Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Malware Infection 5-15-12 HELP!


(!)

TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
15-May-2012, 07:19 PM #1
Malware Infection 5-15-12 HELP!
I am experiencing several unusual symptoms of malware:
1. Search engine redirects.
2. Can't turn on the McAffee Firewall in security center (I try, and it turns on for a second, and then off)
3. It appears that the firewall is on when I look in McAffee Security Scan Plus

I am trying to follow the instructions as best I can, but can't figure out how to upload the attach file from DDS, and believe I am not supposed to post it.

Thanks

Tony

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:15:21 PM, on 5/15/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
C:\Users\Dublino\AppData\Roaming\Spotify\spotify.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Fitbit\fitbit-tray.exe
C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\FATrayMon.exe
C:\Users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\FATrayAlert.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\jre\bin\javaw.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\Microsoft Office10\Office14\OUTLOOK.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Dublino\Downloads\HiJack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430084145.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIDFEA~1\Office14\URLREDIR.DLL
O2 - BHO: SSOIEAddonBHO - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\FAIESSO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Dell V310-V510 Series] "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office10\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\FATrayMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
O4 - HKLM\..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spotify] "C:\Users\Dublino\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Fitbit Service Monitor] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
O4 - HKCU\..\Run: [Amazon Cloud Drive] C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Dropbox.lnk = Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIDFEA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIDFEA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: dleaCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
O23 - Service: dlea_device - - C:\Windows\system32\dleacoms.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\FAService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Fitbit Data Uploader (Fitbit) - Fitbit, Inc. - C:\Program Files (x86)\Fitbit\fitbit.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_af c3018f8cfedd20\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 20617 bytes

Last edited by TonyDublino; 16-May-2012 at 08:52 AM..
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
16-May-2012, 08:17 AM #2
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Dublino at 8:12:34 on 2012-05-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.1780 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_af c3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\spool\DRIVERS\x64\3\dleaserv.exe
C:\Windows\system32\dleacoms.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Fitbit\fitbit.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Users\Dublino\AppData\Roaming\Spotify\spotify.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Fitbit\fitbit-tray.exe
C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\FATrayMon.exe
C:\Users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\FATrayAlert.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\jre\bin\javaw.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Microsoft Office10\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Dublino\AppData\Local\AOL\AIM\aim.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430084145.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIDFEA~1\Office14\URLREDIR.DLL
BHO: Face recognition web login for FastAccess: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files (x86)\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Spotify] "C:\Users\Dublino\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Fitbit Service Monitor] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
uRun: [Amazon Cloud Drive] C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
uRun: [Spotify Web Helper] "C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [FAStartup]
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Dell V310-V510 Series] "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office10\Office14\BCSSync.exe" /DelayServices
mRun: [FATrayAlert] C:\Program Files (x86)\FATrayMon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\Users\Dublino\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup \DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Dublino\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup \Dropbox.lnk - C:\Users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIDFEA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIDFEA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86} : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\052796D656023496761627 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\1466963696F6E61646F637 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\265616E6374716C6B60236F6666656560286F6573756 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\445726C696E6F6 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\B416262616C61686 : DhcpNameServer = 192.168.5.13 10.101.17.21 10.101.17.12
TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\E4544574541425D25374 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{79D6EAF5-68E3-49EF-B9F2-39AEEBB70190} : DhcpNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
LSA: Notification Packages = scecli FAPassSync
BHO-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430084145.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIDFEA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\FAIESSO.dll
BHO-X64: SSOIEAddonBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [FAStartup]
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Dell V310-V510 Series] "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office10\Office14\BCSSync.exe" /DelayServices
mRun-x64: [FATrayAlert] C:\Program Files (x86)\FATrayMon.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun-x64: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
mRun-x64: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 dlea_device;dlea_device;C:\Windows\system32\dleacoms.exe -service --> C:\Windows\system32\dleacoms.exe -service [?]
R2 dleaCATSCustConnectService;dleaCATSCustConnectService;C:\Windows\System32\s pool\DRIVERS\x64\3\dleaserv.exe [2010-7-17 33448]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 FAService;FAService;C:\Program Files (x86)\FAService.exe [2011-4-23 2412728]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\system32\drivers\A powersoft_AudioDevice.sys --> C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 257696]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-4-10 25072]
S3 SIUSBXP;SIUSBXP;C:\Windows\system32\drivers\SiUSBXp.sys --> C:\Windows\system32\drivers\SiUSBXp.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
.
=============== Created Last 30 ================
.
2012-05-12 05:34:57 -------- d-----w- C:\Users\Dublino\AppData\Roaming\McAfee
2012-05-11 19:01:37 -------- d-----w- C:\Users\Dublino\AppData\Roaming\Malwarebytes
2012-05-11 19:01:16 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-11 19:01:12 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-11 19:01:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-11 15:26:33 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-05-11 15:18:57 -------- d-----w- C:\Users\Dublino\AppData\Local\{7A9CFD24-D145-44D6-B0C0-CFA2E2684D9D}
2012-05-11 15:18:32 -------- d-----w- C:\Users\Dublino\AppData\Local\{98FF54FB-665C-46BF-A30E-AFADBEA26340}
2012-05-10 22:38:20 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-10 22:38:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-10 22:38:14 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-10 22:38:11 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-10 22:38:10 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-10 22:38:09 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-10 22:37:58 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-10 22:37:09 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-10 22:37:02 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-10 22:37:02 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 22:37:00 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 22:36:59 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-10 22:36:59 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 12:40:17 -------- d-----w- C:\Users\Dublino\AppData\Local\WinZip
2012-05-02 22:17:56 -------- d-----w- C:\Users\Dublino\AppData\Local\PSFactoryBuffer
2012-05-02 19:15:19 -------- d-----w- C:\Users\Dublino\AppData\Roaming\WinZip
2012-05-02 04:23:38 -------- d-----w- C:\ProgramData\Fitbit
2012-05-02 04:23:10 31976 ----a-w- C:\Windows\System32\drivers\SiLib.sys
2012-05-02 04:23:10 26856 ----a-w- C:\Windows\System32\drivers\SiUSBXp.sys
2012-05-02 04:23:09 -------- d-----w- C:\Program Files (x86)\Fitbit
2012-05-01 14:23:18 -------- d-----w- C:\Users\Dublino\AppData\Local\{EDF2F7FF-1C07-40DD-B636-F26B8720C0E8}
2012-05-01 14:22:44 -------- d-----w- C:\Users\Dublino\AppData\Local\{2AD49F7E-1A1D-48A4-B5CC-8892CF6705E2}
2012-05-01 13:48:05 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A83039D6-E3D3-463C-AC3D-DB3D35E407FF}\mpengine.dll
2012-04-27 13:26:27 -------- d-----w- C:\Users\Dublino\AppData\Roaming\Helios
2012-04-27 13:26:18 -------- d-----w- C:\Program Files (x86)\TextPad 5
2012-04-26 18:21:57 14456 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\mjcriu.dll
2012-04-26 18:21:56 16448 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\kfgresk.dll
2012-04-26 17:56:17 1758720 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\engine_vx.dll
2012-04-26 17:56:17 17472 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\rsaadjd.dll
2012-04-26 17:56:17 17472 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\1eaadjc.dll
2012-04-26 17:56:17 12352 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\peaadje.dll
2012-04-26 17:56:16 29784 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\qwadjb.dll
2012-04-26 17:56:16 18724 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\bass.dll
2012-04-26 17:56:16 105016 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\~DFK2e463352.tmp
2012-04-26 17:43:50 257784 ---ha-w- C:\Windows\SysWow64\BytescoutScreenCapturingFilter.dll
2012-04-26 17:43:50 175864 ---ha-w- C:\Windows\SysWow64\BytescoutVideoMixerFilter.dll
2012-04-26 17:43:47 421624 ---ha-w- C:\Windows\SysWow64\BytescoutScreenCapturing.dll
2012-04-26 17:43:47 29288 ----a-w- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys
2012-04-26 17:43:47 231672 ----a-w- C:\Windows\System32\BytescoutVideoMixerFilter.dll
2012-04-26 17:43:46 65536 ---ha-w- C:\Windows\SysWow64\WebCamLib.dll
2012-04-26 17:43:46 574200 ----a-w- C:\Windows\System32\BytescoutScreenCapturing.dll
2012-04-26 17:43:46 362232 ----a-w- C:\Windows\System32\BytescoutScreenCapturingFilter.dll
2012-04-26 17:43:46 -------- d-----w- C:\Users\Dublino\AppData\Roaming\Apowersoft
2012-04-26 17:43:16 -------- d-----w- C:\Program Files (x86)\Apowersoft
2012-04-25 17:59:06 -------- d-----w- C:\Windows\SysWow64\Dell
2012-04-25 15:50:25 -------- d-----w- C:\ProgramData\Dell V310-V510 Series
2012-04-20 03:03:16 -------- d-----w- C:\Windows\en
2012-04-20 02:58:19 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-04-20 02:54:11 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dcbc613d1cd1ea002\MeshBetaRemover.exe
2012-04-20 02:54:09 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DSETUP.dll
2012-04-20 02:54:09 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DXSETUP.exe
2012-04-20 02:54:09 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\dsetup32.dll
2012-04-20 02:50:41 -------- d-----w- C:\Users\Dublino\AppData\Local\{38DF3340-6F0D-489B-9B55-119FFDC54F1B}
2012-04-20 02:50:17 -------- d-----w- C:\Users\Dublino\AppData\Local\{23660397-3555-4375-AC2A-8CB15EE9C4ED}
2012-04-20 01:51:47 -------- d-----w- C:\Users\Dublino\Pond5_T570643
2012-04-20 01:45:00 -------- d-----w- C:\Users\Dublino\AppData\Local\{E21FCDAE-F314-40FF-82E5-B74547161BF0}
2012-04-20 01:44:48 -------- d-----w- C:\Users\Dublino\AppData\Local\{4DE9CE29-1C2B-49F9-B987-10A040CFA352}
2012-04-19 20:48:15 -------- d-----w- C:\Users\Dublino\AppData\Local\{4CF393FF-63AD-4B9F-BDC1-B51D69874C67}
2012-04-19 20:48:02 -------- d-----w- C:\Users\Dublino\AppData\Local\{5B5057FF-B498-417D-8109-D76C1D152B68}
2012-04-19 14:33:16 -------- d-----w- C:\Users\Dublino\AppData\Local\{794F1E82-DB68-4D2E-89FE-73360CA67797}
2012-04-19 14:32:42 -------- d-----w- C:\Users\Dublino\AppData\Local\{EE4731EC-4A14-40DF-AE4D-7DB0DAFE7B8D}
2012-04-19 14:32:16 -------- d-----w- C:\Users\Dublino\AppData\Local\{1DF9EA22-D942-4FA2-802C-A205836A9C7B}
2012-04-17 18:47:36 -------- d-----w- C:\Users\Dublino\AppData\Local\{662047E7-3290-4B60-AA93-821491AD6767}
2012-04-17 18:46:56 -------- d-----w- C:\Users\Dublino\AppData\Local\{256C0ACE-32D7-4E0C-BC90-AD772E7E53BC}
.
==================== Find3M ====================
.
2012-05-11 15:26:10 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-05 01:32:14 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 01:32:14 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 01:32:05 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-20 17:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-22 17:29:46 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2012-02-22 17:29:46 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-02-22 17:29:46 647208 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2012-02-22 17:29:46 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-02-22 17:29:46 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-02-22 17:29:46 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-02-22 17:29:46 160792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2012-02-22 17:29:46 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-02-22 17:29:46 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2011-04-24 02:20:20 213176 ----a-w- C:\Program Files (x86)\FACons.exe
2011-04-24 02:16:58 582328 ----a-w- C:\Program Files (x86)\FAIESSO.dll
2011-04-24 02:16:56 291000 ----a-w- C:\Program Files (x86)\FAEnrollWiz.exe
2011-04-24 02:16:54 516280 ----a-w- C:\Program Files (x86)\rFAConsU.exe
2011-04-24 02:16:54 516280 ----a-w- C:\Program Files (x86)\rFACons.exe
2011-04-24 02:16:46 57528 ----a-w- C:\Program Files (x86)\FAStartup.exe
2011-04-24 02:16:42 75960 ----a-w- C:\Program Files (x86)\devcon_x64.exe
2011-04-23 23:58:24 32768 ----a-w- C:\Program Files (x86)\FAsvif.dll
2011-04-20 18:54:26 40960 ----a-w- C:\Program Files (x86)\FATrackBarLib.dll
2011-03-14 19:09:02 2044088 ----a-w- C:\Program Files (x86)\FAus.exe
2010-07-09 19:30:44 128328 ----a-w- C:\Program Files (x86)\FAUpdateClient.exe
2010-06-16 14:35:52 25600 ----a-w- C:\Program Files (x86)\FA_Helper.UAC.dll
2009-12-22 16:18:22 2023424 ----a-w- C:\Program Files (x86)\QtCore4.dll
2009-12-08 21:35:40 25928 ----a-w- C:\Program Files (x86)\FAAuG.exe
2009-09-29 07:47:54 7507968 ----a-w- C:\Program Files (x86)\QtGui4.dll
2009-08-16 20:13:36 523 ----a-w- C:\Program Files (x86)\PresetPSPowerPlan_Vista.bat
2009-02-13 23:46:48 895 ----a-w- C:\Program Files (x86)\UpdatePSPowerPlan_Vista.bat
2008-12-11 17:59:16 41 ----a-w- C:\Program Files (x86)\FAstopstart.bat
2006-07-11 22:02:30 1053184 ----a-w- C:\Program Files (x86)\MFC71u.dll
2003-03-19 01:20:00 1060864 ----a-w- C:\Program Files (x86)\MFC71.dll
2003-03-19 01:05:50 89088 ----a-w- C:\Program Files (x86)\atl71.dll
.
============= FINISH: 8:15:53.62 ===============
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
16-May-2012, 08:35 AM #3
I am getting redirected in my browser searches, and can't seem to turn on my McAfee firewall.
I can't determin how to upload my attach file from DDS
Should I just paste it, as it's not that long?

Last edited by TonyDublino; 16-May-2012 at 08:49 AM..
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
16-May-2012, 08:53 AM #4
Attach DDS Log
I finally figured out howto upload the DDS Attach log... here you go!
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,550 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
16-May-2012, 02:16 PM #5
Hiy Tony,

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on to run the application.
  • The "Ready to scan" window will open, Click on "Change parameters"




  • Place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, (Leave "Service & Drivers" and "Boot Sectors" ticked. Click OK.





  • Select "Start Scan"




  • If an infected file is detected, the default action will be Cure, click on Continue.




  • If a suspicious file is detected, the default action will be Skip, click on Continue.




  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.




