1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Ads playing in the background on my PC

Discussion in 'Virus & Other Malware Removal' started by thedej, Jul 11, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. thedej

    thedej Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    4
    Before I begin - let me first say THANK YOU!! I have ads playing in the background on my PC. They play even when no browser windows are open. It takes a couple of minutes for them to start playing after I start my computer and then play for a while. My internet has also begun to redirect my Google searches from the links to advertisements. I have McAfee Security. The PC is a Dell Inspiron
    The results of the scans you require are as follows (after the sysinfo information).


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:29:42 PM, on 7/11/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = g.msn.com/USCON/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120625171752.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    O4 - HKLM\..\Run: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {57F867E0-774E-488B-A93C-856BEA66668F} (XataXMLCore.XMLCore) - https://www.xatanet.com/XataNet/XATA XML Core.cab
    O16 - DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} (Image Uploader Control) - http://www.mpix.com/customer/uploading/scripts7/ImageUploader7.cab
    O16 - DPF: {8EC5D5F5-4D7D-435F-A578-A08B2F47A8D3} (XataClientCacheVer Class) - https://www.xatanet.com/XataNet/XATA Trip Control.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    O23 - Service: FlipShare Server (FlipShareServer) - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Pharos Systems ComTaskMaster - Pharos Systems International - C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - c:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 16704 bytes

    DDS

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by DJ at 15:36:07 on 2012-07-11
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2471 [GMT -7:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files\mcafee.com\agent\mcagent.exe
    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k HPService
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    -netsvcs
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = g.msn.com/USCON/1
    uDefault_Page_URL = g.msn.com/USCON/1
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120625171752.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    mRun: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    StartupFolder: C:\Users\DJ\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    LSP: mswsock.dll
    Trusted Zone: intuit.com\ttlc
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {57F867E0-774E-488B-A93C-856BEA66668F} - hxxps://www.xatanet.com/XataNet/XATA%20XML%20Core.cab
    DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} - hxxp://www.mpix.com/customer/uploading/scripts7/ImageUploader7.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {8EC5D5F5-4D7D-435F-A578-A08B2F47A8D3} - hxxps://www.xatanet.com/XataNet/XATA%20Trip%20Control.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 10.0.0.1
    TCP: Interfaces\{5DA4CC76-7795-4A98-94D2-1ACFD492046D} : DhcpNameServer = 10.0.0.1
    TCP: Interfaces\{5DA4CC76-7795-4A98-94D2-1ACFD492046D}\05A48413 : DhcpNameServer = 4.4.4.4 68.87.76.182 68.87.76.182 68.87.78.134 192.168.1.1
    TCP: Interfaces\{5DA4CC76-7795-4A98-94D2-1ACFD492046D}\745756374714E425 : DhcpNameServer = 12.127.17.71 12.127.17.72
    TCP: Interfaces\{5DA4CC76-7795-4A98-94D2-1ACFD492046D}\7516378696E67602D416368696E656 : DhcpNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{5DA4CC76-7795-4A98-94D2-1ACFD492046D}\C696E6B6379737 : DhcpNameServer = 75.75.75.75 75.75.76.76
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO-X64: 0x1 - No File
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120625171752.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    mRun-x64: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-17 98208]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
    R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-6 249936]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-6 249936]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-12-17 199272]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-12-17 210584]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-12-17 162192]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-17 1692480]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-17 2533400]
    R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]
    R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-6 249936]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-10 257224]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-9-6 249936]
    .
    =============== Created Last 30 ================
    .
    2012-07-11 07:25:27 388096 ----a-r- C:\Users\DJ\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-07-11 07:25:26 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2012-07-11 07:08:43 20480 ----a-w- C:\Windows\svchost.exe
    2012-07-11 06:10:05 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-07-11 06:10:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-07-11 05:54:22 -------- d-----w- C:\Program Files (x86)\PC Tools
    2012-07-11 05:35:29 251528 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2012-07-11 05:35:26 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2012-07-11 05:34:44 -------- d-----w- C:\ProgramData\PC Tools
    2012-07-11 05:34:43 -------- d-----w- C:\Users\DJ\AppData\Roaming\TestApp
    2012-07-11 04:55:29 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-02 22:20:55 -------- d-----w- C:\Users\DJ\AppData\Local\{E3A9588F-7414-4CC1-A384-E54B31DB2F5F}
    2012-07-02 22:20:24 -------- d-----w- C:\Users\DJ\AppData\Local\{68387915-65DD-40A3-96ED-3BA52E21E8C8}
    2012-06-28 04:38:31 -------- d-----w- C:\Program Files\iPod
    2012-06-28 04:38:30 -------- d-----w- C:\Program Files\iTunes
    2012-06-28 04:38:30 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-06-24 03:36:45 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-24 03:36:09 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-24 03:35:54 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-24 03:35:54 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-14 03:59:13 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-06-14 03:59:13 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-06-14 03:59:13 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-06-14 03:59:12 208896 ----a-w- C:\Windows\System32\profsvc.dll
    2012-06-14 03:59:05 3144192 ----a-w- C:\Windows\System32\win32k.sys
    2012-06-14 03:59:04 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-06-14 03:59:02 3213824 ----a-w- C:\Windows\System32\msi.dll
    2012-06-14 03:59:01 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
    2012-06-14 03:58:53 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
    2012-06-14 03:58:53 1460224 ----a-w- C:\Windows\System32\crypt32.dll
    2012-06-14 03:58:53 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2012-06-14 03:58:52 140288 ----a-w- C:\Windows\System32\cryptnet.dll
    2012-06-14 03:58:52 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2012-06-14 03:58:51 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2012-06-12 12:57:35 -------- d-sh--w- C:\Windows\System32\%APPDATA%
    .
    ==================== Find3M ====================
    .
    2012-07-11 04:55:29 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-05 01:32:53 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2012-06-05 01:32:53 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-04-25 19:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    2012-04-25 19:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
    .
