Solved Computer running slow / IE almost unusable

[kathywms]

Here is the logs:

Anti-Malware logs:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.13.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pastor Willie :: PASTORWILLIE-PC [administrator]

10/13/2012 10:07:36 AM
mbam-log-2012-10-13 (10-07-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210723
Time elapsed: 11 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\$RECYCLE.BIN\S-1-5-21-3803588889-2778353395-4223040485-1000\$RYGHC0G.exe (Trojan.Inject.AI) -> Quarantined and deleted successfully.

(end)

 

[kathywms]

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35
Run by Pastor Willie at 10:32:45 on 2012-10-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4056.2095 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Users\Pastor Willie\Desktop\1hw4rd0t.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig?refresh=1
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll
uURLSearchHooks: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\tbElf_.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
mURLSearchHooks: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll
mURLSearchHooks: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\tbElf_.dll
BHO: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\tbElf_.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
TB: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\tbElf_.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [FAStartup]
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\PASTOR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\PASTOR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DSMOBI~1.LNK - C:\Program Files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTR~1.LNK - C:\Program Files (x86)\PrintMaster Platinum 18\Remind.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: microsoft.com\oas.support
Trusted Zone: microsoft.com\support
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.disneyphotopass.com/software/ImageUploader4.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A837EF09-554F-4729-B091-155F02172DE6} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A837EF09-554F-4729-B091-155F02172DE6}\0584254554851435D275946494 : DhcpNameServer = 4.2.2.2
TCP: Interfaces\{A837EF09-554F-4729-B091-155F02172DE6}\2375942554038383 : DhcpNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\tbElf_.dll
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO-X64: FAIESSO Helper Object - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
TB-X64: SearchElf 1.1 Toolbar: {00f2c0c6-2194-484e-9064-44e57787867b} - C:\Program Files (x86)\SearchElf_1.1\tbSear.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB-X64: Elf 1 Toolbar: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\tbElf_.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun-x64: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [FAStartup]
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
IE-X64: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=126E5188-B0D2-4197-AAC8-F0BB544523F0&apn_ptnrs=&apn_sauid=1C8EB0CE-7800-43E7-B1D4-59DB4673B4A4&apn_dtid=OSJ000&&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-6-24 2368776]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-13 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-13 676936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-9-22 200728]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-9-22 200728]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-9-22 200728]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-10-1 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-10-1 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-2-21 1692480]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-6 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-9-14 250808]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-6 136176]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\system32\drivers\HipShieldK.sys --> C:\Windows\system32\drivers\HipShieldK.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-10-13 06:07:2933944----a-w-C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll
2012-10-12 17:40:2015712----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\a66447361cda8a021\MeshBetaRemover.exe
2012-10-12 17:40:0694040----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\9e18d4b11cda8a01a\DSETUP.dll
2012-10-12 17:40:06525656----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\9e18d4b11cda8a01a\DXSETUP.exe
2012-10-12 17:40:061691480----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\9e18d4b11cda8a01a\dsetup32.dll
2012-10-12 17:40:0594040----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\9d0977d11cda8a019\DSETUP.dll
2012-10-12 17:40:05525656----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\9d0977d11cda8a019\DXSETUP.exe
2012-10-12 17:40:051691480----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\9d0977d11cda8a019\dsetup32.dll
2012-10-12 17:39:28--------d-----w-C:\Users\Pastor Willie\AppData\Local\Windows Live
2012-10-12 17:17:28--------d-----w-C:\Windows\System32\SPReview
2012-10-12 17:15:25--------d-----w-C:\Windows\System32\EventProviders
2012-10-12 17:05:05--------d-sh--w-C:\$RECYCLE.BIN
2012-10-12 17:04:40--------d-----w-C:\Program Files (x86)\Ask.com
2012-10-12 16:31:1898816----a-w-C:\Windows\sed.exe
2012-10-12 16:31:18518144----a-w-C:\Windows\SWREG.exe
2012-10-12 16:31:18256000----a-w-C:\Windows\PEV.exe
2012-10-12 16:31:18208896----a-w-C:\Windows\MBR.exe
2012-10-12 16:20:48--------d-----w-C:\ProgramData\Ask
2012-10-12 16:20:07477168----a-w-C:\Windows\SysWow64\npdeployJava1.dll
2012-10-12 16:20:06473072----a-w-C:\Windows\SysWow64\deployJava1.dll
2012-10-12 02:09:54--------d-----w-C:\Users\Pastor Willie\AppData\Local\Macromedia
2012-10-11 21:38:03--------d-----w-C:\Users\Pastor Willie\AppData\Roaming\SUPERAntiSpyware.com
2012-10-11 21:37:27--------d-----w-C:\ProgramData\SUPERAntiSpyware.com
2012-10-11 21:37:27--------d-----w-C:\Program Files\SUPERAntiSpyware
2012-10-10 04:27:021659760----a-w-C:\Windows\System32\drivers\ntfs.sys
2012-10-10 04:25:38220160----a-w-C:\Windows\System32\wintrust.dll
2012-10-10 04:25:38172544----a-w-C:\Windows\SysWow64\wintrust.dll
2012-10-10 04:25:132048----a-w-C:\Windows\SysWow64\tzres.dll
2012-10-10 04:25:132048----a-w-C:\Windows\System32\tzres.dll
2012-10-10 04:24:46715776----a-w-C:\Windows\System32\kerberos.dll
2012-10-10 04:24:46542208----a-w-C:\Windows\SysWow64\kerberos.dll
2012-10-10 04:24:291464320----a-w-C:\Windows\System32\crypt32.dll
2012-10-10 04:24:28184320----a-w-C:\Windows\System32\cryptsvc.dll
2012-10-10 04:24:281159680----a-w-C:\Windows\SysWow64\crypt32.dll
2012-10-10 04:24:27140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 04:24:27140288----a-w-C:\Windows\System32\cryptnet.dll
2012-10-10 04:24:27103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2012-10-01 12:50:4410288----a-w-C:\Windows\System32\drivers\mfeclnk.sys
2012-10-01 12:50:42177144----a-w-C:\Windows\System32\mfevtps.exe
2012-10-01 12:50:37335784----a-w-C:\Windows\System32\drivers\mfewfpk.sys
2012-10-01 12:50:36106112----a-w-C:\Windows\System32\drivers\mferkdet.sys
2012-10-01 12:50:35752672----a-w-C:\Windows\System32\drivers\mfehidk.sys
2012-10-01 12:50:35513456----a-w-C:\Windows\System32\drivers\mfefirek.sys
2012-10-01 12:50:34300392----a-w-C:\Windows\System32\drivers\mfeavfk.sys
2012-10-01 12:50:34169320----a-w-C:\Windows\System32\drivers\mfeapfk.sys
2012-10-01 12:50:3369672----a-w-C:\Windows\System32\drivers\cfwids.sys
2012-09-22 10:25:25196440----a-w-C:\Windows\System32\drivers\HipShieldK.sys
2012-09-14 07:30:10696760----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-10-12 17:35:49152576----a-w-C:\Windows\SysWow64\msclmd.dll
2012-10-12 17:35:48175616----a-w-C:\Windows\System32\msclmd.dll
2012-10-09 13:15:2473656----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-07 22:04:4625928----a-w-C:\Windows\System32\drivers\mbam.sys
2012-08-30 18:03:455559664----a-w-C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:023968880----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:023914096----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 10:31:322312704----a-w-C:\Windows\System32\jscript9.dll
2012-08-24 10:21:181392128----a-w-C:\Windows\System32\wininet.dll
2012-08-24 10:20:111494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29599040----a-w-C:\Windows\System32\vbscript.dll
2012-08-24 10:09:422382848----a-w-C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:171800704----a-w-C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:271129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:021427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12420864----a-w-C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:582382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-08-20 18:48:44362496----a-w-C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44243200----a-w-C:\Windows\System32\wow64.dll
2012-08-20 18:48:4413312----a-w-C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43215040----a-w-C:\Windows\System32\winsrv.dll
2012-08-20 18:48:3716384----a-w-C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35424448----a-w-C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22338432----a-w-C:\Windows\System32\conhost.exe
2012-08-20 17:40:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:4444032----a-w-C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:2625600----a-w-C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:195120----a-w-C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:217680----a-w-C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:202048----a-w-C:\Windows\SysWow64\user.exe
2012-08-20 15:33:286144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:284608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:283584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:283072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-02 17:58:52574464----a-w-C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20490496----a-w-C:\Windows\SysWow64\d3d10level9.dll
2012-07-18 18:15:063148800----a-w-C:\Windows\System32\win32k.sys
.
============= FINISH: 10:35:15.12 ===============