  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Kevin
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
16-May-2012, 07:55 PM #6
19:38:34.0548 1752 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
19:38:34.0928 1752 ============================================================
19:38:34.0928 1752 Current date / time: 2012/05/16 19:38:34.0928
19:38:34.0928 1752 SystemInfo:
19:38:34.0928 1752
19:38:34.0928 1752 OS Version: 6.1.7601 ServicePack: 1.0
19:38:34.0928 1752 Product type: Workstation
19:38:34.0929 1752 ComputerName: DUBLINO-LAPTOP
19:38:34.0929 1752 UserName: Dublino
19:38:34.0929 1752 Windows directory: C:\Windows
19:38:34.0929 1752 System windows directory: C:\Windows
19:38:34.0929 1752 Running under WOW64
19:38:34.0929 1752 Processor architecture: Intel x64
19:38:34.0929 1752 Number of processors: 2
19:38:34.0929 1752 Page size: 0x1000
19:38:34.0929 1752 Boot type: Normal boot
19:38:34.0929 1752 ============================================================
19:38:37.0926 1752 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:38:37.0937 1752 ============================================================
19:38:37.0938 1752 \Device\Harddisk0\DR0:
19:38:37.0938 1752 MBR partitions:
19:38:37.0938 1752 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
19:38:37.0938 1752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
19:38:37.0938 1752 ============================================================
19:38:37.0984 1752 C: <-> \Device\Harddisk0\DR0\Partition1
19:38:37.0984 1752 ============================================================
19:38:37.0984 1752 Initialize success
19:38:37.0984 1752 ============================================================
19:38:41.0401 3700 ============================================================
19:38:41.0401 3700 Scan started
19:38:41.0401 3700 Mode: Manual;
19:38:41.0402 3700 ============================================================
19:38:51.0559 3700 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:38:51.0584 3700 1394ohci - ok
19:38:52.0734 3700 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:38:52.0774 3700 ACPI - ok
19:38:52.0877 3700 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:38:52.0879 3700 AcpiPmi - ok
19:38:53.0404 3700 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:38:53.0490 3700 AdobeARMservice - ok
19:38:55.0826 3700 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:38:55.0875 3700 AdobeFlashPlayerUpdateSvc - ok
19:38:57.0368 3700 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:38:57.0399 3700 adp94xx - ok
19:38:58.0148 3700 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:38:58.0206 3700 adpahci - ok
19:38:58.0730 3700 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:38:58.0767 3700 adpu320 - ok
19:38:58.0923 3700 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:38:59.0041 3700 AeLookupSvc - ok
19:39:00.0704 3700 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:39:00.0742 3700 AFD - ok
19:39:00.0953 3700 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:39:00.0999 3700 agp440 - ok
19:39:01.0186 3700 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:39:01.0262 3700 ALG - ok
19:39:01.0695 3700 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:39:01.0697 3700 aliide - ok
19:39:02.0221 3700 AMD External Events Utility (dceee24e57e8176115207312f827c130) C:\Windows\system32\atiesrxx.exe
19:39:02.0249 3700 AMD External Events Utility - ok
19:39:02.0387 3700 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:39:02.0390 3700 amdide - ok
19:39:02.0781 3700 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:39:02.0784 3700 AmdK8 - ok
19:39:21.0085 3700 amdkmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
19:39:21.0316 3700 amdkmdag - ok
19:39:24.0102 3700 amdkmdap (20b63276a1920b41e1c56720b395049b) C:\Windows\system32\DRIVERS\atikmpag.sys
19:39:24.0129 3700 amdkmdap - ok
19:39:24.0238 3700 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:39:24.0247 3700 AmdPPM - ok
19:39:24.0540 3700 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:39:24.0581 3700 amdsata - ok
19:39:25.0347 3700 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:39:25.0412 3700 amdsbs - ok
19:39:25.0512 3700 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:39:25.0561 3700 amdxata - ok
19:39:25.0721 3700 Apowersoft_AudioDevice (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
19:39:25.0751 3700 Apowersoft_AudioDevice - ok
19:39:25.0931 3700 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:39:25.0960 3700 AppID - ok
19:39:26.0033 3700 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:39:26.0044 3700 AppIDSvc - ok
19:39:26.0199 3700 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:39:26.0323 3700 Appinfo - ok
19:39:26.0871 3700 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:39:26.0983 3700 Apple Mobile Device - ok
19:39:27.0812 3700 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:39:27.0834 3700 arc - ok
19:39:28.0031 3700 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:39:28.0064 3700 arcsas - ok
19:39:28.0150 3700 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:39:28.0183 3700 AsyncMac - ok
19:39:28.0260 3700 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:39:28.0262 3700 atapi - ok
19:39:28.0523 3700 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
19:39:28.0552 3700 AtiHdmiService - ok
19:39:45.0319 3700 atikmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
19:39:45.0358 3700 atikmdag - ok
19:39:48.0539 3700 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:39:48.0701 3700 AudioEndpointBuilder - ok
19:39:48.0719 3700 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:39:48.0731 3700 AudioSrv - ok
19:39:48.0971 3700 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:39:49.0102 3700 AxInstSV - ok
19:39:50.0419 3700 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:39:50.0449 3700 b06bdrv - ok
19:39:50.0932 3700 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:39:50.0963 3700 b57nd60a - ok
19:39:51.0089 3700 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
19:39:51.0092 3700 BCM42RLY - ok
19:39:57.0631 3700 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:39:57.0724 3700 BCM43XX - ok
19:40:00.0653 3700 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:40:00.0694 3700 BDESVC - ok
19:40:00.0919 3700 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:40:00.0924 3700 Beep - ok
19:40:02.0298 3700 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:40:02.0421 3700 BITS - ok
19:40:02.0476 3700 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:40:02.0480 3700 blbdrive - ok
19:40:02.0787 3700 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:40:02.0914 3700 Bonjour Service - ok
19:40:03.0064 3700 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:40:03.0117 3700 bowser - ok
19:40:03.0193 3700 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:40:03.0214 3700 BrFiltLo - ok
19:40:03.0293 3700 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:40:03.0294 3700 BrFiltUp - ok
19:40:03.0538 3700 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:40:03.0590 3700 Browser - ok
19:40:03.0994 3700 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:40:04.0007 3700 Brserid - ok
19:40:04.0022 3700 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:40:04.0025 3700 BrSerWdm - ok
19:40:04.0342 3700 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:40:04.0344 3700 BrUsbMdm - ok
19:40:04.0353 3700 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:40:04.0354 3700 BrUsbSer - ok
19:40:04.0440 3700 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:40:04.0442 3700 BthEnum - ok
19:40:04.0472 3700 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:40:04.0475 3700 BTHMODEM - ok
19:40:04.0506 3700 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:40:04.0510 3700 BthPan - ok
19:40:04.0718 3700 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
19:40:04.0750 3700 BTHPORT - ok
19:40:04.0907 3700 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:40:04.0937 3700 bthserv - ok
19:40:05.0130 3700 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
19:40:05.0191 3700 BTHUSB - ok
19:40:05.0469 3700 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
19:40:05.0489 3700 btusbflt - ok
19:40:05.0681 3700 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
19:40:05.0686 3700 btwaudio - ok
19:40:05.0725 3700 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
19:40:05.0746 3700 btwavdt - ok
19:40:06.0917 3700 btwdins (d65aa164acd0f6706dbcfbbcc9731584) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:40:06.0993 3700 btwdins - ok
19:40:07.0026 3700 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:40:07.0043 3700 btwl2cap - ok
19:40:07.0084 3700 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
19:40:07.0088 3700 btwrchid - ok
19:40:07.0160 3700 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:40:07.0163 3700 cdfs - ok
19:40:07.0460 3700 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:40:07.0475 3700 cdrom - ok
19:40:07.0598 3700 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:40:07.0600 3700 CertPropSvc - ok
19:40:07.0694 3700 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
19:40:07.0696 3700 cfwids - ok
19:40:07.0719 3700 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:40:07.0722 3700 circlass - ok
19:40:07.0790 3700 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:40:07.0812 3700 CLFS - ok
19:40:07.0966 3700 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:40:07.0970 3700 clr_optimization_v2.0.50727_32 - ok
19:40:08.0081 3700 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:40:08.0114 3700 clr_optimization_v2.0.50727_64 - ok
19:40:08.0640 3700 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:40:09.0051 3700 clr_optimization_v4.0.30319_32 - ok
19:40:09.0358 3700 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:40:09.0375 3700 clr_optimization_v4.0.30319_64 - ok
19:40:09.0423 3700 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:40:09.0436 3700 CmBatt - ok
19:40:09.0476 3700 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:40:09.0479 3700 cmdide - ok
19:40:09.0534 3700 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:40:09.0554 3700 CNG - ok
19:40:09.0584 3700 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:40:09.0588 3700 Compbatt - ok
19:40:09.0638 3700 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:40:09.0643 3700 CompositeBus - ok
19:40:09.0663 3700 COMSysApp - ok
19:40:09.0767 3700 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:40:09.0791 3700 crcdisk - ok
19:40:09.0862 3700 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:40:09.0934 3700 CryptSvc - ok
19:40:10.0310 3700 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:40:10.0315 3700 CtClsFlt - ok
19:40:10.0855 3700 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
19:40:11.0191 3700 dc3d - ok
19:40:11.0769 3700 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:40:11.0795 3700 DcomLaunch - ok
19:40:11.0836 3700 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:40:11.0859 3700 defragsvc - ok
19:40:11.0927 3700 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:40:11.0932 3700 DfsC - ok
19:40:12.0046 3700 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:40:12.0138 3700 Dhcp - ok
19:40:12.0157 3700 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:40:12.0160 3700 discache - ok
19:40:12.0190 3700 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:40:12.0193 3700 Disk - ok
19:40:12.0350 3700 dleaCATSCustConnectService (e0d525515537e60aba8f3e29209f02e8) C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
19:40:12.0505 3700 dleaCATSCustConnectService - ok
19:40:12.0569 3700 dlea_device - ok
19:40:12.0782 3700 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:40:12.0845 3700 Dnscache - ok
19:40:13.0704 3700 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
19:40:13.0835 3700 DockLoginService - ok
19:40:14.0306 3700 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:40:14.0416 3700 dot3svc - ok
19:40:14.0811 3700 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:40:14.0858 3700 DPS - ok
19:40:14.0904 3700 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:40:14.0908 3700 drmkaud - ok
19:40:15.0524 3700 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:40:15.0564 3700 DXGKrnl - ok
19:40:16.0262 3700 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:40:16.0296 3700 EapHost - ok
19:40:21.0289 3700 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:40:21.0397 3700 ebdrv - ok
19:40:22.0032 3700 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:40:22.0077 3700 EFS - ok
19:40:23.0427 3700 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:40:23.0471 3700 ehRecvr - ok
19:40:23.0514 3700 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:40:23.0528 3700 ehSched - ok
19:40:24.0245 3700 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:40:24.0267 3700 elxstor - ok
19:40:24.0299 3700 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:40:24.0302 3700 ErrDev - ok
19:40:25.0152 3700 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:40:25.0174 3700 EventSystem - ok
19:40:25.0247 3700 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:40:25.0295 3700 exfat - ok
19:40:25.0352 3700 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
19:40:25.0366 3700 FACAP - ok
19:40:28.0098 3700 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\FAService.exe
19:40:28.0173 3700 FAService - ok
19:40:29.0812 3700 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:40:29.0833 3700 fastfat - ok
19:40:30.0886 3700 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:40:30.0928 3700 Fax - ok
19:40:30.0957 3700 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:40:30.0961 3700 fdc - ok
19:40:30.0994 3700 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:40:31.0005 3700 fdPHost - ok
19:40:31.0018 3700 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:40:31.0028 3700 FDResPub - ok
19:40:31.0061 3700 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:40:31.0065 3700 FileInfo - ok
19:40:31.0081 3700 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:40:31.0085 3700 Filetrace - ok
19:40:32.0239 3700 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files (x86)\Fitbit\fitbit.exe
19:40:32.0390 3700 Fitbit - ok
19:40:32.0408 3700 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:40:32.0418 3700 flpydisk - ok
19:40:32.0925 3700 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:40:32.0950 3700 FltMgr - ok
19:40:34.0811 3700 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:40:34.0990 3700 FontCache - ok
19:40:35.0331 3700 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:40:35.0364 3700 FontCache3.0.0.0 - ok
19:40:35.0428 3700 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:40:35.0432 3700 FsDepends - ok
19:40:35.0495 3700 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
19:40:35.0499 3700 fssfltr - ok
19:40:37.0559 3700 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:40:37.0623 3700 fsssvc - ok
19:40:39.0658 3700 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:40:39.0661 3700 Fs_Rec - ok
19:40:40.0056 3700 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:40:40.0079 3700 fvevol - ok
19:40:40.0148 3700 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:40:40.0152 3700 gagp30kx - ok
19:40:40.0193 3700 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:40:40.0198 3700 GEARAspiWDM - ok
19:40:41.0434 3700 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:40:41.0576 3700 gpsvc - ok
19:40:41.0682 3700 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:40:41.0712 3700 hcw85cir - ok
19:40:41.0775 3700 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:40:41.0791 3700 HDAudBus - ok
19:40:41.0816 3700 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:40:41.0820 3700 HidBatt - ok
19:40:41.0848 3700 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:40:41.0857 3700 HidBth - ok
19:40:41.0879 3700 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:40:41.0884 3700 HidIr - ok
19:40:41.0915 3700 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:40:41.0920 3700 hidserv - ok
19:40:41.0984 3700 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:40:41.0987 3700 HidUsb - ok
19:40:42.0027 3700 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:40:42.0052 3700 hkmsvc - ok
19:40:42.0440 3700 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:40:42.0583 3700 HomeGroupListener - ok
19:40:42.0661 3700 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:40:42.0772 3700 HomeGroupProvider - ok
19:40:43.0277 3700 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:40:43.0316 3700 HpSAMD - ok
19:40:43.0504 3700 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:40:43.0556 3700 HTTP - ok
19:40:43.0603 3700 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:40:43.0606 3700 hwpolicy - ok
19:40:43.0869 3700 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:40:43.0878 3700 i8042prt - ok
19:40:43.0970 3700 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:40:43.0991 3700 iaStorV - ok
19:40:44.0875 3700 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:40:44.0956 3700 idsvc - ok
19:40:46.0342 3700 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:40:46.0382 3700 iirsp - ok
19:40:46.0736 3700 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:40:46.0885 3700 IKEEXT - ok
19:40:47.0095 3700 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:40:47.0098 3700 intelide - ok
19:40:47.0597 3700 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:40:47.0625 3700 intelppm - ok
19:40:47.0691 3700 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:40:47.0713 3700 IPBusEnum - ok
19:40:47.0757 3700 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:40:47.0762 3700 IpFilterDriver - ok
19:40:47.0837 3700 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:40:47.0859 3700 IPMIDRV - ok
19:40:47.0901 3700 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:40:47.0912 3700 IPNAT - ok
19:40:49.0866 3700 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:40:49.0916 3700 iPod Service - ok
19:40:49.0958 3700 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:40:49.0962 3700 IRENUM - ok
19:40:50.0017 3700 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:40:50.0021 3700 isapnp - ok
19:40:50.0518 3700 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:40:50.0546 3700 iScsiPrt - ok
19:40:50.0627 3700 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
19:40:50.0632 3700 itecir - ok
19:40:50.0695 3700 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
19:40:50.0716 3700 k57nd60a - ok
19:40:50.0794 3700 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:40:50.0798 3700 kbdclass - ok
19:40:50.0838 3700 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:40:50.0845 3700 kbdhid - ok
19:40:50.0895 3700 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:40:50.0898 3700 KeyIso - ok
19:40:50.0922 3700 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:40:50.0938 3700 KSecDD - ok
19:40:50.0961 3700 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:40:50.0979 3700 KSecPkg - ok
19:40:51.0015 3700 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:40:51.0018 3700 ksthunk - ok
19:40:51.0083 3700 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:40:51.0122 3700 KtmRm - ok
19:40:51.0422 3700 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:40:51.0506 3700 LanmanServer - ok
19:40:52.0192 3700 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:40:52.0330 3700 LanmanWorkstation - ok
19:40:52.0367 3700 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:40:52.0369 3700 lltdio - ok
19:40:52.0423 3700 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:40:52.0452 3700 lltdsvc - ok