    ============= FINISH: 15:39:51.85 ===============

    GMER

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-07-11 16:33:50
    Windows 6.1.7600
    Running: 6u65dtn9.exe

    ---- Registry - GMER 1.0.15 ----
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38ba7a76
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38ba7a76 (not active ControlSet)
    ---- Files - GMER 1.0.15 ----
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\afr[6].htm 2286 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\FiveminCookieCache[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\fpi[4].htm 11760 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\pixel[2].htm 349 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\ddc[7].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\if[3].htm 1601 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\viapi[3].xml 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\context_sync[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\crossdomainCAEGRKSL.xml 392 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\beacon[1].htm 261 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\img_youtube[1].png 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\empty[2].gif 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\3458[1].xml 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\statstracker[5].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\AdDisplayTrackerServlet[3].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\AdDisplayTrackerServlet[4].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\BAK_OneClick_Vimeo_300x250_v5[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\IE9_FY13_MBW15_Web_US_1080p_23.98_H264_Master_v1_PreRoll_512k_640x360_16-9[1].flv 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\Show_RockNRap[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\ad[2].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\ad[3].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\ad[4].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\NORVC[2].swf 28033 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\ImageAdLoader[2].swf 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\freq[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\like[5].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9VDZ8XDH\breathtaking-miranda-kerr-talks-australia-healthy-living-652332[2].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\![3].gif 43 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\081006_TGLep27_TonyHawk[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\cse[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\B6758819[1].js 5967 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\errorPageStrings[2] 2013 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\pixel_adsafeprotected_com[3].gif 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\pixel_adsafeprotected_com[4].gif 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\1[4].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\sports-illustrated-clubzone-16[1].jpg 33467 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\fpi[3].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\oauth[1].htm 261 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\wireless_2012_big_day_30_us_linear_640x360_h264[1].mp4 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\viapi[1].xml 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\viapi[2].xml 155 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\ads[3].js 10126 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\beacon[3].htm 261 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\beacon[4].htm 261 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\beacon[5].htm 261 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\service[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\crossdomain[5].xml 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\dot[1].gif 43 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\si-club-add-021612-5[1].jpg 6161 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\imp[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\info_48[1] 4113 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\64f9983b2132f5bcacb9c24827542eb4[1].gif 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO4FJSJT\dref=http%253A%252F%252Fwww.environmentalgraffiti[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\style[1].css 7506 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\style[2].css 9724 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\higgs-boson-trigger-070412_thumb[1].jpg 3379 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\home_button[1].jpg 1248 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\hqdefault[3].jpg 11451 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\up-3[1].gif 3037 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\rubicon_300_250_atf-ros[1].htm 567 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\js_fab185ae64582ed2770626b5e7276da5[1].js 70370 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\juicy[1].htm 12368 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\index_02[1].jpg 475 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\index_08[1].jpg 715 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\photo-frame-patric-welch[1].png 45607 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\drupal[3].js 9501 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\dvtp_src[1].js 9038 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\6ab0c5fbb5f0c99b67d17fcf7fe7c4d8[1].png 510 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\8a[1].js 6016 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\gsm_169_evo2k12_sfxt_fin_om_070812_140[1].jpg 3782 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\jstag[1].js 23435 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\gsm_169_streetfighterxtekken_ep03_ot_vita_071112_178[1].jpg 3911 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\gsm_169_streetfighterxtekken_gp_sf_ot_vita_071112_140[1].jpg 3438 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\g[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\showAd[1].js 1489 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-club-add-021612-4[1].jpg 4966 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-10[1].jpg 6394 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-18[1].jpg 5556 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\GetAd[2].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\dolotasaling_com[1].htm 537 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\topnav_livetvchannel_up[1].png 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\topnav_sneakpreview_down[1].png 1120 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\sync[1].gif 42 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\maniatv_com[1].htm 58065 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\buy_now-price_03[1].jpg 2396 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\1px[1].gif 49 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\1px[2].gif 49 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\1[2].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\1[3].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\1_oly_120711_citi_chandler_role_thumb[1].jpg 7757 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\1_oly_120711_citi_love_role_thumb[1].jpg 6958 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\addtocart02[1].jpg 13155 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\addtomyyahoo4[1].gif 765 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-24[1].jpg 5104 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\interstitial[1].css 1430 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\interstitial[1].js 76019 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\front[1].js 11724 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\jquery.min[6].js 57254 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\OVE86ARFX_thumb[1].jpg 3276 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\2[1].jpg 4417 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\ads[1].js 8739 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\ID201207LEADERS071112_thumb[1].jpg 5049 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\visit[2].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\tumblr_m2bfohfk5o1qz87jlo1_400[1].jpg 28931 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\txt[1].js 231 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\spacer[1].gif 43 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-40[1].jpg 5962 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-43[1].jpg 5750 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-5[1].jpg 5555 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\si-swim-021612-6[1].jpg 5234 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9FOBKGDU\slide_active[1].png 1136 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\info[1].htm 191 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\iphone-repairguide_com[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\sprites_h_v1[1].png 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\35453-jessica-simpson[1].jpg 281979 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\rubicon_728_90_btf-ros[1].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\29526edb34378c3363eb6f847ae2f591[1].gif 16502 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\35450-kelly-clarkson[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\admeld_fds_vc_ron4[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\1[2].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\1[4].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\1[5].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\1[6].htm 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\bodybg[1].png 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\boxtop[1].gif 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\ddc[5].htm 12844 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\ddc[6].htm 12844 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\10[1].jpg 3510 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\11088_thumb[1].jpg 2656 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\loads[1].htm 3 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\loads[2].htm 3 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\Kara[1].jpg 88251 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\slide_inactive[1].png 221 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\SPL415974_thumb[1].jpg 4022 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\4[1].jpg 3910 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\50-awesome-iphone-apps-cover[1].png 27009 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\down-3[1].gif 3025 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\topnav_tvshows_up[1].png 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\ttj[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\tunetees[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\fpi[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\fpi[9].htm 11547 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\pixel[3].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\html-elements[1].css 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\gsm_169_streetfighterxtekken_gp_tk_ot_vita_071112_140[1].jpg 4030 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\guarantee-certificate[1].png 280232 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\script[3].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\ros[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\ros[2].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\showAd[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-club-add-021612-3[1].jpg 4864 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-15[1].jpg 5912 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-19[1].jpg 5498 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-1[1].jpg 6178 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-20[1].jpg 5660 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-21[1].jpg 5112 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-23[1].jpg 5211 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-32[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-34[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-7[1].jpg 5539 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\si-swim-021612-9[1].jpg 5539 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\counter[1].js 9068 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\35456-anne-hathaway[1].jpg 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\3[1].jpg 2690 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\416120451423[1].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\epx[1].gif 43 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MU02KEXI\event[10].js 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\R9DBVA4X.txt 1725 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\QQSJU0XH.txt 263 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\CR2PT61S.txt 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\UA733ON5.txt 85 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\25Z3WWF8.txt 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\AA57BZQV.txt 190 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\5NCN6WJD.txt 603 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\H4TW26AV.txt 196 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\YLDPZAU3.txt 505 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\IP22UQHQ.txt 139 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\0XEP6EBB.txt 0 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\NWAQHCZZ.txt 430 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\PE615JHW.txt 114 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\TRV7F0UJ.txt 1572 bytes
    File C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\ENU4T24R.txt 874 bytes
    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. thedej

    thedej Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    4
    Nothing has changed in the past few days, in fact I'm worked to even use the computer now. Any and all assistance is welcome. Thank you!