 

[kathywms]

GMER log is empty

____

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/26/2010 7:32:54 PM
System Uptime: 10/13/2012 10:21:22 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0F642T
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz | Microprocessor | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 108.116 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
RP849: 10/13/2012 12:00:01 AM - Scheduled Checkpoint
RP850: 10/13/2012 3:00:16 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.65
Adobe Acrobat 5.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Advanced Audio FX Engine
Amazon Add to Wish List IE Extension 1.1
Apple Application Support
Apple Software Update
ArcSoft Software Suite
Ask Toolbar
Ask Toolbar Updater
Bing Bar
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conduit Engine
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Webcam Central
DSmobileSCAN II
e-Sword
Elf 1 Toolbar
Facebook Plug-In
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Hanes© T-ShirtMake© Lite
Java Auto Updater
Java(TM) 6 Update 35
Junk Mail filter update
Live! Cam Avatar Creator
Logos 4 Prerequisites
Logos Bible Software 4
Malwarebytes Anti-Malware version 1.65.0.1400
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Web Publishing Wizard 1.52
Mozilla Firefox (3.6.6)
MSVCRT
Norton Security Scan
PowerDVD DX
Presto! PageManager 7.16.80
PrintMaster Platinum 18
Quark Promote
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio Burn
SearchElf 1.1 Toolbar
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Skype Click to Call
The Word Bible Software
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WildTangent Games
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Yahoo! BrowserPlus 2.7.1
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
10/6/2012 4:47:26 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
10/6/2012 4:40:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
10/6/2012 4:40:54 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/6/2012 4:39:26 AM, Error: Service Control Manager [7022] - The McAfee Network Agent service hung on starting.
10/6/2012 3:41:35 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user PastorWillie-PC\Pastor Willie SID (S-1-5-21-3803588889-2778353395-4223040485-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/6/2012 3:37:18 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Sprocket Service (DellSupportCenter) service to connect.
10/13/2012 9:51:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
10/13/2012 9:51:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
10/13/2012 9:51:32 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
10/13/2012 9:51:32 AM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/13/2012 12:53:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the FAService service to connect.
10/13/2012 12:53:45 AM, Error: Service Control Manager [7000] - The FAService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/13/2012 12:48:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Audio Service service to connect.
10/13/2012 12:48:03 AM, Error: Service Control Manager [7000] - The Audio Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/13/2012 10:24:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
10/13/2012 10:22:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
10/13/2012 10:10:34 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
10/13/2012 10:00:25 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
10/13/2012 1:06:14 AM, Error: Service Control Manager [7023] - The McAfee VirusScan Announcer service terminated with the following error: %%-2147467260
10/12/2012 3:00:10 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
10/12/2012 2:48:52 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
10/12/2012 12:52:20 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/12/2012 12:24:50 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Pastor Willie\ntuser.dat' was corrupted and it has been recovered. Some data might have been lost.
10/12/2012 12:12:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
10/12/2012 12:12:26 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/12/2012 12:11:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
10/12/2012 12:11:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
10/12/2012 12:10:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
10/12/2012 11:50:19 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/12/2012 11:49:17 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/12/2012 11:30:36 AM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
10/11/2012 6:11:57 PM, Error: Service Control Manager [7000] - The McAfee McShield service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/11/2012 6:11:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect.
10/11/2012 4:58:56 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
10/11/2012 11:31:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
10/10/2012 7:41:07 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the STacSV service.
10/10/2012 7:21:09 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
10/10/2012 2:49:04 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
.
==== End Of File ===========================

 

[Jay Pfoutz]

Hello, and welcome to TechSpot.

Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information

• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
• If you have already asked for help somewhere, please post the link to the topic you were helped.
• We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Download AdwCleaner by Xplode onto your Desktop.

• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• A logfile will automatically open after the scan has finished.
• Please post the content of that logfile in your reply.
• You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

ComboFix scan

Please download ComboFix

by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:

• Close any open browsers.
• Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
• If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

• Double click on ComboFix.exe & follow the prompts.
• When ComboFix finishes, it will produce a report for you.
• Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

 

[kathywms]

Adwcleaner:
# AdwCleaner v2.004 - Logfile created 10/13/2012 at 11:23:17
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Pastor Willie - PASTORWILLIE-PC
# Boot Mode : Normal
# Running from : C:\Users\Pastor Willie\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\searchplugins\mywebsearch.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\Elf_1
Folder Deleted : C:\Program Files (x86)\SearchElf_1.1
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\Elf_1
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Pastor Willie\AppData\LocalLow\SearchElf_1.1
Folder Deleted : C:\Users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\extensions\m3ffxtbr@mywebsearch.com
Folder Deleted : C:\Users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Elf_1
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SearchElf_1.1
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00F2C0C6-2194-484E-9064-44E57787867B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22E03916-85C5-44B0-8DC9-1830C11238D9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00F2C0C6-2194-484E-9064-44E57787867B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22E03916-85C5-44B0-8DC9-1830C11238D9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2769720
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2856415
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Elf_1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2412B297-67F7-4C35-AD0A-A3002A9D4B6A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7E94B336-EF44-462E-8FD6-E69004BDD5FD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\Software\SearchElf_1.1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00F2C0C6-2194-484E-9064-44E57787867B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22E03916-85C5-44B0-8DC9-1830C11238D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2412B297-67F7-4C35-AD0A-A3002A9D4B6A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E94B336-EF44-462E-8FD6-E69004BDD5FD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC02F063-B31C-467E-8874-DBBC6DF458B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD1F38A4-679C-4A28-BF4A-2EEED034DD32}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF169E9-BD7B-4321-9109-A22D86933023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00F2C0C6-2194-484E-9064-44E57787867B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22E03916-85C5-44B0-8DC9-1830C11238D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Elf_1 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchElf_1.1 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{00F2C0C6-2194-484E-9064-44E57787867B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{22E03916-85C5-44B0-8DC9-1830C11238D9}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00F2C0C6-2194-484E-9064-44E57787867B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{22E03916-85C5-44B0-8DC9-1830C11238D9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{00F2C0C6-2194-484E-9064-44E57787867B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{22E03916-85C5-44B0-8DC9-1830C11238D9}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{00F2C0C6-2194-484E-9064-44E57787867B}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{22E03916-85C5-44B0-8DC9-1830C11238D9}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.6 (en-US)

Profile name : default
File : C:\Users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\prefs.js

Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea[...]
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.mywebsearch.com/mywebsearch/GGm[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Pastor Willie\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [11313 octets] - [13/10/2012 11:23:17]

########## EOF - C:\AdwCleaner[S1].txt - [11374 octets] ##########

 

[kathywms]

