Solved Laptop running slow and won't allow some critical updates...logs attached

[mcIrishgurl]

My son's laptop has been running extremely slow lately and now is not allowing critical window updates. there is also a program called frostwire that we can't find to uninstall...logs below

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-10-03 23:08:16
Windows 6.1.7601 Service Pack 1
Running: 6sj5efin.exe


---- Registry - GMER 1.0.15 ----


Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc773756c11e
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc773756c11e (not active ControlSet)

---- EOF - GMER 1.0.15 ----


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.04.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jonathan :: JONATHAN-PC [administrator]

10/3/2012 9:44:59 PM
mbam-log-2012-10-03 (21-44-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203813
Time elapsed: 3 minute(s), 14 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 4244 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCR\AH (Rogue.MultipleAV) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCR\ah|Content Type (Rogue.MultipleAV) -> Data: application/x-msdownload -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

 

[mcIrishgurl]

More logs.....

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Jonathan at 23:09:39 on 2012-10-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4122 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\spool\DRIVERS\x64\3\lxebserv.exe
C:\Windows\system32\lxebcoms.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\system32\SearchIndexer.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Users\Jonathan\Downloads\6sj5efin.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120823003133.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7725.1624\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun: [<NO NAME>]
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D10AB58E-75A9-4575-B9C4-BC677D6061AC} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D10AB58E-75A9-4575-B9C4-BC677D6061AC}\653405962716475637 : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{D10AB58E-75A9-4575-B9C4-BC677D6061AC}\653405962716475637 : DhcpNameServer = 172.16.101.46
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120823003133.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7725.1624\swg.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB-X64: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [(Default)]
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\xf9im9nl.default\
FF - prefs.js: browser.startup.homepage - hxxp://g.msn.com/USCON/1
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-20 89600]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-20 13336]
R2 lxeb_device;lxeb_device;C:\Windows\system32\lxebcoms.exe -service --> C:\Windows\system32\lxebcoms.exe -service [?]
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxebserv.exe [2011-7-14 45736]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-8 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-8 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-8 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-8 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-5-20 199304]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-5-20 210616]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-9-24 1328736]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-9-24 656480]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-5-20 1692480]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-20 2655768]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-13 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-3 250288]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-13 136176]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-5-20 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-3 114144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-8 249936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-10-04 02:52:50 20480 ----a-w- C:\Windows\svchost.exe
2012-10-04 02:44:13 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Malwarebytes
2012-10-04 02:43:28 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-04 02:43:25 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-04 02:43:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-04 02:20:23 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-10-04 02:20:23 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-10-04 01:46:05 -------- d-----w- C:\Users\Jonathan\AppData\Local\Secunia PSI
2012-10-04 01:45:57 -------- d-----w- C:\Program Files (x86)\Secunia
2012-10-04 00:21:37 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\SUPERAntiSpyware.com
2012-10-04 00:20:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-10-04 00:20:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-10-04 00:13:07 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2012-10-04 00:13:06 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2012-10-04 00:08:19 -------- d-----w- C:\Users\Jonathan\AppData\Local\Macromedia
2012-10-03 23:55:53 -------- d-----w- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2012-10-03 23:41:57 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-10-03 23:41:57 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-10-03 23:41:50 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-10-03 23:41:50 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-10-03 23:41:41 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-10-03 23:41:41 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-10-03 23:41:41 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 22:50:32 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-10-03 22:28:19 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-03 22:23:19 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-10-03 22:22:58 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-03 21:42:04 -------- d-----w- C:\Program Files\CCleaner
2012-09-07 04:14:53 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
.
==================== Find3M ====================
.
2012-10-03 23:29:10 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-03 22:22:35 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-07-27 20:51:42 24984 ----a-w- C:\Windows\System32\AdobePDFUI.dll
2012-07-27 20:51:38 53656 ----a-w- C:\Windows\System32\AdobePDF.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-16 12:30:35 4024320 ----a-w- C:\Program Files (x86)\GUT67B1.tmp
2012-07-06 20:07:42 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
.
============= FINISH: 23:10:25.86 ===============

 

[mcIrishgurl]

Last of logs....

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 5/30/2011 11:25:18 AM
System Uptime: 10/3/2012 9:51:19 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 034W60
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz | CPU 1 | 782/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 581 GiB total, 532.918 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP140: 10/3/2012 3:28:43 AM - Windows Update
RP141: 10/3/2012 2:28:40 PM - Windows Update
RP142: 10/3/2012 4:51:50 PM - Removed Skype Toolbars
RP143: 10/3/2012 5:10:24 PM - Removed Java(TM) 6 Update 24 (64-bit)
RP144: 10/3/2012 5:11:38 PM - Removed Java(TM) 6 Update 26
RP145: 10/3/2012 5:22:24 PM - Installed Java 7 Update 7
RP146: 10/3/2012 5:32:15 PM - Removed Microsoft Silverlight
RP147: 10/3/2012 5:42:28 PM - Windows Update
RP148: 10/3/2012 5:43:28 PM - Windows Update
RP149: 10/3/2012 5:44:15 PM - Windows Update
RP150: 10/3/2012 6:40:39 PM - Windows Update
RP151: 10/3/2012 6:58:39 PM - Windows Update
RP152: 10/3/2012 7:00:48 PM - Windows Update
RP153: 10/3/2012 8:14:59 PM - Removed eBay
RP154: 10/3/2012 8:16:08 PM - Removed Facebook Video Calling 1.2.0.159
RP155: 10/3/2012 8:17:19 PM - Removed ooVoo
RP156: 10/3/2012 8:22:26 PM - Removed Cozi
RP157: 10/3/2012 8:50:59 PM - Windows Update
RP158: 10/3/2012 8:51:46 PM - Windows Update
RP159: 10/3/2012 8:53:08 PM - Windows Update
RP160: 10/3/2012 8:56:14 PM - Windows Update
RP161: 10/3/2012 9:00:03 PM - Windows Update
RP162: 10/3/2012 9:01:26 PM - Installed Microsoft Fix it 50123
RP163: 10/3/2012 9:03:30 PM - Windows Update
RP164: 10/3/2012 9:03:52 PM - Windows Update
RP165: 10/3/2012 9:04:27 PM - Windows Update
RP166: 10/3/2012 9:06:37 PM - Windows Update
RP167: 10/3/2012 9:13:58 PM - Windows Update
RP168: 10/3/2012 9:20:24 PM - Windows Update
RP169: 10/3/2012 9:33:34 PM - Windows Update
RP170: 10/3/2012 9:36:05 PM - Windows Update
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Accidental Damage Services Agreement
Adobe Acrobat X Standard - English, Français, Deutsch
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Advanced Audio FX Engine
Bing Bar
Bing Rewards Client Installer
Consumer In-Home Service Agreement
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell MusicStage
Dell Perks Webslice IE8
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
Google Toolbar for Internet Explorer
Google Update Helper
IDT Audio
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Internet Explorer
Java 7 Update 7
Java Auto Updater
Junk Mail filter update
Lexmark Toolbar
Lexmark Tools for Office
Malwarebytes Anti-Malware version 1.65.0.1400
McAfee SecurityCenter
Mesh Runtime
Microsoft Office 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
PhotoShowExpress
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Secunia PSI (3.0.0.4001)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype™ 5.10
Sonic CinePlayer Decoder Pack
SpywareBlaster 4.6
TrustedID
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
9/26/2012 1:10:51 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/3/2012 9:58:39 PM, Error: Service Control Manager [7022] - The Intel(R) Management and Security Application User Notification Service service hung on starting.
10/3/2012 9:53:58 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/3/2012 9:53:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
10/3/2012 9:36:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2676562).
10/3/2012 9:36:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2679255).
10/3/2012 9:36:40 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).
10/3/2012 3:29:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2732059).
10/2/2012 9:36:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2744842).
.
==== End Of File ===========================

 

[Jay Pfoutz]

Hello, and welcome to TechSpot.

Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information

• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
• If you have already asked for help somewhere, please post the link to the topic you were helped.
• We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Download Farbar Recovery Scan Tool and save it to a flash drive.


Please make sure to get the 64-bit version

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

• • Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt
• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to the disclaimer.
• Place a check next to List Drivers MD5 as well as the default check marks that are already there
• Press Scan button. It will do its scan and save a log on your flash drive.
• Close out of the message after that, then type in the text services.exe in to the "Search:" text box. Then, press the Search file(s) button, just as below:
  
  
  
  When done searching, FRST makes a log, Search.txt, on the C:\ drive or on your flash drive.
• Type exit in the Command Prompt window and reboot the computer normally
• FRST will make a log (FRST.txt) on the flash drive and also the search.txt logfile, please copy and paste the logs in your reply.

 

[mcIrishgurl]

Here are the new logs...thanks in advance for your help!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2012 01
Ran by SYSTEM at 04-10-2012 13:20:15
Running from E:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1675160 2012-03-21] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
2 lxebCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
2 lxeb_device; C:\Windows\system32\lxebcoms.exe -service [1052328 2010-04-14] ( )
2 lxeb_device; C:\Windows\SysWow64\lxebcoms.exe -service [598696 2010-04-14] ( )
2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [220528 2010-08-30] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [502064 2012-08-23] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199304 2012-05-25] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [210616 2012-05-25] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [162224 2012-05-25] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
2 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [1328736 2012-09-24] (Secunia)
2 Secunia Update Agent; "C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service [656480 2012-09-24] (Secunia)

==================== Drivers (Whitelisted) =====================

3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [65264 2012-02-22] (McAfee, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [160792 2012-02-22] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [229528 2012-02-22] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [487296 2012-02-22] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [647208 2012-02-22] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75936 2012-02-22] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 mfeavfk01; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-10-04 13:19 - 2012-10-04 13:19 - 00000000 ____D C:\FRST
2012-10-04 10:56 - 2012-10-04 10:56 - 01456405 ____A (Farbar) C:\Users\Jonathan\Downloads\FRST64.exe
2012-10-03 23:22 - 2012-05-31 12:25 - 00279656 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-10-03 23:11 - 2012-10-03 23:11 - 00024066 ____A C:\Users\Jonathan\My Documents\DDS.txt
2012-10-03 23:11 - 2012-10-03 23:11 - 00024066 ____A C:\Users\Jonathan\Documents\DDS.txt
2012-10-03 23:11 - 2012-10-03 23:11 - 00008171 ____A C:\Users\Jonathan\My Documents\Attach.txt
2012-10-03 23:11 - 2012-10-03 23:11 - 00008171 ____A C:\Users\Jonathan\Documents\Attach.txt
2012-10-03 23:09 - 2012-10-03 23:09 - 00607260 ____R (Swearware) C:\Users\Jonathan\Downloads\dds.com
2012-10-03 23:08 - 2012-10-03 23:08 - 00000411 ____A C:\Users\Jonathan\My Documents\gmer.log
2012-10-03 23:08 - 2012-10-03 23:08 - 00000411 ____A C:\Users\Jonathan\Documents\gmer.log
2012-10-03 22:07 - 2012-10-03 22:07 - 00302592 ____A C:\Users\Jonathan\Downloads\6sj5efin.exe
2012-10-03 21:52 - 2009-07-13 20:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2012-10-03 21:44 - 2012-10-03 21:44 - 00000000 ____D C:\Users\Jonathan\Application Data\Malwarebytes
2012-10-03 21:44 - 2012-10-03 21:44 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Malwarebytes
2012-10-03 21:43 - 2012-10-03 21:43 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-10-03 21:43 - 2012-10-03 21:43 - 00001115 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-10-03 21:43 - 2012-10-03 21:43 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-10-03 21:43 - 2012-10-03 21:43 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-10-03 21:43 - 2012-10-03 21:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-03 21:43 - 2012-09-07 17:04 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-10-03 21:42 - 2012-10-03 21:42 - 10524080 ____A (Malwarebytes Corporation ) C:\Users\Jonathan\Downloads\mbam-setup-1.65.0.1400.exe
2012-10-03 21:34 - 2012-10-03 21:35 - 00261856 ____A C:\Windows\msxml4-KB2721691-enu.LOG
2012-10-03 21:24 - 2012-10-03 21:24 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-10-03 21:24 - 2012-10-03 21:24 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-10-03 21:24 - 2012-10-03 21:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-10-03 21:24 - 2012-10-03 21:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-10-03 21:24 - 2012-10-03 21:24 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-10-03 21:24 - 2012-10-03 21:24 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-10-03 21:24 - 2012-10-03 21:24 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-10-03 21:24 - 2012-10-03 21:24 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-10-03 21:24 - 2012-10-03 21:24 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-10-03 21:24 - 2012-10-03 21:24 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-10-03 21:24 - 2012-10-03 21:24 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-10-03 21:22 - 2012-10-03 21:25 - 00003397 ____A C:\Windows\IE9_main.log
2012-10-03 21:21 - 2012-10-03 21:21 - 02434048 ____A C:\Users\Jonathan\Downloads\msxml.msi
2012-10-03 21:20 - 2012-05-04 06:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-10-03 21:20 - 2012-05-04 04:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-10-03 21:09 - 2012-10-04 13:05 - 00002240 ____A C:\Windows\setupact.log
2012-10-03 21:09 - 2012-10-03 21:09 - 00002132 ____A C:\Windows\PFRO.log
2012-10-03 21:09 - 2012-10-03 21:09 - 00000000 ____A C:\Windows\setuperr.log
2012-10-03 21:01 - 2012-10-03 21:01 - 00985600 ____A C:\Users\Jonathan\Downloads\MicrosoftFixit50123.msi
2012-10-03 20:46 - 2012-10-03 20:46 - 00000000 ____D C:\Users\Jonathan\Local Settings\Secunia PSI
2012-10-03 20:46 - 2012-10-03 20:46 - 00000000 ____D C:\Users\Jonathan\Local Settings\Application Data\Secunia PSI
2012-10-03 20:46 - 2012-10-03 20:46 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Secunia PSI
2012-10-03 20:45 - 2012-10-03 20:45 - 03160768 ____A (Secunia) C:\Users\Jonathan\Downloads\PSISetup.exe
2012-10-03 20:45 - 2012-10-03 20:45 - 00000000 ____D C:\Program Files (x86)\Secunia
2012-10-03 19:21 - 2012-10-03 19:21 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-03 19:21 - 2012-10-03 19:21 - 00001810 ____A C:\Users\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-03 19:21 - 2012-10-03 19:21 - 00000000 ____D C:\Users\Jonathan\Application Data\SUPERAntiSpyware.com
2012-10-03 19:21 - 2012-10-03 19:21 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\SUPERAntiSpyware.com
2012-10-03 19:20 - 2012-10-03 19:21 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-10-03 19:20 - 2012-10-03 19:20 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-10-03 19:20 - 2012-10-03 19:20 - 00000000 ____D C:\Users\All Users\Application Data\SUPERAntiSpyware.com
2012-10-03 19:18 - 2012-10-03 19:19 - 20853312 ____A (SUPERAntiSpyware.com) C:\Users\Jonathan\Downloads\SUPERAntiSpyware.exe
2012-10-03 19:13 - 2012-10-03 19:15 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2012-10-03 19:13 - 2012-10-03 19:13 - 00001085 ____A C:\Users\Jonathan\Desktop\SpywareBlaster.lnk
2012-10-03 19:13 - 2010-01-10 19:40 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2012-10-03 19:11 - 2012-10-03 19:11 - 03258000 ____A (BrightFort LLC ) C:\Users\Jonathan\Downloads\spywareblastersetup46.exe
2012-10-03 19:08 - 2012-10-03 19:08 - 00000000 ____D C:\Users\Jonathan\Local Settings\Macromedia
2012-10-03 19:08 - 2012-10-03 19:08 - 00000000 ____D C:\Users\Jonathan\Local Settings\Application Data\Macromedia
2012-10-03 19:08 - 2012-10-03 19:08 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Macromedia
2012-10-03 19:07 - 2012-10-03 19:07 - 00002021 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-10-03 19:07 - 2012-10-03 19:07 - 00002021 ____A C:\Users\All Users\Desktop\Adobe Reader X.lnk
2012-10-03 18:55 - 2012-10-03 18:55 - 00000000 ____D C:\Users\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2012-10-03 18:55 - 2012-10-03 18:55 - 00000000 ____D C:\Users\All Users\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2012-10-03 18:41 - 2012-08-22 13:12 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-10-03 18:41 - 2012-08-22 13:12 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-10-03 18:41 - 2012-08-22 13:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-10-03 18:41 - 2012-08-22 13:12 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-10-03 18:41 - 2012-08-02 12:58 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-10-03 18:41 - 2012-08-02 11:57 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-10-03 18:41 - 2012-07-04 15:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2012-10-03 17:50 - 2012-08-21 16:01 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-10-03 17:35 - 2012-10-03 17:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-10-03 17:33 - 2012-10-03 17:34 - 13085120 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\Silverlight_x64.exe
2012-10-03 17:29 - 2012-10-03 17:29 - 00998536 ____A (Solid State Networks) C:\Users\Jonathan\Downloads\install_flashplayer11x32_mssd_aih.exe
2012-10-03 17:28 - 2012-10-04 13:05 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-03 17:28 - 2012-10-03 18:29 - 00696240 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-03 17:23 - 2012-10-03 17:22 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-10-03 17:23 - 2012-10-03 17:22 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-10-03 17:22 - 2012-10-03 17:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-10-03 17:22 - 2012-10-03 17:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-10-03 17:22 - 2012-10-03 17:22 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-03 17:22 - 2012-10-03 17:22 - 00000000 ____D C:\Program Files (x86)\Java
2012-10-03 17:19 - 2012-10-03 17:19 - 00894952 ____A (Oracle Corporation) C:\Users\Jonathan\Downloads\jxpiinstall.exe
2012-10-03 17:00 - 2012-10-03 17:01 - 00000000 ____D C:\Users\Jonathan\Application Data\Mozilla
2012-10-03 17:00 - 2012-10-03 17:01 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Mozilla
2012-10-03 17:00 - 2012-10-03 17:00 - 00001136 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-10-03 17:00 - 2012-10-03 17:00 - 00001136 ____A C:\Users\All Users\Desktop\Mozilla Firefox.lnk
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Users\Jonathan\Local Settings\Mozilla
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Users\Jonathan\Local Settings\Application Data\Mozilla
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Mozilla
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Users\All Users\Mozilla
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Users\All Users\Application Data\Mozilla
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-03 17:00 - 2012-10-03 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-03 16:42 - 2012-10-03 16:42 - 00000824 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-10-03 16:42 - 2012-10-03 16:42 - 00000824 ____A C:\Users\All Users\Desktop\CCleaner.lnk
2012-10-03 16:42 - 2012-10-03 16:42 - 00000000 ____D C:\Program Files\CCleaner