     
  3. thedej

    thedej Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    4
    I noticed that the members were having others with my situation run a TDSSkiller log so I did that and here are the results. I did not cure anything and will wait for assistance before proceeding. Thank you

    20:26:01.0427 2324 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
    20:26:01.0817 2324 ============================================================
    20:26:01.0817 2324 Current date / time: 2012/07/16 20:26:01.0817
    20:26:01.0817 2324 SystemInfo:
    20:26:01.0817 2324
    20:26:01.0817 2324 OS Version: 6.1.7600 ServicePack: 0.0
    20:26:01.0817 2324 Product type: Workstation
    20:26:01.0817 2324 ComputerName: DJ-PC
    20:26:01.0817 2324 UserName: DJ
    20:26:01.0817 2324 Windows directory: C:\Windows
    20:26:01.0817 2324 System windows directory: C:\Windows
    20:26:01.0817 2324 Running under WOW64
    20:26:01.0817 2324 Processor architecture: Intel x64
    20:26:01.0817 2324 Number of processors: 4
    20:26:01.0817 2324 Page size: 0x1000
    20:26:01.0817 2324 Boot type: Normal boot
    20:26:01.0817 2324 ============================================================
    20:26:05.0963 2324 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    20:26:05.0979 2324 ============================================================
    20:26:05.0979 2324 \Device\Harddisk0\DR0:
    20:26:05.0979 2324 MBR partitions:
    20:26:05.0979 2324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x1D4C000
    20:26:05.0979 2324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7EFCD, BlocksNum 0x38606863
    20:26:05.0979 2324 ============================================================
    20:26:06.0088 2324 C: <-> \Device\Harddisk0\DR0\Partition1
    20:26:06.0088 2324 ============================================================
    20:26:06.0088 2324 Initialize success
    20:26:06.0088 2324 ============================================================
    20:26:15.0588 3292 ============================================================
    20:26:15.0588 3292 Scan started
    20:26:15.0588 3292 Mode: Manual;
    20:26:15.0588 3292 ============================================================
    20:26:27.0335 3292 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
    20:26:27.0522 3292 1394ohci - ok
    20:26:28.0224 3292 ACPI (794ff35015209b9d44f1360c42c9776d) C:\Windows\system32\DRIVERS\ACPI.sys
    20:26:28.0926 3292 ACPI - ok
    20:26:29.0113 3292 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
    20:26:29.0113 3292 AcpiPmi - ok
    20:26:30.0049 3292 AdobeActiveFileMonitor10.0 (c245e08ec469a52a622efdc9787a0dcc) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
    20:26:30.0127 3292 AdobeActiveFileMonitor10.0 - ok
    20:26:32.0530 3292 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    20:26:33.0715 3292 AdobeFlashPlayerUpdateSvc - ok
    20:26:34.0542 3292 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    20:26:34.0605 3292 adp94xx - ok
    20:26:35.0104 3292 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    20:26:35.0104 3292 adpahci - ok
    20:26:35.0463 3292 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    20:26:35.0556 3292 adpu320 - ok
    20:26:35.0759 3292 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    20:26:35.0759 3292 AeLookupSvc - ok
    20:26:36.0102 3292 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    20:26:36.0165 3292 AERTFilters - ok
    20:26:36.0929 3292 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
    20:26:36.0976 3292 AFD - ok
    20:26:37.0225 3292 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
    20:26:37.0241 3292 agp440 - ok
    20:26:37.0725 3292 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    20:26:37.0771 3292 ALG - ok
    20:26:38.0052 3292 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
    20:26:38.0068 3292 aliide - ok
    20:26:38.0442 3292 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
    20:26:38.0442 3292 amdide - ok
    20:26:38.0614 3292 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    20:26:38.0629 3292 AmdK8 - ok
    20:26:38.0754 3292 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    20:26:38.0832 3292 AmdPPM - ok
    20:26:39.0160 3292 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
    20:26:39.0269 3292 amdsata - ok
    20:26:39.0909 3292 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    20:26:40.0080 3292 amdsbs - ok
    20:26:40.0283 3292 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
    20:26:40.0346 3292 amdxata - ok
    20:26:40.0705 3292 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
    20:26:40.0736 3292 AppID - ok
    20:26:40.0908 3292 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    20:26:40.0908 3292 AppIDSvc - ok
    20:26:41.0095 3292 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
    20:26:41.0204 3292 Appinfo - ok
    20:26:41.0798 3292 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    20:26:41.0907 3292 Apple Mobile Device - ok
    20:26:42.0079 3292 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    20:26:42.0110 3292 arc - ok
    20:26:42.0594 3292 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    20:26:42.0625 3292 arcsas - ok
    20:26:42.0937 3292 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    20:26:42.0953 3292 AsyncMac - ok
    20:26:43.0093 3292 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
    20:26:43.0155 3292 atapi - ok
    20:26:44.0341 3292 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
    20:26:46.0634 3292 AudioEndpointBuilder - ok
    20:26:46.0650 3292 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
    20:26:46.0650 3292 AudioSrv - ok
    20:26:47.0071 3292 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
    20:26:47.0118 3292 AxInstSV - ok
    20:26:48.0303 3292 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    20:26:48.0444 3292 b06bdrv - ok
    20:26:49.0115 3292 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    20:26:49.0333 3292 b57nd60a - ok
    20:26:57.0308 3292 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
    20:26:57.0495 3292 BCM43XX - ok
    20:27:00.0418 3292 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
    20:27:00.0508 3292 BcmVWL - ok
    20:27:00.0729 3292 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
    20:27:00.0789 3292 BDESVC - ok
    20:27:00.0909 3292 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    20:27:00.0919 3292 Beep - ok
    20:27:02.0250 3292 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
    20:27:02.0577 3292 BITS - ok
    20:27:02.0780 3292 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    20:27:02.0796 3292 blbdrive - ok
    20:27:03.0872 3292 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    20:27:03.0934 3292 Bonjour Service - ok
    20:27:04.0714 3292 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
    20:27:04.0808 3292 bowser - ok
    20:27:04.0870 3292 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    20:27:04.0870 3292 BrFiltLo - ok
    20:27:04.0870 3292 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    20:27:04.0886 3292 BrFiltUp - ok
    20:27:05.0214 3292 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
    20:27:05.0245 3292 Browser - ok
    20:27:05.0884 3292 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    20:27:05.0931 3292 Brserid - ok
    20:27:06.0196 3292 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    20:27:06.0212 3292 BrSerWdm - ok
    20:27:06.0259 3292 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    20:27:06.0274 3292 BrUsbMdm - ok
    20:27:06.0274 3292 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    20:27:06.0290 3292 BrUsbSer - ok
    20:27:06.0430 3292 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    20:27:06.0430 3292 BthEnum - ok
    20:27:06.0680 3292 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    20:27:06.0696 3292 BTHMODEM - ok
    20:27:07.0179 3292 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    20:27:07.0242 3292 BthPan - ok
    20:27:08.0521 3292 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
    20:27:08.0614 3292 BTHPORT - ok
    20:27:08.0802 3292 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    20:27:08.0802 3292 bthserv - ok
    20:27:08.0926 3292 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
    20:27:08.0989 3292 BTHUSB - ok
    20:27:09.0316 3292 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\Windows\system32\drivers\btusbflt.sys
    20:27:09.0379 3292 btusbflt - ok
    20:27:09.0784 3292 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
    20:27:09.0909 3292 btwaudio - ok
    20:27:10.0221 3292 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
    20:27:10.0268 3292 btwavdt - ok