ComboFix 12-10-12.01 - Pastor Willie 10/13/2012 11:33:33.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4056.2042 [GMT -5:00]
Running from: c:\users\Pastor Willie\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-09-13 to 2012-10-13 )))))))))))))))))))))))))))))))
.
.
2012-10-13 16:49 . 2012-10-13 16:49--------d-----w-c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-10-13 16:49 . 2012-10-13 16:49--------d-----w-c:\users\Default\AppData\Local\temp
2012-10-13 16:02 . 2012-07-17 20:1133944----a-w-c:\program files (x86)\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll
2012-10-13 08:01 . 2012-09-28 05:1865309168----a-w-c:\windows\system32\MRT.exe
2012-10-12 17:40 . 2012-10-12 17:4015712----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\a66447361cda8a021\MeshBetaRemover.exe
2012-10-12 17:40 . 2012-10-12 17:4094040----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\9e18d4b11cda8a01a\DSETUP.dll
2012-10-12 17:40 . 2012-10-12 17:40525656----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\9e18d4b11cda8a01a\DXSETUP.exe
2012-10-12 17:40 . 2012-10-12 17:401691480----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\9e18d4b11cda8a01a\dsetup32.dll
2012-10-12 17:40 . 2012-10-12 17:4094040----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\9d0977d11cda8a019\DSETUP.dll
2012-10-12 17:40 . 2012-10-12 17:40525656----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\9d0977d11cda8a019\DXSETUP.exe
2012-10-12 17:40 . 2012-10-12 17:401691480----a-w-c:\program files (x86)\Common Files\Windows Live\.cache\9d0977d11cda8a019\dsetup32.dll
2012-10-12 17:39 . 2012-10-12 17:39--------d-----w-c:\users\Pastor Willie\AppData\Local\Windows Live
2012-10-12 17:17 . 2012-10-12 17:17--------d-----w-c:\windows\system32\SPReview
2012-10-12 17:15 . 2012-10-12 17:15--------d-----w-c:\windows\system32\EventProviders
2012-10-12 16:21 . 2012-10-12 16:21--------d-----w-c:\program files (x86)\Common Files\Java
2012-10-12 16:20 . 2012-10-12 16:19477168----a-w-c:\windows\SysWow64\npdeployJava1.dll
2012-10-12 16:20 . 2012-10-12 16:19473072----a-w-c:\windows\SysWow64\deployJava1.dll
2012-10-12 04:58 . 2012-10-12 04:58--------d-----w-c:\program files (x86)\7-Zip
2012-10-12 02:09 . 2012-10-12 02:09--------d-----w-c:\users\Pastor Willie\AppData\Local\Macromedia
2012-10-11 21:38 . 2012-10-11 21:38--------d-----w-c:\users\Pastor Willie\AppData\Roaming\SUPERAntiSpyware.com
2012-10-11 21:37 . 2012-10-11 21:38--------d-----w-c:\program files\SUPERAntiSpyware
2012-10-11 21:37 . 2012-10-11 21:37--------d-----w-c:\programdata\SUPERAntiSpyware.com
2012-10-10 04:27 . 2012-08-31 18:191659760----a-w-c:\windows\system32\drivers\ntfs.sys
2012-10-10 04:25 . 2012-08-24 18:05220160----a-w-c:\windows\system32\wintrust.dll
2012-10-10 04:25 . 2012-08-24 16:57172544----a-w-c:\windows\SysWow64\wintrust.dll
2012-10-10 04:25 . 2012-09-14 19:192048----a-w-c:\windows\system32\tzres.dll
2012-10-10 04:25 . 2012-09-14 18:282048----a-w-c:\windows\SysWow64\tzres.dll
2012-10-10 04:24 . 2012-08-11 00:56715776----a-w-c:\windows\system32\kerberos.dll
2012-10-10 04:24 . 2012-08-10 23:56542208----a-w-c:\windows\SysWow64\kerberos.dll
2012-10-10 04:24 . 2012-06-02 05:411464320----a-w-c:\windows\system32\crypt32.dll
2012-10-10 04:24 . 2012-06-02 05:41184320----a-w-c:\windows\system32\cryptsvc.dll
2012-10-10 04:24 . 2012-06-02 04:361159680----a-w-c:\windows\SysWow64\crypt32.dll
2012-10-10 04:24 . 2012-06-02 05:41140288----a-w-c:\windows\system32\cryptnet.dll
2012-10-10 04:24 . 2012-06-02 04:36140288----a-w-c:\windows\SysWow64\cryptsvc.dll
2012-10-10 04:24 . 2012-06-02 04:36103936----a-w-c:\windows\SysWow64\cryptnet.dll
2012-10-01 12:50 . 2012-07-17 19:5110288----a-w-c:\windows\system32\drivers\mfeclnk.sys
2012-10-01 12:50 . 2012-07-17 19:52177144----a-w-c:\windows\system32\mfevtps.exe
2012-10-01 12:50 . 2012-07-17 19:52335784----a-w-c:\windows\system32\drivers\mfewfpk.sys
2012-10-01 12:50 . 2012-07-17 19:51106112----a-w-c:\windows\system32\drivers\mferkdet.sys
2012-10-01 12:50 . 2012-07-17 19:50752672----a-w-c:\windows\system32\drivers\mfehidk.sys
2012-10-01 12:50 . 2012-07-17 19:49513456----a-w-c:\windows\system32\drivers\mfefirek.sys
2012-10-01 12:50 . 2012-07-17 19:48300392----a-w-c:\windows\system32\drivers\mfeavfk.sys
2012-10-01 12:50 . 2012-07-17 19:48169320----a-w-c:\windows\system32\drivers\mfeapfk.sys
2012-10-01 12:50 . 2012-07-17 19:5569672----a-w-c:\windows\system32\drivers\cfwids.sys
2012-09-22 10:25 . 2012-04-20 21:40196440----a-w-c:\windows\system32\drivers\HipShieldK.sys
2012-09-22 08:01 . 2012-08-24 10:3910925568----a-w-c:\windows\system32\ieframe.dll
2012-09-14 07:30 . 2012-10-09 13:15696760----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-14 07:30 . 2012-09-14 07:30--------d-----w-c:\windows\system32\Macromed
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 17:35 . 2009-07-14 02:36152576----a-w-c:\windows\SysWow64\msclmd.dll
2012-10-12 17:35 . 2009-07-14 02:36175616----a-w-c:\windows\system32\msclmd.dll
2012-10-09 13:15 . 2012-03-25 07:2073656----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-01 12:07 . 2010-04-26 05:54737072----a-w-c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-10-01 12:06 . 2010-04-26 05:542876528----a-w-c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-01 12:06 . 2010-06-03 00:0542776----a-w-c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-10-01 12:06 . 2010-04-26 05:54539984----a-w-c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-07 22:04 . 2012-02-16 06:0525928----a-w-c:\windows\system32\drivers\mbam.sys
2012-08-20 17:38 . 2012-10-10 04:2644032----a-w-c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 17:51574464----a-w-c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 17:51490496----a-w-c:\windows\SysWow64\d3d10level9.dll
2012-07-18 18:15 . 2012-08-15 19:443148800----a-w-c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-06-11 1524056]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-06 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-05-21 4786048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2009-06-24 95496]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-07-30 273544]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"FAStartup"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-13 559616]
.
c:\users\Pastor Willie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
DSmobileSCAN II.lnk - c:\program files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe [2009-10-10 518144]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Event Reminder.lnk - c:\program files (x86)\PrintMaster Platinum 18\Remind.exe [2007-9-9 344064]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2009-06-24 22:31140552----a-w-c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification PackagesREG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 136176]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-04-12 52632]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 136176]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-07-17 106112]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-05 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-07-17 335784]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2009-06-24 2368776]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-07-17 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-07-17 177144]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-07-17 69672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-07-17 513456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-05-20 393728]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 13:15]
.
2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 18:44]
.
2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 18:44]
.
2012-10-12 c:\windows\Tasks\Norton Security Scan for Pastor Willie.job
- c:\progra~2\NORTON~2\Engine\351~1.6\Nss.exe [2011-07-30 07:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"PrnStatusMX"="c:\program files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe" [2007-08-29 1238528]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2007-07-18 20480]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1860496]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig?refresh=1
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com\oas.support
Trusted Zone: microsoft.com\support
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Pastor Willie\AppData\Roaming\Mozilla\Firefox\Profiles\lq1xnbob.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-13 11:53:55
ComboFix-quarantined-files.txt 2012-10-13 16:53
.
Pre-Run: 116,065,095,680 bytes free
Post-Run: 115,774,459,904 bytes free
.
- - End Of File - - 9C79B42F377D4E1E04844ADC99F04BB6

 

[Jay Pfoutz]

Good work. Do the following steps next please:

TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
• Click Start
• When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
• Click Start or wait for the scanner to load.
• Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
• Click Scan (This scan can take several hours, so please be patient)
• Once the scan is completed, there are a couple of things to keep in mind:
• 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
• 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
• Open the logfile from wherever you saved it
• Copy and paste the contents in your next reply.