==================== 3 Months Modified Files ==================

2012-10-04 13:07 - 2011-05-20 12:56 - 01867754 ____A C:\Windows\WindowsUpdate.log
2012-10-04 13:06 - 2011-06-13 15:17 - 00000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-04 13:06 - 2009-07-14 00:13 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-04 13:05 - 2012-10-03 21:09 - 00002240 ____A C:\Windows\setupact.log
2012-10-04 13:05 - 2012-10-03 17:28 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-04 10:56 - 2012-10-04 10:56 - 01456405 ____A (Farbar) C:\Users\Jonathan\Downloads\FRST64.exe
2012-10-04 08:36 - 2009-07-13 23:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-04 08:36 - 2009-07-13 23:45 - 00013872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-04 08:31 - 2011-06-13 15:17 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-04 08:28 - 2011-06-22 14:23 - 00000328 ____A C:\Windows\Tasks\SpeedyPC Program Check.job
2012-10-04 08:28 - 2011-06-22 14:23 - 00000312 ____A C:\Windows\Tasks\SpeedyPC.job
2012-10-04 08:28 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-03 23:11 - 2012-10-03 23:11 - 00024066 ____A C:\Users\Jonathan\My Documents\DDS.txt
2012-10-03 23:11 - 2012-10-03 23:11 - 00024066 ____A C:\Users\Jonathan\Documents\DDS.txt
2012-10-03 23:11 - 2012-10-03 23:11 - 00008171 ____A C:\Users\Jonathan\My Documents\Attach.txt
2012-10-03 23:11 - 2012-10-03 23:11 - 00008171 ____A C:\Users\Jonathan\Documents\Attach.txt
2012-10-03 23:09 - 2012-10-03 23:09 - 00607260 ____R (Swearware) C:\Users\Jonathan\Downloads\dds.com
2012-10-03 23:08 - 2012-10-03 23:08 - 00000411 ____A C:\Users\Jonathan\My Documents\gmer.log
2012-10-03 23:08 - 2012-10-03 23:08 - 00000411 ____A C:\Users\Jonathan\Documents\gmer.log
2012-10-03 22:07 - 2012-10-03 22:07 - 00302592 ____A C:\Users\Jonathan\Downloads\6sj5efin.exe
2012-10-03 21:43 - 2012-10-03 21:43 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-10-03 21:43 - 2012-10-03 21:43 - 00001115 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-10-03 21:42 - 2012-10-03 21:42 - 10524080 ____A (Malwarebytes Corporation ) C:\Users\Jonathan\Downloads\mbam-setup-1.65.0.1400.exe
2012-10-03 21:35 - 2012-10-03 21:34 - 00261856 ____A C:\Windows\msxml4-KB2721691-enu.LOG
2012-10-03 21:25 - 2012-10-03 21:22 - 00003397 ____A C:\Windows\IE9_main.log
2012-10-03 21:24 - 2012-10-03 21:24 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-10-03 21:24 - 2012-10-03 21:24 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-10-03 21:24 - 2012-10-03 21:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-10-03 21:24 - 2012-10-03 21:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-10-03 21:24 - 2012-10-03 21:24 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-10-03 21:24 - 2012-10-03 21:24 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-10-03 21:24 - 2012-10-03 21:24 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-10-03 21:24 - 2012-10-03 21:24 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-10-03 21:24 - 2012-10-03 21:24 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-10-03 21:24 - 2012-10-03 21:24 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-10-03 21:24 - 2012-10-03 21:24 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-10-03 21:24 - 2012-10-03 21:24 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-10-03 21:24 - 2012-10-03 21:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-10-03 21:21 - 2012-10-03 21:21 - 02434048 ____A C:\Users\Jonathan\Downloads\msxml.msi
2012-10-03 21:09 - 2012-10-03 21:09 - 00002132 ____A C:\Windows\PFRO.log
2012-10-03 21:09 - 2012-10-03 21:09 - 00000000 ____A C:\Windows\setuperr.log
2012-10-03 21:01 - 2012-10-03 21:01 - 00985600 ____A C:\Users\Jonathan\Downloads\MicrosoftFixit50123.msi
2012-10-03 20:45 - 2012-10-03 20:45 - 03160768 ____A (Secunia) C:\Users\Jonathan\Downloads\PSISetup.exe
2012-10-03 19:21 - 2012-10-03 19:21 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-03 19:21 - 2012-10-03 19:21 - 00001810 ____A C:\Users\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-03 19:19 - 2012-10-03 19:18 - 20853312 ____A (SUPERAntiSpyware.com) C:\Users\Jonathan\Downloads\SUPERAntiSpyware.exe
2012-10-03 19:13 - 2012-10-03 19:13 - 00001085 ____A C:\Users\Jonathan\Desktop\SpywareBlaster.lnk
2012-10-03 19:11 - 2012-10-03 19:11 - 03258000 ____A (BrightFort LLC ) C:\Users\Jonathan\Downloads\spywareblastersetup46.exe
2012-10-03 19:07 - 2012-10-03 19:07 - 00002021 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2012-10-03 19:07 - 2012-10-03 19:07 - 00002021 ____A C:\Users\All Users\Desktop\Adobe Reader X.lnk
2012-10-03 18:29 - 2012-10-03 17:28 - 00696240 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-03 18:29 - 2011-06-13 15:14 - 00073136 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-03 17:34 - 2012-10-03 17:33 - 13085120 ____A (Microsoft Corporation) C:\Users\Jonathan\Downloads\Silverlight_x64.exe
2012-10-03 17:29 - 2012-10-03 17:29 - 00998536 ____A (Solid State Networks) C:\Users\Jonathan\Downloads\install_flashplayer11x32_mssd_aih.exe
2012-10-03 17:22 - 2012-10-03 17:23 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-10-03 17:22 - 2012-10-03 17:23 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-10-03 17:22 - 2012-10-03 17:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-10-03 17:22 - 2012-10-03 17:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-10-03 17:22 - 2012-10-03 17:22 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-03 17:22 - 2011-07-09 13:23 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-10-03 17:19 - 2012-10-03 17:19 - 00894952 ____A (Oracle Corporation) C:\Users\Jonathan\Downloads\jxpiinstall.exe
2012-10-03 17:00 - 2012-10-03 17:00 - 00001136 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-10-03 17:00 - 2012-10-03 17:00 - 00001136 ____A C:\Users\All Users\Desktop\Mozilla Firefox.lnk
2012-10-03 16:42 - 2012-10-03 16:42 - 00000824 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-10-03 16:42 - 2012-10-03 16:42 - 00000824 ____A C:\Users\All Users\Desktop\CCleaner.lnk
2012-10-03 07:48 - 2011-07-14 22:59 - 00015760 ____A C:\Users\All Users\lxebJSW.log
2012-10-03 07:48 - 2011-07-14 22:59 - 00015760 ____A C:\Users\All Users\Application Data\lxebJSW.log
2012-09-17 21:56 - 2011-06-02 00:18 - 00062976 ____A C:\Users\Jonathan\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-17 21:56 - 2011-06-02 00:18 - 00062976 ____A C:\Users\Jonathan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-17 21:56 - 2011-06-02 00:18 - 00062976 ____A C:\Users\Jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-17 21:32 - 2012-02-12 22:36 - 00000129 ____A C:\Windows\System32\MRT.INI
2012-09-17 21:29 - 2011-05-30 23:25 - 64462936 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-09-07 17:04 - 2012-10-03 21:43 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-06 13:04 - 2009-07-13 23:45 - 00319744 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-22 13:12 - 2012-10-03 18:41 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 13:12 - 2012-10-03 18:41 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 13:12 - 2012-10-03 18:41 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 13:12 - 2012-10-03 18:41 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 16:01 - 2012-10-03 17:50 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-02 12:58 - 2012-10-03 18:41 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-08-02 11:57 - 2012-10-03 18:41 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-07-27 15:51 - 2012-07-27 15:51 - 00053656 ____A (Adobe Systems Inc) C:\Windows\System32\AdobePDF.dll
2012-07-27 15:51 - 2012-07-27 15:51 - 00024984 ____A (Adobe Systems Inc.) C:\Windows\System32\AdobePDFUI.dll
2012-07-18 13:15 - 2012-08-24 03:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-16 07:30 - 2012-07-16 07:30 - 04024320 ____A C:\Program Files (x86)\GUT67B1.tmp
2012-07-13 14:56 - 2012-07-13 14:56 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-07-13 14:56 - 2012-07-13 14:56 - 00002515 ____A C:\Users\All Users\Desktop\Skype.lnk

ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-03 14:29:17
Restore point made on: 2012-10-03 16:52:01
Restore point made on: 2012-10-03 17:10:28
Restore point made on: 2012-10-03 17:11:41
Restore point made on: 2012-10-03 17:22:28
Restore point made on: 2012-10-03 17:32:19
Restore point made on: 2012-10-03 17:42:32
Restore point made on: 2012-10-03 17:43:32
Restore point made on: 2012-10-03 17:44:20
Restore point made on: 2012-10-03 18:40:44
Restore point made on: 2012-10-03 18:58:52
Restore point made on: 2012-10-03 19:00:52
Restore point made on: 2012-10-03 20:15:26
Restore point made on: 2012-10-03 20:16:13
Restore point made on: 2012-10-03 20:17:24
Restore point made on: 2012-10-03 20:22:30
Restore point made on: 2012-10-03 20:51:03
Restore point made on: 2012-10-03 20:51:51
Restore point made on: 2012-10-03 20:53:12
Restore point made on: 2012-10-03 20:56:18
Restore point made on: 2012-10-03 21:00:07
Restore point made on: 2012-10-03 21:01:30
Restore point made on: 2012-10-03 21:03:34
Restore point made on: 2012-10-03 21:03:57
Restore point made on: 2012-10-03 21:04:31
Restore point made on: 2012-10-03 21:06:40
Restore point made on: 2012-10-03 21:14:57
Restore point made on: 2012-10-03 21:20:30
Restore point made on: 2012-10-03 21:34:30
Restore point made on: 2012-10-03 21:36:16
Restore point made on: 2012-10-04 03:00:28
Restore point made on: 2012-10-04 08:33:17

==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 6051.18 MB
Available physical RAM: 5321.22 MB
Total Pagefile: 6049.32 MB
Available Pagefile: 5316.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:532.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (Recovery) (Fixed) (Total:14.65 GB) (Free:6.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive d: detected. Check for MBR/Partition infection.
3 Drive e: () (Removable) (Total:3.74 GB) (Free:2.62 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 596 GB 0 B
Disk 1 Online 3827 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 100 MB 1024 KB
Partition 2 Primary 14 GB 101 MB
Partition 3 Primary 581 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 DELLUTILITY FAT Partition 100 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D Recovery NTFS Partition 14 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 581 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3826 MB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E FAT32 Removable 3826 MB Healthy

=========================================================

Last Boot: 2012-10-02 21:57

==================== End Of Log =============================

 

[mcIrishgurl]

Farbar Recovery Scan Tool (x64) Version: 02-10-2012 01
Ran by SYSTEM at 2012-10-04 13:23:49
Running from E:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 18:19] - [2009-07-13 20:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 18:19] - [2009-07-13 20:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

====== End Of Search ======

 

[Jay Pfoutz]

Looks like you have a MBR infection, which is able to operate in lower portions of the computer. Please do the following carefully in Normal Mode...

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

avast! aswMBR

Please download aswMBR from here

• Save aswMBR.exe to your Desktop
• Double click aswMBR.exe to run it
• Uncheck Trace disk IO calls.
• Click the Scan button to start the scan as illustrated below

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

• Once the scan finishes click Save log to save the log to your Desktop
  
  
• Copy and paste the contents of aswMBR.txt back here for review
• Please also find MBR.dat on your Desktop, and rename it to MBR.txt. Upload that as well. Do not copy and paste MBR.dat/txt, it needs to be uploaded.

 

[mcIrishgurl]

New logs...

15:57:43.0115 5868 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:57:45.0115 5868 ============================================================
15:57:45.0115 5868 Current date / time: 2012/10/04 15:57:45.0115
15:57:45.0115 5868 SystemInfo:
15:57:45.0115 5868
15:57:45.0115 5868 OS Version: 6.1.7601 ServicePack: 1.0
15:57:45.0115 5868 Product type: Workstation
15:57:45.0115 5868 ComputerName: JONATHAN-PC
15:57:45.0115 5868 UserName: Jonathan
15:57:45.0115 5868 Windows directory: C:\Windows
15:57:45.0115 5868 System windows directory: C:\Windows
15:57:45.0115 5868 Running under WOW64
15:57:45.0115 5868 Processor architecture: Intel x64
15:57:45.0115 5868 Number of processors: 4
15:57:45.0115 5868 Page size: 0x1000
15:57:45.0115 5868 Boot type: Normal boot
15:57:45.0115 5868 ============================================================
15:57:45.0825 5868 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:57:45.0835 5868 ============================================================
15:57:45.0835 5868 \Device\Harddisk0\DR0:
15:57:45.0835 5868 MBR partitions:
15:57:45.0835 5868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
15:57:45.0835 5868 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
15:57:45.0835 5868 ============================================================
15:57:45.0855 5868 C: <-> \Device\Harddisk0\DR0\Partition2
15:57:45.0855 5868 ============================================================
15:57:45.0855 5868 Initialize success
15:57:45.0855 5868 ============================================================
15:59:08.0433 4148 Deinitialize success

 

[mcIrishgurl]

Cont'd....