    20:27:12.0530 3292 btwdins (10ffb5fa51d5713d872b41a59dfc2213) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    20:27:12.0577 3292 btwdins - ok
    20:27:12.0811 3292 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
    20:27:12.0889 3292 btwl2cap - ok
    20:27:13.0029 3292 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
    20:27:13.0092 3292 btwrchid - ok
    20:27:13.0263 3292 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    20:27:13.0279 3292 cdfs - ok
    20:27:13.0684 3292 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
    20:27:13.0825 3292 cdrom - ok
    20:27:14.0106 3292 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
    20:27:14.0137 3292 CertPropSvc - ok
    20:27:14.0808 3292 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
    20:27:14.0870 3292 cfwids - ok
    20:27:14.0979 3292 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    20:27:14.0979 3292 circlass - ok
    20:27:15.0744 3292 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    20:27:15.0775 3292 CLFS - ok
    20:27:16.0196 3292 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    20:27:16.0212 3292 clr_optimization_v2.0.50727_32 - ok
    20:27:16.0914 3292 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    20:27:17.0007 3292 clr_optimization_v2.0.50727_64 - ok
    20:27:18.0068 3292 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    20:27:18.0146 3292 clr_optimization_v4.0.30319_32 - ok
    20:27:19.0628 3292 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    20:27:19.0722 3292 clr_optimization_v4.0.30319_64 - ok
    20:27:19.0862 3292 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    20:27:19.0862 3292 CmBatt - ok
    20:27:19.0987 3292 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
    20:27:19.0987 3292 cmdide - ok
    20:27:22.0124 3292 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
    20:27:22.0280 3292 CNG - ok
    20:27:23.0200 3292 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    20:27:23.0200 3292 Compbatt - ok
    20:27:23.0341 3292 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
    20:27:23.0356 3292 CompositeBus - ok
    20:27:23.0403 3292 COMSysApp - ok
    20:27:23.0497 3292 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    20:27:23.0497 3292 crcdisk - ok
    20:27:24.0230 3292 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
    20:27:24.0433 3292 CryptSvc - ok
    20:27:24.0636 3292 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
    20:27:24.0745 3292 CtClsFlt - ok
    20:27:25.0244 3292 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
    20:27:25.0322 3292 DcomLaunch - ok
    20:27:25.0618 3292 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    20:27:25.0650 3292 defragsvc - ok
    20:27:26.0648 3292 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
    20:27:26.0679 3292 DfsC - ok
    20:27:27.0553 3292 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
    20:27:27.0631 3292 Dhcp - ok
    20:27:28.0816 3292 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    20:27:28.0816 3292 discache - ok
    20:27:29.0300 3292 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    20:27:29.0316 3292 Disk - ok
    20:27:29.0877 3292 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
    20:27:29.0955 3292 Dnscache - ok
    20:27:32.0483 3292 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
    20:27:32.0545 3292 DockLoginService - ok
    20:27:32.0919 3292 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
    20:27:32.0951 3292 dot3svc - ok
    20:27:33.0450 3292 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
    20:27:33.0465 3292 Dot4 - ok
    20:27:33.0840 3292 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    20:27:33.0840 3292 Dot4Print - ok
    20:27:34.0105 3292 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
    20:27:34.0105 3292 dot4usb - ok
    20:27:35.0025 3292 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
    20:27:35.0025 3292 DPS - ok
    20:27:35.0150 3292 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    20:27:35.0166 3292 drmkaud - ok
    20:27:37.0069 3292 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
    20:27:37.0256 3292 DXGKrnl - ok
    20:27:37.0646 3292 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    20:27:37.0662 3292 EapHost - ok
    20:27:43.0605 3292 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    20:27:44.0120 3292 ebdrv - ok
    20:27:45.0368 3292 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
    20:27:45.0384 3292 EFS - ok
    20:27:47.0599 3292 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
    20:27:47.0724 3292 ehRecvr - ok
    20:27:47.0895 3292 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    20:27:47.0911 3292 ehSched - ok
    20:27:49.0299 3292 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    20:27:49.0533 3292 elxstor - ok
    20:27:49.0580 3292 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
    20:27:49.0580 3292 ErrDev - ok
    20:27:50.0204 3292 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    20:27:50.0220 3292 EventSystem - ok
    20:27:50.0953 3292 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    20:27:50.0984 3292 exfat - ok
    20:27:51.0187 3292 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    20:27:51.0390 3292 fastfat - ok
    20:27:52.0778 3292 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
    20:27:52.0965 3292 Fax - ok
    20:27:53.0090 3292 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    20:27:53.0090 3292 fdc - ok
    20:27:53.0667 3292 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    20:27:53.0667 3292 fdPHost - ok
    20:27:53.0699 3292 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    20:27:53.0714 3292 FDResPub - ok
    20:27:53.0777 3292 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    20:27:53.0792 3292 FileInfo - ok
    20:27:53.0886 3292 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    20:27:53.0901 3292 Filetrace - ok
    20:27:55.0415 3292 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    20:27:55.0524 3292 FlipShare Service - ok
    20:27:58.0004 3292 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
    20:27:58.0129 3292 FlipShareServer - ok
    20:27:59.0549 3292 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    20:27:59.0549 3292 flpydisk - ok
    20:28:00.0282 3292 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
    20:28:00.0391 3292 FltMgr - ok
    20:28:02.0013 3292 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
    20:28:02.0294 3292 FontCache - ok
    20:28:02.0700 3292 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    20:28:02.0747 3292 FontCache3.0.0.0 - ok
    20:28:02.0949 3292 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    20:28:02.0996 3292 FsDepends - ok
    20:28:03.0355 3292 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
    20:28:03.0402 3292 Fs_Rec - ok
    20:28:03.0979 3292 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
    20:28:04.0010 3292 fvevol - ok
    20:28:04.0197 3292 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    20:28:04.0275 3292 gagp30kx - ok
    20:28:05.0289 3292 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
    20:28:05.0477 3292 GameConsoleService - ok
    20:28:05.0555 3292 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    20:28:05.0633 3292 GEARAspiWDM - ok
    20:28:05.0742 3292 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    20:28:05.0804 3292 GoToAssist - ok
    20:28:07.0037 3292 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
    20:28:07.0037 3292 gpsvc - ok
    20:28:07.0130 3292 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    20:28:07.0146 3292 hcw85cir - ok
    20:28:07.0614 3292 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    20:28:07.0614 3292 HDAudBus - ok
    20:28:07.0832 3292 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    20:28:07.0926 3292 HECIx64 - ok
    20:28:07.0988 3292 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    20:28:07.0988 3292 HidBatt - ok
    20:28:08.0097 3292 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    20:28:08.0129 3292 HidBth - ok
    20:28:08.0285 3292 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    20:28:08.0300 3292 HidIr - ok
    20:28:08.0363 3292 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
    20:28:08.0363 3292 hidserv - ok
    20:28:08.0737 3292 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
    20:28:08.0737 3292 HidUsb - ok
    20:28:09.0065 3292 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
    20:28:09.0096 3292 hkmsvc - ok
    20:28:09.0501 3292 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
    20:28:09.0517 3292 HomeGroupListener - ok
    20:28:09.0876 3292 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