 

[kathywms]

12:18:09.0805 3836 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:18:10.0219 3836 ============================================================
12:18:10.0219 3836 Current date / time: 2012/10/13 12:18:10.0219
12:18:10.0219 3836 SystemInfo:
12:18:10.0219 3836
12:18:10.0219 3836 OS Version: 6.1.7601 ServicePack: 1.0
12:18:10.0219 3836 Product type: Workstation
12:18:10.0220 3836 ComputerName: PASTORWILLIE-PC
12:18:10.0220 3836 UserName: Pastor Willie
12:18:10.0220 3836 Windows directory: C:\Windows
12:18:10.0220 3836 System windows directory: C:\Windows
12:18:10.0220 3836 Running under WOW64
12:18:10.0220 3836 Processor architecture: Intel x64
12:18:10.0220 3836 Number of processors: 2
12:18:10.0220 3836 Page size: 0x1000
12:18:10.0220 3836 Boot type: Normal boot
12:18:10.0220 3836 ============================================================
12:18:10.0784 3836 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:18:10.0794 3836 ============================================================
12:18:10.0794 3836 \Device\Harddisk0\DR0:
12:18:10.0795 3836 MBR partitions:
12:18:10.0795 3836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
12:18:10.0795 3836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
12:18:10.0795 3836 ============================================================
12:18:10.0832 3836 C: <-> \Device\Harddisk0\DR0\Partition2
12:18:10.0832 3836 ============================================================
12:18:10.0832 3836 Initialize success
12:18:10.0832 3836 ============================================================
12:18:47.0802 7040 ============================================================
12:18:47.0802 7040 Scan started
12:18:47.0802 7040 Mode: Manual; SigCheck; TDLFS;
12:18:47.0802 7040 ============================================================
12:18:48.0337 7040 ================ Scan system memory ========================
12:18:48.0337 7040 System memory - ok
12:18:48.0338 7040 ================ Scan services =============================
12:18:48.0464 7040 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:18:48.0593 7040 !SASCORE - ok
12:18:48.0751 7040 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:18:48.0839 7040 1394ohci - ok
12:18:48.0890 7040 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:18:48.0926 7040 ACPI - ok
12:18:48.0974 7040 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:18:49.0054 7040 AcpiPmi - ok
12:18:49.0165 7040 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:18:49.0197 7040 AdobeFlashPlayerUpdateSvc - ok
12:18:49.0260 7040 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:18:49.0318 7040 adp94xx - ok
12:18:49.0356 7040 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:18:49.0396 7040 adpahci - ok
12:18:49.0421 7040 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:18:49.0443 7040 adpu320 - ok
12:18:49.0475 7040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:18:49.0549 7040 AeLookupSvc - ok
12:18:49.0647 7040 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:18:49.0726 7040 AFD - ok
12:18:49.0808 7040 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:18:49.0839 7040 agp440 - ok
12:18:49.0872 7040 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:18:49.0929 7040 ALG - ok
12:18:49.0996 7040 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:18:50.0025 7040 aliide - ok
12:18:50.0036 7040 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:18:50.0054 7040 amdide - ok
12:18:50.0080 7040 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:18:50.0150 7040 AmdK8 - ok
12:18:50.0177 7040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:18:50.0208 7040 AmdPPM - ok
12:18:50.0260 7040 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:18:50.0292 7040 amdsata - ok
12:18:50.0316 7040 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:18:50.0339 7040 amdsbs - ok
12:18:50.0364 7040 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:18:50.0382 7040 amdxata - ok
12:18:50.0442 7040 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:18:50.0572 7040 AppID - ok
12:18:50.0592 7040 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:18:50.0635 7040 AppIDSvc - ok
12:18:50.0679 7040 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:18:50.0764 7040 Appinfo - ok
12:18:50.0903 7040 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:18:50.0929 7040 Apple Mobile Device - ok
12:18:50.0983 7040 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:18:51.0016 7040 arc - ok
12:18:51.0036 7040 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:18:51.0055 7040 arcsas - ok
12:18:51.0115 7040 aspnet_state - ok
12:18:51.0151 7040 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:18:51.0226 7040 AsyncMac - ok
12:18:51.0292 7040 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:18:51.0321 7040 atapi - ok
12:18:51.0384 7040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:18:51.0490 7040 AudioEndpointBuilder - ok
12:18:51.0525 7040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:18:51.0586 7040 AudioSrv - ok
12:18:51.0651 7040 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:18:51.0774 7040 AxInstSV - ok
12:18:51.0814 7040 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:18:51.0903 7040 b06bdrv - ok
12:18:51.0946 7040 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:18:52.0003 7040 b57nd60a - ok
12:18:52.0135 7040 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
12:18:52.0166 7040 BBSvc - ok
12:18:52.0234 7040 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
12:18:52.0269 7040 BBUpdate - ok
12:18:52.0294 7040 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
12:18:52.0318 7040 BCM42RLY - ok
12:18:52.0421 7040 [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:18:52.0565 7040 BCM43XX - ok
12:18:52.0613 7040 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:18:52.0693 7040 BDESVC - ok
12:18:52.0742 7040 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:18:52.0833 7040 Beep - ok
12:18:52.0909 7040 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:18:53.0013 7040 BFE - ok
12:18:53.0055 7040 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:18:53.0118 7040 BITS - ok
12:18:53.0145 7040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:18:53.0195 7040 blbdrive - ok
12:18:53.0290 7040 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:18:53.0314 7040 Bonjour Service - ok
12:18:53.0369 7040 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:18:53.0422 7040 bowser - ok
12:18:53.0471 7040 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:18:53.0533 7040 BrFiltLo - ok
12:18:53.0558 7040 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:18:53.0579 7040 BrFiltUp - ok
12:18:53.0600 7040 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:18:53.0643 7040 BridgeMP - ok
12:18:53.0690 7040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:18:53.0723 7040 Browser - ok
12:18:53.0738 7040 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:18:53.0826 7040 Brserid - ok
12:18:53.0847 7040 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:18:53.0896 7040 BrSerWdm - ok
12:18:53.0921 7040 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:18:53.0967 7040 BrUsbMdm - ok
12:18:53.0995 7040 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:18:54.0026 7040 BrUsbSer - ok
12:18:54.0039 7040 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:18:54.0079 7040 BTHMODEM - ok
12:18:54.0115 7040 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:18:54.0204 7040 bthserv - ok
12:18:54.0235 7040 catchme - ok
12:18:54.0271 7040 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:18:54.0346 7040 cdfs - ok
12:18:54.0429 7040 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:18:54.0511 7040 cdrom - ok
12:18:54.0583 7040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:18:54.0670 7040 CertPropSvc - ok
12:18:54.0761 7040 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
12:18:54.0787 7040 cfwids - ok
12:18:54.0828 7040 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:18:54.0865 7040 circlass - ok
12:18:54.0891 7040 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:18:54.0915 7040 CLFS - ok
12:18:54.0934 7040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:18:54.0952 7040 clr_optimization_v2.0.50727_32 - ok
12:18:55.0018 7040 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:18:55.0044 7040 clr_optimization_v2.0.50727_64 - ok
12:18:55.0144 7040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:18:55.0173 7040 clr_optimization_v4.0.30319_32 - ok
12:18:55.0216 7040 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:18:55.0244 7040 clr_optimization_v4.0.30319_64 - ok
12:18:55.0270 7040 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:18:55.0321 7040 CmBatt - ok
12:18:55.0354 7040 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:18:55.0384 7040 cmdide - ok
12:18:55.0436 7040 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:18:55.0492 7040 CNG - ok
12:18:55.0536 7040 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:18:55.0567 7040 Compbatt - ok
12:18:55.0615 7040 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:18:55.0673 7040 CompositeBus - ok
12:18:55.0695 7040 COMSysApp - ok
12:18:55.0714 7040 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:18:55.0733 7040 crcdisk - ok
12:18:55.0783 7040 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:18:55.0816 7040 CryptSvc - ok
12:18:55.0862 7040 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:18:55.0934 7040 CtClsFlt - ok
12:18:56.0014 7040 [ 7F61FBE259C18666D8DDF862F13A5EB0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
12:18:56.0040 7040 dc3d - ok
12:18:56.0107 7040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:18:56.0160 7040 DcomLaunch - ok
12:18:56.0197 7040 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:18:56.0288 7040 defragsvc - ok
12:18:56.0324 7040 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:18:56.0404 7040 DfsC - ok
12:18:56.0478 7040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:18:56.0537 7040 Dhcp - ok
12:18:56.0569 7040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:18:56.0626 7040 discache - ok
12:18:56.0648 7040 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:18:56.0671 7040 Disk - ok
12:18:56.0717 7040 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:18:56.0776 7040 Dnscache - ok
12:18:56.0860 7040 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:18:56.0884 7040 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
12:18:56.0884 7040 DockLoginService - detected UnsignedFile.Multi.Generic (1)
12:18:56.0932 7040 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:18:57.0009 7040 dot3svc - ok
12:18:57.0049 7040 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:18:57.0129 7040 DPS - ok
12:18:57.0172 7040 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:18:57.0246 7040 drmkaud - ok
12:18:57.0303 7040 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:18:57.0372 7040 DXGKrnl - ok
12:18:57.0409 7040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:18:57.0492 7040 EapHost - ok
12:18:57.0600 7040 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:18:57.0744 7040 ebdrv - ok
12:18:57.0784 7040 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:18:57.0818 7040 EFS - ok
12:18:57.0884 7040 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:18:57.0991 7040 ehRecvr - ok
12:18:58.0019 7040 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:18:58.0101 7040 ehSched - ok
12:18:58.0145 7040 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:18:58.0199 7040 elxstor - ok
12:18:58.0262 7040 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:18:58.0313 7040 ErrDev - ok
12:18:58.0384 7040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:18:58.0478 7040 EventSystem - ok