15:59:37.0045 3676 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:59:37.0675 3676 ============================================================
15:59:37.0675 3676 Current date / time: 2012/10/04 15:59:37.0675
15:59:37.0675 3676 SystemInfo:
15:59:37.0675 3676
15:59:37.0675 3676 OS Version: 6.1.7601 ServicePack: 1.0
15:59:37.0675 3676 Product type: Workstation
15:59:37.0675 3676 ComputerName: JONATHAN-PC
15:59:37.0675 3676 UserName: Jonathan
15:59:37.0675 3676 Windows directory: C:\Windows
15:59:37.0675 3676 System windows directory: C:\Windows
15:59:37.0675 3676 Running under WOW64
15:59:37.0675 3676 Processor architecture: Intel x64
15:59:37.0675 3676 Number of processors: 4
15:59:37.0675 3676 Page size: 0x1000
15:59:37.0675 3676 Boot type: Normal boot
15:59:37.0675 3676 ============================================================
15:59:38.0045 3676 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:38.0055 3676 ============================================================
15:59:38.0055 3676 \Device\Harddisk0\DR0:
15:59:38.0055 3676 MBR partitions:
15:59:38.0055 3676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
15:59:38.0055 3676 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
15:59:38.0055 3676 ============================================================
15:59:38.0075 3676 C: <-> \Device\Harddisk0\DR0\Partition2
15:59:38.0075 3676 ============================================================
15:59:38.0075 3676 Initialize success
15:59:38.0075 3676 ============================================================
16:00:19.0352 6772 ============================================================
16:00:19.0352 6772 Scan started
16:00:19.0352 6772 Mode: Manual; SigCheck; TDLFS;
16:00:19.0352 6772 ============================================================
16:00:19.0758 6772 ================ Scan system memory ========================
16:00:19.0758 6772 System memory - ok
16:00:19.0758 6772 ================ Scan services =============================
16:00:19.0898 6772 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:00:19.0992 6772 !SASCORE - ok
16:00:20.0194 6772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:00:20.0272 6772 1394ohci - ok
16:00:20.0304 6772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:00:20.0319 6772 ACPI - ok
16:00:20.0350 6772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:00:20.0475 6772 AcpiPmi - ok
16:00:20.0662 6772 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:00:20.0725 6772 AdobeARMservice - ok
16:00:20.0881 6772 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:00:20.0912 6772 AdobeFlashPlayerUpdateSvc - ok
16:00:20.0993 6772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:00:21.0013 6772 adp94xx - ok
16:00:21.0063 6772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:00:21.0093 6772 adpahci - ok
16:00:21.0113 6772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:00:21.0133 6772 adpu320 - ok
16:00:21.0183 6772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:00:21.0263 6772 AeLookupSvc - ok
16:00:21.0343 6772 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:00:21.0463 6772 AESTFilters - ok
16:00:21.0533 6772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:00:21.0573 6772 AFD - ok
16:00:21.0623 6772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:00:21.0633 6772 agp440 - ok
16:00:21.0663 6772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:00:21.0733 6772 ALG - ok
16:00:21.0773 6772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:00:21.0793 6772 aliide - ok
16:00:21.0813 6772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:00:21.0823 6772 amdide - ok
16:00:21.0873 6772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:00:21.0933 6772 AmdK8 - ok
16:00:21.0943 6772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:00:21.0993 6772 AmdPPM - ok
16:00:22.0033 6772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:00:22.0093 6772 amdsata - ok
16:00:22.0113 6772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:00:22.0133 6772 amdsbs - ok
16:00:22.0143 6772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:00:22.0153 6772 amdxata - ok
16:00:22.0203 6772 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
16:00:22.0273 6772 ApfiltrService - ok
16:00:22.0313 6772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:00:22.0423 6772 AppID - ok
16:00:22.0443 6772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:00:22.0523 6772 AppIDSvc - ok
16:00:22.0553 6772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:00:22.0613 6772 Appinfo - ok
16:00:22.0653 6772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:00:22.0673 6772 arc - ok
16:00:22.0693 6772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:00:22.0713 6772 arcsas - ok
16:00:22.0743 6772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:00:22.0803 6772 AsyncMac - ok
16:00:22.0843 6772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:00:22.0873 6772 atapi - ok
16:00:22.0943 6772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:00:23.0053 6772 AudioEndpointBuilder - ok
16:00:23.0083 6772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:00:23.0133 6772 AudioSrv - ok
16:00:23.0173 6772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:00:23.0253 6772 AxInstSV - ok
16:00:23.0313 6772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:00:23.0363 6772 b06bdrv - ok
16:00:23.0413 6772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:00:23.0463 6772 b57nd60a - ok
16:00:23.0583 6772 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
16:00:23.0702 6772 BBSvc - ok
16:00:23.0734 6772 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
16:00:23.0780 6772 BBUpdate - ok
16:00:23.0812 6772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:00:23.0858 6772 BDESVC - ok
16:00:23.0890 6772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:00:23.0968 6772 Beep - ok
16:00:24.0046 6772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:00:24.0139 6772 BFE - ok
16:00:24.0170 6772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:00:24.0233 6772 BITS - ok
16:00:24.0248 6772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:00:24.0280 6772 blbdrive - ok
16:00:24.0389 6772 [ 093B1B419EF25B15D3A1CA6953F41AFB ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:00:24.0436 6772 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
16:00:24.0436 6772 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
16:00:24.0498 6772 [ 03A7341E94ACD92E0831336D4F3ACE92 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:00:25.0539 6772 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
16:00:25.0539 6772 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
16:00:25.0589 6772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:00:25.0649 6772 bowser - ok
16:00:25.0679 6772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:00:25.0719 6772 BrFiltLo - ok
16:00:25.0729 6772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:00:25.0739 6772 BrFiltUp - ok
16:00:25.0769 6772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:00:25.0849 6772 Browser - ok
16:00:25.0879 6772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:00:25.0959 6772 Brserid - ok
16:00:25.0979 6772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:00:26.0029 6772 BrSerWdm - ok
16:00:26.0049 6772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:00:26.0109 6772 BrUsbMdm - ok
16:00:26.0139 6772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:00:26.0209 6772 BrUsbSer - ok
16:00:26.0289 6772 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:00:26.0359 6772 BthEnum - ok
16:00:26.0389 6772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:00:26.0439 6772 BTHMODEM - ok
16:00:26.0459 6772 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:00:26.0529 6772 BthPan - ok
16:00:26.0589 6772 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:00:26.0669 6772 BTHPORT - ok
16:00:26.0699 6772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:00:26.0779 6772 bthserv - ok
16:00:26.0809 6772 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:00:26.0869 6772 BTHUSB - ok
16:00:26.0899 6772 [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
16:00:26.0960 6772 btmaux - ok
16:00:27.0007 6772 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
16:00:27.0054 6772 btmhsf - ok
16:00:27.0085 6772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:00:27.0148 6772 cdfs - ok
16:00:27.0179 6772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:00:27.0257 6772 cdrom - ok
16:00:27.0304 6772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:00:27.0413 6772 CertPropSvc - ok
16:00:27.0460 6772 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
16:00:27.0522 6772 cfwids - ok
16:00:27.0553 6772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:00:27.0616 6772 circlass - ok
16:00:27.0647 6772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:00:27.0694 6772 CLFS - ok
16:00:27.0756 6772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:00:27.0803 6772 clr_optimization_v2.0.50727_32 - ok
16:00:27.0850 6772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:00:27.0881 6772 clr_optimization_v2.0.50727_64 - ok
16:00:27.0959 6772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:00:28.0052 6772 clr_optimization_v4.0.30319_32 - ok
16:00:28.0084 6772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:00:28.0130 6772 clr_optimization_v4.0.30319_64 - ok
16:00:28.0146 6772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:00:28.0177 6772 CmBatt - ok
16:00:28.0193 6772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:00:28.0208 6772 cmdide - ok
16:00:28.0255 6772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:00:28.0286 6772 CNG - ok
16:00:28.0333 6772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:00:28.0364 6772 Compbatt - ok
16:00:28.0411 6772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:00:28.0505 6772 CompositeBus - ok
16:00:28.0520 6772 COMSysApp - ok
16:00:28.0536 6772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:00:28.0552 6772 crcdisk - ok
16:00:28.0583 6772 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:00:28.0676 6772 CryptSvc - ok
16:00:28.0739 6772 [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:00:28.0817 6772 CtClsFlt - ok
16:00:28.0879 6772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:00:28.0942 6772 DcomLaunch - ok
16:00:28.0957 6772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:00:29.0004 6772 defragsvc - ok
16:00:29.0051 6772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:00:29.0113 6772 DfsC - ok
16:00:29.0144 6772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:00:29.0207 6772 Dhcp - ok
16:00:29.0238 6772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:00:29.0332 6772 discache - ok
16:00:29.0347 6772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:00:29.0378 6772 Disk - ok
16:00:29.0410 6772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:00:29.0472 6772 Dnscache - ok
16:00:29.0503 6772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:00:29.0566 6772 dot3svc - ok
16:00:29.0597 6772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:00:29.0659 6772 DPS - ok
16:00:29.0690 6772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:00:29.0753 6772 drmkaud - ok
16:00:29.0800 6772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:00:29.0878 6772 DXGKrnl - ok
16:00:29.0909 6772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:00:30.0002 6772 EapHost - ok
16:00:30.0080 6772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:00:30.0236 6772 ebdrv - ok
16:00:30.0268 6772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:00:30.0346 6772 EFS - ok
16:00:30.0408 6772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:00:30.0517 6772 ehRecvr - ok
16:00:30.0548 6772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:00:30.0611 6772 ehSched - ok
16:00:30.0658 6772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:00:30.0704 6772 elxstor - ok
16:00:30.0736 6772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:00:30.0767 6772 ErrDev - ok
16:00:30.0829 6772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:00:30.0895 6772 EventSystem - ok
16:00:31.0045 6772 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:00:31.0075 6772 EvtEng - ok
16:00:31.0095 6772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:00:31.0165 6772 exfat - ok
16:00:31.0185 6772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:00:31.0215 6772 fastfat - ok
16:00:31.0265 6772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:00:31.0355 6772 Fax - ok
16:00:31.0385 6772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:00:31.0425 6772 fdc - ok
16:00:31.0465 6772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:00:31.0525 6772 fdPHost - ok
16:00:31.0535 6772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:00:31.0565 6772 FDResPub - ok
16:00:31.0575 6772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:00:31.0585 6772 FileInfo - ok
16:00:31.0605 6772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:00:31.0675 6772 Filetrace - ok
16:00:31.0695 6772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:00:31.0715 6772 flpydisk - ok
16:00:31.0745 6772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:00:31.0785 6772 FltMgr - ok
16:00:31.0835 6772 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:00:31.0925 6772 FontCache - ok
16:00:31.0995 6772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:00:32.0055 6772 FontCache3.0.0.0 - ok
16:00:32.0085 6772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:00:32.0115 6772 FsDepends - ok
16:00:32.0145 6772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:00:32.0205 6772 Fs_Rec - ok
16:00:32.0265 6772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:00:32.0295 6772 fvevol - ok
16:00:32.0315 6772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:00:32.0355 6772 gagp30kx - ok
16:00:32.0405 6772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:00:32.0505 6772 gpsvc - ok
16:00:32.0605 6772 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:32.0635 6772 gupdate - ok
16:00:32.0675 6772 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:32.0685 6772 gupdatem - ok
16:00:32.0755 6772 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:00:32.0815 6772 gusvc - ok
16:00:32.0845 6772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:00:32.0890 6772 hcw85cir - ok
16:00:32.0953 6772 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:00:33.0046 6772 HdAudAddService - ok
16:00:33.0062 6772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:00:33.0078 6772 HDAudBus - ok
16:00:33.0093 6772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:00:33.0109 6772 HidBatt - ok
16:00:33.0124 6772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:00:33.0156 6772 HidBth - ok
16:00:33.0156 6772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:00:33.0171 6772 HidIr - ok
16:00:33.0202 6772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:00:33.0249 6772 hidserv - ok
16:00:33.0265 6772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:00:33.0312 6772 HidUsb - ok
16:00:33.0343 6772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:00:33.0421 6772 hkmsvc - ok
16:00:33.0499 6772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:00:33.0561 6772 HomeGroupListener - ok
16:00:33.0592 6772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:00:33.0639 6772 HomeGroupProvider - ok
16:00:33.0670 6772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:00:33.0717 6772 HpSAMD - ok
16:00:33.0748 6772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:00:33.0795 6772 HTTP - ok
16:00:33.0842 6772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:00:33.0873 6772 hwpolicy - ok
16:00:33.0920 6772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:00:33.0982 6772 i8042prt - ok
16:00:34.0014 6772 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:00:34.0029 6772 iaStor - ok
16:00:34.0092 6772 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:00:34.0107 6772 IAStorDataMgrSvc - ok
16:00:34.0154 6772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:00:34.0216 6772 iaStorV - ok
16:00:34.0232 6772 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:00:34.0279 6772 iBtFltCoex - ok
16:00:34.0326 6772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:00:34.0372 6772 idsvc - ok
16:00:34.0669 6772 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:00:35.0072 6772 igfx - ok
16:00:35.0122 6772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:00:35.0142 6772 iirsp - ok
16:00:35.0192 6772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:00:35.0282 6772 IKEEXT - ok
16:00:35.0352 6772 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:00:35.0412 6772 IntcDAud - ok
16:00:35.0432 6772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:00:35.0442 6772 intelide - ok
16:00:35.0462 6772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:00:35.0492 6772 intelppm - ok
16:00:35.0532 6772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:00:35.0622 6772 IPBusEnum - ok
16:00:35.0662 6772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:00:35.0732 6772 IpFilterDriver - ok
16:00:35.0762 6772 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:00:35.0852 6772 iphlpsvc - ok
16:00:35.0872 6772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:00:35.0912 6772 IPMIDRV - ok
16:00:35.0942 6772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:00:36.0052 6772 IPNAT - ok
16:00:36.0112 6772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:00:36.0192 6772 IRENUM - ok
16:00:36.0202 6772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:00:36.0212 6772 isapnp - ok
16:00:36.0232 6772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:00:36.0282 6772 iScsiPrt - ok
16:00:36.0302 6772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:00:36.0332 6772 kbdclass - ok
16:00:36.0352 6772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:00:36.0402 6772 kbdhid - ok
16:00:36.0432 6772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:00:36.0462 6772 KeyIso - ok
16:00:36.0472 6772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:00:36.0482 6772 KSecDD - ok
16:00:36.0492 6772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:00:36.0512 6772 KSecPkg - ok
16:00:36.0532 6772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:00:36.0592 6772 ksthunk - ok
16:00:36.0632 6772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:00:36.0712 6772 KtmRm - ok
16:00:36.0782 6772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:00:36.0832 6772 LanmanServer - ok
16:00:36.0872 6772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:00:36.0972 6772 LanmanWorkstation - ok
16:00:37.0012 6772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:00:37.0072 6772 lltdio - ok
16:00:37.0112 6772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:00:37.0172 6772 lltdsvc - ok
16:00:37.0182 6772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:00:37.0212 6772 lmhosts - ok
16:00:37.0292 6772 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:00:37.0322 6772 LMS - ok
16:00:37.0362 6772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:00:37.0382 6772 LSI_FC - ok
16:00:37.0402 6772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:00:37.0412 6772 LSI_SAS - ok
16:00:37.0422 6772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:00:37.0432 6772 LSI_SAS2 - ok
16:00:37.0432 6772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:00:37.0442 6772 LSI_SCSI - ok
16:00:37.0472 6772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:00:37.0522 6772 luafv - ok
16:00:37.0632 6772 [ F6963E48385A5637FC4E51DC0F8234A0 ] lxebCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe
16:00:37.0662 6772 lxebCATSCustConnectService - ok
16:00:37.0662 6772 lxeb_device - ok
16:00:37.0752 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:00:37.0782 6772 McAfee SiteAdvisor Service - ok
16:00:37.0842 6772 [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
16:00:37.0902 6772 McAWFwk - ok
16:00:37.0932 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:00:37.0942 6772 McMPFSvc - ok
16:00:37.0972 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:00:37.0992 6772 mcmscsvc - ok
16:00:37.0992 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:00:38.0002 6772 McNaiAnn - ok
16:00:38.0012 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:00:38.0022 6772 McNASvc - ok
16:00:38.0092 6772 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
16:00:38.0142 6772 McODS - ok
16:00:38.0142 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:00:38.0152 6772 McOobeSv - ok
16:00:38.0162 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
16:00:38.0172 6772 McProxy - ok
16:00:38.0242 6772 [ 597C77235621E7DDD32A68574FDE6464 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:00:38.0262 6772 McShield - ok
16:00:38.0292 6772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:00:38.0352 6772 Mcx2Svc - ok
16:00:38.0392 6772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:00:38.0402 6772 megasas - ok
16:00:38.0422 6772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:00:38.0432 6772 MegaSR - ok
16:00:38.0472 6772 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:00:38.0532 6772 MEIx64 - ok
16:00:38.0552 6772 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
16:00:38.0582 6772 mfeapfk - ok
16:00:38.0602 6772 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
16:00:38.0652 6772 mfeavfk - ok
16:00:38.0702 6772 mfeavfk01 - ok
16:00:38.0742 6772 [ 134BB16F93A07C2C89B0B9C399382BDB ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:00:38.0772 6772 mfefire - ok
16:00:38.0812 6772 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
16:00:38.0872 6772 mfefirek - ok
16:00:38.0912 6772 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
16:00:38.0922 6772 mfehidk - ok
16:00:38.0952 6772 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
16:00:38.0992 6772 mfenlfk - ok
16:00:39.0012 6772 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
16:00:39.0052 6772 mferkdet - ok
16:00:39.0102 6772 [ 4D0ECD05ABB518EA323F651F4AB8458F ] mfevtp C:\Windows\system32\mfevtps.exe
16:00:39.0132 6772 mfevtp - ok
16:00:39.0152 6772 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
16:00:39.0162 6772 mfewfpk - ok
16:00:39.0202 6772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:00:39.0262 6772 MMCSS - ok
16:00:39.0282 6772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:00:39.0352 6772 Modem - ok
16:00:39.0372 6772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:00:39.0422 6772 monitor - ok
16:00:39.0462 6772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:00:39.0492 6772 mouclass - ok
16:00:39.0512 6772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:00:39.0542 6772 mouhid - ok
16:00:39.0572 6772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:00:39.0602 6772 mountmgr - ok
16:00:39.0652 6772 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:00:39.0682 6772 MozillaMaintenance - ok
16:00:39.0702 6772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:00:39.0752 6772 mpio - ok
16:00:39.0762 6772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:00:39.0832 6772 mpsdrv - ok
16:00:39.0872 6772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:00:39.0942 6772 MpsSvc - ok
16:00:39.0962 6772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:00:40.0052 6772 MRxDAV - ok
16:00:40.0072 6772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:00:40.0122 6772 mrxsmb - ok
16:00:40.0142 6772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:00:40.0162 6772 mrxsmb10 - ok
16:00:40.0182 6772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:00:40.0232 6772 mrxsmb20 - ok
16:00:40.0262 6772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:00:40.0272 6772 msahci - ok
16:00:40.0292 6772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:00:40.0342 6772 msdsm - ok
16:00:40.0372 6772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:00:40.0422 6772 MSDTC - ok
16:00:40.0442 6772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:00:40.0492 6772 Msfs - ok
16:00:40.0532 6772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:00:40.0582 6772 mshidkmdf - ok
16:00:40.0602 6772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:00:40.0612 6772 msisadrv - ok
16:00:40.0642 6772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:00:40.0702 6772 MSiSCSI - ok
16:00:40.0712 6772 msiserver - ok
16:00:40.0732 6772 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:00:40.0742 6772 MSK80Service - ok
16:00:40.0772 6772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:00:40.0852 6772 MSKSSRV - ok
16:00:40.0872 6772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:00:40.0942 6772 MSPCLOCK - ok
16:00:40.0962 6772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:00:41.0032 6772 MSPQM - ok
16:00:41.0052 6772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:00:41.0062 6772 MsRPC - ok
16:00:41.0092 6772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:00:41.0102 6772 mssmbios - ok
16:00:41.0122 6772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:00:41.0182 6772 MSTEE - ok
16:00:41.0192 6772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:00:41.0222 6772 MTConfig - ok
16:00:41.0242 6772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:00:41.0252 6772 Mup - ok
16:00:41.0292 6772 [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:00:41.0372 6772 MyWiFiDHCPDNS - ok
16:00:41.0402 6772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:00:41.0432 6772 napagent - ok
16:00:41.0462 6772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:00:41.0512 6772 NativeWifiP - ok
16:00:41.0582 6772 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:00:41.0602 6772 NDIS - ok
16:00:41.0622 6772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:00:41.0652 6772 NdisCap - ok
16:00:41.0682 6772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:00:41.0722 6772 NdisTapi - ok
16:00:41.0752 6772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:00:41.0822 6772 Ndisuio - ok