    20:28:09.0891 3292 HomeGroupProvider - ok
    20:28:10.0531 3292 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
    20:28:10.0562 3292 hpqcxs08 - ok
    20:28:11.0030 3292 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
    20:28:11.0202 3292 hpqddsvc - ok
    20:28:11.0529 3292 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
    20:28:11.0576 3292 HpSAMD - ok
    20:28:13.0401 3292 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
    20:28:13.0495 3292 HPSLPSVC - ok
    20:28:14.0868 3292 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
    20:28:15.0726 3292 HTTP - ok
    20:28:15.0788 3292 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
    20:28:15.0788 3292 hwpolicy - ok
    20:28:16.0147 3292 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
    20:28:16.0178 3292 i8042prt - ok
    20:28:17.0504 3292 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
    20:28:17.0520 3292 iaStor - ok
    20:28:18.0300 3292 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
    20:28:18.0471 3292 iaStorV - ok
    20:28:20.0343 3292 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    20:28:20.0546 3292 idsvc - ok
    20:28:36.0817 3292 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys
    20:28:37.0223 3292 igfx - ok
    20:28:38.0767 3292 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    20:28:38.0767 3292 iirsp - ok
    20:28:39.0937 3292 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
    20:28:40.0077 3292 IKEEXT - ok
    20:28:40.0374 3292 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
    20:28:40.0467 3292 Impcd - ok
    20:28:43.0250 3292 IntcAzAudAddService (6e4ccb3aff07e2b9f2a937385c84b573) C:\Windows\system32\drivers\RTKVHD64.sys
    20:28:43.0562 3292 IntcAzAudAddService - ok
    20:28:45.0310 3292 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
    20:28:45.0356 3292 IntcDAud - ok
    20:28:45.0419 3292 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
    20:28:45.0419 3292 intelide - ok
    20:28:45.0653 3292 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    20:28:45.0653 3292 intelppm - ok
    20:28:46.0136 3292 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    20:28:46.0136 3292 IntuitUpdateService - ok
    20:28:46.0261 3292 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    20:28:46.0261 3292 IntuitUpdateServiceV4 - ok
    20:28:46.0511 3292 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    20:28:46.0558 3292 IPBusEnum - ok
    20:28:46.0682 3292 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    20:28:46.0698 3292 IpFilterDriver - ok
    20:28:46.0760 3292 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
    20:28:46.0776 3292 IPMIDRV - ok
    20:28:46.0932 3292 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    20:28:46.0963 3292 IPNAT - ok
    20:28:48.0320 3292 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
    20:28:48.0320 3292 iPod Service - ok
    20:28:48.0976 3292 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    20:28:48.0976 3292 IRENUM - ok
    20:28:49.0038 3292 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
    20:28:49.0054 3292 isapnp - ok
    20:28:49.0428 3292 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
    20:28:49.0475 3292 iScsiPrt - ok
    20:28:49.0771 3292 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    20:28:49.0787 3292 kbdclass - ok
    20:28:49.0927 3292 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
    20:28:49.0974 3292 kbdhid - ok
    20:28:50.0114 3292 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
    20:28:50.0130 3292 KeyIso - ok
    20:28:50.0333 3292 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
    20:28:50.0380 3292 KSecDD - ok
    20:28:50.0707 3292 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
    20:28:50.0738 3292 KSecPkg - ok
    20:28:50.0910 3292 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    20:28:50.0910 3292 ksthunk - ok
    20:28:51.0878 3292 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
    20:28:51.0878 3292 KtmRm - ok
    20:28:52.0269 3292 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
    20:28:52.0378 3292 L1C - ok
    20:28:52.0846 3292 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
    20:28:52.0846 3292 LanmanServer - ok
    20:28:53.0222 3292 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
    20:28:53.0237 3292 LanmanWorkstation - ok
    20:28:54.0361 3292 Lavasoft Kernexplorer - ok
    20:28:54.0704 3292 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    20:28:54.0719 3292 lltdio - ok
    20:28:55.0546 3292 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
    20:28:55.0546 3292 lltdsvc - ok
    20:28:55.0609 3292 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
    20:28:55.0609 3292 lmhosts - ok
    20:28:56.0123 3292 LMS (23d990150d56b670a62b21b9abdd45ee) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    20:28:56.0123 3292 LMS - ok
    20:28:56.0435 3292 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    20:28:56.0451 3292 LSI_FC - ok
    20:28:56.0701 3292 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    20:28:56.0747 3292 LSI_SAS - ok
    20:28:56.0903 3292 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    20:28:56.0919 3292 LSI_SAS2 - ok
    20:28:57.0075 3292 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    20:28:57.0091 3292 LSI_SCSI - ok
    20:28:57.0325 3292 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    20:28:57.0371 3292 luafv - ok
    20:28:58.0526 3292 mchInjDrv - ok
    20:28:59.0072 3292 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    20:28:59.0072 3292 McMPFSvc - ok
    20:28:59.0447 3292 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    20:28:59.0447 3292 mcmscsvc - ok
    20:28:59.0525 3292 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    20:28:59.0525 3292 McNaiAnn - ok
    20:28:59.0556 3292 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    20:28:59.0556 3292 McNASvc - ok
    20:29:00.0556 3292 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\mcafee\VirusScan\mcods.exe
    20:29:00.0556 3292 McODS - ok
    20:29:00.0587 3292 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    20:29:00.0587 3292 McOobeSv - ok
    20:29:00.0587 3292 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    20:29:00.0587 3292 McProxy - ok
    20:29:00.0977 3292 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    20:29:00.0977 3292 McShield - ok
    20:29:02.0522 3292 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
    20:29:02.0522 3292 Mcx2Svc - ok
    20:29:02.0756 3292 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    20:29:02.0756 3292 megasas - ok
    20:29:03.0256 3292 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    20:29:03.0256 3292 MegaSR - ok
    20:29:03.0724 3292 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
    20:29:03.0724 3292 mfeapfk - ok
    20:29:04.0363 3292 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
    20:29:04.0363 3292 mfeavfk - ok
    20:29:04.0488 3292 mfeavfk01 - ok
    20:29:04.0800 3292 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    20:29:04.0816 3292 mfefire - ok
    20:29:05.0252 3292 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
    20:29:05.0252 3292 mfefirek - ok
    20:29:06.0204 3292 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
    20:29:06.0220 3292 mfehidk - ok
    20:29:06.0376 3292 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
    20:29:06.0376 3292 mfenlfk - ok
    20:29:06.0750 3292 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
    20:29:06.0750 3292 mferkdet - ok
    20:29:07.0202 3292 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
    20:29:07.0202 3292 mfevtp - ok
    20:29:07.0624 3292 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
    20:29:07.0624 3292 mfewfpk - ok
    20:29:07.0748 3292 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    20:29:07.0748 3292 MMCSS - ok
    20:29:07.0858 3292 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    20:29:07.0858 3292 Modem - ok
    20:29:07.0967 3292 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    20:29:07.0967 3292 monitor - ok
    20:29:08.0107 3292 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    20:29:08.0107 3292 mouclass - ok
    20:29:08.0232 3292 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    20:29:08.0232 3292 mouhid - ok
    20:29:08.0419 3292 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
    20:29:08.0497 3292 mountmgr - ok
    20:29:08.0762 3292 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
    20:29:08.0762 3292 mpio - ok
    20:29:08.0887 3292 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    20:29:08.0887 3292 mpsdrv - ok
    20:29:08.0965 3292 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