12:18:58.0510 7040 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:18:58.0595 7040 exfat - ok
12:18:58.0645 7040 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
12:18:58.0674 7040 FACAP - ok
12:18:58.0761 7040 [ 935867267A37317E5C1089019E1851B8 ] FAService c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
12:18:58.0813 7040 FAService - ok
12:18:58.0827 7040 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:18:58.0873 7040 fastfat - ok
12:18:58.0934 7040 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:18:59.0031 7040 Fax - ok
12:18:59.0062 7040 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:18:59.0119 7040 fdc - ok
12:18:59.0168 7040 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:18:59.0229 7040 fdPHost - ok
12:18:59.0239 7040 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:18:59.0314 7040 FDResPub - ok
12:18:59.0345 7040 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:18:59.0363 7040 FileInfo - ok
12:18:59.0380 7040 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:18:59.0451 7040 Filetrace - ok
12:18:59.0470 7040 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:18:59.0491 7040 flpydisk - ok
12:18:59.0533 7040 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:18:59.0556 7040 FltMgr - ok
12:18:59.0621 7040 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:18:59.0698 7040 FontCache - ok
12:18:59.0757 7040 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:18:59.0783 7040 FontCache3.0.0.0 - ok
12:18:59.0811 7040 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:18:59.0842 7040 FsDepends - ok
12:18:59.0885 7040 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:18:59.0915 7040 Fs_Rec - ok
12:18:59.0973 7040 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:19:00.0015 7040 fvevol - ok
12:19:00.0035 7040 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:19:00.0055 7040 gagp30kx - ok
12:19:00.0112 7040 [ 1FDA0DF739234C4023851A282DD28704 ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
12:19:00.0140 7040 GameConsoleService - ok
12:19:00.0192 7040 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:19:00.0216 7040 GEARAspiWDM - ok
12:19:00.0244 7040 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:19:00.0265 7040 GoToAssist - ok
12:19:00.0324 7040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:19:00.0431 7040 gpsvc - ok
12:19:00.0587 7040 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:00.0612 7040 gupdate - ok
12:19:00.0641 7040 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:00.0655 7040 gupdatem - ok
12:19:00.0704 7040 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:19:00.0734 7040 gusvc - ok
12:19:00.0775 7040 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:19:00.0835 7040 hcw85cir - ok
12:19:00.0885 7040 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:19:00.0935 7040 HDAudBus - ok
12:19:00.0977 7040 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:19:01.0031 7040 HidBatt - ok
12:19:01.0058 7040 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:19:01.0140 7040 HidBth - ok
12:19:01.0179 7040 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:19:01.0205 7040 HidIr - ok
12:19:01.0237 7040 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:19:01.0304 7040 hidserv - ok
12:19:01.0376 7040 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:19:01.0398 7040 HidUsb - ok
12:19:01.0470 7040 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
12:19:01.0489 7040 HipShieldK - ok
12:19:01.0531 7040 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:19:01.0622 7040 hkmsvc - ok
12:19:01.0658 7040 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:19:01.0725 7040 HomeGroupListener - ok
12:19:01.0776 7040 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:19:01.0837 7040 HomeGroupProvider - ok
12:19:01.0888 7040 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:19:01.0917 7040 HpSAMD - ok
12:19:01.0984 7040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:19:02.0097 7040 HTTP - ok
12:19:02.0131 7040 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:19:02.0147 7040 hwpolicy - ok
12:19:02.0198 7040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:19:02.0233 7040 i8042prt - ok
12:19:02.0311 7040 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:19:02.0339 7040 IAANTMON - ok
12:19:02.0366 7040 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:19:02.0385 7040 iaStor - ok
12:19:02.0455 7040 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:19:02.0491 7040 iaStorV - ok
12:19:02.0562 7040 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:19:02.0628 7040 idsvc - ok
12:19:02.0828 7040 [ BABD5F9B2BCC82CE556A0BAF1AE208A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:19:03.0000 7040 igfx - ok
12:19:03.0030 7040 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:19:03.0048 7040 iirsp - ok
12:19:03.0112 7040 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:19:03.0237 7040 IKEEXT - ok
12:19:03.0278 7040 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:19:03.0301 7040 intelide - ok
12:19:03.0356 7040 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:19:03.0417 7040 intelppm - ok
12:19:03.0484 7040 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:19:03.0574 7040 IPBusEnum - ok
12:19:03.0638 7040 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:19:03.0699 7040 IpFilterDriver - ok
12:19:03.0754 7040 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:19:03.0844 7040 iphlpsvc - ok
12:19:03.0886 7040 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:19:03.0939 7040 IPMIDRV - ok
12:19:03.0981 7040 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:19:04.0064 7040 IPNAT - ok
12:19:04.0161 7040 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:19:04.0227 7040 iPod Service - ok
12:19:04.0254 7040 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:19:04.0346 7040 IRENUM - ok
12:19:04.0383 7040 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:19:04.0409 7040 isapnp - ok
12:19:04.0446 7040 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:19:04.0484 7040 iScsiPrt - ok
12:19:04.0518 7040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:19:04.0546 7040 kbdclass - ok
12:19:04.0599 7040 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:19:04.0648 7040 kbdhid - ok
12:19:04.0674 7040 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:19:04.0706 7040 KeyIso - ok
12:19:04.0747 7040 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:19:04.0775 7040 KSecDD - ok
12:19:04.0813 7040 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:19:04.0845 7040 KSecPkg - ok
12:19:04.0894 7040 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:19:04.0981 7040 ksthunk - ok
12:19:05.0025 7040 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:19:05.0086 7040 KtmRm - ok
12:19:05.0165 7040 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:19:05.0254 7040 LanmanServer - ok
12:19:05.0310 7040 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:19:05.0376 7040 LanmanWorkstation - ok
12:19:05.0421 7040 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:19:05.0505 7040 lltdio - ok
12:19:05.0558 7040 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:19:05.0650 7040 lltdsvc - ok
12:19:05.0671 7040 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:19:05.0715 7040 lmhosts - ok
12:19:05.0749 7040 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:19:05.0780 7040 LSI_FC - ok
12:19:05.0822 7040 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:19:05.0850 7040 LSI_SAS - ok
12:19:05.0871 7040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:19:05.0889 7040 LSI_SAS2 - ok
12:19:05.0908 7040 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:19:05.0928 7040 LSI_SCSI - ok
12:19:05.0958 7040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:19:06.0042 7040 luafv - ok
12:19:06.0146 7040 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:19:06.0175 7040 MBAMProtector - ok
12:19:06.0268 7040 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:19:06.0300 7040 MBAMScheduler - ok
12:19:06.0335 7040 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:19:06.0359 7040 MBAMService - ok
12:19:06.0468 7040 [ C121367D21599367F2ADB9C11B7BABAA ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:06.0497 7040 McMPFSvc - ok
12:19:06.0523 7040 [ C121367D21599367F2ADB9C11B7BABAA ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:06.0553 7040 mcmscsvc - ok
12:19:06.0590 7040 [ C121367D21599367F2ADB9C11B7BABAA ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:06.0618 7040 McNaiAnn - ok
12:19:06.0633 7040 [ C121367D21599367F2ADB9C11B7BABAA ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:06.0650 7040 McNASvc - ok
12:19:06.0730 7040 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
12:19:06.0766 7040 McODS - ok
12:19:06.0821 7040 [ C121367D21599367F2ADB9C11B7BABAA ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:06.0849 7040 McProxy - ok
12:19:06.0960 7040 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:19:06.0990 7040 McShield - ok
12:19:07.0038 7040 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:19:07.0087 7040 Mcx2Svc - ok
12:19:07.0127 7040 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:19:07.0153 7040 megasas - ok
12:19:07.0176 7040 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:19:07.0201 7040 MegaSR - ok
12:19:07.0290 7040 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
12:19:07.0316 7040 mfeapfk - ok
12:19:07.0358 7040 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:19:07.0383 7040 mfeavfk - ok
12:19:07.0397 7040 mfeavfk01 - ok
12:19:07.0457 7040 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:19:07.0488 7040 mfefire - ok
12:19:07.0563 7040 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
12:19:07.0594 7040 mfefirek - ok
12:19:07.0677 7040 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:19:07.0715 7040 mfehidk - ok
12:19:07.0782 7040 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
12:19:07.0808 7040 mferkdet - ok
12:19:07.0874 7040 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
12:19:07.0903 7040 mfevtp - ok
12:19:07.0932 7040 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
12:19:07.0952 7040 mfewfpk - ok
12:19:07.0979 7040 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:19:08.0054 7040 MMCSS - ok
12:19:08.0074 7040 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:19:08.0147 7040 Modem - ok
12:19:08.0195 7040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:19:08.0257 7040 monitor - ok
12:19:08.0325 7040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:19:08.0355 7040 mouclass - ok
12:19:08.0382 7040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:19:08.0450 7040 mouhid - ok
12:19:08.0495 7040 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:19:08.0527 7040 mountmgr - ok
12:19:08.0578 7040 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:19:08.0608 7040 mpio - ok
12:19:08.0632 7040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:19:08.0676 7040 mpsdrv - ok
12:19:08.0738 7040 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:19:08.0854 7040 MpsSvc - ok
12:19:08.0900 7040 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:19:08.0962 7040 MRxDAV - ok
12:19:09.0008 7040 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:19:09.0084 7040 mrxsmb - ok
12:19:09.0130 7040 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:19:09.0189 7040 mrxsmb10 - ok
12:19:09.0219 7040 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:19:09.0239 7040 mrxsmb20 - ok
12:19:09.0283 7040 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:19:09.0315 7040 msahci - ok
12:19:09.0370 7040 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:19:09.0404 7040 msdsm - ok