 

[mcIrishgurl]

Cont'd...


16:00:41.0852 6772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:00:41.0952 6772 NdisWan - ok
16:00:41.0978 6772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:00:42.0071 6772 NDProxy - ok
16:00:42.0102 6772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:00:42.0165 6772 NetBIOS - ok
16:00:42.0196 6772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:00:42.0227 6772 NetBT - ok
16:00:42.0227 6772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:00:42.0243 6772 Netlogon - ok
16:00:42.0274 6772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:00:42.0368 6772 Netman - ok
16:00:42.0414 6772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:00:42.0555 6772 netprofm - ok
16:00:42.0586 6772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:00:42.0617 6772 NetTcpPortSharing - ok
16:00:42.0804 6772 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:00:43.0148 6772 NETwNs64 - ok
16:00:43.0179 6772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:00:43.0210 6772 nfrd960 - ok
16:00:43.0257 6772 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:00:43.0335 6772 NlaSvc - ok
16:00:43.0460 6772 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
16:00:43.0491 6772 NOBU - ok
16:00:43.0506 6772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:00:43.0538 6772 Npfs - ok
16:00:43.0553 6772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:00:43.0662 6772 nsi - ok
16:00:43.0678 6772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:00:43.0740 6772 nsiproxy - ok
16:00:43.0803 6772 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:00:43.0881 6772 Ntfs - ok
16:00:43.0896 6772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:00:43.0928 6772 Null - ok
16:00:43.0959 6772 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:00:44.0021 6772 nusb3hub - ok
16:00:44.0052 6772 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:00:44.0130 6772 nusb3xhc - ok
16:00:44.0177 6772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:00:44.0240 6772 nvraid - ok
16:00:44.0271 6772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:00:44.0333 6772 nvstor - ok
16:00:44.0349 6772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:00:44.0364 6772 nv_agp - ok
16:00:44.0396 6772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:00:44.0442 6772 ohci1394 - ok
16:00:44.0474 6772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:00:44.0505 6772 p2pimsvc - ok
16:00:44.0536 6772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:00:44.0552 6772 p2psvc - ok
16:00:44.0598 6772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:00:44.0645 6772 Parport - ok
16:00:44.0676 6772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:00:44.0692 6772 partmgr - ok
16:00:44.0692 6772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:00:44.0723 6772 PcaSvc - ok
16:00:44.0739 6772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:00:44.0754 6772 pci - ok
16:00:44.0801 6772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:00:44.0832 6772 pciide - ok
16:00:44.0832 6772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:00:44.0848 6772 pcmcia - ok
16:00:44.0864 6772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:00:44.0879 6772 pcw - ok
16:00:44.0895 6772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:00:44.0973 6772 PEAUTH - ok
16:00:45.0066 6772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:00:45.0113 6772 PerfHost - ok
16:00:45.0176 6772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:00:45.0300 6772 pla - ok
16:00:45.0347 6772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:00:45.0394 6772 PlugPlay - ok
16:00:45.0425 6772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:00:45.0472 6772 PNRPAutoReg - ok
16:00:45.0488 6772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:00:45.0519 6772 PNRPsvc - ok
16:00:45.0550 6772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:00:45.0612 6772 PolicyAgent - ok
16:00:45.0644 6772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:00:45.0690 6772 Power - ok
16:00:45.0722 6772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:00:45.0815 6772 PptpMiniport - ok
16:00:45.0846 6772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:00:45.0893 6772 Processor - ok
16:00:45.0924 6772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:00:45.0956 6772 ProfSvc - ok
16:00:45.0971 6772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:00:46.0002 6772 ProtectedStorage - ok
16:00:46.0034 6772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:00:46.0096 6772 Psched - ok
16:00:46.0157 6772 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
16:00:46.0187 6772 PSI - ok
16:00:46.0197 6772 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:00:46.0207 6772 PxHlpa64 - ok
16:00:46.0267 6772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:00:46.0357 6772 ql2300 - ok
16:00:46.0377 6772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:00:46.0387 6772 ql40xx - ok
16:00:46.0417 6772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:00:46.0467 6772 QWAVE - ok
16:00:46.0477 6772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:00:46.0507 6772 QWAVEdrv - ok
16:00:46.0507 6772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:00:46.0547 6772 RasAcd - ok
16:00:46.0587 6772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:00:46.0617 6772 RasAgileVpn - ok
16:00:46.0637 6772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:00:46.0727 6772 RasAuto - ok
16:00:46.0767 6772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:00:46.0857 6772 Rasl2tp - ok
16:00:46.0887 6772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:00:46.0947 6772 RasMan - ok
16:00:46.0977 6772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:00:47.0017 6772 RasPppoe - ok
16:00:47.0047 6772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:00:47.0117 6772 RasSstp - ok
16:00:47.0137 6772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:00:47.0177 6772 rdbss - ok
16:00:47.0207 6772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:00:47.0217 6772 rdpbus - ok
16:00:47.0227 6772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:00:47.0267 6772 RDPCDD - ok
16:00:47.0307 6772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:00:47.0367 6772 RDPENCDD - ok
16:00:47.0377 6772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:00:47.0407 6772 RDPREFMP - ok
16:00:47.0447 6772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:00:47.0517 6772 RDPWD - ok
16:00:47.0567 6772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:00:47.0597 6772 rdyboost - ok
16:00:47.0677 6772 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:00:47.0697 6772 RegSrvc - ok
16:00:47.0737 6772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:00:47.0817 6772 RemoteAccess - ok
16:00:47.0847 6772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:00:47.0907 6772 RemoteRegistry - ok
16:00:47.0947 6772 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:00:47.0987 6772 RFCOMM - ok
16:00:48.0027 6772 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:00:48.0097 6772 RimUsb - ok
16:00:48.0224 6772 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
16:00:48.0333 6772 RoxMediaDB12OEM - ok
16:00:48.0349 6772 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
16:00:48.0411 6772 RoxWatch12 - ok
16:00:48.0442 6772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:00:48.0536 6772 RpcEptMapper - ok
16:00:48.0567 6772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:00:48.0614 6772 RpcLocator - ok
16:00:48.0645 6772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:00:48.0692 6772 RpcSs - ok
16:00:48.0739 6772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:00:48.0817 6772 rspndr - ok
16:00:48.0848 6772 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
16:00:48.0879 6772 RSUSBSTOR - ok
16:00:48.0910 6772 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:00:48.0973 6772 RTL8167 - ok
16:00:48.0988 6772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:00:49.0004 6772 SamSs - ok
16:00:49.0051 6772 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:00:49.0113 6772 SASDIFSV - ok
16:00:49.0160 6772 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:00:49.0207 6772 SASKUTIL - ok
16:00:49.0254 6772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:00:49.0300 6772 sbp2port - ok
16:00:49.0332 6772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:00:49.0363 6772 SCardSvr - ok
16:00:49.0394 6772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:00:49.0488 6772 scfilter - ok
16:00:49.0550 6772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:00:49.0644 6772 Schedule - ok
16:00:49.0675 6772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:00:49.0722 6772 SCPolicySvc - ok
16:00:49.0768 6772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:00:49.0815 6772 SDRSVC - ok
16:00:49.0846 6772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:00:49.0909 6772 secdrv - ok
16:00:49.0940 6772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:00:50.0002 6772 seclogon - ok
16:00:50.0096 6772 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:00:50.0127 6772 Secunia PSI Agent - ok
16:00:50.0158 6772 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
16:00:50.0174 6772 Secunia Update Agent - ok
16:00:50.0205 6772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:00:50.0283 6772 SENS - ok
16:00:50.0299 6772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:00:50.0330 6772 SensrSvc - ok
16:00:50.0361 6772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:00:50.0424 6772 Serenum - ok
16:00:50.0439 6772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:00:50.0455 6772 Serial - ok
16:00:50.0502 6772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:00:50.0533 6772 sermouse - ok
16:00:50.0564 6772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:00:50.0642 6772 SessionEnv - ok
16:00:50.0658 6772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:00:50.0689 6772 sffdisk - ok
16:00:50.0704 6772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:00:50.0767 6772 sffp_mmc - ok
16:00:50.0767 6772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:00:50.0814 6772 sffp_sd - ok
16:00:50.0860 6772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:00:50.0907 6772 sfloppy - ok
16:00:51.0016 6772 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:00:51.0063 6772 SftService - ok
16:00:51.0094 6772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:00:51.0172 6772 SharedAccess - ok
16:00:51.0219 6772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:00:51.0297 6772 ShellHWDetection - ok
16:00:51.0313 6772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:00:51.0328 6772 SiSRaid2 - ok
16:00:51.0344 6772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:00:51.0360 6772 SiSRaid4 - ok
16:00:51.0391 6772 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:00:51.0422 6772 SkypeUpdate - ok
16:00:51.0438 6772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:00:51.0500 6772 Smb - ok
16:00:51.0562 6772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:00:51.0625 6772 SNMPTRAP - ok
16:00:51.0640 6772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:00:51.0656 6772 spldr - ok
16:00:51.0687 6772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:00:51.0765 6772 Spooler - ok
16:00:51.0890 6772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:00:51.0952 6772 sppsvc - ok
16:00:51.0968 6772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:00:52.0046 6772 sppuinotify - ok
16:00:52.0062 6772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:00:52.0108 6772 srv - ok
16:00:52.0155 6772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:00:52.0202 6772 srv2 - ok
16:00:52.0218 6772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:00:52.0249 6772 srvnet - ok
16:00:52.0280 6772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:00:52.0358 6772 SSDPSRV - ok
16:00:52.0374 6772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:00:52.0405 6772 SstpSvc - ok
16:00:52.0467 6772 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:00:52.0561 6772 STacSV - ok
16:00:52.0576 6772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:00:52.0623 6772 stexstor - ok
16:00:52.0670 6772 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:00:52.0764 6772 STHDA - ok
16:00:52.0826 6772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:00:52.0951 6772 stisvc - ok
16:00:52.0998 6772 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:00:53.0060 6772 stllssvr - ok
16:00:53.0091 6772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:00:53.0107 6772 swenum - ok
16:00:53.0138 6772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:00:53.0216 6772 swprv - ok
16:00:53.0247 6772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:00:53.0310 6772 SysMain - ok
16:00:53.0341 6772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:00:53.0403 6772 TabletInputService - ok
16:00:53.0419 6772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:00:53.0481 6772 TapiSrv - ok
16:00:53.0497 6772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:00:53.0528 6772 TBS - ok
16:00:53.0606 6772 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:00:53.0653 6772 Tcpip - ok
16:00:53.0731 6772 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:00:53.0762 6772 TCPIP6 - ok
16:00:53.0809 6772 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:00:53.0887 6772 tcpipreg - ok
16:00:53.0918 6772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:00:53.0965 6772 TDPIPE - ok
16:00:54.0043 6772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:00:54.0121 6772 TDTCP - ok
16:00:54.0152 6772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:00:54.0214 6772 tdx - ok
16:00:54.0246 6772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:00:54.0277 6772 TermDD - ok
16:00:54.0308 6772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:00:54.0402 6772 TermService - ok
16:00:54.0433 6772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:00:54.0480 6772 Themes - ok
16:00:54.0511 6772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:00:54.0561 6772 THREADORDER - ok
16:00:54.0581 6772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:00:54.0621 6772 TrkWks - ok
16:00:54.0681 6772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:00:54.0751 6772 TrustedInstaller - ok
16:00:54.0781 6772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:00:54.0881 6772 tssecsrv - ok
16:00:54.0901 6772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:00:54.0941 6772 TsUsbFlt - ok
16:00:54.0991 6772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:00:55.0051 6772 tunnel - ok
16:00:55.0101 6772 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:00:55.0151 6772 TurboB - ok
16:00:55.0191 6772 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:00:55.0241 6772 TurboBoost - ok
16:00:55.0271 6772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:00:55.0281 6772 uagp35 - ok
16:00:55.0311 6772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:00:55.0381 6772 udfs - ok
16:00:55.0421 6772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:00:55.0471 6772 UI0Detect - ok
16:00:55.0501 6772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:00:55.0531 6772 uliagpkx - ok
16:00:55.0571 6772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:00:55.0651 6772 umbus - ok
16:00:55.0681 6772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:00:55.0721 6772 UmPass - ok
16:00:55.0861 6772 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:00:55.0901 6772 UNS - ok
16:00:55.0941 6772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:00:56.0011 6772 upnphost - ok
16:00:56.0071 6772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:00:56.0151 6772 usbccgp - ok
16:00:56.0201 6772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:00:56.0251 6772 usbcir - ok
16:00:56.0261 6772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:00:56.0331 6772 usbehci - ok
16:00:56.0361 6772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:00:56.0421 6772 usbhub - ok
16:00:56.0431 6772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:00:56.0471 6772 usbohci - ok
16:00:56.0501 6772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:00:56.0511 6772 usbprint - ok
16:00:56.0551 6772 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:00:56.0591 6772 usbscan - ok
16:00:56.0601 6772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:00:56.0641 6772 USBSTOR - ok
16:00:56.0681 6772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:00:56.0761 6772 usbuhci - ok
16:00:56.0806 6772 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:00:56.0884 6772 usbvideo - ok
16:00:56.0916 6772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:00:56.0978 6772 UxSms - ok
16:00:56.0994 6772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:00:56.0994 6772 VaultSvc - ok
16:00:57.0040 6772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:00:57.0087 6772 vdrvroot - ok
16:00:57.0118 6772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:00:57.0228 6772 vds - ok
16:00:57.0274 6772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:00:57.0290 6772 vga - ok
16:00:57.0306 6772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:00:57.0368 6772 VgaSave - ok
16:00:57.0399 6772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:00:57.0462 6772 vhdmp - ok
16:00:57.0493 6772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:00:57.0524 6772 viaide - ok
16:00:57.0555 6772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:00:57.0586 6772 volmgr - ok
16:00:57.0618 6772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:00:57.0649 6772 volmgrx - ok
16:00:57.0664 6772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:00:57.0680 6772 volsnap - ok
16:00:57.0711 6772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:00:57.0727 6772 vsmraid - ok
16:00:57.0789 6772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:00:57.0852 6772 VSS - ok
16:00:57.0852 6772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:00:57.0914 6772 vwifibus - ok
16:00:57.0930 6772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:00:57.0992 6772 vwififlt - ok
16:00:58.0039 6772 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:00:58.0101 6772 vwifimp - ok
16:00:58.0132 6772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:00:58.0179 6772 W32Time - ok
16:00:58.0210 6772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:00:58.0226 6772 WacomPen - ok
16:00:58.0273 6772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:00:58.0398 6772 WANARP - ok
16:00:58.0413 6772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:00:58.0444 6772 Wanarpv6 - ok
16:00:58.0507 6772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:00:58.0600 6772 WatAdminSvc - ok
16:00:58.0678 6772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:00:58.0834 6772 wbengine - ok
16:00:58.0866 6772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:00:58.0881 6772 WbioSrvc - ok
16:00:58.0959 6772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:00:59.0068 6772 wcncsvc - ok
16:00:59.0084 6772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:00:59.0084 6772 WcsPlugInService - ok
16:00:59.0115 6772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:00:59.0115 6772 Wd - ok
16:00:59.0146 6772 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:00:59.0162 6772 Wdf01000 - ok
16:00:59.0178 6772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:00:59.0240 6772 WdiServiceHost - ok
16:00:59.0240 6772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:00:59.0256 6772 WdiSystemHost - ok
16:00:59.0302 6772 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
16:00:59.0365 6772 wdkmd - ok
16:00:59.0396 6772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:00:59.0474 6772 WebClient - ok
16:00:59.0505 6772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:00:59.0583 6772 Wecsvc - ok
16:00:59.0614 6772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:00:59.0630 6772 wercplsupport - ok
16:00:59.0661 6772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:00:59.0739 6772 WerSvc - ok
16:00:59.0755 6772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:00:59.0802 6772 WfpLwf - ok
16:00:59.0864 6772 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:00:59.0926 6772 WimFltr - ok
16:00:59.0942 6772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:00:59.0958 6772 WIMMount - ok
16:00:59.0973 6772 WinDefend - ok
16:00:59.0973 6772 WinHttpAutoProxySvc - ok
16:01:00.0036 6772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:01:00.0114 6772 Winmgmt - ok
16:01:00.0207 6772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:01:00.0379 6772 WinRM - ok
16:01:00.0426 6772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:01:00.0457 6772 Wlansvc - ok
16:01:00.0504 6772 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:01:00.0566 6772 wlcrasvc - ok
16:01:00.0691 6772 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:01:00.0722 6772 wlidsvc - ok
16:01:00.0769 6772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:01:00.0800 6772 WmiAcpi - ok
16:01:00.0831 6772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:01:00.0894 6772 wmiApSrv - ok
16:01:00.0940 6772 WMPNetworkSvc - ok
16:01:00.0987 6772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:01:01.0034 6772 WPCSvc - ok
16:01:01.0065 6772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:01:01.0096 6772 WPDBusEnum - ok
16:01:01.0128 6772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:01:01.0206 6772 ws2ifsl - ok
16:01:01.0237 6772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:01:01.0284 6772 wscsvc - ok
16:01:01.0315 6772 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:01:01.0362 6772 WSDPrintDevice - ok
16:01:01.0362 6772 WSearch - ok
16:01:01.0455 6772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:01:01.0486 6772 wuauserv - ok
16:01:01.0518 6772 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:01:01.0580 6772 WudfPf - ok
16:01:01.0596 6772 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:01:01.0627 6772 WUDFRd - ok
16:01:01.0658 6772 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:01:01.0720 6772 wudfsvc - ok
16:01:01.0767 6772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:01:01.0798 6772 WwanSvc - ok
16:01:01.0814 6772 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
16:01:01.0861 6772 yukonw7 - ok
16:01:01.0876 6772 ================ Scan global ===============================
16:01:01.0892 6772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:01:01.0939 6772 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:01:01.0986 6772 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:01:02.0032 6772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:01:02.0079 6772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:01:02.0095 6772 [Global] - ok
16:01:02.0095 6772 ================ Scan MBR ==================================
16:01:02.0110 6772 [ C0DCF0AC171DB02DB8B0014C5D767CF1 ] \Device\Harddisk0\DR0
16:01:02.0110 6772 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:01:02.0173 6772 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
16:01:02.0173 6772 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
16:01:02.0266 6772 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:01:02.0282 6772 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:01:02.0282 6772 ================ Scan VBR ==================================
16:01:02.0282 6772 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
16:01:02.0282 6772 \Device\Harddisk0\DR0\Partition1 - ok
16:01:02.0313 6772 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
16:01:02.0329 6772 \Device\Harddisk0\DR0\Partition2 - ok
16:01:02.0329 6772 ============================================================
16:01:02.0329 6772 Scan finished
16:01:02.0329 6772 ============================================================
16:01:02.0344 4944 Detected object count: 4
16:01:02.0344 4944 Actual detected object count: 4
16:02:45.0260 4944 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:45.0260 4944 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:02:45.0260 4944 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:45.0260 4944 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:02:46.0060 4944 \Device\Harddisk0\DR0\# - copied to quarantine
16:02:46.0060 4944 \Device\Harddisk0\DR0 - copied to quarantine
16:02:46.0120 4944 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:02:46.0200 4944 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
16:02:46.0290 4944 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
16:02:46.0380 4944 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
16:02:46.0420 4944 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
16:02:46.0500 4944 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
16:02:46.0580 4944 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
16:02:46.0580 4944 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
16:02:46.0590 4944 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
16:02:46.0600 4944 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
16:02:46.0670 4944 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
16:02:46.0743 4944 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
16:02:46.0774 4944 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
16:02:46.0789 4944 \Device\Harddisk0\DR0 - ok
16:02:46.0961 4944 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
16:02:46.0961 4944 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:02:46.0961 4944 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:03:22.0842 1240 Deinitialize success