    20:29:08.0965 3292 MRxDAV - ok
    20:29:09.0293 3292 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    20:29:09.0293 3292 mrxsmb - ok
    20:29:09.0839 3292 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    20:29:09.0839 3292 mrxsmb10 - ok
    20:29:10.0182 3292 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    20:29:10.0182 3292 mrxsmb20 - ok
    20:29:10.0307 3292 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
    20:29:10.0307 3292 msahci - ok
    20:29:10.0634 3292 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
    20:29:10.0634 3292 msdsm - ok
    20:29:10.0681 3292 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
    20:29:10.0697 3292 MSDTC - ok
    20:29:10.0822 3292 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    20:29:10.0822 3292 Msfs - ok
    20:29:10.0946 3292 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    20:29:10.0946 3292 mshidkmdf - ok
    20:29:10.0993 3292 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
    20:29:10.0993 3292 msisadrv - ok
    20:29:11.0321 3292 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
    20:29:11.0321 3292 MSiSCSI - ok
    20:29:11.0321 3292 msiserver - ok
    20:29:11.0633 3292 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    20:29:11.0633 3292 MSKSSRV - ok
    20:29:11.0633 3292 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    20:29:11.0633 3292 MSPCLOCK - ok
    20:29:11.0664 3292 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    20:29:11.0664 3292 MSPQM - ok
    20:29:12.0070 3292 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
    20:29:12.0070 3292 MsRPC - ok
    20:29:12.0241 3292 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
    20:29:12.0241 3292 mssmbios - ok
    20:29:12.0428 3292 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    20:29:12.0428 3292 MSTEE - ok
    20:29:12.0475 3292 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    20:29:12.0475 3292 MTConfig - ok
    20:29:12.0694 3292 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    20:29:12.0694 3292 Mup - ok
    20:29:13.0162 3292 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
    20:29:13.0162 3292 napagent - ok
    20:29:14.0020 3292 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    20:29:14.0020 3292 NativeWifiP - ok
    20:29:15.0517 3292 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
    20:29:17.0545 3292 NDIS - ok
    20:29:18.0154 3292 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    20:29:18.0154 3292 NdisCap - ok
    20:29:18.0668 3292 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    20:29:18.0668 3292 NdisTapi - ok
    20:29:18.0965 3292 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
    20:29:18.0965 3292 Ndisuio - ok
    20:29:19.0168 3292 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
    20:29:19.0168 3292 NdisWan - ok
    20:29:19.0246 3292 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
    20:29:19.0246 3292 NDProxy - ok
    20:29:21.0008 3292 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
    20:29:21.0024 3292 Net Driver HPZ12 - ok
    20:29:21.0211 3292 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    20:29:21.0211 3292 NetBIOS - ok
    20:29:21.0632 3292 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
    20:29:21.0726 3292 NetBT - ok
    20:29:21.0773 3292 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
    20:29:21.0788 3292 Netlogon - ok
    20:29:22.0412 3292 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
    20:29:22.0428 3292 Netman - ok
    20:29:23.0083 3292 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
    20:29:23.0114 3292 netprofm - ok
    20:29:23.0692 3292 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    20:29:23.0692 3292 NetTcpPortSharing - ok
    20:29:23.0894 3292 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    20:29:23.0894 3292 nfrd960 - ok
    20:29:24.0331 3292 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
    20:29:24.0363 3292 NlaSvc - ok
    20:29:24.0409 3292 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    20:29:24.0409 3292 Npfs - ok
    20:29:24.0487 3292 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
    20:29:24.0487 3292 nsi - ok
    20:29:24.0534 3292 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    20:29:24.0534 3292 nsiproxy - ok
    20:29:25.0767 3292 Ntfs (1ad8fef2d6ac7116b68b887a9782fd33) C:\Windows\system32\drivers\Ntfs.sys
    20:29:25.0923 3292 Ntfs - ok
    20:29:27.0607 3292 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    20:29:27.0607 3292 Null - ok
    20:29:27.0639 3292 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    20:29:27.0639 3292 Null - ok
    20:29:28.0169 3292 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
    20:29:28.0169 3292 nvraid - ok
    20:29:28.0387 3292 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
    20:29:28.0387 3292 nvstor - ok
    20:29:28.0559 3292 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
    20:29:28.0559 3292 nv_agp - ok
    20:29:28.0793 3292 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
    20:29:28.0793 3292 ohci1394 - ok
    20:29:29.0933 3292 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    20:29:29.0933 3292 ose - ok
    20:29:37.0046 3292 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    20:29:37.0171 3292 osppsvc - ok
    20:29:38.0996 3292 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    20:29:39.0012 3292 p2pimsvc - ok
    20:29:39.0901 3292 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
    20:29:39.0901 3292 p2psvc - ok
    20:29:40.0182 3292 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    20:29:40.0182 3292 Parport - ok
    20:29:41.0212 3292 Partizan - ok
    20:29:42.0272 3292 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
    20:29:42.0272 3292 partmgr - ok
    20:29:42.0584 3292 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
    20:29:42.0584 3292 PcaSvc - ok
    20:29:42.0834 3292 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
    20:29:42.0850 3292 pci - ok
    20:29:42.0881 3292 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
    20:29:42.0881 3292 pciide - ok
    20:29:43.0208 3292 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    20:29:43.0224 3292 pcmcia - ok
    20:29:43.0302 3292 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    20:29:43.0302 3292 pcw - ok
    20:29:44.0425 3292 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    20:29:44.0503 3292 PEAUTH - ok
    20:29:45.0346 3292 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
    20:29:45.0346 3292 PerfHost - ok
    20:29:46.0126 3292 Pharos Systems ComTaskMaster (35045ca2ab16a08330450fc0c1bc5c54) C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
    20:29:46.0141 3292 Pharos Systems ComTaskMaster - ok
    20:29:48.0809 3292 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
    20:29:48.0856 3292 pla - ok
    20:29:49.0464 3292 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
    20:29:49.0464 3292 PlugPlay - ok
    20:29:49.0901 3292 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
    20:29:49.0901 3292 Pml Driver HPZ12 - ok
    20:29:50.0010 3292 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
    20:29:50.0010 3292 PNRPAutoReg - ok
    20:29:50.0338 3292 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    20:29:50.0338 3292 PNRPsvc - ok
    20:29:50.0962 3292 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
    20:29:50.0977 3292 PolicyAgent - ok
    20:29:51.0211 3292 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
    20:29:51.0211 3292 Power - ok
    20:29:51.0570 3292 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
    20:29:51.0570 3292 PptpMiniport - ok
    20:29:51.0726 3292 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    20:29:51.0726 3292 Processor - ok
    20:29:52.0116 3292 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
    20:29:52.0132 3292 ProfSvc - ok
    20:29:52.0256 3292 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
    20:29:52.0256 3292 ProtectedStorage - ok
    20:29:52.0865 3292 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
    20:29:52.0880 3292 Psched - ok
    20:29:53.0099 3292 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
    20:29:53.0099 3292 PxHlpa64 - ok
    20:29:55.0595 3292 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    20:29:55.0642 3292 ql2300 - ok
    20:29:56.0874 3292 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    20:29:56.0890 3292 ql40xx - ok
    20:29:57.0217 3292 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
    20:29:57.0217 3292 QWAVE - ok
    20:29:57.0280 3292 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    20:29:57.0295 3292 QWAVEdrv - ok
    20:29:57.0342 3292 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    20:29:57.0342 3292 RasAcd - ok