12:19:09.0426 7040 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:19:09.0482 7040 MSDTC - ok
12:19:09.0520 7040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:19:09.0579 7040 Msfs - ok
12:19:09.0594 7040 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:19:09.0686 7040 mshidkmdf - ok
12:19:09.0726 7040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:19:09.0744 7040 msisadrv - ok
12:19:09.0785 7040 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:19:09.0849 7040 MSiSCSI - ok
12:19:09.0855 7040 msiserver - ok
12:19:09.0890 7040 [ C121367D21599367F2ADB9C11B7BABAA ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:09.0919 7040 MSK80Service - ok
12:19:09.0951 7040 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:19:10.0006 7040 MSKSSRV - ok
12:19:10.0015 7040 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:19:10.0091 7040 MSPCLOCK - ok
12:19:10.0117 7040 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:19:10.0186 7040 MSPQM - ok
12:19:10.0222 7040 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:19:10.0258 7040 MsRPC - ok
12:19:10.0304 7040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:19:10.0326 7040 mssmbios - ok
12:19:10.0347 7040 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:19:10.0389 7040 MSTEE - ok
12:19:10.0403 7040 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:19:10.0423 7040 MTConfig - ok
12:19:10.0441 7040 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:19:10.0460 7040 Mup - ok
12:19:10.0512 7040 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:19:10.0604 7040 napagent - ok
12:19:10.0660 7040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:19:10.0720 7040 NativeWifiP - ok
12:19:10.0803 7040 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:19:10.0841 7040 NDIS - ok
12:19:10.0881 7040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:19:10.0936 7040 NdisCap - ok
12:19:10.0954 7040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:19:10.0998 7040 NdisTapi - ok
12:19:11.0093 7040 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:19:11.0145 7040 Ndisuio - ok
12:19:11.0192 7040 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:19:11.0282 7040 NdisWan - ok
12:19:11.0314 7040 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:19:11.0355 7040 NDProxy - ok
12:19:11.0400 7040 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:19:11.0478 7040 NetBIOS - ok
12:19:11.0518 7040 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:19:11.0571 7040 NetBT - ok
12:19:11.0586 7040 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:19:11.0604 7040 Netlogon - ok
12:19:11.0643 7040 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:19:11.0736 7040 Netman - ok
12:19:11.0772 7040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:19:11.0836 7040 netprofm - ok
12:19:11.0862 7040 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:19:11.0883 7040 NetTcpPortSharing - ok
12:19:11.0920 7040 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:19:11.0953 7040 nfrd960 - ok
12:19:12.0007 7040 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:19:12.0095 7040 NlaSvc - ok
12:19:12.0122 7040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:19:12.0178 7040 Npfs - ok
12:19:12.0193 7040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:19:12.0237 7040 nsi - ok
12:19:12.0253 7040 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:19:12.0332 7040 nsiproxy - ok
12:19:12.0411 7040 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:19:12.0490 7040 Ntfs - ok
12:19:12.0560 7040 [ 9924BDC1882F8C92335E26483BD1FB24 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
12:19:12.0584 7040 NuidFltr - ok
12:19:12.0606 7040 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:19:12.0647 7040 Null - ok
12:19:12.0672 7040 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:19:12.0700 7040 nvraid - ok
12:19:12.0732 7040 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:19:12.0760 7040 nvstor - ok
12:19:12.0798 7040 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:19:12.0828 7040 nv_agp - ok
12:19:12.0941 7040 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:19:12.0974 7040 odserv - ok
12:19:13.0019 7040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:19:13.0049 7040 ohci1394 - ok
12:19:13.0081 7040 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:19:13.0098 7040 ose - ok
12:19:13.0136 7040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:19:13.0224 7040 p2pimsvc - ok
12:19:13.0248 7040 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:19:13.0322 7040 p2psvc - ok
12:19:13.0366 7040 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:19:13.0398 7040 Parport - ok
12:19:13.0465 7040 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:19:13.0495 7040 partmgr - ok
12:19:13.0526 7040 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:19:13.0586 7040 PcaSvc - ok
12:19:13.0618 7040 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:19:13.0649 7040 pci - ok
12:19:13.0693 7040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:19:13.0723 7040 pciide - ok
12:19:13.0753 7040 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:19:13.0785 7040 pcmcia - ok
12:19:13.0809 7040 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:19:13.0833 7040 pcw - ok
12:19:13.0864 7040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:19:13.0938 7040 PEAUTH - ok
12:19:14.0004 7040 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:19:14.0057 7040 PerfHost - ok
12:19:14.0131 7040 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:19:14.0240 7040 pla - ok
12:19:14.0315 7040 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:19:14.0392 7040 PlugPlay - ok
12:19:14.0407 7040 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:19:14.0464 7040 PNRPAutoReg - ok
12:19:14.0498 7040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:19:14.0520 7040 PNRPsvc - ok
12:19:14.0559 7040 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
12:19:14.0574 7040 Point64 - ok
12:19:14.0631 7040 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:19:14.0729 7040 PolicyAgent - ok
12:19:14.0771 7040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:19:14.0858 7040 Power - ok
12:19:14.0906 7040 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:19:14.0987 7040 PptpMiniport - ok
12:19:15.0026 7040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:19:15.0084 7040 Processor - ok
12:19:15.0132 7040 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:19:15.0184 7040 ProfSvc - ok
12:19:15.0205 7040 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:19:15.0224 7040 ProtectedStorage - ok
12:19:15.0276 7040 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:19:15.0362 7040 Psched - ok
12:19:15.0396 7040 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:19:15.0411 7040 PxHlpa64 - ok
12:19:15.0472 7040 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:19:15.0566 7040 ql2300 - ok
12:19:15.0599 7040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:19:15.0628 7040 ql40xx - ok
12:19:15.0656 7040 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:19:15.0704 7040 QWAVE - ok
12:19:15.0751 7040 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:19:15.0810 7040 QWAVEdrv - ok
12:19:15.0837 7040 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:19:15.0879 7040 RasAcd - ok
12:19:15.0925 7040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:19:15.0978 7040 RasAgileVpn - ok
12:19:16.0021 7040 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:19:16.0119 7040 RasAuto - ok
12:19:16.0162 7040 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:19:16.0238 7040 Rasl2tp - ok
12:19:16.0274 7040 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:19:16.0348 7040 RasMan - ok
12:19:16.0377 7040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:19:16.0430 7040 RasPppoe - ok
12:19:16.0449 7040 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:19:16.0515 7040 RasSstp - ok
12:19:16.0584 7040 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:19:16.0676 7040 rdbss - ok
12:19:16.0700 7040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:19:16.0762 7040 rdpbus - ok
12:19:16.0793 7040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:19:16.0875 7040 RDPCDD - ok
12:19:16.0914 7040 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:19:16.0992 7040 RDPENCDD - ok
12:19:17.0026 7040 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:19:17.0068 7040 RDPREFMP - ok
12:19:17.0114 7040 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:19:17.0168 7040 RDPWD - ok
12:19:17.0229 7040 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:19:17.0266 7040 rdyboost - ok
12:19:17.0306 7040 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:19:17.0385 7040 RemoteAccess - ok
12:19:17.0404 7040 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:19:17.0477 7040 RemoteRegistry - ok
12:19:17.0509 7040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:19:17.0592 7040 RpcEptMapper - ok
12:19:17.0618 7040 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:19:17.0638 7040 RpcLocator - ok
12:19:17.0697 7040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
12:19:17.0754 7040 RpcSs - ok
12:19:17.0793 7040 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:19:17.0836 7040 rspndr - ok
12:19:17.0870 7040 [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:19:17.0915 7040 RSUSBSTOR - ok
12:19:17.0935 7040 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:19:17.0953 7040 SamSs - ok
12:19:18.0039 7040 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:19:18.0063 7040 SASDIFSV - ok
12:19:18.0087 7040 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:19:18.0110 7040 SASKUTIL - ok
12:19:18.0159 7040 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:19:18.0192 7040 sbp2port - ok
12:19:18.0226 7040 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:19:18.0287 7040 SCardSvr - ok
12:19:18.0322 7040 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:19:18.0412 7040 scfilter - ok
12:19:18.0473 7040 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:19:18.0564 7040 Schedule - ok
12:19:18.0628 7040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:19:18.0678 7040 SCPolicySvc - ok
12:19:18.0703 7040 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:19:18.0787 7040 SDRSVC - ok
12:19:18.0827 7040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:19:18.0911 7040 secdrv - ok
12:19:18.0956 7040 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:19:19.0032 7040 seclogon - ok
12:19:19.0069 7040 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:19:19.0125 7040 SENS - ok
12:19:19.0145 7040 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:19:19.0225 7040 SensrSvc - ok
12:19:19.0257 7040 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:19:19.0311 7040 Serenum - ok
12:19:19.0336 7040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:19:19.0367 7040 Serial - ok
12:19:19.0410 7040 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:19:19.0459 7040 sermouse - ok
12:19:19.0505 7040 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:19:19.0593 7040 SessionEnv - ok
12:19:19.0631 7040 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:19:19.0683 7040 sffdisk - ok
12:19:19.0717 7040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:19:19.0767 7040 sffp_mmc - ok
12:19:19.0800 7040 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:19:19.0830 7040 sffp_sd - ok
12:19:19.0859 7040 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:19:19.0879 7040 sfloppy - ok
12:19:19.0981 7040 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:19:20.0027 7040 SftService - ok
12:19:20.0075 7040 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:19:20.0123 7040 SharedAccess - ok