 

[mcIrishgurl]

Cont'd....


16:07:53.0406 5472 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:07:54.0155 5472 ============================================================
16:07:54.0155 5472 Current date / time: 2012/10/04 16:07:54.0155
16:07:54.0155 5472 SystemInfo:
16:07:54.0155 5472
16:07:54.0155 5472 OS Version: 6.1.7601 ServicePack: 1.0
16:07:54.0155 5472 Product type: Workstation
16:07:54.0155 5472 ComputerName: JONATHAN-PC
16:07:54.0155 5472 UserName: Jonathan
16:07:54.0155 5472 Windows directory: C:\Windows
16:07:54.0155 5472 System windows directory: C:\Windows
16:07:54.0155 5472 Running under WOW64
16:07:54.0155 5472 Processor architecture: Intel x64
16:07:54.0155 5472 Number of processors: 4
16:07:54.0155 5472 Page size: 0x1000
16:07:54.0155 5472 Boot type: Normal boot
16:07:54.0155 5472 ============================================================
16:07:56.0651 5472 BG loaded
16:07:58.0679 5472 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:07:58.0725 5472 ============================================================
16:07:58.0725 5472 \Device\Harddisk0\DR0:
16:07:58.0725 5472 MBR partitions:
16:07:58.0725 5472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
16:07:58.0725 5472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
16:07:58.0725 5472 ============================================================
16:07:58.0897 5472 C: <-> \Device\Harddisk0\DR0\Partition2
16:07:58.0897 5472 ============================================================
16:07:58.0897 5472 Initialize success
16:07:58.0897 5472 ============================================================
16:08:22.0680 5444 Deinitialize success

 

[mcIrishgurl]

Cont'd...

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-04 16:12:29
-----------------------------
16:12:29.793 OS Version: Windows x64 6.1.7601 Service Pack 1
16:12:29.793 Number of processors: 4 586 0x2A07
16:12:29.793 ComputerName: JONATHAN-PC UserName: Jonathan
16:12:32.815 Initialize success
16:17:16.341 AVAST engine defs: 12100400
16:17:56.732 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:17:56.732 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
16:17:56.752 Disk 0 MBR read successfully
16:17:56.762 Disk 0 MBR scan
16:17:56.772 Disk 0 Windows 7 default MBR code
16:17:56.782 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
16:17:56.822 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
16:17:56.852 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
16:17:56.892 Disk 0 scanning C:\Windows\system32\drivers
16:18:09.627 Service scanning
16:18:40.283 Modules scanning
16:18:42.164 AVAST engine scan C:\Windows
16:18:45.919 AVAST engine scan C:\Windows\system32
16:22:53.973 AVAST engine scan C:\Windows\system32\drivers
16:23:08.184 AVAST engine scan C:\Users\Jonathan
16:24:55.068 AVAST engine scan C:\ProgramData
16:40:46.700 Scan finished successfully
16:43:14.626 Disk 0 MBR has been saved successfully to "C:\Users\Jonathan\Documents\MBR.dat"
16:43:14.626 The log file has been saved successfully to "C:\Users\Jonathan\Documents\aswMBR.txt"



not sure if I renamed mbr.txt correctly as this is what I have to show for log...I changed the name first then when I opened it, this is what I got...not sure if I should have opened first as dat then save with name change?

3ÀŽÐ¼ |ŽÀŽØ¾ |¿ ¹ üó¤PhËû¹ ½¾€~ |…
ƒÅâñ͈V UÆFÆF ´A»ªUÍ]rûUªu ÷Á
tþFf`€~ t&fh fÿvh h |h
h ´BŠV ‹ôÍŸƒÄžë¸
» |ŠV Šv
ŠNŠnÍfasþNu €~ €„Š ²€ë„U2äŠV Í]랁>þ}Uªunÿv è uú°Ñædèƒ °ßæ`è| °ÿædèu û¸ »Íf#Àu;fûTCPAu2ù
r,fh» fh  fh fSfSfUfh fh | fah ÍZ2öê | Í ·ë ¶ë µ2ä ‹ð¬< t » ´Íëòôëý+Éädë $àø$ÃInvalid partition table Error loading operating system Missing operating system c{šÐ¤To ! Þß   €ß þÿÿ ( ÀÔ
þÿÿþÿÿ è×
°’H Uª

 

[Jay Pfoutz]

That's okay. Good job...

Run TDSSKiller, like earlier, once more and post a log.

 

[mcIrishgurl]

Logs...also can you help uninstall the program Frostwire, I still still folders and such for that...thanks...