    20:29:57.0592 3292 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    20:29:57.0592 3292 RasAgileVpn - ok
    20:29:57.0779 3292 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
    20:29:57.0779 3292 RasAuto - ok
    20:29:58.0075 3292 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
    20:29:58.0075 3292 Rasl2tp - ok
    20:29:58.0699 3292 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
    20:29:58.0699 3292 RasMan - ok
    20:29:59.0120 3292 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    20:29:59.0120 3292 RasPppoe - ok
    20:29:59.0526 3292 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    20:29:59.0526 3292 RasSstp - ok
    20:30:00.0103 3292 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
    20:30:00.0103 3292 rdbss - ok
    20:30:00.0166 3292 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    20:30:00.0181 3292 rdpbus - ok
    20:30:00.0228 3292 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    20:30:00.0228 3292 RDPCDD - ok
    20:30:00.0275 3292 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    20:30:00.0275 3292 RDPENCDD - ok
    20:30:00.0306 3292 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    20:30:00.0306 3292 RDPREFMP - ok
    20:30:01.0211 3292 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
    20:30:01.0211 3292 RDPWD - ok
    20:30:01.0772 3292 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
    20:30:01.0772 3292 rdyboost - ok
    20:30:02.0287 3292 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
    20:30:02.0303 3292 RemoteAccess - ok
    20:30:02.0599 3292 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
    20:30:02.0599 3292 RemoteRegistry - ok
    20:30:03.0052 3292 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    20:30:03.0052 3292 RFCOMM - ok
    20:30:03.0176 3292 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
    20:30:03.0192 3292 RpcEptMapper - ok
    20:30:03.0364 3292 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
    20:30:03.0364 3292 RpcLocator - ok
    20:30:04.0019 3292 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
    20:30:04.0019 3292 RpcSs - ok
    20:30:04.0175 3292 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    20:30:04.0175 3292 rspndr - ok
    20:30:04.0643 3292 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
    20:30:04.0643 3292 RSUSBSTOR - ok
    20:30:04.0705 3292 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
    20:30:04.0705 3292 SamSs - ok
    20:30:04.0986 3292 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
    20:30:04.0986 3292 sbp2port - ok
    20:30:05.0345 3292 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
    20:30:05.0345 3292 SCardSvr - ok
    20:30:05.0485 3292 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
    20:30:05.0485 3292 scfilter - ok
    20:30:06.0967 3292 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
    20:30:06.0983 3292 Schedule - ok
    20:30:07.0108 3292 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
    20:30:07.0108 3292 SCPolicySvc - ok
    20:30:07.0373 3292 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
    20:30:07.0373 3292 SDRSVC - ok
    20:30:07.0685 3292 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    20:30:07.0685 3292 secdrv - ok
    20:30:07.0810 3292 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
    20:30:07.0825 3292 seclogon - ok
    20:30:07.0919 3292 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
    20:30:07.0919 3292 SENS - ok
    20:30:08.0028 3292 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
    20:30:08.0028 3292 SensrSvc - ok
    20:30:08.0168 3292 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    20:30:08.0168 3292 Serenum - ok
    20:30:08.0543 3292 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    20:30:08.0543 3292 Serial - ok
    20:30:08.0605 3292 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    20:30:08.0605 3292 sermouse - ok
    20:30:08.0683 3292 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
    20:30:08.0683 3292 SessionEnv - ok
    20:30:08.0714 3292 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
    20:30:08.0714 3292 sffdisk - ok
    20:30:08.0761 3292 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
    20:30:08.0777 3292 sffp_mmc - ok
    20:30:08.0777 3292 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
    20:30:08.0777 3292 sffp_sd - ok
    20:30:08.0808 3292 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    20:30:08.0808 3292 sfloppy - ok
    20:30:18.0199 3292 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    20:30:18.0215 3292 SftService - ok
    20:30:19.0634 3292 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
    20:30:19.0650 3292 ShellHWDetection - ok
    20:30:20.0071 3292 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    20:30:20.0087 3292 SiSRaid2 - ok
    20:30:20.0212 3292 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    20:30:20.0212 3292 SiSRaid4 - ok
    20:30:20.0524 3292 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    20:30:20.0524 3292 Smb - ok
    20:30:20.0789 3292 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
    20:30:20.0789 3292 SNMPTRAP - ok
    20:30:20.0898 3292 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    20:30:20.0898 3292 spldr - ok
    20:30:21.0772 3292 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
    20:30:21.0772 3292 Spooler - ok
    20:30:25.0048 3292 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
    20:30:25.0063 3292 sppsvc - ok
    20:30:25.0469 3292 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
    20:30:25.0469 3292 sppuinotify - ok
    20:30:25.0874 3292 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) c:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    20:30:25.0874 3292 sprtsvc_DellSupportCenter - ok
    20:30:25.0984 3292 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
    20:30:25.0984 3292 srv - ok
    20:30:26.0046 3292 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
    20:30:26.0046 3292 srv2 - ok
    20:30:26.0077 3292 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
    20:30:26.0077 3292 srvnet - ok
    20:30:26.0452 3292 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
    20:30:26.0452 3292 SSDPSRV - ok
    20:30:26.0608 3292 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
    20:30:26.0608 3292 SstpSvc - ok
    20:30:26.0670 3292 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    20:30:26.0670 3292 stexstor - ok
    20:30:26.0748 3292 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
    20:30:26.0748 3292 StillCam - ok
    20:30:26.0888 3292 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
    20:30:26.0888 3292 stisvc - ok
    20:30:26.0920 3292 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
    20:30:26.0920 3292 swenum - ok
    20:30:27.0060 3292 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
    20:30:27.0091 3292 swprv - ok
    20:30:27.0341 3292 SynTP (c25866bdf0e818e02bb8e76845d26e54) C:\Windows\system32\DRIVERS\SynTP.sys
    20:30:27.0341 3292 SynTP - ok
    20:30:27.0856 3292 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
    20:30:27.0871 3292 SysMain - ok
    20:30:28.0074 3292 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
    20:30:28.0074 3292 TabletInputService - ok
    20:30:28.0121 3292 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
    20:30:28.0121 3292 TapiSrv - ok
    20:30:28.0152 3292 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
    20:30:28.0152 3292 TBS - ok
    20:30:29.0618 3292 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
    20:30:29.0665 3292 Tcpip - ok
    20:30:30.0305 3292 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
    20:30:30.0320 3292 TCPIP6 - ok
    20:30:30.0508 3292 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
    20:30:30.0508 3292 tcpipreg - ok
    20:30:30.0539 3292 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    20:30:30.0539 3292 TDPIPE - ok
    20:30:30.0601 3292 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
    20:30:30.0601 3292 TDTCP - ok
    20:30:30.0804 3292 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
    20:30:30.0804 3292 tdx - ok
    20:30:30.0898 3292 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
    20:30:30.0898 3292 TermDD - ok
    20:30:31.0132 3292 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
    20:30:31.0132 3292 TermService - ok
    20:30:31.0225 3292 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
    20:30:31.0225 3292 Themes - ok
    20:30:31.0303 3292 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    20:30:31.0303 3292 THREADORDER - ok
    20:30:31.0553 3292 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
    20:30:31.0553 3292 TrkWks - ok