 

[kathywms]

12:19:20.0173 7040 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:19:20.0234 7040 ShellHWDetection - ok
12:19:20.0252 7040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:19:20.0271 7040 SiSRaid2 - ok
12:19:20.0295 7040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:19:20.0314 7040 SiSRaid4 - ok
12:19:20.0466 7040 [ 2A99850C2A6EDD6C6602E822C716EDAF ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:19:20.0531 7040 Skype C2C Service - ok
12:19:20.0561 7040 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:19:20.0623 7040 Smb - ok
12:19:20.0661 7040 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:19:20.0721 7040 SNMPTRAP - ok
12:19:20.0763 7040 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:19:20.0790 7040 spldr - ok
12:19:20.0840 7040 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:19:20.0878 7040 Spooler - ok
12:19:20.0996 7040 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:19:21.0161 7040 sppsvc - ok
12:19:21.0201 7040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:19:21.0284 7040 sppuinotify - ok
12:19:21.0345 7040 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
12:19:21.0372 7040 sprtsvc_DellSupportCenter - ok
12:19:21.0428 7040 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:19:21.0504 7040 srv - ok
12:19:21.0534 7040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:19:21.0570 7040 srv2 - ok
12:19:21.0597 7040 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:19:21.0620 7040 srvnet - ok
12:19:21.0657 7040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:19:21.0735 7040 SSDPSRV - ok
12:19:21.0769 7040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:19:21.0826 7040 SstpSvc - ok
12:19:21.0944 7040 [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
12:19:21.0990 7040 STacSV - ok
12:19:22.0019 7040 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:19:22.0050 7040 stexstor - ok
12:19:22.0088 7040 [ 02E784FA49032F84964DB90A3ED81890 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:19:22.0128 7040 STHDA - ok
12:19:22.0195 7040 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:19:22.0267 7040 stisvc - ok
12:19:22.0310 7040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:19:22.0339 7040 swenum - ok
12:19:22.0372 7040 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:19:22.0483 7040 swprv - ok
12:19:22.0527 7040 [ 3178B56219E0E4FB5F95299E49B83B44 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:19:22.0558 7040 SynTP - ok
12:19:22.0639 7040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:19:22.0780 7040 SysMain - ok
12:19:22.0827 7040 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:19:22.0864 7040 TabletInputService - ok
12:19:22.0892 7040 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:19:22.0936 7040 TapiSrv - ok
12:19:22.0969 7040 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:19:23.0049 7040 TBS - ok
12:19:23.0131 7040 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:19:23.0225 7040 Tcpip - ok
12:19:23.0306 7040 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:19:23.0359 7040 TCPIP6 - ok
12:19:23.0423 7040 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:19:23.0502 7040 tcpipreg - ok
12:19:23.0545 7040 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:19:23.0618 7040 TDPIPE - ok
12:19:23.0663 7040 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:19:23.0717 7040 TDTCP - ok
12:19:23.0767 7040 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:19:23.0827 7040 tdx - ok
12:19:23.0869 7040 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:19:23.0898 7040 TermDD - ok
12:19:23.0956 7040 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:19:24.0014 7040 TermService - ok
12:19:24.0047 7040 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:19:24.0114 7040 Themes - ok
12:19:24.0157 7040 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:19:24.0220 7040 THREADORDER - ok
12:19:24.0240 7040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:19:24.0318 7040 TrkWks - ok
12:19:24.0394 7040 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:19:24.0483 7040 TrustedInstaller - ok
12:19:24.0516 7040 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:19:24.0590 7040 tssecsrv - ok
12:19:24.0648 7040 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:19:24.0693 7040 TsUsbFlt - ok
12:19:24.0769 7040 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:19:24.0847 7040 tunnel - ok
12:19:24.0894 7040 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:19:24.0924 7040 uagp35 - ok
12:19:24.0965 7040 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:19:25.0044 7040 udfs - ok
12:19:25.0087 7040 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:19:25.0141 7040 UI0Detect - ok
12:19:25.0184 7040 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:19:25.0215 7040 uliagpkx - ok
12:19:25.0277 7040 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:19:25.0336 7040 umbus - ok
12:19:25.0381 7040 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:19:25.0433 7040 UmPass - ok
12:19:25.0481 7040 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:19:25.0547 7040 upnphost - ok
12:19:25.0610 7040 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:19:25.0648 7040 USBAAPL64 - ok
12:19:25.0688 7040 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:19:25.0740 7040 usbccgp - ok
12:19:25.0788 7040 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:19:25.0826 7040 usbcir - ok
12:19:25.0847 7040 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:19:25.0865 7040 usbehci - ok
12:19:25.0910 7040 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:19:25.0962 7040 usbhub - ok
12:19:25.0998 7040 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:19:26.0051 7040 usbohci - ok
12:19:26.0105 7040 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:19:26.0167 7040 usbprint - ok
12:19:26.0231 7040 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:19:26.0285 7040 usbscan - ok
12:19:26.0325 7040 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
12:19:26.0388 7040 USBSTOR - ok
12:19:26.0405 7040 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:19:26.0451 7040 usbuhci - ok
12:19:26.0503 7040 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:19:26.0543 7040 usbvideo - ok
12:19:26.0570 7040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:19:26.0655 7040 UxSms - ok
12:19:26.0685 7040 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:19:26.0712 7040 VaultSvc - ok
12:19:26.0766 7040 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:19:26.0796 7040 vdrvroot - ok
12:19:26.0851 7040 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:19:26.0950 7040 vds - ok
12:19:26.0995 7040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:19:27.0029 7040 vga - ok
12:19:27.0054 7040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:19:27.0135 7040 VgaSave - ok
12:19:27.0174 7040 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:19:27.0207 7040 vhdmp - ok
12:19:27.0249 7040 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:19:27.0279 7040 viaide - ok
12:19:27.0308 7040 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:19:27.0326 7040 volmgr - ok
12:19:27.0368 7040 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:19:27.0409 7040 volmgrx - ok
12:19:27.0436 7040 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:19:27.0473 7040 volsnap - ok
12:19:27.0513 7040 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:19:27.0541 7040 vsmraid - ok
12:19:27.0618 7040 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:19:27.0696 7040 VSS - ok
12:19:27.0724 7040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:19:27.0746 7040 vwifibus - ok
12:19:27.0770 7040 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:19:27.0827 7040 vwififlt - ok
12:19:27.0870 7040 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:19:27.0926 7040 vwifimp - ok
12:19:27.0978 7040 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:19:28.0040 7040 W32Time - ok
12:19:28.0064 7040 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:19:28.0083 7040 WacomPen - ok
12:19:28.0148 7040 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:19:28.0219 7040 WANARP - ok
12:19:28.0249 7040 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:19:28.0302 7040 Wanarpv6 - ok
12:19:28.0371 7040 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:19:28.0447 7040 WatAdminSvc - ok
12:19:28.0509 7040 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:19:28.0639 7040 wbengine - ok