19:40:52.0471 3700 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:40:52.0488 3700 lmhosts - ok
19:40:52.0529 3700 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:40:52.0532 3700 LSI_FC - ok
19:40:52.0552 3700 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:40:52.0555 3700 LSI_SAS - ok
19:40:52.0565 3700 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:40:52.0568 3700 LSI_SAS2 - ok
19:40:52.0583 3700 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:40:52.0595 3700 LSI_SCSI - ok
19:40:52.0627 3700 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:40:52.0641 3700 luafv - ok
19:40:52.0705 3700 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:40:52.0726 3700 MBAMProtector - ok
19:40:52.0982 3700 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:40:53.0101 3700 MBAMService - ok
19:40:53.0413 3700 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:40:53.0428 3700 McAfee SiteAdvisor Service - ok
19:40:54.0549 3700 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
19:40:54.0700 3700 McciCMService - ok
19:40:55.0254 3700 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
19:40:55.0360 3700 McciCMService64 - ok
19:40:55.0844 3700 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
19:40:55.0853 3700 McComponentHostService - ok
19:40:55.0906 3700 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:40:55.0911 3700 McMPFSvc - ok
19:40:55.0922 3700 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:40:55.0928 3700 mcmscsvc - ok
19:40:55.0937 3700 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:40:55.0939 3700 McNaiAnn - ok
19:40:55.0964 3700 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:40:55.0966 3700 McNASvc - ok
19:40:57.0354 3700 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
19:40:57.0429 3700 McODS - ok
19:40:57.0476 3700 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:40:57.0482 3700 McProxy - ok
19:40:57.0967 3700 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:40:57.0994 3700 McShield - ok
19:40:59.0423 3700 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:40:59.0495 3700 Mcx2Svc - ok
19:40:59.0616 3700 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:40:59.0620 3700 megasas - ok
19:40:59.0658 3700 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:40:59.0673 3700 MegaSR - ok
19:40:59.0889 3700 MemeoBackgroundService (671a03ca9cd0259ccbb7b78a9ce234ec) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
19:40:59.0986 3700 MemeoBackgroundService - ok
19:41:00.0369 3700 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
19:41:00.0399 3700 mfeapfk - ok
19:41:01.0429 3700 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
19:41:01.0440 3700 mfeavfk - ok
19:41:01.0479 3700 mfeavfk01 - ok
19:41:02.0384 3700 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:41:02.0390 3700 mfefire - ok
19:41:03.0502 3700 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
19:41:03.0520 3700 mfefirek - ok
19:41:03.0718 3700 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
19:41:03.0754 3700 mfehidk - ok
19:41:03.0803 3700 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
19:41:03.0808 3700 mfenlfk - ok
19:41:03.0869 3700 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
19:41:03.0874 3700 mferkdet - ok
19:41:04.0198 3700 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
19:41:04.0229 3700 mfevtp - ok
19:41:04.0885 3700 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
19:41:04.0922 3700 mfewfpk - ok
19:41:05.0114 3700 Microsoft SharePoint Workspace Audit Service - ok
19:41:05.0225 3700 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:41:05.0246 3700 MMCSS - ok
19:41:05.0678 3700 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:41:05.0700 3700 Modem - ok
19:41:05.0752 3700 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:41:05.0756 3700 monitor - ok
19:41:05.0837 3700 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:41:05.0866 3700 mouclass - ok
19:41:05.0898 3700 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:41:05.0902 3700 mouhid - ok
19:41:05.0942 3700 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:41:05.0947 3700 mountmgr - ok
19:41:05.0993 3700 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:41:06.0095 3700 mpio - ok
19:41:06.0209 3700 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:41:06.0226 3700 mpsdrv - ok
19:41:06.0265 3700 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:41:06.0281 3700 MRxDAV - ok
19:41:06.0468 3700 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:06.0476 3700 mrxsmb - ok
19:41:06.0635 3700 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:06.0674 3700 mrxsmb10 - ok
19:41:06.0873 3700 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:06.0897 3700 mrxsmb20 - ok
19:41:06.0961 3700 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:41:06.0964 3700 msahci - ok
19:41:07.0015 3700 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:41:07.0026 3700 msdsm - ok
19:41:07.0091 3700 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:41:07.0111 3700 MSDTC - ok
19:41:07.0197 3700 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:41:07.0200 3700 Msfs - ok
19:41:07.0225 3700 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:41:07.0229 3700 mshidkmdf - ok
19:41:07.0246 3700 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:41:07.0249 3700 msisadrv - ok
19:41:07.0277 3700 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:41:07.0294 3700 MSiSCSI - ok
19:41:07.0297 3700 msiserver - ok
19:41:07.0415 3700 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:41:07.0419 3700 MSK80Service - ok
19:41:07.0456 3700 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:41:07.0460 3700 MSKSSRV - ok
19:41:07.0736 3700 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:07.0850 3700 MSPCLOCK - ok
19:41:07.0893 3700 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:41:07.0896 3700 MSPQM - ok
19:41:08.0276 3700 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:41:08.0292 3700 MsRPC - ok
19:41:08.0327 3700 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:41:08.0332 3700 mssmbios - ok
19:41:08.0361 3700 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:41:08.0367 3700 MSTEE - ok
19:41:08.0388 3700 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:41:08.0390 3700 MTConfig - ok
19:41:08.0429 3700 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:41:08.0441 3700 Mup - ok
19:41:08.0700 3700 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:41:08.0714 3700 napagent - ok
19:41:08.0890 3700 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:41:08.0919 3700 NativeWifiP - ok
19:41:09.0425 3700 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:41:09.0464 3700 NDIS - ok
19:41:09.0529 3700 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:41:09.0542 3700 NdisCap - ok
19:41:09.0571 3700 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:09.0575 3700 NdisTapi - ok
19:41:10.0214 3700 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:10.0251 3700 Ndisuio - ok
19:41:10.0321 3700 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:10.0337 3700 NdisWan - ok
19:41:10.0360 3700 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:41:10.0365 3700 NDProxy - ok
19:41:10.0392 3700 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:41:10.0401 3700 NetBIOS - ok
19:41:10.0479 3700 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:41:10.0488 3700 NetBT - ok
19:41:10.0526 3700 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:10.0527 3700 Netlogon - ok
19:41:10.0576 3700 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:41:10.0607 3700 Netman - ok
19:41:10.0716 3700 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:41:10.0740 3700 netprofm - ok
19:41:11.0097 3700 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:41:11.0103 3700 NetTcpPortSharing - ok
19:41:11.0201 3700 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:41:11.0204 3700 nfrd960 - ok
19:41:11.0306 3700 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:41:11.0329 3700 NlaSvc - ok
19:41:11.0354 3700 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:41:11.0392 3700 Npfs - ok
19:41:11.0420 3700 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:41:11.0434 3700 nsi - ok
19:41:11.0463 3700 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:41:11.0466 3700 nsiproxy - ok
19:41:12.0745 3700 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:41:12.0800 3700 Ntfs - ok
19:41:13.0659 3700 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:41:13.0661 3700 Null - ok
19:41:13.0712 3700 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:41:13.0832 3700 nvraid - ok
19:41:14.0158 3700 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:41:14.0176 3700 nvstor - ok
19:41:14.0249 3700 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:41:14.0270 3700 nv_agp - ok
19:41:15.0482 3700 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:41:15.0552 3700 odserv - ok
19:41:15.0813 3700 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:41:15.0817 3700 ohci1394 - ok
19:41:15.0938 3700 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:41:15.0944 3700 ose - ok
19:41:19.0990 3700 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:41:20.0122 3700 osppsvc - ok
19:41:20.0592 3700 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:41:20.0614 3700 p2pimsvc - ok
19:41:20.0700 3700 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:41:20.0751 3700 p2psvc - ok
19:41:21.0089 3700 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:41:21.0105 3700 Parport - ok
19:41:21.0146 3700 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:41:21.0224 3700 partmgr - ok
19:41:21.0739 3700 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:41:21.0763 3700 PcaSvc - ok
19:41:21.0894 3700 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
19:41:21.0946 3700 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
19:41:21.0999 3700 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:41:22.0003 3700 pci - ok
19:41:22.0020 3700 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:41:22.0026 3700 pciide - ok
19:41:22.0220 3700 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:41:22.0237 3700 pcmcia - ok
19:41:22.0272 3700 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:41:22.0279 3700 pcw - ok
19:41:22.0445 3700 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:41:22.0477 3700 PEAUTH - ok
19:41:22.0698 3700 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:41:22.0731 3700 PerfHost - ok
19:41:24.0161 3700 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:41:24.0302 3700 pla - ok
19:41:24.0849 3700 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:41:24.0875 3700 PlugPlay - ok
19:41:24.0900 3700 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:41:24.0934 3700 PNRPAutoReg - ok
19:41:25.0294 3700 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:41:25.0297 3700 PNRPsvc - ok
19:41:25.0411 3700 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
19:41:25.0417 3700 Point64 - ok
19:41:26.0585 3700 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:41:26.0676 3700 PolicyAgent - ok
19:41:26.0754 3700 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:41:26.0775 3700 Power - ok
19:41:26.0859 3700 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:41:26.0864 3700 PptpMiniport - ok
19:41:26.0896 3700 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:41:26.0902 3700 Processor - ok
19:41:26.0940 3700 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:41:26.0969 3700 ProfSvc - ok
19:41:27.0014 3700 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:27.0018 3700 ProtectedStorage - ok
19:41:27.0071 3700 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:41:27.0082 3700 Psched - ok
19:41:27.0127 3700 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:41:27.0131 3700 PxHlpa64 - ok
19:41:27.0795 3700 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:41:27.0849 3700 ql2300 - ok
19:41:28.0594 3700 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:41:28.0610 3700 ql40xx - ok
19:41:28.0820 3700 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:41:28.0847 3700 QWAVE - ok
19:41:28.0872 3700 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:41:28.0876 3700 QWAVEdrv - ok
19:41:28.0894 3700 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:41:28.0898 3700 RasAcd - ok
19:41:28.0943 3700 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:41:28.0946 3700 RasAgileVpn - ok
19:41:29.0004 3700 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:41:29.0032 3700 RasAuto - ok
19:41:29.0075 3700 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:29.0085 3700 Rasl2tp - ok
19:41:29.0143 3700 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:41:29.0217 3700 RasMan - ok
19:41:29.0316 3700 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:29.0327 3700 RasPppoe - ok
19:41:29.0360 3700 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:41:29.0364 3700 RasSstp - ok
19:41:29.0415 3700 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:41:29.0432 3700 rdbss - ok
19:41:29.0464 3700 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:41:29.0467 3700 rdpbus - ok
19:41:29.0487 3700 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:29.0491 3700 RDPCDD - ok
19:41:29.0528 3700 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:41:29.0537 3700 RDPENCDD - ok
19:41:29.0548 3700 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:41:29.0550 3700 RDPREFMP - ok
19:41:29.0591 3700 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:41:29.0603 3700 RDPWD - ok
19:41:29.0660 3700 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:41:29.0673 3700 rdyboost - ok
19:41:29.0711 3700 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:41:29.0732 3700 RemoteAccess - ok
19:41:29.0779 3700 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:41:29.0800 3700 RemoteRegistry - ok
19:41:29.0839 3700 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:41:29.0864 3700 RFCOMM - ok
19:41:29.0900 3700 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
19:41:29.0906 3700 rimmptsk - ok
19:41:29.0926 3700 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
19:41:29.0931 3700 rimsptsk - ok
19:41:29.0965 3700 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
19:41:29.0968 3700 rismxdp - ok
19:41:30.0232 3700 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
19:41:30.0753 3700 RoxMediaDB10 - ok
19:41:30.0871 3700 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:41:30.0878 3700 RpcEptMapper - ok
19:41:30.0904 3700 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:41:30.0910 3700 RpcLocator - ok
19:41:30.0970 3700 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:41:30.0974 3700 RpcSs - ok
19:41:31.0017 3700 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:41:31.0023 3700 rspndr - ok
19:41:31.0035 3700 RxFilter - ok
19:41:31.0088 3700 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:31.0091 3700 SamSs - ok
19:41:31.0133 3700 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:41:31.0144 3700 sbp2port - ok
19:41:31.0178 3700 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:41:31.0191 3700 SCardSvr - ok
19:41:31.0231 3700 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:41:31.0236 3700 scfilter - ok
19:41:31.0325 3700 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:41:31.0421 3700 Schedule - ok
19:41:31.0491 3700 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:41:31.0492 3700 SCPolicySvc - ok
19:41:31.0573 3700 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
19:41:31.0579 3700 sdbus - ok
19:41:31.0630 3700 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:41:31.0647 3700 SDRSVC - ok
19:41:31.0751 3700 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:41:31.0800 3700 SeagateDashboardService - ok
19:41:31.0825 3700 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:41:31.0827 3700 secdrv - ok
19:41:31.0843 3700 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:41:31.0876 3700 seclogon - ok
19:41:31.0907 3700 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:41:31.0910 3700 SENS - ok
19:41:31.0923 3700 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:41:31.0928 3700 SensrSvc - ok
19:41:31.0941 3700 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:41:31.0946 3700 Serenum - ok
19:41:31.0980 3700 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:41:31.0985 3700 Serial - ok
19:41:32.0037 3700 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:41:32.0041 3700 sermouse - ok
19:41:32.0110 3700 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:41:32.0191 3700 SessionEnv - ok
19:41:32.0224 3700 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:41:32.0226 3700 sffdisk - ok
19:41:32.0254 3700 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:41:32.0257 3700 sffp_mmc - ok
19:41:32.0267 3700 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:41:32.0270 3700 sffp_sd - ok
19:41:32.0275 3700 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:41:32.0277 3700 sfloppy - ok
19:41:32.0367 3700 SftService (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:41:32.0484 3700 SftService - ok
19:41:32.0534 3700 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:41:32.0568 3700 SharedAccess - ok
19:41:32.0885 3700 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:41:32.0972 3700 ShellHWDetection - ok
19:41:33.0041 3700 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:41:33.0046 3700 SiSRaid2 - ok
19:41:33.0069 3700 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:41:33.0080 3700 SiSRaid4 - ok
19:41:33.0140 3700 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys
19:41:33.0145 3700 SIUSBXP - ok
19:41:33.0236 3700 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:41:35.0981 3700 SkypeUpdate - ok
19:41:36.0022 3700 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:41:36.0032 3700 Smb - ok
19:41:36.0082 3700 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:41:36.0103 3700 SNMPTRAP - ok
19:41:36.0137 3700 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:41:36.0141 3700 spldr - ok
19:41:36.0220 3700 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:41:36.0337 3700 Spooler - ok
19:41:38.0417 3700 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:41:38.0509 3700 sppsvc - ok
19:41:38.0794 3700 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:41:38.0811 3700 sppuinotify - ok
19:41:38.0904 3700 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:41:38.0942 3700 srv - ok
19:41:38.0992 3700 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:41:39.0017 3700 srv2 - ok
19:41:39.0050 3700 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:41:39.0068 3700 srvnet - ok
19:41:39.0099 3700 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:41:39.0118 3700 SSDPSRV - ok
19:41:39.0137 3700 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:41:39.0161 3700 SstpSvc - ok
19:41:39.0671 3700 SSUService (c193ced023f075d85cea47b475997f3f) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
19:41:39.0762 3700 SSUService - ok
19:41:40.0141 3700 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_af c3018f8cfedd20\STacSV64.exe
19:41:40.0148 3700 STacSV - ok
19:41:40.0193 3700 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:41:40.0198 3700 stexstor - ok
19:41:40.0292 3700 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
19:41:40.0306 3700 STHDA - ok
19:41:40.0477 3700 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:41:40.0551 3700 stisvc - ok
19:41:40.0635 3700 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:41:40.0729 3700 stllssvr - ok
19:41:40.0808 3700 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:41:40.0810 3700 swenum - ok
19:41:40.0877 3700 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:41:40.0911 3700 swprv - ok