12:26:16.0744 1996 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:26:17.0374 1996 ============================================================
12:26:17.0374 1996 Current date / time: 2012/10/05 12:26:17.0374
12:26:17.0374 1996 SystemInfo:
12:26:17.0374 1996
12:26:17.0374 1996 OS Version: 6.1.7601 ServicePack: 1.0
12:26:17.0374 1996 Product type: Workstation
12:26:17.0374 1996 ComputerName: JONATHAN-PC
12:26:17.0374 1996 UserName: Jonathan
12:26:17.0374 1996 Windows directory: C:\Windows
12:26:17.0374 1996 System windows directory: C:\Windows
12:26:17.0374 1996 Running under WOW64
12:26:17.0374 1996 Processor architecture: Intel x64
12:26:17.0374 1996 Number of processors: 4
12:26:17.0374 1996 Page size: 0x1000
12:26:17.0374 1996 Boot type: Normal boot
12:26:17.0374 1996 ============================================================
12:26:17.0854 1996 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:17.0864 1996 ============================================================
12:26:17.0864 1996 \Device\Harddisk0\DR0:
12:26:17.0864 1996 MBR partitions:
12:26:17.0864 1996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
12:26:17.0864 1996 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
12:26:17.0864 1996 ============================================================
12:26:17.0894 1996 C: <-> \Device\Harddisk0\DR0\Partition2
12:26:17.0894 1996 ============================================================
12:26:17.0894 1996 Initialize success
12:26:17.0894 1996 ============================================================
12:26:57.0750 7024 ============================================================
12:26:57.0750 7024 Scan started
12:26:57.0750 7024 Mode: Manual; SigCheck; TDLFS;
12:26:57.0750 7024 ============================================================
12:26:57.0953 7024 ================ Scan system memory ========================
12:26:57.0953 7024 System memory - ok
12:26:57.0953 7024 ================ Scan services =============================
12:26:58.0077 7024 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:26:58.0140 7024 !SASCORE - ok
12:26:58.0311 7024 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:26:58.0452 7024 1394ohci - ok
12:26:58.0514 7024 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:26:58.0561 7024 ACPI - ok
12:26:58.0608 7024 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:26:58.0795 7024 AcpiPmi - ok
12:26:58.0982 7024 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:26:58.0998 7024 AdobeARMservice - ok
12:26:59.0185 7024 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:59.0216 7024 AdobeFlashPlayerUpdateSvc - ok
12:26:59.0279 7024 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:26:59.0341 7024 adp94xx - ok
12:26:59.0372 7024 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:26:59.0403 7024 adpahci - ok
12:26:59.0435 7024 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:26:59.0450 7024 adpu320 - ok
12:26:59.0497 7024 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:26:59.0591 7024 AeLookupSvc - ok
12:26:59.0669 7024 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
12:26:59.0762 7024 AESTFilters - ok
12:26:59.0856 7024 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:26:59.0981 7024 AFD - ok
12:27:00.0081 7024 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:27:00.0121 7024 agp440 - ok
12:27:00.0151 7024 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:27:00.0241 7024 ALG - ok
12:27:00.0281 7024 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:27:00.0301 7024 aliide - ok
12:27:00.0311 7024 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:27:00.0321 7024 amdide - ok
12:27:00.0371 7024 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:27:00.0441 7024 AmdK8 - ok
12:27:00.0461 7024 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:27:00.0511 7024 AmdPPM - ok
12:27:00.0551 7024 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:27:00.0601 7024 amdsata - ok
12:27:00.0631 7024 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:27:00.0641 7024 amdsbs - ok
12:27:00.0651 7024 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:27:00.0661 7024 amdxata - ok
12:27:00.0781 7024 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
12:27:00.0851 7024 ApfiltrService - ok
12:27:00.0901 7024 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:27:01.0191 7024 AppID - ok
12:27:01.0261 7024 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:27:01.0391 7024 AppIDSvc - ok
12:27:01.0431 7024 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:27:01.0481 7024 Appinfo - ok
12:27:01.0531 7024 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:27:01.0561 7024 arc - ok
12:27:01.0581 7024 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:27:01.0591 7024 arcsas - ok
12:27:01.0631 7024 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:27:01.0691 7024 AsyncMac - ok
12:27:01.0741 7024 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:27:01.0771 7024 atapi - ok
12:27:01.0841 7024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:27:01.0951 7024 AudioEndpointBuilder - ok
12:27:01.0981 7024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:27:02.0011 7024 AudioSrv - ok
12:27:02.0061 7024 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:27:02.0141 7024 AxInstSV - ok
12:27:02.0201 7024 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:27:02.0301 7024 b06bdrv - ok
12:27:02.0341 7024 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:27:02.0401 7024 b57nd60a - ok
12:27:02.0531 7024 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
12:27:02.0551 7024 BBSvc - ok
12:27:02.0601 7024 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
12:27:02.0641 7024 BBUpdate - ok
12:27:02.0701 7024 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:27:02.0781 7024 BDESVC - ok
12:27:02.0821 7024 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:27:02.0891 7024 Beep - ok
12:27:02.0961 7024 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:27:03.0061 7024 BFE - ok
12:27:03.0101 7024 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:27:03.0161 7024 BITS - ok
12:27:03.0181 7024 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:27:03.0191 7024 blbdrive - ok
12:27:03.0291 7024 [ 093B1B419EF25B15D3A1CA6953F41AFB ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
12:27:03.0341 7024 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
12:27:03.0341 7024 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
12:27:03.0391 7024 [ 03A7341E94ACD92E0831336D4F3ACE92 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
12:27:03.0481 7024 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
12:27:03.0481 7024 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
12:27:03.0531 7024 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:27:03.0611 7024 bowser - ok
12:27:03.0641 7024 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:27:03.0721 7024 BrFiltLo - ok
12:27:03.0721 7024 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:27:03.0741 7024 BrFiltUp - ok
12:27:03.0771 7024 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:27:03.0861 7024 Browser - ok
12:27:03.0891 7024 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:27:03.0971 7024 Brserid - ok
12:27:04.0011 7024 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:27:04.0051 7024 BrSerWdm - ok
12:27:04.0071 7024 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:27:04.0111 7024 BrUsbMdm - ok
12:27:04.0131 7024 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:27:04.0161 7024 BrUsbSer - ok
12:27:04.0221 7024 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:27:04.0301 7024 BthEnum - ok
12:27:04.0321 7024 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:27:04.0371 7024 BTHMODEM - ok
12:27:04.0391 7024 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:27:04.0411 7024 BthPan - ok
12:27:04.0471 7024 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
12:27:04.0591 7024 BTHPORT - ok
12:27:04.0621 7024 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:27:04.0681 7024 bthserv - ok
12:27:04.0711 7024 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:27:04.0731 7024 BTHUSB - ok
12:27:04.0771 7024 [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
12:27:04.0831 7024 btmaux - ok
12:27:04.0871 7024 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
12:27:04.0941 7024 btmhsf - ok
12:27:04.0971 7024 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:27:05.0031 7024 cdfs - ok
12:27:05.0081 7024 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:27:05.0151 7024 cdrom - ok
12:27:05.0191 7024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:27:05.0271 7024 CertPropSvc - ok
12:27:05.0331 7024 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
12:27:05.0361 7024 cfwids - ok
12:27:05.0381 7024 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:27:05.0401 7024 circlass - ok
12:27:05.0441 7024 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:27:05.0481 7024 CLFS - ok
12:27:05.0551 7024 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:27:05.0581 7024 clr_optimization_v2.0.50727_32 - ok
12:27:05.0631 7024 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:27:05.0671 7024 clr_optimization_v2.0.50727_64 - ok
12:27:05.0771 7024 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:27:05.0791 7024 clr_optimization_v4.0.30319_32 - ok
12:27:05.0851 7024 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:27:05.0887 7024 clr_optimization_v4.0.30319_64 - ok
12:27:05.0903 7024 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:27:05.0949 7024 CmBatt - ok
12:27:05.0965 7024 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:27:06.0012 7024 cmdide - ok
12:27:06.0043 7024 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:27:06.0090 7024 CNG - ok
12:27:06.0137 7024 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:27:06.0137 7024 Compbatt - ok
12:27:06.0168 7024 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:27:06.0261 7024 CompositeBus - ok
12:27:06.0277 7024 COMSysApp - ok
12:27:06.0308 7024 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:27:06.0308 7024 crcdisk - ok
12:27:06.0339 7024 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:27:06.0417 7024 CryptSvc - ok
12:27:06.0480 7024 [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:27:06.0573 7024 CtClsFlt - ok
12:27:06.0620 7024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:27:06.0683 7024 DcomLaunch - ok
12:27:06.0714 7024 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:27:06.0807 7024 defragsvc - ok
12:27:06.0870 7024 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:27:06.0948 7024 DfsC - ok
12:27:06.0979 7024 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:27:07.0041 7024 Dhcp - ok
12:27:07.0057 7024 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:27:07.0088 7024 discache - ok
12:27:07.0119 7024 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:27:07.0151 7024 Disk - ok
12:27:07.0182 7024 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:27:07.0291 7024 Dnscache - ok
12:27:07.0322 7024 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:27:07.0400 7024 dot3svc - ok
12:27:07.0463 7024 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:27:07.0525 7024 DPS - ok
12:27:07.0581 7024 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:27:07.0681 7024 drmkaud - ok
12:27:07.0731 7024 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:27:07.0811 7024 DXGKrnl - ok
12:27:07.0861 7024 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:27:07.0961 7024 EapHost - ok
12:27:08.0041 7024 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:27:08.0201 7024 ebdrv - ok
12:27:08.0221 7024 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:27:08.0291 7024 EFS - ok
12:27:08.0371 7024 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:27:08.0521 7024 ehRecvr - ok
12:27:08.0541 7024 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:27:08.0591 7024 ehSched - ok
12:27:08.0641 7024 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:27:08.0701 7024 elxstor - ok
12:27:08.0781 7024 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:27:08.0861 7024 ErrDev - ok
12:27:08.0911 7024 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:27:08.0971 7024 EventSystem - ok
12:27:09.0121 7024 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:27:09.0141 7024 EvtEng - ok
12:27:09.0161 7024 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:27:09.0251 7024 exfat - ok
12:27:09.0261 7024 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:27:09.0291 7024 fastfat - ok
12:27:09.0341 7024 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:27:09.0411 7024 Fax - ok
12:27:09.0441 7024 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:27:09.0481 7024 fdc - ok
12:27:09.0511 7024 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:27:09.0561 7024 fdPHost - ok
12:27:09.0571 7024 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:27:09.0602 7024 FDResPub - ok
12:27:09.0602 7024 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:27:09.0617 7024 FileInfo - ok
12:27:09.0633 7024 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:27:09.0727 7024 Filetrace - ok
12:27:09.0758 7024 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:27:09.0773 7024 flpydisk - ok
12:27:09.0805 7024 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:27:09.0851 7024 FltMgr - ok
12:27:09.0898 7024 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:27:09.0976 7024 FontCache - ok
12:27:10.0039 7024 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:27:10.0117 7024 FontCache3.0.0.0 - ok
12:27:10.0117 7024 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:27:10.0132 7024 FsDepends - ok
12:27:10.0163 7024 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:27:10.0226 7024 Fs_Rec - ok
12:27:10.0288 7024 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:27:10.0319 7024 fvevol - ok
12:27:10.0335 7024 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:27:10.0351 7024 gagp30kx - ok
12:27:10.0397 7024 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:27:10.0444 7024 gpsvc - ok
12:27:10.0538 7024 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:27:10.0569 7024 gupdate - ok
12:27:10.0585 7024 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:27:10.0616 7024 gupdatem - ok
12:27:10.0694 7024 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:27:10.0772 7024 gusvc - ok
12:27:10.0834 7024 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:27:10.0912 7024 hcw85cir - ok
12:27:10.0959 7024 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:27:11.0060 7024 HdAudAddService - ok
12:27:11.0090 7024 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:27:11.0150 7024 HDAudBus - ok
12:27:11.0170 7024 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:27:11.0180 7024 HidBatt - ok
12:27:11.0200 7024 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:27:11.0230 7024 HidBth - ok
12:27:11.0240 7024 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:27:11.0260 7024 HidIr - ok
12:27:11.0280 7024 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:27:11.0330 7024 hidserv - ok
12:27:11.0340 7024 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:27:11.0390 7024 HidUsb - ok
12:27:11.0470 7024 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
12:27:11.0510 7024 HipShieldK - ok
12:27:11.0550 7024 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:27:11.0630 7024 hkmsvc - ok
12:27:11.0650 7024 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:27:11.0700 7024 HomeGroupListener - ok
12:27:11.0730 7024 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:27:11.0770 7024 HomeGroupProvider - ok
12:27:11.0810 7024 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:27:11.0880 7024 HpSAMD - ok
12:27:11.0940 7024 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:27:11.0980 7024 HTTP - ok
12:27:12.0030 7024 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:27:12.0060 7024 hwpolicy - ok
12:27:12.0100 7024 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:27:12.0150 7024 i8042prt - ok
12:27:12.0190 7024 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:27:12.0230 7024 iaStor - ok
12:27:12.0290 7024 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:27:12.0320 7024 IAStorDataMgrSvc - ok
12:27:12.0340 7024 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:27:12.0400 7024 iaStorV - ok
12:27:12.0420 7024 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
12:27:12.0460 7024 iBtFltCoex - ok
12:27:12.0500 7024 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:27:12.0540 7024 idsvc - ok
12:27:12.0840 7024 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:27:13.0030 7024 igfx - ok
12:27:13.0056 7024 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:27:13.0071 7024 iirsp - ok
12:27:13.0149 7024 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:27:13.0227 7024 IKEEXT - ok
12:27:13.0321 7024 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:27:13.0446 7024 IntcDAud - ok
12:27:13.0477 7024 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:27:13.0508 7024 intelide - ok
12:27:13.0539 7024 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:27:13.0586 7024 intelppm - ok
12:27:13.0649 7024 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:27:13.0727 7024 IPBusEnum - ok
12:27:13.0773 7024 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:27:13.0867 7024 IpFilterDriver - ok
12:27:13.0945 7024 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:27:14.0023 7024 iphlpsvc - ok
12:27:14.0039 7024 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:27:14.0101 7024 IPMIDRV - ok
12:27:14.0148 7024 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:27:14.0195 7024 IPNAT - ok
12:27:14.0226 7024 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:27:14.0257 7024 IRENUM - ok
12:27:14.0288 7024 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:27:14.0304 7024 isapnp - ok
12:27:14.0351 7024 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:27:14.0397 7024 iScsiPrt - ok
12:27:14.0413 7024 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:27:14.0429 7024 kbdclass - ok
12:27:14.0459 7024 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:27:14.0519 7024 kbdhid - ok
12:27:14.0539 7024 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:27:14.0549 7024 KeyIso - ok
12:27:14.0559 7024 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:27:14.0579 7024 KSecDD - ok
12:27:14.0599 7024 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:27:14.0609 7024 KSecPkg - ok
12:27:14.0629 7024 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:27:14.0689 7024 ksthunk - ok
12:27:14.0789 7024 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:27:14.0829 7024 KtmRm - ok
12:27:14.0909 7024 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:27:14.0979 7024 LanmanServer - ok
12:27:15.0019 7024 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:27:15.0089 7024 LanmanWorkstation - ok
12:27:15.0159 7024 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:27:15.0279 7024 lltdio - ok
12:27:15.0339 7024 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:27:15.0419 7024 lltdsvc - ok
12:27:15.0439 7024 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:27:15.0469 7024 lmhosts - ok
12:27:15.0549 7024 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:27:15.0569 7024 LMS - ok
12:27:15.0589 7024 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:27:15.0599 7024 LSI_FC - ok
12:27:15.0619 7024 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:27:15.0639 7024 LSI_SAS - ok
12:27:15.0639 7024 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:27:15.0649 7024 LSI_SAS2 - ok
12:27:15.0659 7024 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:27:15.0669 7024 LSI_SCSI - ok
12:27:15.0689 7024 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:27:15.0759 7024 luafv - ok
12:27:15.0839 7024 [ F6963E48385A5637FC4E51DC0F8234A0 ] lxebCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe
12:27:15.0869 7024 lxebCATSCustConnectService - ok
12:27:15.0879 7024 lxeb_device - ok
12:27:15.0979 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:27:16.0019 7024 McAfee SiteAdvisor Service - ok
12:27:16.0089 7024 [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
12:27:16.0119 7024 McAWFwk - ok
12:27:16.0139 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:27:16.0149 7024 McMPFSvc - ok
12:27:16.0179 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:27:16.0189 7024 mcmscsvc - ok
12:27:16.0189 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:27:16.0209 7024 McNaiAnn - ok
12:27:16.0229 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:27:16.0239 7024 McNASvc - ok
12:27:16.0359 7024 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
12:27:16.0399 7024 McODS - ok
12:27:16.0409 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:27:16.0419 7024 McOobeSv - ok
12:27:16.0439 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:27:16.0449 7024 McProxy - ok
12:27:16.0520 7024 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:27:16.0567 7024 McShield - ok
12:27:16.0582 7024 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:27:16.0645 7024 Mcx2Svc - ok
12:27:16.0676 7024 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:27:16.0707 7024 megasas - ok
12:27:16.0754 7024 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:27:16.0801 7024 MegaSR - ok
12:27:16.0832 7024 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:27:16.0910 7024 MEIx64 - ok
12:27:16.0941 7024 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
12:27:16.0941 7024 mfeapfk - ok
12:27:17.0003 7024 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:27:17.0081 7024 mfeavfk - ok
12:27:17.0097 7024 mfeavfk01 - ok
12:27:17.0144 7024 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:27:17.0191 7024 mfefire - ok
12:27:17.0237 7024 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
12:27:17.0284 7024 mfefirek - ok
12:27:17.0331 7024 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:27:17.0409 7024 mfehidk - ok
12:27:17.0425 7024 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
12:27:17.0471 7024 mferkdet - ok
12:27:17.0503 7024 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
12:27:17.0534 7024 mfevtp - ok
12:27:17.0565 7024 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
12:27:17.0581 7024 mfewfpk - ok
12:27:17.0612 7024 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:27:17.0674 7024 MMCSS - ok
12:27:17.0690 7024 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:27:17.0735 7024 Modem - ok
12:27:17.0785 7024 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:27:17.0825 7024 monitor - ok
12:27:17.0855 7024 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:27:17.0875 7024 mouclass - ok
12:27:17.0895 7024 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:27:17.0945 7024 mouhid - ok
12:27:17.0965 7024 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:27:17.0995 7024 mountmgr - ok
12:27:18.0045 7024 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:27:18.0075 7024 MozillaMaintenance - ok
12:27:18.0095 7024 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:27:18.0145 7024 mpio - ok
12:27:18.0155 7024 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:27:18.0195 7024 mpsdrv - ok
12:27:18.0245 7024 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:27:18.0305 7024 MpsSvc - ok
12:27:18.0325 7024 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:27:18.0415 7024 MRxDAV - ok
12:27:18.0435 7024 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:27:18.0515 7024 mrxsmb - ok
12:27:18.0545 7024 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:27:18.0585 7024 mrxsmb10 - ok
12:27:18.0605 7024 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

 

[mcIrishgurl]

Cont'd.....