12:19:28.0672 7040 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:19:28.0711 7040 WbioSrvc - ok
12:19:28.0760 7040 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:19:28.0827 7040 wcncsvc - ok
12:19:28.0840 7040 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:19:28.0873 7040 WcsPlugInService - ok
12:19:28.0897 7040 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:19:28.0915 7040 Wd - ok
12:19:28.0952 7040 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:19:29.0008 7040 Wdf01000 - ok
12:19:29.0024 7040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:19:29.0113 7040 WdiServiceHost - ok
12:19:29.0123 7040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:19:29.0148 7040 WdiSystemHost - ok
12:19:29.0200 7040 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:19:29.0263 7040 WebClient - ok
12:19:29.0326 7040 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:19:29.0414 7040 Wecsvc - ok
12:19:29.0432 7040 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:19:29.0478 7040 wercplsupport - ok
12:19:29.0508 7040 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:19:29.0566 7040 WerSvc - ok
12:19:29.0593 7040 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:19:29.0635 7040 WfpLwf - ok
12:19:29.0678 7040 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:19:29.0711 7040 WimFltr - ok
12:19:29.0740 7040 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:19:29.0758 7040 WIMMount - ok
12:19:29.0775 7040 WinDefend - ok
12:19:29.0782 7040 WinHttpAutoProxySvc - ok
12:19:29.0832 7040 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:19:29.0895 7040 Winmgmt - ok
12:19:29.0980 7040 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:19:30.0124 7040 WinRM - ok
12:19:30.0219 7040 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:19:30.0288 7040 WinUsb - ok
12:19:30.0394 7040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:19:30.0460 7040 Wlansvc - ok
12:19:30.0494 7040 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
12:19:30.0499 7040 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
12:19:30.0499 7040 wltrysvc - detected UnsignedFile.Multi.Generic (1)
12:19:30.0562 7040 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:19:30.0618 7040 WmiAcpi - ok
12:19:30.0658 7040 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:19:30.0720 7040 wmiApSrv - ok
12:19:30.0753 7040 WMPNetworkSvc - ok
12:19:30.0773 7040 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:19:30.0819 7040 WPCSvc - ok
12:19:30.0869 7040 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:19:30.0934 7040 WPDBusEnum - ok
12:19:30.0967 7040 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:19:31.0048 7040 ws2ifsl - ok
12:19:31.0089 7040 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:19:31.0145 7040 wscsvc - ok
12:19:31.0151 7040 WSearch - ok
12:19:31.0242 7040 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:19:31.0349 7040 wuauserv - ok
12:19:31.0404 7040 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:19:31.0484 7040 WudfPf - ok
12:19:31.0522 7040 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:19:31.0601 7040 WUDFRd - ok
12:19:31.0640 7040 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:19:31.0695 7040 wudfsvc - ok
12:19:31.0723 7040 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:19:31.0792 7040 WwanSvc - ok
12:19:31.0923 7040 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:19:31.0975 7040 YahooAUService - ok
12:19:32.0020 7040 [ 79D9CE9614C955DD31AA2556B4014662 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:19:32.0113 7040 yukonw7 - ok
12:19:32.0128 7040 ================ Scan global ===============================
12:19:32.0147 7040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:19:32.0194 7040 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:19:32.0211 7040 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:19:32.0249 7040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:19:32.0285 7040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:19:32.0292 7040 [Global] - ok
12:19:32.0292 7040 ================ Scan MBR ==================================
12:19:32.0312 7040 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:19:32.0711 7040 \Device\Harddisk0\DR0 - ok
12:19:32.0712 7040 ================ Scan VBR ==================================
12:19:32.0717 7040 [ ABA911CC44F1D1796625F94942EDBC80 ] \Device\Harddisk0\DR0\Partition1
12:19:32.0720 7040 \Device\Harddisk0\DR0\Partition1 - ok
12:19:32.0757 7040 [ D28258D98B58D306FEA01AB94DB7A461 ] \Device\Harddisk0\DR0\Partition2
12:19:32.0760 7040 \Device\Harddisk0\DR0\Partition2 - ok
12:19:32.0760 7040 ============================================================
12:19:32.0761 7040 Scan finished
12:19:32.0761 7040 ============================================================
12:19:32.0778 2860 Detected object count: 2
12:19:32.0778 2860 Actual detected object count: 2
12:20:17.0373 2860 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:17.0373 2860 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:20:17.0373 2860 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:17.0373 2860 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

 

[kathywms]

ESET Online Scanner... No Threats found.

 

[kathywms]

DMJ,
Do I need to provide anything else?

 

[Jay Pfoutz]

Hi there. It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
• Select System
• On the left select Advance System Settings and accept the warning if you get one
• Select System Protection Tab
• Select Create at the bottom
• Type in a name I.e. Clean
• Select Create

Now we can purge the infected ones

• Go back to the System and Maintenance page
• Select Performance Information and Tools
• On the left select Open Disk Cleanup
• Select Files from all users and accept the warning if you get one
• In the drop down box select your main drive I.e. C
• For a few moments the system will make some calculations:
  
  
• Select the More Options tab
  
  
• In the System Restore and Shadow Backups select Clean up
  
  
• Select Delete on the pop up
• Select OK
• Select Delete

Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

• Save it to your Desktop.
• Double click OTC.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note:If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Download CCleaner Slim and save it to your Desktop - Alternate download link

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.

* Double-click the CCleaner shortcut on the desktop to start the program.
* Click on the Options block on the left, then choose Cookies.
* Under Cookies to Delete, highlight any cookies you would like to retain permanently
* Click the right arrow > to move them to the Cookies to Keep window.
* Go into Options > Advanced & uncheck Only delete files in Windows Temp folders older than 48 hours
* Click Cleaner on the left then Run Cleaner on the right to run the program.
* Important: Make sure that ALL browser windows are closed before selecting Run Cleaner

Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

[kathywms]

Thank you so much for all your help. The system, especially IE is much more responsive now. I have performed the above steps successfully.

 

[Jay Pfoutz]

Okay good. Now, please post the log from the last step, Security Check. Then, I can get you rolling out of here fully secure.

 

[kathywms]

Here it is... Sorry had a bunch of errands today!

Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
Java(TM) 6 Update 35
Java version out of Date!
Adobe Flash Player 11.4.402.287
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (3.6.6) Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

 

[Jay Pfoutz]

That's fine! Below are tips to help you update the programs that are out-of-date in the logs.

Adobe Reader Update!

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.


Firefox update
Firefox is out of date. Firefox is a very popular web browser, and if it is out of date, it is very vulnerable to security bugs, and other holes. To update it now, click Help > About Firefox > Check for Updates.


Java Update!

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

Read more about Java exploit problems


Personal Tips on Preventing Malware

See this page for more info about malware and prevention.


Any other questions before I mark this topic solved?

 

[kathywms]

No more questions. thanks for all your help!

 

[Jay Pfoutz]

You're welcome. Topic marked solved.