19:41:40.0970 3700 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
19:41:41.0000 3700 SynTP - ok
19:41:42.0004 3700 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:41:42.0061 3700 SysMain - ok
19:41:42.0172 3700 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:41:42.0239 3700 TabletInputService - ok
19:41:42.0267 3700 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:41:42.0313 3700 TapiSrv - ok
19:41:42.0351 3700 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:41:42.0359 3700 TBS - ok
19:41:42.0856 3700 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:41:42.0894 3700 Tcpip - ok
19:41:43.0422 3700 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:41:43.0431 3700 TCPIP6 - ok
19:41:43.0552 3700 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:41:43.0554 3700 tcpipreg - ok
19:41:43.0586 3700 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:41:43.0588 3700 TDPIPE - ok
19:41:43.0916 3700 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:41:43.0920 3700 TDTCP - ok
19:41:43.0979 3700 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:41:43.0995 3700 tdx - ok
19:41:44.0032 3700 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:41:44.0036 3700 TermDD - ok
19:41:44.0155 3700 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:41:44.0201 3700 TermService - ok
19:41:44.0291 3700 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:41:44.0327 3700 Themes - ok
19:41:44.0362 3700 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:41:44.0366 3700 THREADORDER - ok
19:41:44.0509 3700 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:41:44.0544 3700 TrkWks - ok
19:41:44.0863 3700 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:41:44.0879 3700 TrustedInstaller - ok
19:41:44.0953 3700 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:44.0956 3700 tssecsrv - ok
19:41:45.0016 3700 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:41:45.0022 3700 TsUsbFlt - ok
19:41:45.0119 3700 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:41:45.0123 3700 tunnel - ok
19:41:45.0160 3700 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:41:45.0165 3700 uagp35 - ok
19:41:45.0398 3700 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:41:45.0418 3700 udfs - ok
19:41:45.0472 3700 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:41:45.0496 3700 UI0Detect - ok
19:41:45.0539 3700 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:41:45.0542 3700 uliagpkx - ok
19:41:45.0574 3700 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:41:45.0579 3700 umbus - ok
19:41:45.0601 3700 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:41:45.0605 3700 UmPass - ok
19:41:45.0642 3700 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:41:45.0661 3700 upnphost - ok
19:41:45.0701 3700 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:41:45.0704 3700 USBAAPL64 - ok
19:41:45.0727 3700 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:45.0730 3700 usbccgp - ok
19:41:45.0786 3700 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:41:45.0792 3700 usbcir - ok
19:41:45.0815 3700 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:41:45.0820 3700 usbehci - ok
19:41:46.0371 3700 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:41:46.0403 3700 usbhub - ok
19:41:46.0457 3700 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:41:46.0461 3700 usbohci - ok
19:41:46.0567 3700 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:41:46.0574 3700 usbprint - ok
19:41:46.0783 3700 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:41:46.0788 3700 usbscan - ok
19:41:46.0823 3700 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:41:46.0837 3700 USBSTOR - ok
19:41:46.0856 3700 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:41:46.0860 3700 usbuhci - ok
19:41:46.0940 3700 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:41:46.0955 3700 usbvideo - ok
19:41:46.0991 3700 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:41:46.0998 3700 UxSms - ok
19:41:47.0049 3700 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:47.0053 3700 VaultSvc - ok
19:41:47.0128 3700 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:41:47.0131 3700 vdrvroot - ok
19:41:47.0350 3700 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:41:47.0398 3700 vds - ok
19:41:47.0438 3700 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:47.0442 3700 vga - ok
19:41:47.0493 3700 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:41:47.0496 3700 VgaSave - ok
19:41:47.0546 3700 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:41:47.0561 3700 vhdmp - ok
19:41:47.0592 3700 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:41:47.0596 3700 viaide - ok
19:41:47.0616 3700 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:41:47.0619 3700 volmgr - ok
19:41:47.0671 3700 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:41:47.0691 3700 volmgrx - ok
19:41:47.0736 3700 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:41:47.0753 3700 volsnap - ok
19:41:47.0802 3700 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:41:47.0817 3700 vsmraid - ok
19:41:48.0040 3700 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:41:48.0101 3700 VSS - ok
19:41:48.0532 3700 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:41:48.0534 3700 vwifibus - ok
19:41:48.0553 3700 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:41:48.0555 3700 vwififlt - ok
19:41:48.0581 3700 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:41:48.0583 3700 vwifimp - ok
19:41:48.0626 3700 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:41:48.0648 3700 W32Time - ok
19:41:48.0672 3700 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:41:48.0676 3700 WacomPen - ok
19:41:48.0718 3700 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:48.0721 3700 WANARP - ok
19:41:48.0724 3700 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:48.0725 3700 Wanarpv6 - ok
19:41:48.0849 3700 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:41:48.0969 3700 WatAdminSvc - ok
19:41:49.0097 3700 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:41:49.0231 3700 wbengine - ok
19:41:49.0709 3700 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:41:49.0744 3700 WbioSrvc - ok
19:41:49.0997 3700 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:41:50.0023 3700 wcncsvc - ok
19:41:50.0049 3700 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:41:50.0089 3700 WcsPlugInService - ok
19:41:50.0191 3700 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:41:50.0199 3700 Wd - ok
19:41:50.0276 3700 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:41:50.0315 3700 Wdf01000 - ok
19:41:50.0793 3700 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:41:50.0816 3700 WdiServiceHost - ok
19:41:50.0836 3700 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:41:50.0840 3700 WdiSystemHost - ok
19:41:50.0915 3700 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:41:50.0980 3700 WebClient - ok
19:41:51.0148 3700 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:41:51.0193 3700 Wecsvc - ok
19:41:51.0215 3700 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:41:51.0219 3700 wercplsupport - ok
19:41:51.0237 3700 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:41:51.0242 3700 WerSvc - ok
19:41:51.0292 3700 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:41:51.0295 3700 WfpLwf - ok
19:41:51.0343 3700 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:41:51.0358 3700 WimFltr - ok
19:41:51.0384 3700 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:41:51.0387 3700 WIMMount - ok
19:41:51.0394 3700 WinHttpAutoProxySvc - ok
19:41:51.0610 3700 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:41:51.0651 3700 Winmgmt - ok
19:41:53.0433 3700 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:41:53.0588 3700 WinRM - ok
19:41:54.0585 3700 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:41:54.0588 3700 WinUsb - ok
19:41:55.0411 3700 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:41:55.0445 3700 Wlansvc - ok
19:41:55.0601 3700 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:41:55.0609 3700 wlcrasvc - ok
19:41:57.0499 3700 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:41:57.0567 3700 wlidsvc - ok
19:41:57.0783 3700 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
19:41:57.0880 3700 wltrysvc - ok
19:41:58.0928 3700 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:41:58.0931 3700 WmiAcpi - ok
19:41:59.0650 3700 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:41:59.0662 3700 wmiApSrv - ok
19:41:59.0731 3700 WMPNetworkSvc - ok
19:41:59.0762 3700 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:41:59.0792 3700 WPCSvc - ok
19:41:59.0937 3700 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:42:00.0027 3700 WPDBusEnum - ok
19:42:00.0080 3700 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:42:00.0095 3700 ws2ifsl - ok
19:42:00.0134 3700 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:42:00.0139 3700 WSDPrintDevice - ok
19:42:00.0150 3700 WSearch - ok
19:42:01.0238 3700 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:42:01.0292 3700 wuauserv - ok
19:42:01.0897 3700 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:42:01.0925 3700 WudfPf - ok
19:42:01.0985 3700 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:42:02.0001 3700 WUDFRd - ok
19:42:02.0096 3700 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:42:02.0186 3700 wudfsvc - ok
19:42:02.0217 3700 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:42:02.0279 3700 WwanSvc - ok
19:42:02.0344 3700 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:42:02.0640 3700 \Device\Harddisk0\DR0 - ok
19:42:02.0648 3700 Boot (0x1200) (4046940496e35c5daa3dfd9c0f8e3648) \Device\Harddisk0\DR0\Partition0
19:42:02.0651 3700 \Device\Harddisk0\DR0\Partition0 - ok
19:42:02.0665 3700 Boot (0x1200) (c492ce314e762ce903309b1cc566aee9) \Device\Harddisk0\DR0\Partition1
19:42:02.0669 3700 \Device\Harddisk0\DR0\Partition1 - ok
19:42:02.0670 3700 ============================================================
19:42:02.0670 3700 Scan finished
19:42:02.0670 3700 ============================================================
19:42:02.0699 7768 Detected object count: 0
19:42:02.0699 7768 Actual detected object count: 0
19:50:20.0837 2868 ============================================================
19:50:20.0838 2868 Scan started
19:50:20.0838 2868 Mode: Manual; SigCheck; TDLFS;
19:50:20.0838 2868 ============================================================
19:50:24.0727 2868 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:50:25.0104 2868 1394ohci - ok
19:50:25.0204 2868 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:50:25.0252 2868 ACPI - ok
19:50:25.0290 2868 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:50:25.0448 2868 AcpiPmi - ok
19:50:25.0591 2868 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:50:25.0621 2868 AdobeARMservice - ok
19:50:25.0744 2868 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:50:25.0780 2868 AdobeFlashPlayerUpdateSvc - ok
19:50:25.0831 2868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:50:25.0885 2868 adp94xx - ok
19:50:25.0914 2868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:50:25.0931 2868 adpahci - ok
19:50:25.0987 2868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:50:26.0001 2868 adpu320 - ok
19:50:26.0114 2868 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:50:26.0513 2868 AeLookupSvc - ok
19:50:26.0577 2868 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:50:26.0658 2868 AFD - ok
19:50:26.0976 2868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:50:27.0013 2868 agp440 - ok
19:50:27.0054 2868 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:50:27.0109 2868 ALG - ok
19:50:27.0142 2868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:50:27.0154 2868 aliide - ok
19:50:27.0198 2868 AMD External Events Utility (dceee24e57e8176115207312f827c130) C:\Windows\system32\atiesrxx.exe
19:50:27.0342 2868 AMD External Events Utility - ok
19:50:27.0463 2868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:50:27.0498 2868 amdide - ok
19:50:27.0552 2868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:50:27.0640 2868 AmdK8 - ok
19:50:28.0110 2868 amdkmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
19:50:28.0219 2868 amdkmdag - ok
19:50:28.0357 2868 amdkmdap (20b63276a1920b41e1c56720b395049b) C:\Windows\system32\DRIVERS\atikmpag.sys
19:50:28.0375 2868 amdkmdap - ok
19:50:28.0683 2868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:50:28.0721 2868 AmdPPM - ok
19:50:28.0754 2868 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:50:28.0767 2868 amdsata - ok
19:50:28.0790 2868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:50:28.0808 2868 amdsbs - ok
19:50:28.0834 2868 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:50:28.0845 2868 amdxata - ok
19:50:28.0874 2868 Apowersoft_AudioDevice (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
19:50:28.0943 2868 Apowersoft_AudioDevice - ok
19:50:29.0155 2868 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:50:29.0404 2868 AppID - ok
19:50:29.0448 2868 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:50:29.0538 2868 AppIDSvc - ok
19:50:29.0586 2868 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:50:29.0729 2868 Appinfo - ok
19:50:29.0887 2868 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:50:29.0915 2868 Apple Mobile Device - ok
19:50:29.0960 2868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:50:29.0998 2868 arc - ok
19:50:30.0020 2868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:50:30.0032 2868 arcsas - ok
19:50:30.0062 2868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:50:30.0177 2868 AsyncMac - ok
19:50:30.0221 2868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:50:30.0255 2868 atapi - ok
19:50:30.0325 2868 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
19:50:30.0356 2868 AtiHdmiService - ok
19:50:31.0864 2868 atikmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
19:50:31.0963 2868 atikmdag - ok
19:50:32.0132 2868 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:50:32.0246 2868 AudioEndpointBuilder - ok
19:50:32.0253 2868 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:50:32.0288 2868 AudioSrv - ok
19:50:32.0317 2868 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:50:32.0442 2868 AxInstSV - ok
19:50:32.0553 2868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:50:32.0642 2868 b06bdrv - ok
19:50:32.0728 2868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:50:32.0826 2868 b57nd60a - ok
19:50:32.0888 2868 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
19:50:32.0916 2868 BCM42RLY - ok
19:50:33.0670 2868 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:50:33.0756 2868 BCM43XX - ok
19:50:33.0948 2868 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:50:34.0066 2868 BDESVC - ok
19:50:34.0126 2868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:50:34.0229 2868 Beep - ok
19:50:34.0310 2868 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:50:34.0404 2868 BITS - ok
19:50:34.0430 2868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:50:34.0478 2868 blbdrive - ok
19:50:34.0682 2868 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:50:34.0707 2868 Bonjour Service - ok
19:50:34.0996 2868 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:50:35.0039 2868 bowser - ok
19:50:35.0070 2868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:50:35.0166 2868 BrFiltLo - ok
19:50:35.0202 2868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:50:35.0216 2868 BrFiltUp - ok
19:50:35.0263 2868 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:50:35.0367 2868 Browser - ok
19:50:35.0528 2868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:50:35.0858 2868 Brserid - ok
19:50:36.0049 2868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:50:36.0130 2868 BrSerWdm - ok
19:50:36.0191 2868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:50:36.0255 2868 BrUsbMdm - ok
19:50:36.0289 2868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:50:36.0343 2868 BrUsbSer - ok
19:50:36.0425 2868 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:50:36.0687 2868 BthEnum - ok
19:50:37.0146 2868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:50:37.0222 2868 BTHMODEM - ok
19:50:37.0273 2868 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:50:37.0310 2868 BthPan - ok
19:50:37.0392 2868 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
19:50:37.0459 2868 BTHPORT - ok
19:50:37.0784 2868 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:50:37.0947 2868 bthserv - ok
19:50:38.0054 2868 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
19:50:38.0067 2868 BTHUSB - ok
19:50:38.0108 2868 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
19:50:38.0119 2868 btusbflt - ok
19:50:38.0204 2868 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
19:50:38.0232 2868 btwaudio - ok
19:50:38.0282 2868 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
19:50:38.0292 2868 btwavdt - ok
19:50:38.0516 2868 btwdins (d65aa164acd0f6706dbcfbbcc9731584) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:50:38.0572 2868 btwdins - ok
19:50:38.0590 2868 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:50:38.0614 2868 btwl2cap - ok
19:50:38.0664 2868 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
19:50:38.0691 2868 btwrchid - ok
19:50:38.0721 2868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:50:38.0797 2868 cdfs - ok
19:50:38.0829 2868 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:50:38.0873 2868 cdrom - ok
19:50:38.0902 2868 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:50:39.0057 2868 CertPropSvc - ok
19:50:39.0121 2868 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
19:50:39.0151 2868 cfwids - ok
19:50:39.0171 2868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:50:39.0212 2868 circlass - ok
19:50:39.0255 2868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:50:39.0300 2868 CLFS - ok
19:50:39.0418 2868 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:50:39.0450 2868 clr_optimization_v2.0.50727_32 - ok
19:50:39.0520 2868 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:50:39.0551 2868 clr_optimization_v2.0.50727_64 - ok
19:50:39.0668 2868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:50:39.0679 2868 clr_optimization_v4.0.30319_32 - ok
19:50:39.0712 2868 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:50:39.0722 2868 clr_optimization_v4.0.30319_64 - ok
19:50:39.0747 2868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:50:39.0774 2868 CmBatt - ok
19:50:40.0174 2868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:50:40.0209 2868 cmdide - ok
19:50:40.0322 2868 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:50:40.0365 2868 CNG - ok
19:50:40.0397 2868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:50:40.0415 2868 Compbatt - ok
19:50:40.0467 2868 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:50:40.0567 2868 CompositeBus - ok
19:50:40.0570 2868 COMSysApp - ok
19:50:40.0589 2868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:50:40.0624 2868 crcdisk - ok
19:50:40.0719 2868 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:50:40.0776 2868 CryptSvc - ok
19:50:40.0841 2868 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:50:40.0936 2868 CtClsFlt - ok
19:50:41.0000 2868 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
19:50:41.0110 2868 dc3d - ok
19:50:41.0205 2868 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:50:41.0315 2868 DcomLaunch - ok
19:50:41.0390 2868 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:50:41.0460 2868 defragsvc - ok
19:50:41.0502 2868 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:50:41.0585 2868 DfsC - ok