12:27:18.0615 7024 mrxsmb20 - ok
12:27:18.0645 7024 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:27:18.0655 7024 msahci - ok
12:27:18.0675 7024 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:27:18.0735 7024 msdsm - ok
12:27:18.0765 7024 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:27:18.0815 7024 MSDTC - ok
12:27:18.0855 7024 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:27:18.0915 7024 Msfs - ok
12:27:18.0925 7024 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:27:18.0955 7024 mshidkmdf - ok
12:27:18.0975 7024 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:27:18.0985 7024 msisadrv - ok
12:27:19.0025 7024 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:27:19.0095 7024 MSiSCSI - ok
12:27:19.0105 7024 msiserver - ok
12:27:19.0145 7024 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:27:19.0175 7024 MSK80Service - ok
12:27:19.0215 7024 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:27:19.0275 7024 MSKSSRV - ok
12:27:19.0305 7024 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:27:19.0365 7024 MSPCLOCK - ok
12:27:19.0395 7024 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:27:19.0455 7024 MSPQM - ok
12:27:19.0485 7024 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:27:19.0505 7024 MsRPC - ok
12:27:19.0525 7024 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:27:19.0545 7024 mssmbios - ok
12:27:19.0565 7024 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:27:19.0605 7024 MSTEE - ok
12:27:19.0615 7024 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:27:19.0625 7024 MTConfig - ok
12:27:19.0655 7024 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:27:19.0665 7024 Mup - ok
12:27:19.0695 7024 [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:27:19.0715 7024 MyWiFiDHCPDNS - ok
12:27:19.0767 7024 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:27:19.0798 7024 napagent - ok
12:27:19.0829 7024 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:27:19.0860 7024 NativeWifiP - ok
12:27:19.0907 7024 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:27:19.0954 7024 NDIS - ok
12:27:19.0969 7024 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:27:20.0001 7024 NdisCap - ok
12:27:20.0016 7024 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:27:20.0079 7024 NdisTapi - ok
12:27:20.0110 7024 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:27:20.0188 7024 Ndisuio - ok
12:27:20.0219 7024 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:27:20.0313 7024 NdisWan - ok
12:27:20.0344 7024 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:27:20.0406 7024 NDProxy - ok
12:27:20.0453 7024 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:27:20.0515 7024 NetBIOS - ok
12:27:20.0547 7024 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:27:20.0562 7024 NetBT - ok
12:27:20.0578 7024 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:27:20.0593 7024 Netlogon - ok
12:27:20.0625 7024 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:27:20.0656 7024 Netman - ok
12:27:20.0718 7024 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:27:20.0749 7024 netprofm - ok
12:27:20.0812 7024 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:27:20.0843 7024 NetTcpPortSharing - ok
12:27:21.0077 7024 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:27:21.0244 7024 NETwNs64 - ok
12:27:21.0274 7024 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:27:21.0304 7024 nfrd960 - ok
12:27:21.0344 7024 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:27:21.0384 7024 NlaSvc - ok
12:27:21.0494 7024 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
12:27:21.0544 7024 NOBU - ok
12:27:21.0564 7024 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:27:21.0594 7024 Npfs - ok
12:27:21.0624 7024 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:27:21.0704 7024 nsi - ok
12:27:21.0764 7024 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:27:21.0854 7024 nsiproxy - ok
12:27:21.0914 7024 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:27:21.0984 7024 Ntfs - ok
12:27:22.0014 7024 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:27:22.0074 7024 Null - ok
12:27:22.0094 7024 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:27:22.0194 7024 nusb3hub - ok
12:27:22.0234 7024 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:27:22.0344 7024 nusb3xhc - ok
12:27:22.0384 7024 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:27:22.0444 7024 nvraid - ok
12:27:22.0464 7024 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:27:22.0504 7024 nvstor - ok
12:27:22.0534 7024 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:27:22.0544 7024 nv_agp - ok
12:27:22.0574 7024 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:27:22.0624 7024 ohci1394 - ok
12:27:22.0654 7024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:27:22.0694 7024 p2pimsvc - ok
12:27:22.0724 7024 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:27:22.0734 7024 p2psvc - ok
12:27:22.0764 7024 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:27:22.0804 7024 Parport - ok
12:27:22.0864 7024 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:27:22.0894 7024 partmgr - ok
12:27:22.0924 7024 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:27:23.0014 7024 PcaSvc - ok
12:27:23.0034 7024 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:27:23.0074 7024 pci - ok
12:27:23.0114 7024 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:27:23.0154 7024 pciide - ok
12:27:23.0154 7024 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:27:23.0164 7024 pcmcia - ok
12:27:23.0179 7024 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:27:23.0195 7024 pcw - ok
12:27:23.0211 7024 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:27:23.0273 7024 PEAUTH - ok
12:27:23.0367 7024 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:27:23.0413 7024 PerfHost - ok
12:27:23.0476 7024 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:27:23.0569 7024 pla - ok
12:27:23.0616 7024 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:27:23.0679 7024 PlugPlay - ok
12:27:23.0710 7024 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:27:23.0741 7024 PNRPAutoReg - ok
12:27:23.0803 7024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:27:23.0850 7024 PNRPsvc - ok
12:27:23.0881 7024 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:27:23.0959 7024 PolicyAgent - ok
12:27:23.0991 7024 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:27:24.0053 7024 Power - ok
12:27:24.0084 7024 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:27:24.0193 7024 PptpMiniport - ok
12:27:24.0225 7024 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:27:24.0271 7024 Processor - ok
12:27:24.0287 7024 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:27:24.0343 7024 ProfSvc - ok
12:27:24.0363 7024 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:27:24.0373 7024 ProtectedStorage - ok
12:27:24.0403 7024 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:27:24.0463 7024 Psched - ok
12:27:24.0533 7024 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
12:27:24.0563 7024 PSI - ok
12:27:24.0583 7024 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:27:24.0583 7024 PxHlpa64 - ok
12:27:24.0643 7024 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:27:24.0743 7024 ql2300 - ok
12:27:24.0763 7024 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:27:24.0783 7024 ql40xx - ok
12:27:24.0803 7024 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:27:24.0893 7024 QWAVE - ok
12:27:24.0913 7024 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:27:24.0963 7024 QWAVEdrv - ok
12:27:24.0963 7024 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:27:24.0993 7024 RasAcd - ok
12:27:25.0033 7024 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:27:25.0073 7024 RasAgileVpn - ok
12:27:25.0083 7024 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:27:25.0153 7024 RasAuto - ok
12:27:25.0183 7024 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:27:25.0253 7024 Rasl2tp - ok
12:27:25.0283 7024 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:27:25.0363 7024 RasMan - ok
12:27:25.0393 7024 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:27:25.0473 7024 RasPppoe - ok
12:27:25.0513 7024 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:27:25.0573 7024 RasSstp - ok
12:27:25.0593 7024 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:27:25.0663 7024 rdbss - ok
12:27:25.0683 7024 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:27:25.0703 7024 rdpbus - ok
12:27:25.0743 7024 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:27:25.0813 7024 RDPCDD - ok
12:27:25.0853 7024 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:27:25.0903 7024 RDPENCDD - ok
12:27:25.0923 7024 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:27:25.0953 7024 RDPREFMP - ok
12:27:25.0983 7024 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:27:26.0063 7024 RDPWD - ok
12:27:26.0103 7024 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:27:26.0133 7024 rdyboost - ok
12:27:26.0213 7024 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:27:26.0253 7024 RegSrvc - ok
12:27:26.0283 7024 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:27:26.0354 7024 RemoteAccess - ok
12:27:26.0385 7024 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:27:26.0463 7024 RemoteRegistry - ok
12:27:26.0494 7024 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:27:26.0557 7024 RFCOMM - ok
12:27:26.0619 7024 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:27:26.0697 7024 RimUsb - ok
12:27:26.0884 7024 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:27:26.0947 7024 RoxMediaDB12OEM - ok
12:27:26.0993 7024 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
12:27:27.0025 7024 RoxWatch12 - ok
12:27:27.0071 7024 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:27:27.0165 7024 RpcEptMapper - ok
12:27:27.0212 7024 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:27:27.0300 7024 RpcLocator - ok
12:27:27.0330 7024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:27:27.0380 7024 RpcSs - ok
12:27:27.0440 7024 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:27:27.0550 7024 rspndr - ok
12:27:27.0600 7024 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:27:27.0630 7024 RSUSBSTOR - ok
12:27:27.0670 7024 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:27:27.0730 7024 RTL8167 - ok
12:27:27.0750 7024 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:27:27.0760 7024 SamSs - ok
12:27:27.0800 7024 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:27:27.0820 7024 SASDIFSV - ok
12:27:27.0860 7024 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:27:27.0860 7024 SASKUTIL - ok
12:27:27.0890 7024 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:27:27.0960 7024 sbp2port - ok
12:27:27.0980 7024 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:27:28.0020 7024 SCardSvr - ok
12:27:28.0050 7024 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:27:28.0140 7024 scfilter - ok
12:27:28.0190 7024 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:27:28.0280 7024 Schedule - ok
12:27:28.0300 7024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:27:28.0330 7024 SCPolicySvc - ok
12:27:28.0370 7024 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:27:28.0440 7024 SDRSVC - ok
12:27:28.0480 7024 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:27:28.0540 7024 secdrv - ok
12:27:28.0560 7024 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:27:28.0630 7024 seclogon - ok
12:27:28.0710 7024 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
12:27:28.0750 7024 Secunia PSI Agent - ok
12:27:28.0810 7024 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
12:27:28.0830 7024 Secunia Update Agent - ok
12:27:28.0880 7024 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:27:28.0930 7024 SENS - ok
12:27:28.0960 7024 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:27:28.0990 7024 SensrSvc - ok
12:27:29.0040 7024 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:27:29.0090 7024 Serenum - ok
12:27:29.0120 7024 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:27:29.0160 7024 Serial - ok
12:27:29.0190 7024 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:27:29.0220 7024 sermouse - ok
12:27:29.0260 7024 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:27:29.0330 7024 SessionEnv - ok
12:27:29.0340 7024 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:27:29.0400 7024 sffdisk - ok
12:27:29.0400 7024 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:27:29.0430 7024 sffp_mmc - ok
12:27:29.0430 7024 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:27:29.0480 7024 sffp_sd - ok
12:27:29.0520 7024 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:27:29.0550 7024 sfloppy - ok
12:27:29.0660 7024 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:27:29.0690 7024 SftService - ok
12:27:29.0740 7024 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:27:29.0770 7024 SharedAccess - ok
12:27:29.0810 7024 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:27:29.0900 7024 ShellHWDetection - ok
12:27:29.0920 7024 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:27:29.0930 7024 SiSRaid2 - ok
12:27:29.0940 7024 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:27:29.0960 7024 SiSRaid4 - ok
12:27:30.0000 7024 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:27:30.0030 7024 SkypeUpdate - ok
12:27:30.0040 7024 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:27:30.0100 7024 Smb - ok
12:27:30.0160 7024 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:27:30.0220 7024 SNMPTRAP - ok
12:27:30.0240 7024 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:27:30.0250 7024 spldr - ok
12:27:30.0290 7024 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:27:30.0320 7024 Spooler - ok
12:27:30.0420 7024 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:27:30.0490 7024 sppsvc - ok
12:27:30.0510 7024 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:27:30.0550 7024 sppuinotify - ok
12:27:30.0580 7024 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:27:30.0650 7024 srv - ok
12:27:30.0700 7024 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:27:30.0720 7024 srv2 - ok
12:27:30.0740 7024 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:27:30.0770 7024 srvnet - ok
12:27:30.0810 7024 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:27:30.0870 7024 SSDPSRV - ok
12:27:30.0880 7024 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:27:30.0920 7024 SstpSvc - ok
12:27:30.0980 7024 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:27:31.0040 7024 STacSV - ok
12:27:31.0070 7024 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:27:31.0100 7024 stexstor - ok
12:27:31.0140 7024 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:27:31.0210 7024 STHDA - ok
12:27:31.0270 7024 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:27:31.0360 7024 stisvc - ok
12:27:31.0410 7024 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:27:31.0500 7024 stllssvr - ok
12:27:31.0530 7024 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:27:31.0560 7024 swenum - ok
12:27:31.0610 7024 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:27:31.0690 7024 swprv - ok
12:27:31.0760 7024 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:27:31.0870 7024 SysMain - ok
12:27:31.0900 7024 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:27:31.0940 7024 TabletInputService - ok
12:27:31.0960 7024 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:27:32.0020 7024 TapiSrv - ok
12:27:32.0050 7024 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:27:32.0080 7024 TBS - ok
12:27:32.0170 7024 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:27:32.0260 7024 Tcpip - ok
12:27:32.0335 7024 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:27:32.0367 7024 TCPIP6 - ok
12:27:32.0413 7024 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:27:32.0491 7024 tcpipreg - ok
12:27:32.0523 7024 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:27:32.0585 7024 TDPIPE - ok
12:27:32.0616 7024 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:27:32.0679 7024 TDTCP - ok
12:27:32.0710 7024 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:27:32.0788 7024 tdx - ok
12:27:32.0819 7024 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:27:32.0866 7024 TermDD - ok
12:27:32.0897 7024 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:27:32.0959 7024 TermService - ok
12:27:32.0991 7024 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:27:33.0053 7024 Themes - ok
12:27:33.0084 7024 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:27:33.0131 7024 THREADORDER - ok
12:27:33.0147 7024 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:27:33.0209 7024 TrkWks - ok
12:27:33.0256 7024 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:27:33.0318 7024 TrustedInstaller - ok
12:27:33.0349 7024 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:27:33.0435 7024 tssecsrv - ok
12:27:33.0475 7024 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:27:33.0555 7024 TsUsbFlt - ok
12:27:33.0605 7024 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:27:33.0655 7024 tunnel - ok
12:27:33.0705 7024 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
12:27:33.0775 7024 TurboB - ok
12:27:33.0815 7024 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:27:33.0845 7024 TurboBoost - ok
12:27:33.0865 7024 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:27:33.0905 7024 uagp35 - ok
12:27:33.0935 7024 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:27:34.0025 7024 udfs - ok
12:27:34.0065 7024 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:27:34.0075 7024 UI0Detect - ok
12:27:34.0105 7024 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:27:34.0125 7024 uliagpkx - ok
12:27:34.0175 7024 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:27:34.0245 7024 umbus - ok
12:27:34.0265 7024 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:27:34.0295 7024 UmPass - ok
12:27:34.0425 7024 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:27:34.0485 7024 UNS - ok
12:27:34.0515 7024 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:27:34.0565 7024 upnphost - ok
12:27:34.0625 7024 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:27:34.0745 7024 usbccgp - ok
12:27:34.0825 7024 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:27:34.0895 7024 usbcir - ok
12:27:34.0905 7024 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:27:34.0955 7024 usbehci - ok
12:27:34.0975 7024 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:27:35.0005 7024 usbhub - ok
12:27:35.0015 7024 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:27:35.0065 7024 usbohci - ok
12:27:35.0085 7024 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:27:35.0105 7024 usbprint - ok
12:27:35.0135 7024 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:27:35.0195 7024 usbscan - ok
12:27:35.0225 7024 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:27:35.0275 7024 USBSTOR - ok
12:27:35.0295 7024 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:27:35.0345 7024 usbuhci - ok
12:27:35.0395 7024 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:27:35.0465 7024 usbvideo - ok
12:27:35.0495 7024 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:27:35.0565 7024 UxSms - ok
12:27:35.0575 7024 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:27:35.0595 7024 VaultSvc - ok
12:27:35.0635 7024 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:27:35.0675 7024 vdrvroot - ok
12:27:35.0725 7024 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:27:35.0815 7024 vds - ok
12:27:35.0865 7024 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:27:35.0905 7024 vga - ok
12:27:35.0915 7024 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:27:35.0985 7024 VgaSave - ok
12:27:36.0015 7024 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:27:36.0065 7024 vhdmp - ok
12:27:36.0075 7024 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:27:36.0095 7024 viaide - ok
12:27:36.0145 7024 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:27:36.0165 7024 volmgr - ok
12:27:36.0205 7024 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:27:36.0245 7024 volmgrx - ok
12:27:36.0265 7024 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:27:36.0275 7024 volsnap - ok
12:27:36.0315 7024 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:27:36.0345 7024 vsmraid - ok
12:27:36.0435 7024 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:27:36.0505 7024 VSS - ok
12:27:36.0515 7024 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:27:36.0545 7024 vwifibus - ok
12:27:36.0565 7024 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:27:36.0595 7024 vwififlt - ok
12:27:36.0635 7024 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:27:36.0675 7024 vwifimp - ok
12:27:36.0725 7024 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:27:36.0795 7024 W32Time - ok
12:27:36.0845 7024 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:27:36.0895 7024 WacomPen - ok
12:27:36.0945 7024 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:27:37.0045 7024 WANARP - ok
12:27:37.0065 7024 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:27:37.0095 7024 Wanarpv6 - ok
12:27:37.0135 7024 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:27:37.0245 7024 WatAdminSvc - ok
12:27:37.0315 7024 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:27:37.0505 7024 wbengine - ok
12:27:37.0525 7024 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:27:37.0565 7024 WbioSrvc - ok
12:27:37.0595 7024 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:27:37.0705 7024 wcncsvc - ok
12:27:37.0745 7024 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:27:37.0795 7024 WcsPlugInService - ok
12:27:37.0825 7024 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:27:37.0845 7024 Wd - ok
12:27:37.0885 7024 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:27:37.0925 7024 Wdf01000 - ok
12:27:37.0935 7024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:27:38.0015 7024 WdiServiceHost - ok
12:27:38.0025 7024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:27:38.0035 7024 WdiSystemHost - ok
12:27:38.0065 7024 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
12:27:38.0135 7024 wdkmd - ok
12:27:38.0155 7024 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:27:38.0225 7024 WebClient - ok
12:27:38.0255 7024 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:27:38.0325 7024 Wecsvc - ok
12:27:38.0355 7024 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:27:38.0395 7024 wercplsupport - ok
12:27:38.0415 7024 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:27:38.0475 7024 WerSvc - ok
12:27:38.0505 7024 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:38.0535 7024 WfpLwf - ok
12:27:38.0585 7024 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:27:38.0645 7024 WimFltr - ok
12:27:38.0665 7024 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:27:38.0675 7024 WIMMount - ok
12:27:38.0685 7024 WinDefend - ok
12:27:38.0695 7024 WinHttpAutoProxySvc - ok
12:27:38.0825 7024 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:27:38.0895 7024 Winmgmt - ok
12:27:39.0005 7024 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:27:39.0299 7024 WinRM - ok
12:27:39.0377 7024 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:27:39.0424 7024 Wlansvc - ok
12:27:39.0471 7024 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:27:39.0533 7024 wlcrasvc - ok
12:27:39.0642 7024 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:27:39.0705 7024 wlidsvc - ok
12:27:39.0751 7024 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:27:39.0783 7024 WmiAcpi - ok
12:27:39.0798 7024 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:27:39.0892 7024 wmiApSrv - ok
12:27:39.0923 7024 WMPNetworkSvc - ok
12:27:39.0954 7024 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:27:40.0017 7024 WPCSvc - ok
12:27:40.0048 7024 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:27:40.0095 7024 WPDBusEnum - ok
12:27:40.0126 7024 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:27:40.0204 7024 ws2ifsl - ok
12:27:40.0251 7024 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:27:40.0297 7024 wscsvc - ok
12:27:40.0329 7024 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:27:40.0360 7024 WSDPrintDevice - ok
12:27:40.0360 7024 WSearch - ok
12:27:40.0453 7024 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:27:40.0516 7024 wuauserv - ok
12:27:40.0563 7024 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:27:40.0656 7024 WudfPf - ok
12:27:40.0672 7024 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:27:40.0734 7024 WUDFRd - ok
12:27:40.0765 7024 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:27:40.0843 7024 wudfsvc - ok
12:27:40.0890 7024 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:27:40.0953 7024 WwanSvc - ok
12:27:40.0984 7024 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:27:41.0031 7024 yukonw7 - ok
12:27:41.0046 7024 ================ Scan global ===============================
12:27:41.0062 7024 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:27:41.0109 7024 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:27:41.0124 7024 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:27:41.0164 7024 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:27:41.0214 7024 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:27:41.0224 7024 [Global] - ok
12:27:41.0224 7024 ================ Scan MBR ==================================
12:27:41.0244 7024 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:27:41.0634 7024 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:27:41.0634 7024 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:27:41.0634 7024 ================ Scan VBR ==================================
12:27:41.0634 7024 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
12:27:41.0644 7024 \Device\Harddisk0\DR0\Partition1 - ok
12:27:41.0674 7024 [ 723FFEBDE086355CE5F5C8E20D4FDB4A ] \Device\Harddisk0\DR0\Partition2
12:27:41.0684 7024 \Device\Harddisk0\DR0\Partition2 - ok
12:27:41.0684 7024 ============================================================
12:27:41.0684 7024 Scan finished
12:27:41.0684 7024 ============================================================
12:27:41.0704 6796 Detected object count: 3
12:27:41.0704 6796 Actual detected object count: 3
12:28:24.0529 6796 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:28:24.0529 6796 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:28:24.0529 6796 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:28:24.0529 6796 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:28:24.0529 6796 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:28:24.0529 6796 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:29:12.0036 1600 Deinitialize success

