbassyService;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2012-01-17 179592]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 132768]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files\Intel\Services\IPT\jhi_service.exe [2012-05-21 212984]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe [2014-01-28 145568]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2013-09-09 66296]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2013-12-11 643608]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-01-27 169800]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-01-27 175480]
S2 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2014-01-27 214216]
S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-04-14 229688]
S2 PanInstaller;PanInstaller;c:\program files\Palo Alto Networks\Pan Connect\PanInstaller.exe [2011-09-01 234824]
S2 PanService;PanService;c:\program files\Palo Alto Networks\Pan Connect\PanService.exe [2011-09-01 947528]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-04-17 2594584]
S2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2012-01-05 1189376]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys [2011-07-22 44144]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2014-01-27 61400]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2011-12-02 40040]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2011-09-22 41216]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2014-01-27 366248]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2013-11-27 319808]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7.sys [2011-01-04 60904]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
S3 PanSvd;Pan Virtual Miniport;c:\windows\system32\DRIVERS\pansvd.sys [2011-09-01 27136]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
*Deregistered* - mfehidk01
*Deregistered* - mfencbdc01
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 16:00]
.
2014-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-15 22:40]
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ceca2061bab430.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-15 22:40]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279479454-131192676-2465658032-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-15 22:06]
.
2014-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279479454-131192676-2465658032-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-15 22:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.5.1
FF - ProfilePath - c:\users\kedrickgarland\AppData\Roaming\Mozilla\Firefox\Profiles\1nw8us1y.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&type=A111US0&p=
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(572)
c:\windows\system32\wvauth.DLL
.
Completion time: 2014-02-20  15:19:42
ComboFix-quarantined-files.txt  2014-02-20 20:19
ComboFix2.txt  2014-02-20 00:30
.
Pre-Run: 435,512,836,096 bytes free
Post-Run: 435,222,036,480 bytes free
.
- - End Of File - - DFFE379D7D386B1338FCA92D01713F32
5C616939100B85E558DA92B899A0FC36


#9 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 20 February 2014 - 10:38 PM

How are things running now?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#10 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 20 February 2014 - 11:03 PM

The issue appears to be resolved. Performance is certainly better and the search problems have not surfaced since the last scan. Was there something in the last log that was removed that might have been the culprit?

 

Thanks for your help. I'll be sure to donate to the website. 

 

downwitk



#11 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 21 February 2014 - 03:24 AM

It was the browser extensions causing the problem. But we are not done yet. I need to have further checks.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#12 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 21 February 2014 - 06:02 PM

# AdwCleaner v3.019 - Report created 21/02/2014 at 17:45:22
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : KedrickGarland - KEDRICKGARLAND
# Running from : C:\Users\kedrickgarland\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\adawaretb.xml
File Found : C:\Windows\System32\Tasks\NCH Software
Folder Found C:\Program Files\NCH Software
Folder Found C:\ProgramData\NCH Software
Folder Found C:\Users\kedrickgarland\AppData\Roaming\NCH Software
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\NCH Software
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\NCH Software
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\kedrickgarland\AppData\Roaming\Mozilla\Firefox\Profiles\1nw8us1y.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2895 octets] - [14/02/2014 21:44:03]
AdwCleaner[R1].txt - [1301 octets] - [14/02/2014 21:55:32]
AdwCleaner[R2].txt - [1352 octets] - [15/02/2014 08:08:07]
AdwCleaner[R3].txt - [1996 octets] - [21/02/2014 17:45:22]
AdwCleaner[S0].txt - [2794 octets] - [14/02/2014 21:47:32]
AdwCleaner[S1].txt - [1317 octets] - [15/02/2014 08:17:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [2176 octets] ##########


#13 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 21 February 2014 - 09:57 PM

Hi,

 

Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... Make sure all found items are checked.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

===================================================

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

===================================================

 

On your next reply please post :
AdwCleaner log
JRT log


 


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#14 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 21 February 2014 - 11:22 PM

# AdwCleaner v3.018 - Report created 21/02/2014 at 22:39:24
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : KedrickGarland - KEDRICKGARLAND
# Running from : C:\Users\kedrickgarland\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\kedrickgarland\AppData\Roaming\Mozilla\Firefox\Profiles\1nw8us1y.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\kedrickgarland\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2895 octets] - [14/02/2014 21:44:03]
AdwCleaner[R1].txt - [1301 octets] - [14/02/2014 21:55:32]
AdwCleaner[R2].txt - [1352 octets] - [15/02/2014 08:08:07]
AdwCleaner[R3].txt - [2256 octets] - [21/02/2014 17:45:22]
AdwCleaner[R4].txt - [1491 octets] - [21/02/2014 22:37:22]
AdwCleaner[S0].txt - [2794 octets] - [14/02/2014 21:47:32]
AdwCleaner[S1].txt - [1317 octets] - [15/02/2014 08:17:05]
AdwCleaner[S2].txt - [1314 octets] - [21/02/2014 22:39:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1374 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x86
Ran by KedrickGarland on Fri 02/21/2014 at 23:14:40.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/21/2014 at 23:19:46.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#15 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 22 February 2014 - 12:47 AM

Hi,


Go here and click 'ESET Online Scanner'.
  • If you are not using Internet Explorer, double-click esetsmartinstaller_enu.exe to install it, then click 'Run'.
  • Turn off the real-time scanner of any existing antivirus program while performing the online scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • If using Internet Explorer, allow the ActiveX control to install when asked.
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Next to 'Current scan targets: Operating memory, Local drives', click the Change.. button.
  • Tick all the boxes that correspond to your external/inserted drives.
  • Click Start
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says "Threats found!", click "List of found threats", and then click "Export to text file..."
  • Save that text file to your desktop, and then copy/paste the contents in your next reply. Please do not attach it.
===================================================

Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware here and save to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program. (Note to Vista users, please right-click and select Run as Administrator.)
  • At the end, be sure a checkmark is placed next to:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
Note:
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.


===================================================

On your next reply please post :
ESET log
MBAM log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Edited by Conspire, 22 February 2014 - 12:48 AM.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users