19:50:41.0666 2868 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:50:41.0739 2868 Dhcp - ok
19:50:41.0766 2868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:50:41.0875 2868 discache - ok
19:50:41.0906 2868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:50:41.0918 2868 Disk - ok
19:50:42.0023 2868 dleaCATSCustConnectService (e0d525515537e60aba8f3e29209f02e8) C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
19:50:42.0052 2868 dleaCATSCustConnectService - ok
19:50:42.0248 2868 dlea_device - ok
19:50:42.0541 2868 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:50:42.0718 2868 Dnscache - ok
19:50:42.0899 2868 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
19:50:42.0982 2868 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
19:50:42.0982 2868 DockLoginService - detected UnsignedFile.Multi.Generic (1)
19:50:43.0047 2868 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:50:43.0161 2868 dot3svc - ok
19:50:43.0207 2868 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:50:43.0287 2868 DPS - ok
19:50:43.0324 2868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:50:43.0380 2868 drmkaud - ok
19:50:43.0484 2868 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:50:43.0528 2868 DXGKrnl - ok
19:50:43.0550 2868 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:50:43.0636 2868 EapHost - ok
19:50:43.0996 2868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:50:44.0100 2868 ebdrv - ok
19:50:44.0593 2868 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:50:44.0709 2868 EFS - ok
19:50:45.0044 2868 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:50:45.0221 2868 ehRecvr - ok
19:50:45.0271 2868 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:50:45.0300 2868 ehSched - ok
19:50:45.0398 2868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:50:45.0453 2868 elxstor - ok
19:50:45.0484 2868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:50:45.0539 2868 ErrDev - ok
19:50:45.0598 2868 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:50:45.0686 2868 EventSystem - ok
19:50:45.0715 2868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:50:45.0749 2868 exfat - ok
19:50:45.0866 2868 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
19:50:45.0900 2868 FACAP - ok
19:50:46.0186 2868 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\FAService.exe
19:50:46.0245 2868 FAService - ok
19:50:46.0417 2868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:50:46.0527 2868 fastfat - ok
19:50:46.0790 2868 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:50:46.0902 2868 Fax - ok
19:50:46.0935 2868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:50:46.0980 2868 fdc - ok
19:50:47.0007 2868 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:50:47.0123 2868 fdPHost - ok
19:50:47.0149 2868 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:50:47.0187 2868 FDResPub - ok
19:50:47.0275 2868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:50:47.0293 2868 FileInfo - ok
19:50:47.0306 2868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:50:47.0356 2868 Filetrace - ok
19:50:47.0474 2868 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files (x86)\Fitbit\fitbit.exe
19:50:47.0494 2868 Fitbit - ok
19:50:47.0520 2868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:50:47.0542 2868 flpydisk - ok
19:50:47.0594 2868 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:50:47.0612 2868 FltMgr - ok
19:50:47.0702 2868 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:50:47.0748 2868 FontCache - ok
19:50:47.0892 2868 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:50:47.0912 2868 FontCache3.0.0.0 - ok
19:50:48.0062 2868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:50:48.0086 2868 FsDepends - ok
19:50:48.0217 2868 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
19:50:48.0226 2868 fssfltr - ok
19:50:48.0497 2868 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:50:48.0524 2868 fsssvc - ok
19:50:49.0219 2868 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:50:49.0231 2868 Fs_Rec - ok
19:50:49.0313 2868 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:50:49.0331 2868 fvevol - ok
19:50:49.0376 2868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:50:49.0458 2868 gagp30kx - ok
19:50:49.0518 2868 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:50:49.0527 2868 GEARAspiWDM - ok
19:50:49.0603 2868 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:50:49.0658 2868 gpsvc - ok
19:50:49.0713 2868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:50:49.0785 2868 hcw85cir - ok
19:50:49.0833 2868 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:50:49.0868 2868 HDAudBus - ok
19:50:49.0917 2868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:50:49.0942 2868 HidBatt - ok
19:50:49.0967 2868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:50:50.0021 2868 HidBth - ok
19:50:50.0505 2868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:50:50.0534 2868 HidIr - ok
19:50:50.0569 2868 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:50:50.0666 2868 hidserv - ok
19:50:50.0694 2868 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:50:50.0707 2868 HidUsb - ok
19:50:50.0745 2868 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:50:50.0858 2868 hkmsvc - ok
19:50:50.0931 2868 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:50:51.0335 2868 HomeGroupListener - ok
19:50:51.0370 2868 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:50:51.0421 2868 HomeGroupProvider - ok
19:50:51.0521 2868 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:50:51.0558 2868 HpSAMD - ok
19:50:51.0649 2868 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:50:51.0781 2868 HTTP - ok
19:50:51.0815 2868 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:50:51.0826 2868 hwpolicy - ok
19:50:51.0855 2868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:50:51.0893 2868 i8042prt - ok
19:50:51.0946 2868 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:50:51.0994 2868 iaStorV - ok
19:50:52.0125 2868 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:50:52.0182 2868 idsvc - ok
19:50:52.0362 2868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:50:52.0410 2868 iirsp - ok
19:50:52.0558 2868 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:50:52.0633 2868 IKEEXT - ok
19:50:52.0662 2868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:50:52.0673 2868 intelide - ok
19:50:52.0709 2868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:50:52.0761 2868 intelppm - ok
19:50:52.0812 2868 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:50:52.0935 2868 IPBusEnum - ok
19:50:52.0976 2868 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:50:53.0089 2868 IpFilterDriver - ok
19:50:53.0533 2868 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:50:53.0614 2868 IPMIDRV - ok
19:50:53.0664 2868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:50:53.0795 2868 IPNAT - ok
19:50:53.0938 2868 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:50:53.0999 2868 iPod Service - ok
19:50:54.0023 2868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:50:54.0117 2868 IRENUM - ok
19:50:54.0173 2868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:50:54.0208 2868 isapnp - ok
19:50:54.0255 2868 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:50:54.0300 2868 iScsiPrt - ok
19:50:54.0369 2868 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
19:50:54.0397 2868 itecir - ok
19:50:54.0457 2868 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
19:50:54.0469 2868 k57nd60a - ok
19:50:54.0566 2868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:50:54.0606 2868 kbdclass - ok
19:50:54.0657 2868 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:50:54.0670 2868 kbdhid - ok
19:50:54.0748 2868 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:50:54.0788 2868 KeyIso - ok
19:50:54.0835 2868 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:50:54.0847 2868 KSecDD - ok
19:50:54.0889 2868 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:50:54.0929 2868 KSecPkg - ok
19:50:54.0986 2868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:50:55.0098 2868 ksthunk - ok
19:50:55.0152 2868 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:50:55.0268 2868 KtmRm - ok
19:50:55.0498 2868 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:50:55.0629 2868 LanmanServer - ok
19:50:55.0980 2868 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:50:56.0103 2868 LanmanWorkstation - ok
19:50:56.0160 2868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:50:56.0222 2868 lltdio - ok
19:50:56.0268 2868 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:50:56.0327 2868 lltdsvc - ok
19:50:56.0362 2868 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:50:56.0399 2868 lmhosts - ok
19:50:56.0428 2868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:50:56.0440 2868 LSI_FC - ok
19:50:56.0473 2868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:50:56.0506 2868 LSI_SAS - ok
19:50:56.0533 2868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:50:56.0570 2868 LSI_SAS2 - ok
19:50:56.0621 2868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:50:56.0633 2868 LSI_SCSI - ok
19:50:56.0656 2868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:50:56.0735 2868 luafv - ok
19:50:56.0793 2868 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:50:56.0830 2868 MBAMProtector - ok
19:50:57.0029 2868 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:50:57.0045 2868 MBAMService - ok
19:50:57.0297 2868 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:57.0334 2868 McAfee SiteAdvisor Service - ok
19:50:57.0444 2868 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
19:50:57.0482 2868 McciCMService ( UnsignedFile.Multi.Generic ) - warning
19:50:57.0482 2868 McciCMService - detected UnsignedFile.Multi.Generic (1)
19:50:58.0147 2868 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
19:50:58.0188 2868 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
19:50:58.0188 2868 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
19:50:58.0289 2868 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
19:50:58.0324 2868 McComponentHostService - ok
19:50:58.0334 2868 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:58.0348 2868 McMPFSvc - ok
19:50:58.0363 2868 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:58.0378 2868 mcmscsvc - ok
19:50:58.0387 2868 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:58.0399 2868 McNaiAnn - ok
19:50:58.0426 2868 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:58.0438 2868 McNASvc - ok
19:50:58.0602 2868 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
19:50:58.0649 2868 McODS - ok
19:50:58.0670 2868 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:50:58.0700 2868 McProxy - ok
19:50:58.0799 2868 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:50:58.0833 2868 McShield - ok
19:50:59.0086 2868 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:50:59.0143 2868 Mcx2Svc - ok
19:50:59.0229 2868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:50:59.0265 2868 megasas - ok
19:50:59.0311 2868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:50:59.0325 2868 MegaSR - ok
19:50:59.0450 2868 MemeoBackgroundService (671a03ca9cd0259ccbb7b78a9ce234ec) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
19:50:59.0477 2868 MemeoBackgroundService - ok
19:50:59.0527 2868 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
19:50:59.0560 2868 mfeapfk - ok
19:50:59.0652 2868 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
19:50:59.0687 2868 mfeavfk - ok
19:50:59.0723 2868 mfeavfk01 - ok
19:51:00.0511 2868 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:51:00.0546 2868 mfefire - ok
19:51:00.0619 2868 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
19:51:00.0665 2868 mfefirek - ok
19:51:00.0757 2868 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
19:51:00.0801 2868 mfehidk - ok
19:51:00.0851 2868 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
19:51:00.0870 2868 mfenlfk - ok
19:51:00.0912 2868 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
19:51:00.0943 2868 mferkdet - ok
19:51:01.0016 2868 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
19:51:01.0050 2868 mfevtp - ok
19:51:01.0103 2868 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
19:51:01.0141 2868 mfewfpk - ok
19:51:01.0247 2868 Microsoft SharePoint Workspace Audit Service - ok
19:51:01.0358 2868 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:51:01.0422 2868 MMCSS - ok
19:51:01.0464 2868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:51:01.0515 2868 Modem - ok
19:51:01.0556 2868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:51:01.0608 2868 monitor - ok
19:51:01.0657 2868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:51:01.0670 2868 mouclass - ok
19:51:01.0686 2868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:51:01.0711 2868 mouhid - ok
19:51:01.0744 2868 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:51:01.0756 2868 mountmgr - ok
19:51:01.0801 2868 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:51:01.0905 2868 mpio - ok
19:51:01.0933 2868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:51:02.0007 2868 mpsdrv - ok
19:51:02.0041 2868 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:51:02.0097 2868 MRxDAV - ok
19:51:02.0159 2868 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:51:02.0319 2868 mrxsmb - ok
19:51:02.0376 2868 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:51:02.0446 2868 mrxsmb10 - ok
19:51:02.0923 2868 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:51:02.0962 2868 mrxsmb20 - ok
19:51:02.0998 2868 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:51:03.0035 2868 msahci - ok
19:51:03.0078 2868 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:51:03.0119 2868 msdsm - ok
19:51:03.0170 2868 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:51:03.0270 2868 MSDTC - ok
19:51:03.0314 2868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:51:03.0347 2868 Msfs - ok
19:51:03.0360 2868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:51:03.0454 2868 mshidkmdf - ok
19:51:03.0470 2868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:51:03.0481 2868 msisadrv - ok
19:51:03.0507 2868 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:51:03.0552 2868 MSiSCSI - ok
19:51:03.0555 2868 msiserver - ok
19:51:03.0675 2868 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:51:03.0712 2868 MSK80Service - ok
19:51:03.0747 2868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:51:03.0792 2868 MSKSSRV - ok
19:51:03.0833 2868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:51:03.0925 2868 MSPCLOCK - ok
19:51:03.0930 2868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:51:03.0984 2868 MSPQM - ok
19:51:04.0058 2868 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:51:04.0106 2868 MsRPC - ok
19:51:04.0157 2868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:51:04.0192 2868 mssmbios - ok
19:51:04.0248 2868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:51:04.0334 2868 MSTEE - ok
19:51:04.0358 2868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:51:04.0396 2868 MTConfig - ok
19:51:04.0441 2868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:51:04.0482 2868 Mup - ok
19:51:04.0534 2868 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:51:04.0643 2868 napagent - ok
19:51:04.0690 2868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:51:04.0749 2868 NativeWifiP - ok
19:51:05.0277 2868 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:51:05.0349 2868 NDIS - ok
19:51:05.0381 2868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:51:05.0415 2868 NdisCap - ok
19:51:05.0459 2868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:51:05.0492 2868 NdisTapi - ok
19:51:05.0523 2868 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:51:05.0606 2868 Ndisuio - ok
19:51:05.0640 2868 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:51:05.0748 2868 NdisWan - ok
19:51:05.0785 2868 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:51:05.0883 2868 NDProxy - ok
19:51:06.0108 2868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:51:06.0312 2868 NetBIOS - ok
19:51:06.0400 2868 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:51:06.0504 2868 NetBT - ok
19:51:06.0539 2868 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:06.0552 2868 Netlogon - ok
19:51:06.0607 2868 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:51:06.0737 2868 Netman - ok
19:51:06.0796 2868 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:51:06.0944 2868 netprofm - ok
19:51:07.0019 2868 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:51:07.0049 2868 NetTcpPortSharing - ok
19:51:07.0554 2868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:51:07.0590 2868 nfrd960 - ok
19:51:07.0653 2868 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:51:07.0762 2868 NlaSvc - ok
19:51:07.0784 2868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:51:07.0816 2868 Npfs - ok
19:51:07.0843 2868 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:51:07.0875 2868 nsi - ok
19:51:07.0887 2868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:51:07.0957 2868 nsiproxy - ok
19:51:08.0090 2868 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:51:08.0182 2868 Ntfs - ok
19:51:08.0645 2868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:51:08.0730 2868 Null - ok
19:51:08.0771 2868 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:51:08.0906 2868 nvraid - ok
19:51:08.0935 2868 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:51:08.0948 2868 nvstor - ok
19:51:08.0972 2868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:51:08.0984 2868 nv_agp - ok
19:51:09.0137 2868 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:51:09.0182 2868 odserv - ok
19:51:09.0227 2868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:51:09.0284 2868 ohci1394 - ok
19:51:09.0934 2868 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:09.0966 2868 ose - ok
19:51:10.0514 2868 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:10.0634 2868 osppsvc - ok
19:51:10.0865 2868 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:51:10.0988 2868 p2pimsvc - ok
19:51:11.0044 2868 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:51:11.0092 2868 p2psvc - ok
19:51:11.0194 2868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:51:11.0235 2868 Parport - ok
19:51:11.0297 2868 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:51:11.0430 2868 partmgr - ok
19:51:11.0450 2868 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:51:11.0494 2868 PcaSvc - ok
19:51:11.0601 2868 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
19:51:11.0632 2868 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
19:51:11.0681 2868 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:51:11.0721 2868 pci - ok
19:51:11.0745 2868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:51:11.0790 2868 pciide - ok
19:51:12.0089 2868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:51:12.0130 2868 pcmcia - ok
19:51:12.0152 2868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:51:12.0189 2868 pcw - ok
19:51:12.0242 2868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:51:12.0332 2868 PEAUTH - ok
19:51:12.0522 2868 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:51:12.0585 2868 PerfHost - ok
19:51:12.0820 2868 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:51:12.0965 2868 pla - ok
19:51:13.0111 2868 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:51:13.0221 2868 PlugPlay - ok
19:51:13.0254 2868 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:51:13.0313 2868 PNRPAutoReg - ok
19:51:13.0409 2868 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:51:13.0457 2868 PNRPsvc - ok
19:51:13.0531 2868 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