 

[Jay Pfoutz]

Sure. Go to Start > Control Panel. Select Programs. Look for FrostWire, and hit Remove or Uninstall. That should do it.

Now, for the following...

Please download Hitman Pro

• After the download completes please double click the program to run it.
• Accept the terms of the license agreement and click Next
• Let the scan run. It will not take long
• When the scan finishes, and all the files have been uploaded to the Scan Cloud, click Next
• Click Next again. At the bottom left you will see Export Scan Results To XML File. Click that and save it in a convenient location
• Upload log.xml here for review please

 

[mcIrishgurl]

Here's the log....but when the scan finished there wasn't anything about exporting, it only gave me the option to save log, so that's what I did for you...and in programs when I click on frostwire it only says to delete once I right click on it...there are no options to remove or uninstall, so not sure what I should do?

HitmanPro 3.6.1.164
www.hitmanpro.com

   Computer name . . . . : JONATHAN-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Jonathan-PC\Jonathan
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2012-10-05 13:04:04
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 32s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 1,312,315
   Files scanned . . . . : 51,406
   Remnants scanned  . . : 317,697 files / 943,212 keys

Cookies _____________________________________________________________________

   C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\xf9im9nl.default\cookies.sqlite:invitemedia.com

 

[Jay Pfoutz]

ComboFix scan

Please download ComboFix

by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:

• Close any open browsers.
• Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
• If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

• Double click on ComboFix.exe & follow the prompts.
• When ComboFix finishes, it will produce a report for you.
• Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

 

[mcIrishgurl]

log....

ComboFix 12-10-04.02 - Jonathan 10/07/2012 18:35:07.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.4568 [GMT -5:00]
Running from: c:\users\Jonathan\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Object
c:\program files (x86)\Object\config.ini
c:\programdata\17503463p6m6
c:\programdata\ntuser.dat
c:\programdata\PCDr\6032\AddOnDownloaded\06004c97-c212-44da-81de-706b46554efe.dll
c:\programdata\SPL8915.tmp
c:\programdata\SPLB237.tmp
c:\users\Jonathan\AppData\Roaming\result.db
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-09-07 to 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-10-07 23:43 . 2012-10-07 23:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 23:41 . 2012-10-07 23:41 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3575DA3F-BCAD-400C-A29A-E4AF9D4C682D}\offreg.dll
2012-10-05 18:03 . 2012-10-05 18:04 -------- d-----w- c:\programdata\HitmanPro
2012-10-05 08:03 . 2012-09-19 05:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3575DA3F-BCAD-400C-A29A-E4AF9D4C682D}\mpengine.dll
2012-10-05 01:40 . 2012-10-05 01:43 -------- d-----w- c:\users\Jonathan\Tracing
2012-10-04 22:30 . 2012-04-20 21:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-10-04 21:02 . 2012-10-04 21:02 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-04 18:19 . 2012-10-04 18:19 -------- d-----w- C:\FRST
2012-10-04 04:22 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-10-04 02:44 . 2012-10-04 02:44 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Malwarebytes
2012-10-04 02:43 . 2012-10-04 02:43 -------- d-----w- c:\programdata\Malwarebytes
2012-10-04 02:43 . 2012-09-07 22:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-04 02:43 . 2012-10-04 02:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-04 02:20 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-10-04 02:20 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-10-04 01:46 . 2012-10-04 01:46 -------- d-----w- c:\users\Jonathan\AppData\Local\Secunia PSI
2012-10-04 01:45 . 2012-10-04 01:45 -------- d-----w- c:\program files (x86)\Secunia
2012-10-04 00:21 . 2012-10-04 00:21 -------- d-----w- c:\users\Jonathan\AppData\Roaming\SUPERAntiSpyware.com
2012-10-04 00:20 . 2012-10-04 00:21 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-04 00:20 . 2012-10-04 00:20 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-04 00:13 . 2010-01-11 00:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2012-10-04 00:13 . 2012-10-04 00:15 -------- d-----w- c:\program files (x86)\SpywareBlaster
2012-10-04 00:08 . 2012-10-04 00:08 -------- d-----w- c:\users\Jonathan\AppData\Local\Macromedia
2012-10-03 23:55 . 2012-10-03 23:55 -------- d-----w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2012-10-03 23:41 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-03 23:41 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-03 23:41 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-10-03 23:41 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-10-03 23:41 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 23:41 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-10-03 23:41 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-10-03 22:50 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-10-03 22:35 . 2012-10-03 22:35 -------- d-----w- c:\program files\Microsoft Silverlight
2012-10-03 22:28 . 2012-10-03 23:29 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-03 22:23 . 2012-10-03 22:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-03 22:23 . 2012-10-03 22:22 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-03 22:22 . 2012-10-03 22:22 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-03 22:22 . 2012-10-03 22:22 -------- d-----w- c:\program files (x86)\Java
2012-10-03 22:00 . 2012-10-03 22:00 -------- d-----w- c:\users\Jonathan\AppData\Local\Mozilla
2012-10-03 22:00 . 2012-10-03 22:00 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-03 21:42 . 2012-10-03 21:42 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-03 23:29 . 2011-06-13 20:14 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-03 22:22 . 2011-07-09 18:23 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-18 02:29 . 2011-05-31 04:25 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-07-27 20:51 . 2012-07-27 20:51 24984 ----a-w- c:\windows\system32\AdobePDFUI.dll
2012-07-27 20:51 . 2012-07-27 20:51 53656 ----a-w- c:\windows\system32\AdobePDF.dll
2012-07-18 18:15 . 2012-08-24 08:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-17 19:55 . 2010-10-14 03:28 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-07-17 19:52 . 2010-10-14 03:28 335784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-07-17 19:52 . 2011-05-20 18:23 177144 ----a-w- c:\windows\system32\mfevtps.exe
2012-07-17 19:51 . 2011-05-20 18:23 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-07-17 19:51 . 2010-10-14 03:28 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-07-17 19:50 . 2010-10-14 03:28 752672 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-07-17 19:49 . 2010-10-14 03:28 513456 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-07-17 19:48 . 2010-10-14 03:28 300392 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-07-17 19:48 . 2010-10-14 03:28 169320 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-07-16 12:30 . 2012-07-16 12:30 4024320 ----a-w- c:\program files (x86)\GUT67B1.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-06-11 21:22 1307728 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-13 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-03 250288]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-03 1298496]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-13 136176]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-07-17 106112]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-30 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-31 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-07-17 335784]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-03 897088]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe [2010-04-14 1052328]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [2010-04-14 45736]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-07-17 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-07-17 177144]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-11-04 58128]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-07-17 69672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-10 60416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-07-17 513456]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 86139382
*Deregistered* - 86139382
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-03 23:29]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-13 20:17]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-13 20:17]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D10AB58E-75A9-4575-B9C4-BC677D6061AC}\653405962716475637: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\xf9im9nl.default\
FF - prefs.js: browser.startup.homepage - hxxp://g.msn.com/USCON/1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-55997977.sys
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\06\01\1b\16-(R"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-07 18:55:30
ComboFix-quarantined-files.txt 2012-10-07 23:55
.
Pre-Run: 570,651,881,472 bytes free
Post-Run: 570,650,968,064 bytes free
.
- - End Of File - - 2C8B1C0A711E8D4FF038D295AA6215C0

 

[Jay Pfoutz]

Please post new log from aswMBR.

 

[mcIrishgurl]

Log...

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-04 16:12:29
-----------------------------
16:12:29.793 OS Version: Windows x64 6.1.7601 Service Pack 1
16:12:29.793 Number of processors: 4 586 0x2A07
16:12:29.793 ComputerName: JONATHAN-PC UserName: Jonathan
16:12:32.815 Initialize success
16:17:16.341 AVAST engine defs: 12100400
16:17:56.732 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:17:56.732 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
16:17:56.752 Disk 0 MBR read successfully
16:17:56.762 Disk 0 MBR scan
16:17:56.772 Disk 0 Windows 7 default MBR code
16:17:56.782 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
16:17:56.822 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
16:17:56.852 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
16:17:56.892 Disk 0 scanning C:\Windows\system32\drivers
16:18:09.627 Service scanning
16:18:40.283 Modules scanning
16:18:42.164 AVAST engine scan C:\Windows
16:18:45.919 AVAST engine scan C:\Windows\system32
16:22:53.973 AVAST engine scan C:\Windows\system32\drivers
16:23:08.184 AVAST engine scan C:\Users\Jonathan
16:24:55.068 AVAST engine scan C:\ProgramData
16:40:46.700 Scan finished successfully
16:43:14.626 Disk 0 MBR has been saved successfully to "C:\Users\Jonathan\Documents\MBR.dat"
16:43:14.626 The log file has been saved successfully to "C:\Users\Jonathan\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-08 11:40:13
-----------------------------
11:40:13.343 OS Version: Windows x64 6.1.7601 Service Pack 1
11:40:13.343 Number of processors: 4 586 0x2A07
11:40:13.359 ComputerName: JONATHAN-PC UserName: Jonathan
11:40:17.943 Initialize success
11:44:05.776 AVAST engine defs: 12100800
11:45:28.602 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:45:28.602 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
11:45:28.617 Disk 0 MBR read successfully
11:45:28.617 Disk 0 MBR scan
11:45:28.617 Disk 0 Windows 7 default MBR code
11:45:28.633 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
11:45:28.633 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
11:45:28.648 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
11:45:28.680 Disk 0 scanning C:\Windows\system32\drivers
11:45:51.006 Service scanning
11:46:34.367 Modules scanning
11:46:36.286 AVAST engine scan C:\Windows
11:46:43.686 AVAST engine scan C:\Windows\system32
11:51:34.386 AVAST engine scan C:\Windows\system32\drivers
11:51:55.139 AVAST engine scan C:\Users\Jonathan
11:53:54.829 AVAST engine scan C:\ProgramData
12:09:16.206 Scan finished successfully
12:11:53.556 Disk 0 MBR has been saved successfully to "C:\Users\Jonathan\Documents\MBR.dat"
12:11:53.556 The log file has been saved successfully to "C:\Users\Jonathan\Documents\aswMBR.txt"

 

[Jay Pfoutz]

Excellent work!
ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
• Click Start
• When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
• Click Start or wait for the scanner to load.
• Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
• Click Scan (This scan can take several hours, so please be patient)
• Once the scan is completed, there are a couple of things to keep in mind:
• 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
• 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
• Open the logfile from wherever you saved it
• Copy and paste the contents in your next reply.

=======================================


Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

• Slow computer
• Error messages
• Fake antivirus alerts or the icon in the system tray
• svchost.exe running at 100%
• System crashes or blue screen of death

 

[mcIrishgurl]

Running the eset scan now...I need help in removing that frostwire program I was telling you about earlier...there is no option when I right click it, other than to delete...how can I unistall? and how do I check if svchost.exe is running at 100% or less? thanks again!

 

[mcIrishgurl]

Log....other questions in previous post...


C:\TDSSKiller_Quarantine\04.10.2012_15.59.37\mbr0000\tdlfs0000\tsk0000.dta Win64/Olmarik.AE trojan cleaned by deleting - quarantined

 

[Jay Pfoutz]

If the PC is acting very sluggish, then let me know, and we'll diagnose svchost.exe issues, if any. I doubt there are issues.

Download Revo Uninstaller: http://www.revouninstaller.com/start_freeware_download.html

Then, start the program after install, and tell me if you see FrostWire in the list.