19:51:13.0557 2868 Point64 - ok
19:51:13.0632 2868 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:51:13.0683 2868 PolicyAgent - ok
19:51:13.0841 2868 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:51:13.0905 2868 Power - ok
19:51:13.0964 2868 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:51:14.0045 2868 PptpMiniport - ok
19:51:14.0495 2868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:51:14.0529 2868 Processor - ok
19:51:14.0815 2868 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:51:14.0939 2868 ProfSvc - ok
19:51:14.0997 2868 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:15.0023 2868 ProtectedStorage - ok
19:51:15.0074 2868 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:51:15.0108 2868 Psched - ok
19:51:15.0150 2868 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:51:15.0159 2868 PxHlpa64 - ok
19:51:15.0284 2868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:51:15.0335 2868 ql2300 - ok
19:51:15.0477 2868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:51:15.0517 2868 ql40xx - ok
19:51:15.0566 2868 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:51:15.0626 2868 QWAVE - ok
19:51:15.0647 2868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:51:15.0714 2868 QWAVEdrv - ok
19:51:15.0745 2868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:51:15.0793 2868 RasAcd - ok
19:51:15.0842 2868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:51:15.0875 2868 RasAgileVpn - ok
19:51:15.0898 2868 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:51:15.0946 2868 RasAuto - ok
19:51:15.0980 2868 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:51:16.0028 2868 Rasl2tp - ok
19:51:16.0155 2868 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:51:16.0237 2868 RasMan - ok
19:51:16.0589 2868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:51:16.0706 2868 RasPppoe - ok
19:51:16.0723 2868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:51:16.0782 2868 RasSstp - ok
19:51:16.0826 2868 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:51:16.0899 2868 rdbss - ok
19:51:16.0918 2868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:51:16.0937 2868 rdpbus - ok
19:51:16.0957 2868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:51:17.0008 2868 RDPCDD - ok
19:51:17.0033 2868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:51:17.0085 2868 RDPENCDD - ok
19:51:17.0116 2868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:51:17.0152 2868 RDPREFMP - ok
19:51:17.0208 2868 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:51:17.0285 2868 RDPWD - ok
19:51:17.0411 2868 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:51:17.0431 2868 rdyboost - ok
19:51:17.0460 2868 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:51:17.0505 2868 RemoteAccess - ok
19:51:17.0559 2868 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:51:17.0611 2868 RemoteRegistry - ok
19:51:17.0649 2868 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:51:17.0680 2868 RFCOMM - ok
19:51:17.0715 2868 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
19:51:17.0799 2868 rimmptsk - ok
19:51:17.0825 2868 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
19:51:17.0878 2868 rimsptsk - ok
19:51:17.0921 2868 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
19:51:17.0949 2868 rismxdp - ok
19:51:18.0103 2868 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
19:51:18.0126 2868 RoxMediaDB10 - ok
19:51:18.0240 2868 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:51:18.0327 2868 RpcEptMapper - ok
19:51:18.0349 2868 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:51:18.0392 2868 RpcLocator - ok
19:51:18.0792 2868 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:51:18.0872 2868 RpcSs - ok
19:51:18.0914 2868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:51:18.0947 2868 rspndr - ok
19:51:18.0973 2868 RxFilter - ok
19:51:19.0011 2868 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:19.0027 2868 SamSs - ok
19:51:19.0054 2868 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:51:19.0067 2868 sbp2port - ok
19:51:19.0099 2868 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:51:19.0134 2868 SCardSvr - ok
19:51:19.0171 2868 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:51:19.0222 2868 scfilter - ok
19:51:19.0315 2868 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:51:19.0415 2868 Schedule - ok
19:51:19.0447 2868 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:51:19.0520 2868 SCPolicySvc - ok
19:51:19.0601 2868 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
19:51:19.0647 2868 sdbus - ok
19:51:19.0696 2868 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:51:19.0803 2868 SDRSVC - ok
19:51:19.0897 2868 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:51:19.0921 2868 SeagateDashboardService - ok
19:51:19.0962 2868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:51:19.0996 2868 secdrv - ok
19:51:20.0031 2868 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:51:20.0080 2868 seclogon - ok
19:51:20.0177 2868 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:51:20.0255 2868 SENS - ok
19:51:20.0276 2868 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:51:20.0328 2868 SensrSvc - ok
19:51:20.0342 2868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:51:20.0389 2868 Serenum - ok
19:51:20.0431 2868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:51:20.0444 2868 Serial - ok
19:51:20.0481 2868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:51:20.0529 2868 sermouse - ok
19:51:20.0722 2868 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:51:20.0845 2868 SessionEnv - ok
19:51:20.0954 2868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:51:21.0024 2868 sffdisk - ok
19:51:21.0044 2868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:51:21.0072 2868 sffp_mmc - ok
19:51:21.0090 2868 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:51:21.0127 2868 sffp_sd - ok
19:51:21.0152 2868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:51:21.0187 2868 sfloppy - ok
19:51:21.0269 2868 SftService (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:51:21.0286 2868 SftService - ok
19:51:21.0350 2868 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:51:21.0461 2868 SharedAccess - ok
19:51:21.0519 2868 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:51:21.0596 2868 ShellHWDetection - ok
19:51:21.0655 2868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:51:21.0666 2868 SiSRaid2 - ok
19:51:21.0689 2868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:51:21.0746 2868 SiSRaid4 - ok
19:51:21.0797 2868 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys
19:51:21.0828 2868 SIUSBXP - ok
19:51:21.0924 2868 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:51:21.0935 2868 SkypeUpdate - ok
19:51:21.0961 2868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:51:22.0012 2868 Smb - ok
19:51:22.0047 2868 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:51:22.0061 2868 SNMPTRAP - ok
19:51:22.0081 2868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:51:22.0092 2868 spldr - ok
19:51:22.0147 2868 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:51:22.0187 2868 Spooler - ok
19:51:22.0388 2868 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:51:22.0476 2868 sppsvc - ok
19:51:22.0943 2868 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:51:22.0984 2868 sppuinotify - ok
19:51:23.0261 2868 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:51:23.0336 2868 srv - ok
19:51:23.0368 2868 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:51:23.0396 2868 srv2 - ok
19:51:23.0428 2868 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:51:23.0486 2868 srvnet - ok
19:51:23.0537 2868 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:51:23.0660 2868 SSDPSRV - ok
19:51:23.0695 2868 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:51:23.0787 2868 SstpSvc - ok
19:51:23.0912 2868 SSUService (c193ced023f075d85cea47b475997f3f) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
19:51:24.0031 2868 SSUService - ok
19:51:24.0134 2868 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_af c3018f8cfedd20\STacSV64.exe
19:51:24.0165 2868 STacSV - ok
19:51:24.0265 2868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:51:24.0277 2868 stexstor - ok
19:51:24.0344 2868 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
19:51:24.0376 2868 STHDA - ok
19:51:24.0481 2868 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:51:24.0626 2868 stisvc - ok
19:51:24.0719 2868 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:51:24.0750 2868 stllssvr - ok
19:51:24.0827 2868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:51:24.0838 2868 swenum - ok
19:51:25.0110 2868 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:51:25.0188 2868 swprv - ok
19:51:25.0402 2868 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
19:51:25.0439 2868 SynTP - ok
19:51:25.0597 2868 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:51:25.0673 2868 SysMain - ok
19:51:25.0809 2868 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:51:25.0869 2868 TabletInputService - ok
19:51:25.0942 2868 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:51:25.0991 2868 TapiSrv - ok
19:51:26.0018 2868 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:51:26.0057 2868 TBS - ok
19:51:26.0221 2868 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:51:26.0257 2868 Tcpip - ok
19:51:26.0546 2868 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:51:26.0615 2868 TCPIP6 - ok
19:51:26.0740 2868 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:51:26.0844 2868 tcpipreg - ok
19:51:26.0874 2868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:51:26.0942 2868 TDPIPE - ok
19:51:26.0989 2868 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:51:27.0045 2868 TDTCP - ok
19:51:27.0223 2868 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:51:27.0258 2868 tdx - ok
19:51:27.0302 2868 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:51:27.0314 2868 TermDD - ok
19:51:27.0608 2868 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:51:27.0693 2868 TermService - ok
19:51:27.0732 2868 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:51:27.0800 2868 Themes - ok
19:51:27.0834 2868 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:51:27.0868 2868 THREADORDER - ok
19:51:27.0886 2868 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:51:27.0933 2868 TrkWks - ok
19:51:28.0004 2868 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:51:28.0100 2868 TrustedInstaller - ok
19:51:28.0223 2868 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:51:28.0291 2868 tssecsrv - ok
19:51:28.0352 2868 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:51:28.0395 2868 TsUsbFlt - ok
19:51:28.0451 2868 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:51:28.0502 2868 tunnel - ok
19:51:28.0536 2868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:51:28.0548 2868 uagp35 - ok
19:51:28.0598 2868 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:51:28.0705 2868 udfs - ok
19:51:28.0778 2868 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:51:28.0823 2868 UI0Detect - ok
19:51:28.0855 2868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:51:28.0869 2868 uliagpkx - ok
19:51:28.0910 2868 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:51:28.0959 2868 umbus - ok
19:51:28.0988 2868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:51:29.0042 2868 UmPass - ok
19:51:29.0095 2868 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:51:29.0151 2868 upnphost - ok
19:51:29.0384 2868 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:51:29.0466 2868 USBAAPL64 - ok
19:51:29.0509 2868 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:51:29.0554 2868 usbccgp - ok
19:51:29.0796 2868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:51:29.0842 2868 usbcir - ok
19:51:29.0952 2868 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:51:30.0014 2868 usbehci - ok
19:51:30.0123 2868 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:51:30.0187 2868 usbhub - ok
19:51:30.0222 2868 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:51:30.0253 2868 usbohci - ok
19:51:30.0300 2868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:51:30.0327 2868 usbprint - ok
19:51:30.0360 2868 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:51:30.0392 2868 usbscan - ok
19:51:30.0417 2868 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:51:30.0460 2868 USBSTOR - ok
19:51:30.0497 2868 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:51:30.0525 2868 usbuhci - ok
19:51:30.0576 2868 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:51:30.0595 2868 usbvideo - ok
19:51:30.0630 2868 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:51:30.0680 2868 UxSms - ok
19:51:30.0714 2868 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:51:30.0727 2868 VaultSvc - ok
19:51:30.0755 2868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:51:30.0767 2868 vdrvroot - ok
19:51:30.0833 2868 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:51:30.0882 2868 vds - ok
19:51:30.0914 2868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:51:30.0929 2868 vga - ok
19:51:30.0954 2868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:51:31.0046 2868 VgaSave - ok
19:51:31.0082 2868 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:51:31.0095 2868 vhdmp - ok
19:51:31.0128 2868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:51:31.0160 2868 viaide - ok
19:51:31.0175 2868 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:51:31.0187 2868 volmgr - ok
19:51:31.0230 2868 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:51:31.0246 2868 volmgrx - ok
19:51:31.0291 2868 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:51:31.0307 2868 volsnap - ok
19:51:31.0359 2868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:51:31.0372 2868 vsmraid - ok
19:51:31.0761 2868 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:51:31.0892 2868 VSS - ok
19:51:32.0100 2868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:51:32.0158 2868 vwifibus - ok
19:51:32.0217 2868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:51:32.0268 2868 vwififlt - ok
19:51:32.0322 2868 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:51:32.0373 2868 vwifimp - ok
19:51:32.0430 2868 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:51:32.0471 2868 W32Time - ok
19:51:32.0503 2868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:51:32.0537 2868 WacomPen - ok
19:51:32.0591 2868 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:32.0699 2868 WANARP - ok
19:51:32.0718 2868 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:51:32.0751 2868 Wanarpv6 - ok
19:51:33.0054 2868 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:51:33.0138 2868 WatAdminSvc - ok
19:51:33.0264 2868 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:51:33.0361 2868 wbengine - ok
19:51:33.0462 2868 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:51:33.0487 2868 WbioSrvc - ok
19:51:33.0537 2868 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:51:33.0575 2868 wcncsvc - ok
19:51:33.0740 2868 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:51:33.0818 2868 WcsPlugInService - ok
19:51:33.0877 2868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:51:33.0913 2868 Wd - ok
19:51:34.0113 2868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:51:34.0162 2868 Wdf01000 - ok
19:51:34.0180 2868 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:51:34.0277 2868 WdiServiceHost - ok
19:51:34.0286 2868 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:51:34.0307 2868 WdiSystemHost - ok
19:51:34.0370 2868 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:51:34.0405 2868 WebClient - ok
19:51:34.0439 2868 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:51:34.0488 2868 Wecsvc - ok
19:51:34.0519 2868 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:51:34.0574 2868 wercplsupport - ok
19:51:34.0598 2868 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:51:34.0637 2868 WerSvc - ok
19:51:34.0701 2868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:51:34.0771 2868 WfpLwf - ok
19:51:34.0818 2868 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:51:34.0861 2868 WimFltr - ok
19:51:34.0886 2868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:51:34.0897 2868 WIMMount - ok
19:51:34.0903 2868 WinHttpAutoProxySvc - ok
19:51:34.0966 2868 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:51:35.0066 2868 Winmgmt - ok
19:51:35.0212 2868 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:51:35.0292 2868 WinRM - ok
19:51:35.0429 2868 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:51:35.0462 2868 WinUsb - ok
19:51:35.0523 2868 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:51:35.0568 2868 Wlansvc - ok
19:51:35.0655 2868 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:51:35.0679 2868 wlcrasvc - ok
19:51:36.0110 2868 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:51:36.0164 2868 wlidsvc - ok
19:51:36.0315 2868 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
19:51:36.0346 2868 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
19:51:36.0346 2868 wltrysvc - detected UnsignedFile.Multi.Generic (1)
19:51:36.0479 2868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:51:36.0523 2868 WmiAcpi - ok
19:51:36.0591 2868 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:51:36.0636 2868 wmiApSrv - ok
19:51:36.0699 2868 WMPNetworkSvc - ok
19:51:36.0730 2868 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:51:36.0819 2868 WPCSvc - ok
19:51:36.0867 2868 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:51:36.0941 2868 WPDBusEnum - ok
19:51:36.0973 2868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:51:37.0089 2868 ws2ifsl - ok
19:51:37.0134 2868 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
19:51:37.0160 2868 WSDPrintDevice - ok
19:51:37.0167 2868 WSearch - ok
19:51:37.0314 2868 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:51:37.0387 2868 wuauserv - ok
19:51:37.0517 2868 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:51:37.0560 2868 WudfPf - ok
19:51:37.0625 2868 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:51:37.0707 2868 WUDFRd - ok
19:51:37.0737 2868 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:51:37.0802 2868 wudfsvc - ok
19:51:37.0839 2868 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:51:37.0869 2868 WwanSvc - ok
19:51:38.0040 2868 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:51:38.0808 2868 \Device\Harddisk0\DR0 - ok
19:51:38.0815 2868 Boot (0x1200) (4046940496e35c5daa3dfd9c0f8e3648) \Device\Harddisk0\DR0\Partition0
19:51:38.0818 2868 \Device\Harddisk0\DR0\Partition0 - ok
19:51:38.0857 2868 Boot (0x1200) (c492ce314e762ce903309b1cc566aee9) \Device\Harddisk0\DR0\Partition1
19:51:38.0862 2868 \Device\Harddisk0\DR0\Partition1 - ok
19:51:38.0863 2868 ============================================================
19:51:38.0863 2868 Scan finished
19:51:38.0863 2868 ============================================================
19:51:38.0883 3468 Detected object count: 4
19:51:38.0883 3468 Actual detected object count: 4
19:52:22.0050 3468 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:22.0050 3468 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:22.0051 3468 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:22.0052 3468 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:22.0055 3468 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:22.0055 3468 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:52:22.0058 3468 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:52:22.0058 3468 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,550 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
16-May-2012, 08:02 PM #7
Continue as follows:

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2
  • Ensure that Combofix is saved directly to the Desktop <--- Very important
  • Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
  • Close any open browsers and any other programs you might have running
  • Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
  • Instructions for running Combofix available Here if required.
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why disabling autoruns is recommended.

*EXTRA NOTES*
  • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
  • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
  • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the log in next reply please...

Kevin
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
16-May-2012, 11:10 PM #8
ComboFix 12-05-16.02 - Dublino 05/16/2012 22:22:12.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2612 [GMT -4:00]
Running from: c:\users\Dublino\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Search Toolbar
c:\program files (x86)\Search Toolbar\icon.ico
c:\program files (x86)\Search Toolbar\SearchToolbar.dll
c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
c:\programdata\PCDr\5907\Downloads\15fc9c67-6e4d-42b6-b215-fee7bb01b1c7.dll
c:\programdata\SPL1B8D.tmp
c:\programdata\SPL3540.tmp
c:\programdata\SPL8050.tmp
c:\programdata\SPL95A2.tmp
c:\programdata\SPLC1B8.tmp
c:\programdata\SPLC543.tmp
c:\programdata\SPLD181.tmp
c:\programdata\SPLD47B.tmp
c:\programdata\SPLE24D.tmp
c:\programdata\SPLF01C.tmp
c:\users\Dublino\AppData\Roaming\Install.dat
c:\users\Dublino\AppData\Roaming\Microsoft\~DFK2e463352.tmp
c:\users\Dublino\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Dublino\AppData\Roaming\Microsoft\bass.dll
c:\users\Dublino\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Dublino\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Dublino\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Dublino\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Dublino\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Dublino\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Dublino\g2mdlhlpx.exe
c:\users\Dublino\uz.dat
.
.
((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
.
.
2012-05-17 02:36 . 2012-05-17 02:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-12 05:34 . 2012-05-12 05:34 -------- d-----w- c:\users\Dublino\AppData\Roaming\McAfee
2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\users\Dublino\AppData\Roaming\Malwarebytes
2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\programdata\Malwarebytes
2012-05-11 15:27 . 2012-05-11 15:27 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-05-11 15:26 . 2012-05-11 15:26 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-11 15:26 . 2012-05-11 15:26 -------- d-----w- c:\program files (x86)\Java
2012-05-10 22:38 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 22:38 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-10 22:38 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 22:38 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 22:38 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-10 22:38 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-10 22:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 22:37 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 22:37 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-10 22:37 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 22:37 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 22:36 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-10 22:36 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 12:40 . 2012-05-09 12:40 -------- d-----w- c:\users\Dublino\AppData\Local\WinZip
2012-05-02 22:17 . 2012-05-04 00:44 -------- d-----w- c:\users\Dublino\AppData\Local\PSFactoryBuffer
2012-05-02 19:15 . 2012-05-02 19:15 -------- d-----w- c:\users\Dublino\AppData\Roaming\WinZip
2012-05-02 19:06 . 2012-05-02 19:17 -------- d-----w- c:\users\Dublino\AppData\Roaming\FileZilla
2012-05-02 18:58 . 2012-05-02 18:58 -------- d-----w- c:\programdata\WinZip
2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\programdata\Fitbit
2012-05-02 04:23 . 2011-12-01 09:46 31976 ----a-w- c:\windows\system32\drivers\SiLib.sys
2012-05-02 04:23 . 2011-12-01 09:46 26856 ----a-w- c:\windows\system32\drivers\SiUSBXp.sys
2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\program files (x86)\Fitbit
2012-05-01 13:48 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A83039D6-E3D3-463C-AC3D-DB3D35E407FF}\mpengine.dll
2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\users\Dublino\AppData\Roaming\Helios
2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\program files (x86)\TextPad 5
2012-04-26 17:43 . 2012-03-01 00:39 257784 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2012-04-26 17:43 . 2012-03-01 00:39 175864 ---ha-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2012-04-26 17:43 . 2012-03-01 00:39 421624 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2012-04-26 17:43 . 2012-03-01 00:39 231672 ----a-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
2012-04-26 17:43 . 2010-12-24 15:43 29288 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\users\Dublino\AppData\Roaming\Apowersoft
2012-04-26 17:43 . 2012-03-01 00:39 362232 ----a-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
2012-04-26 17:43 . 2012-03-01 00:39 574200 ----a-w- c:\windows\system32\BytescoutScreenCapturing.dll
2012-04-26 17:43 . 2008-09-23 23:23 65536 ---ha-w- c:\windows\SysWow64\WebCamLib.dll
2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\program files (x86)\Apowersoft
2012-04-25 17:59 . 2012-04-25 17:59 -------- d-----w- c:\windows\SysWow64\Dell
2012-04-25 15:50 . 2012-04-25 15:50 -------- d-----w- c:\programdata\Dell V310-V510 Series
2012-04-20 03:03 . 2012-04-20 03:03 -------- d-----w- c:\windows\en
2012-04-20 02:58 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-04-20 02:54 . 2012-04-20 02:54 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dcbc613d1cd1ea002\MeshBetaRemover.exe
2012-04-20 02:54 . 2012-04-20 02:54 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DSETUP.dll
2012-04-20 02:54 . 2012-04-20 02:54 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DXSETUP.exe
2012-04-20 02:54 . 2012-04-20 02:54 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\dsetup32.dll
2012-04-20 01:51 . 2012-04-20 01:51 -------- d-----w- c:\users\Dublino\Pond5_T570643
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-11 15:26 . 2011-11-01 15:51 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-05 01:32 . 2012-04-11 13:08 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 01:32 . 2011-11-02 16:47 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 01:32 . 2012-04-11 13:32 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-24 21:32 . 2010-06-03 19:06 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-03-20 17:11 . 2012-02-01 21:00 162192 ----a-w- c:\windows\system32\mfevtps.exe
2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-01 06:46 . 2012-04-11 07:03 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-11 07:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-11 07:03 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-11 07:03 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-11 07:03 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-11 07:03 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-11 07:03 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-11 07:10 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-11 07:10 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-11 07:10 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-11 07:10 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-11 07:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 07:10 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-23 14:18 . 2012-01-31 22:00 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-22 17:29 . 2012-02-01 21:01 10248 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-02-22 17:29 . 2012-02-01 21:00 75936 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2012-02-22 17:29 . 2012-02-01 21:00 289664 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-02-22 17:29 . 2012-02-01 21:00 100912 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-02-22 17:29 . 2012-02-01 21:00 647208 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-02-22 17:29 . 2012-02-01 21:00 487296 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-02-22 17:29 . 2012-02-01 21:00 229528 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-02-22 17:29 . 2012-02-01 21:00 160792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-02-22 17:29 . 2012-02-01 21:00 65264 ----a-w- c:\windows\system32\drivers\cfwids.sys
2012-02-17 06:38 . 2012-03-14 15:46 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 15:46 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 15:46 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 15:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2011-04-24 02:20 . 2011-04-24 02:20 213176 ----a-w- c:\program files (x86)\FACons.exe
2011-04-24 02:17 . 2011-04-24 02:17 98488 ----a-w- c:\program files (x86)\FATrayMon.exe
2011-04-24 02:17 . 2011-04-24 02:17 1994936 ----a-w- c:\program files (x86)\FATrayAlert.exe
2011-04-24 02:17 . 2011-04-24 02:17 59064 ----a-w- c:\program files (x86)\LiteZip.dll
2011-04-24 02:17 . 2011-04-24 02:17 55992 ----a-w- c:\program files (x86)\LiteUnzip.dll
2011-04-24 02:17 . 2011-04-24 02:17 18104 ----a-w- c:\program files (x86)\FAEventMessage.dll
2011-04-24 02:17 . 2011-04-24 02:17 28856 ----a-w- c:\program files (x86)\FAVistaHelper.dll
2011-04-24 02:17 . 2011-04-24 02:17 2412728 ----a-w- c:\program files (x86)\FAService.exe
2011-04-24 02:17 . 2011-04-24 02:17 213176 ----a-w- c:\program files (x86)\FAConsU.exe
2011-04-24 02:17 . 2011-04-24 02:17 250040 ----a-w- c:\program files (x86)\FASuppMon.exe
2011-04-24 02:17 . 2011-04-24 02:17 14008 ----a-w- c:\program files (x86)\FASuppL.dll
2011-04-24 02:17 . 2011-04-24 02:17 29368 ----a-w- c:\program files (x86)\FAResource.dll
2011-04-24 02:17 . 2011-04-24 02:17 176312 ----a-w- c:\program files (x86)\FASecFacX.exe
2011-04-24 02:17 . 2011-04-24 02:17 52920 ----a-w- c:\program files (x86)\SSOIEAddonPS.dll
2011-04-24 02:16 . 2011-04-24 02:16 582328 ----a-w- c:\program files (x86)\FAIESSO.dll
2011-04-24 02:16 . 2011-04-24 02:16 291000 ----a-w- c:\program files (x86)\FAEnrollWiz.exe
2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFAConsU.exe
2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFACons.exe
2011-04-24 02:16 . 2011-04-24 02:16 57528 ----a-w- c:\program files (x86)\FAStartup.exe
2011-04-24 02:16 . 2011-04-24 02:16 75960 ----a-w- c:\program files (x86)\devcon_x64.exe
2011-04-23 23:58 . 2011-04-23 23:58 32768 ----a-w- c:\program files (x86)\FAsvif.dll
2011-04-20 18:54 . 2011-04-20 18:54 40960 ----a-w- c:\program files (x86)\FATrackBarLib.dll
2011-03-14 19:09 . 2011-03-14 19:09 2044088 ----a-w- c:\program files (x86)\FAus.exe
2010-07-09 19:30 . 2010-07-09 19:30 128328 ----a-w- c:\program files (x86)\FAUpdateClient.exe
2010-06-16 14:35 . 2010-06-16 14:35 25600 ----a-w- c:\program files (x86)\FA_Helper.UAC.dll
2009-12-22 16:18 . 2009-12-22 16:18 2023424 ----a-w- c:\program files (x86)\QtCore4.dll
2009-12-08 21:35 . 2009-12-08 21:35 25928 ----a-w- c:\program files (x86)\FAAuG.exe
2009-09-29 07:47 . 2009-09-29 07:47 7507968 ----a-w- c:\program files (x86)\QtGui4.dll
2009-08-16 20:13 . 2009-08-16 20:13 523 ----a-w- c:\program files (x86)\PresetPSPowerPlan_Vista.bat
2009-02-13 23:46 . 2009-02-13 23:46 895 ----a-w- c:\program files (x86)\UpdatePSPowerPlan_Vista.bat
2008-12-11 17:59 . 2008-12-11 17:59 41 ----a-w- c:\program files (x86)\FAstopstart.bat
2006-07-11 22:02 . 2006-07-11 22:02 1053184 ----a-w- c:\program files (x86)\MFC71u.dll
2003-03-19 01:20 . 2003-03-19 01:20 1060864 ----a-w- c:\program files (x86)\MFC71.dll
2003-03-19 01:05 . 2003-03-19 01:05 89088 ----a-w- c:\program files (x86)\atl71.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Dublino\AppData\Roaming\Spotify\Spotify.exe" [2012-05-11 9478320]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17151624]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Fitbit Service Monitor"="c:\program files (x86)\Fitbit\fitbit-tray.exe" [2011-10-26 2164256]
"Amazon Cloud Drive"="c:\users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe" [2012-03-28 380776]
"Spotify Web Helper"="c:\users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe " [2012-05-11 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ru n]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"Dell V310-V510 Series"="c:\program files (x86)\Dell V310-V510 Series\fm3032.exe" [2010-01-18 316072]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"BCSSync"="c:\program files (x86)\Microsoft Office10\Office14\BCSSync.exe" [2010-03-13 91520]
"FATrayAlert"="c:\program files (x86)\FATrayMon.exe" [2011-04-24 98488]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-05-04 136416]
"Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2011-05-04 144608]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Dublino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
Dropbox.lnk - c:\users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscs vc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office10\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2010-01-07 1052328]
S2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\s pool\DRIVERS\x64\3\\dleaserv.exe [2010-01-07 33448]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 FAService;FAService;c:\program files (x86)\FAService.exe [2011-04-24 2412728]
S2 Fitbit;Fitbit Data Uploader;c:\program files (x86)\Fitbit\fitbit.exe [2011-10-26 788000]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-10-22 517632]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-05-04 25824]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-03-08 341832]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\A powersoft_AudioDevice.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 01:32]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001Core.job
- c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001UA.job
- c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
.
2012-05-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-05-17 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-05-13 c:\windows\Tasks\vtscheduletask.job
- c:\program files (x86)\McAfee\Supportability\MVT\MvtApp.exe [2012-05-12 05:33]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-01-18 770728]
"EzPrint"="c:\program files (x86)\Dell V310-V510 Series\ezprint.exe" [2010-01-18 139944]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIDFEA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIDFEA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-FAStartup - (no file)
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
SafeBoot-rpcnet
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-FITBIT&10C4&84C4 - c:\program files (x86)\Fitbit\Base Station\DriverUninstaller.exe USBXpress\FITBIT&10C4&84C4
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_ 2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00, 79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00, \
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-05-16 22:47:16 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-17 02:47
.
Pre-Run: 295,126,351,872 bytes free
Post-Run: 297,354,592,256 bytes free
.
- - End Of File - - B6EE265911D260A2F83BF7895440AB30
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
16-May-2012, 11:12 PM #9
I must be honest. I ran this, and then freaked out when it rebooted and I couldn't launch any applications (including IE) and so couldn't get back to this site. When that happened I did a RESTORE to the point created by COMBOFIX, and so I may have to do it again, but here's the report it generated for your review. Better safe than sorry, as I need my computer every day. Let me know if that's common, or screwed anything up, or if I should run it again, and just restart again at that point in the process. Thanks
Tony
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,550 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
17-May-2012, 03:19 AM #10
What exactly happened when you tried to launch an application, I do not see anything that CF removed that should cause that issue.
When you tried to launch an app did you get an alert saying it had been marked for deletion? If that happened another re-boot would clear the alert, I gave that warning in the instructions.
If the deletion alert is what happened rerun CF and follow the instructions. If it was something different post back and let me know...

Kevin
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
17-May-2012, 03:49 PM #11
ComboFix 12-05-17.05 - Dublino 05/17/2012 15:00:01.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2867 [GMT -4:00]
Running from: c:\users\Dublino\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Search Toolbar
c:\program files (x86)\Search Toolbar\icon.ico
c:\program files (x86)\Search Toolbar\SearchToolbar.dll
c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
c:\programdata\PCDr\5907\Downloads\15fc9c67-6e4d-42b6-b215-fee7bb01b1c7.dll
c:\users\Dublino\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Dublino\AppData\Roaming\Microsoft\bass.dll
c:\users\Dublino\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Dublino\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Dublino\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Dublino\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Dublino\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Dublino\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Dublino\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
.
.
2012-05-17 19:16 . 2012-05-17 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-17 18:43 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34A190E5-B11C-40D7-8DA4-0FBB3B5A9853}\mpengine.dll
2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-12 05:34 . 2012-05-12 05:34 -------- d-----w- c:\users\Dublino\AppData\Roaming\McAfee
2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\users\Dublino\AppData\Roaming\Malwarebytes
2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\programdata\Malwarebytes
2012-05-11 15:27 . 2012-05-11 15:27 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-05-11 15:26 . 2012-05-11 15:26 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-11 15:26 . 2012-05-11 15:26 -------- d-----w- c:\program files (x86)\Java
2012-05-10 22:38 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 22:38 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-10 22:38 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 22:38 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 22:38 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-10 22:38 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-10 22:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 22:37 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 22:37 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-10 22:37 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 22:37 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 22:36 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-10 22:36 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 12:40 . 2012-05-09 12:40 -------- d-----w- c:\users\Dublino\AppData\Local\WinZip
2012-05-02 22:17 . 2012-05-04 00:44 -------- d-----w- c:\users\Dublino\AppData\Local\PSFactoryBuffer
2012-05-02 19:15 . 2012-05-02 19:15 -------- d-----w- c:\users\Dublino\AppData\Roaming\WinZip
2012-05-02 19:06 . 2012-05-02 19:17 -------- d-----w- c:\users\Dublino\AppData\Roaming\FileZilla
2012-05-02 18:58 . 2012-05-02 18:58 -------- d-----w- c:\programdata\WinZip
2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\programdata\Fitbit
2012-05-02 04:23 . 2011-12-01 09:46 31976 ----a-w- c:\windows\system32\drivers\SiLib.sys
2012-05-02 04:23 . 2011-12-01 09:46 26856 ----a-w- c:\windows\system32\drivers\SiUSBXp.sys
2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\program files (x86)\Fitbit
2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\users\Dublino\AppData\Roaming\Helios
2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\program files (x86)\TextPad 5
2012-04-26 17:43 . 2012-03-01 00:39 257784 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2012-04-26 17:43 . 2012-03-01 00:39 175864 ---ha-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2012-04-26 17:43 . 2012-03-01 00:39 421624 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2012-04-26 17:43 . 2012-03-01 00:39 231672 ----a-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
2012-04-26 17:43 . 2010-12-24 15:43 29288 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\users\Dublino\AppData\Roaming\Apowersoft
2012-04-26 17:43 . 2012-03-01 00:39 362232 ----a-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
2012-04-26 17:43 . 2012-03-01 00:39 574200 ----a-w- c:\windows\system32\BytescoutScreenCapturing.dll
2012-04-26 17:43 . 2008-09-23 23:23 65536 ---ha-w- c:\windows\SysWow64\WebCamLib.dll
2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\program files (x86)\Apowersoft
2012-04-25 17:59 . 2012-04-25 17:59 -------- d-----w- c:\windows\SysWow64\Dell
2012-04-25 15:50 . 2012-04-25 15:50 -------- d-----w- c:\programdata\Dell V310-V510 Series
2012-04-20 03:03 . 2012-04-20 03:03 -------- d-----w- c:\windows\en
2012-04-20 02:58 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-04-20 02:54 . 2012-04-20 02:54 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dcbc613d1cd1ea002\MeshBetaRemover.exe
2012-04-20 02:54 . 2012-04-20 02:54 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DSETUP.dll
2012-04-20 02:54 . 2012-04-20 02:54 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DXSETUP.exe
2012-04-20 02:54 . 2012-04-20 02:54 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\dsetup32.dll
2012-04-20 01:51 . 2012-04-20 01:51 -------- d-----w- c:\users\Dublino\Pond5_T570643
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-11 15:26 . 2011-11-01 15:51 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-05 01:32 . 2012-04-11 13:08 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 01:32 . 2011-11-02 16:47 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 01:32 . 2012-04-11 13:32 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-24 21:32 . 2010-06-03 19:06 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-03-20 17:11 . 2012-02-01 21:00 162192 ----a-w- c:\windows\system32\mfevtps.exe
2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-01 06:46 . 2012-04-11 07:03 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-11 07:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-11 07:03 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-11 07:03 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-11 07:03 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-11 07:03 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-11 07:03 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-11 07:10 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-11 07:10 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-11 07:10 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-11 07:10 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-11 07:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 07:10 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-23 14:18 . 2012-01-31 22:00 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-22 17:29 . 2012-02-01 21:01 10248 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2012-02-22 17:29 . 2012-02-01 21:00 75936 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2012-02-22 17:29 . 2012-02-01 21:00 289664 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-02-22 17:29 . 2012-02-01 21:00 100912 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2012-02-22 17:29 . 2012-02-01 21:00 647208 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-02-22 17:29 . 2012-02-01 21:00 487296 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2012-02-22 17:29 . 2012-02-01 21:00 229528 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2012-02-22 17:29 . 2012-02-01 21:00 160792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2012-02-22 17:29 . 2012-02-01 21:00 65264 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-24 02:20 . 2011-04-24 02:20 213176 ----a-w- c:\program files (x86)\FACons.exe
2011-04-24 02:17 . 2011-04-24 02:17 98488 ----a-w- c:\program files (x86)\FATrayMon.exe
2011-04-24 02:17 . 2011-04-24 02:17 1994936 ----a-w- c:\program files (x86)\FATrayAlert.exe
2011-04-24 02:17 . 2011-04-24 02:17 59064 ----a-w- c:\program files (x86)\LiteZip.dll
2011-04-24 02:17 . 2011-04-24 02:17 55992 ----a-w- c:\program files (x86)\LiteUnzip.dll
2011-04-24 02:17 . 2011-04-24 02:17 18104 ----a-w- c:\program files (x86)\FAEventMessage.dll
2011-04-24 02:17 . 2011-04-24 02:17 28856 ----a-w- c:\program files (x86)\FAVistaHelper.dll
2011-04-24 02:17 . 2011-04-24 02:17 2412728 ----a-w- c:\program files (x86)\FAService.exe
2011-04-24 02:17 . 2011-04-24 02:17 213176 ----a-w- c:\program files (x86)\FAConsU.exe
2011-04-24 02:17 . 2011-04-24 02:17 250040 ----a-w- c:\program files (x86)\FASuppMon.exe
2011-04-24 02:17 . 2011-04-24 02:17 14008 ----a-w- c:\program files (x86)\FASuppL.dll
2011-04-24 02:17 . 2011-04-24 02:17 29368 ----a-w- c:\program files (x86)\FAResource.dll
2011-04-24 02:17 . 2011-04-24 02:17 176312 ----a-w- c:\program files (x86)\FASecFacX.exe
2011-04-24 02:17 . 2011-04-24 02:17 52920 ----a-w- c:\program files (x86)\SSOIEAddonPS.dll
2011-04-24 02:16 . 2011-04-24 02:16 582328 ----a-w- c:\program files (x86)\FAIESSO.dll
2011-04-24 02:16 . 2011-04-24 02:16 291000 ----a-w- c:\program files (x86)\FAEnrollWiz.exe
2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFAConsU.exe
2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFACons.exe
2011-04-24 02:16 . 2011-04-24 02:16 57528 ----a-w- c:\program files (x86)\FAStartup.exe
2011-04-24 02:16 . 2011-04-24 02:16 75960 ----a-w- c:\program files (x86)\devcon_x64.exe
2011-04-23 23:58 . 2011-04-23 23:58 32768 ----a-w- c:\program files (x86)\FAsvif.dll
2011-04-20 18:54 . 2011-04-20 18:54 40960 ----a-w- c:\program files (x86)\FATrackBarLib.dll
2011-03-14 19:09 . 2011-03-14 19:09 2044088 ----a-w- c:\program files (x86)\FAus.exe
2010-07-09 19:30 . 2010-07-09 19:30 128328 ----a-w- c:\program files (x86)\FAUpdateClient.exe
2010-06-16 14:35 . 2010-06-16 14:35 25600 ----a-w- c:\program files (x86)\FA_Helper.UAC.dll
2009-12-22 16:18 . 2009-12-22 16:18 2023424 ----a-w- c:\program files (x86)\QtCore4.dll
2009-12-08 21:35 . 2009-12-08 21:35 25928 ----a-w- c:\program files (x86)\FAAuG.exe
2009-09-29 07:47 . 2009-09-29 07:47 7507968 ----a-w- c:\program files (x86)\QtGui4.dll
2009-08-16 20:13 . 2009-08-16 20:13 523 ----a-w- c:\program files (x86)\PresetPSPowerPlan_Vista.bat
2009-02-13 23:46 . 2009-02-13 23:46 895 ----a-w- c:\program files (x86)\UpdatePSPowerPlan_Vista.bat
2008-12-11 17:59 . 2008-12-11 17:59 41 ----a-w- c:\program files (x86)\FAstopstart.bat
2006-07-11 22:02 . 2006-07-11 22:02 1053184 ----a-w- c:\program files (x86)\MFC71u.dll
2003-03-19 01:20 . 2003-03-19 01:20 1060864 ----a-w- c:\program files (x86)\MFC71.dll
2003-03-19 01:05 . 2003-03-19 01:05 89088 ----a-w- c:\program files (x86)\atl71.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Dublino\AppData\Roaming\Spotify\Spotify.exe" [2012-05-11 9478320]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17151624]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Fitbit Service Monitor"="c:\program files (x86)\Fitbit\fitbit-tray.exe" [2011-10-26 2164256]
"Amazon Cloud Drive"="c:\users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe" [2012-03-28 380776]
"Spotify Web Helper"="c:\users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe " [2012-05-11 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ru n]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"FAStartup"="" [BU]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [BU]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"Dell V310-V510 Series"="c:\program files (x86)\Dell V310-V510 Series\fm3032.exe" [2010-01-18 316072]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"BCSSync"="c:\program files (x86)\Microsoft Office10\Office14\BCSSync.exe" [2010-03-13 91520]
"FATrayAlert"="c:\program files (x86)\FATrayMon.exe" [2011-04-24 98488]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-05-04 136416]
"Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2011-05-04 144608]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Dublino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
Dropbox.lnk - c:\users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscs vc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office10\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2010-01-07 1052328]
S2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\s pool\DRIVERS\x64\3\\dleaserv.exe [2010-01-07 33448]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 FAService;FAService;c:\program files (x86)\FAService.exe [2011-04-24 2412728]
S2 Fitbit;Fitbit Data Uploader;c:\program files (x86)\Fitbit\fitbit.exe [2011-10-26 788000]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-10-22 517632]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-05-04 25824]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-03-08 341832]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\A powersoft_AudioDevice.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 01:32]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001Core.job
- c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001UA.job
- c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
.
2012-05-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-05-17 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-05-13 c:\windows\Tasks\vtscheduletask.job
- c:\program files (x86)\McAfee\Supportability\MVT\MvtApp.exe [2012-05-12 05:33]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-01-18 770728]
"EzPrint"="c:\program files (x86)\Dell V310-V510 Series\ezprint.exe" [2010-01-18 139944]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIDFEA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIDFEA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_ 2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00, 79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00, \
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-05-17 15:26:38 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-17 19:26
ComboFix2.txt 2012-05-17 02:47
.
Pre-Run: 295,899,144,192 bytes free
Post-Run: 295,395,549,184 bytes free
.
- - End Of File - - EBDDB6B2506881FCAB22CAFE4B42FBB9
TonyDublino's Avatar
TonyDublino TonyDublino is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: May 2012
Experience: Intermediate
17-May-2012, 03:50 PM #12
That's what I got after restoring, and running again. I wanted to post it again, as I am not sure what to do next. Tony
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,550 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
17-May-2012, 04:44 PM #13
What exactly do you mean by this:

Quote:
That's what I got after restoring, and running again.
What did you get? are you able to continue? The issues you mentioned before, are they ok now...

If you can continue run the following and post its log:

Run ESET Online Scan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.
  • Check
  • Click the button.
  • Accept any security warnings from your browser.
  • Check
  • Leave the tick out of remove found threats
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push
  • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the button.
  • Push
You can refer to this animation by neomage if needed.
Frequently asked questions available Here Please read them before running the scan.

Also be aware this scan can take several hours to complete depending on the size of your system.

ESET log can be found here "C:\Program Files\ESET\EsetOnlineScanner\log.txt".

Last edited by kevinf80; 17-May-2012 at 05:18 PM..
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
redirect trojan

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