    20:30:31.0709 3292 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
    20:30:31.0709 3292 TrustedInstaller - ok
    20:30:31.0724 3292 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
    20:30:31.0724 3292 tssecsrv - ok
    20:30:31.0771 3292 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
    20:30:31.0771 3292 tunnel - ok
    20:30:31.0818 3292 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
    20:30:31.0818 3292 TurboB - ok
    20:30:31.0990 3292 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    20:30:31.0990 3292 TurboBoost - ok
    20:30:32.0021 3292 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    20:30:32.0021 3292 uagp35 - ok
    20:30:32.0068 3292 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
    20:30:32.0068 3292 udfs - ok
    20:30:32.0099 3292 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
    20:30:32.0099 3292 UI0Detect - ok
    20:30:32.0130 3292 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
    20:30:32.0130 3292 uliagpkx - ok
    20:30:32.0161 3292 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
    20:30:32.0161 3292 umbus - ok
    20:30:32.0161 3292 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    20:30:32.0161 3292 UmPass - ok
    20:30:32.0972 3292 UNS (cbdee152d73200ee49031a26310b9d3e) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    20:30:32.0988 3292 UNS - ok
    20:30:33.0846 3292 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
    20:30:33.0846 3292 upnphost - ok
    20:30:34.0158 3292 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
    20:30:34.0158 3292 USBAAPL64 - ok
    20:30:34.0189 3292 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
    20:30:34.0189 3292 usbccgp - ok
    20:30:34.0501 3292 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
    20:30:34.0501 3292 usbcir - ok
    20:30:34.0548 3292 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
    20:30:34.0548 3292 usbehci - ok
    20:30:34.0673 3292 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
    20:30:34.0673 3292 usbhub - ok
    20:30:34.0720 3292 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
    20:30:34.0720 3292 usbohci - ok
    20:30:34.0813 3292 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    20:30:34.0813 3292 usbprint - ok
    20:30:34.0938 3292 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    20:30:34.0938 3292 usbscan - ok
    20:30:34.0969 3292 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    20:30:34.0985 3292 USBSTOR - ok
    20:30:35.0032 3292 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
    20:30:35.0032 3292 usbuhci - ok
    20:30:35.0110 3292 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
    20:30:35.0110 3292 usbvideo - ok
    20:30:35.0172 3292 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
    20:30:35.0172 3292 UxSms - ok
    20:30:35.0219 3292 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
    20:30:35.0219 3292 VaultSvc - ok
    20:30:35.0297 3292 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
    20:30:35.0297 3292 vdrvroot - ok
    20:30:35.0734 3292 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
    20:30:35.0749 3292 vds - ok
    20:30:35.0890 3292 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    20:30:35.0905 3292 vga - ok
    20:30:35.0921 3292 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    20:30:35.0921 3292 VgaSave - ok
    20:30:35.0968 3292 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
    20:30:35.0968 3292 vhdmp - ok
    20:30:36.0046 3292 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
    20:30:36.0046 3292 viaide - ok
    20:30:36.0124 3292 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
    20:30:36.0124 3292 volmgr - ok
    20:30:36.0420 3292 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
    20:30:36.0420 3292 volmgrx - ok
    20:30:36.0670 3292 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
    20:30:36.0670 3292 volsnap - ok
    20:30:36.0763 3292 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    20:30:36.0763 3292 vsmraid - ok
    20:30:37.0309 3292 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
    20:30:37.0325 3292 VSS - ok
    20:30:37.0652 3292 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    20:30:37.0668 3292 vwifibus - ok
    20:30:37.0793 3292 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    20:30:37.0793 3292 vwififlt - ok
    20:30:38.0011 3292 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
    20:30:38.0011 3292 W32Time - ok
    20:30:38.0058 3292 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    20:30:38.0058 3292 WacomPen - ok
    20:30:38.0167 3292 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    20:30:38.0167 3292 WANARP - ok
    20:30:38.0198 3292 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
    20:30:38.0214 3292 Wanarpv6 - ok
    20:30:40.0009 3292 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
    20:30:40.0071 3292 WatAdminSvc - ok
    20:30:41.0943 3292 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
    20:30:41.0990 3292 wbengine - ok
    20:30:43.0129 3292 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
    20:30:43.0129 3292 WbioSrvc - ok
    20:30:43.0800 3292 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
    20:30:43.0800 3292 wcncsvc - ok
    20:30:43.0940 3292 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
    20:30:43.0940 3292 WcsPlugInService - ok
    20:30:44.0081 3292 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    20:30:44.0081 3292 Wd - ok
    20:30:45.0843 3292 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    20:30:45.0875 3292 Wdf01000 - ok
    20:30:46.0124 3292 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    20:30:46.0124 3292 WdiServiceHost - ok
    20:30:46.0124 3292 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    20:30:46.0124 3292 WdiSystemHost - ok
    20:30:46.0577 3292 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
    20:30:46.0592 3292 WebClient - ok
    20:30:47.0045 3292 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
    20:30:47.0045 3292 Wecsvc - ok
    20:30:47.0357 3292 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
    20:30:47.0357 3292 wercplsupport - ok
    20:30:47.0544 3292 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
    20:30:47.0544 3292 WerSvc - ok
    20:30:47.0809 3292 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    20:30:47.0809 3292 WfpLwf - ok
    20:30:48.0043 3292 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
    20:30:48.0043 3292 WimFltr - ok
    20:30:48.0121 3292 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    20:30:48.0121 3292 WIMMount - ok
    20:30:48.0121 3292 WinHttpAutoProxySvc - ok
    20:30:48.0495 3292 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
    20:30:48.0495 3292 Winmgmt - ok
    20:30:50.0211 3292 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
    20:30:50.0227 3292 WinRM - ok
    20:30:51.0038 3292 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
    20:30:51.0038 3292 WinUsb - ok
    20:30:51.0179 3292 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
    20:30:51.0194 3292 Wlansvc - ok
    20:30:51.0600 3292 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    20:30:51.0647 3292 wlidsvc - ok
    20:30:52.0567 3292 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
    20:30:52.0567 3292 WmiAcpi - ok
    20:30:52.0692 3292 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
    20:30:52.0692 3292 wmiApSrv - ok
    20:30:52.0817 3292 WMPNetworkSvc - ok
    20:30:52.0848 3292 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
    20:30:52.0848 3292 WPCSvc - ok
    20:30:53.0004 3292 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
    20:30:53.0004 3292 WPDBusEnum - ok
    20:30:53.0051 3292 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    20:30:53.0051 3292 ws2ifsl - ok
    20:30:53.0051 3292 WSearch - ok
    20:30:54.0236 3292 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
    20:30:54.0299 3292 wuauserv - ok
    20:30:55.0110 3292 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
    20:30:55.0110 3292 WudfPf - ok
    20:30:55.0344 3292 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
    20:30:55.0344 3292 WUDFRd - ok
    20:30:55.0406 3292 wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
    20:30:55.0406 3292 wudfsvc - ok
    20:30:55.0703 3292 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
    20:30:55.0703 3292 WwanSvc - ok
    20:30:55.0765 3292 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    20:30:55.0796 3292 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
    20:30:55.0796 3292 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
    20:30:55.0827 3292 Boot (0x1200) (7019b8cc0dc29e0feb9b03c67b44ee2d) \Device\Harddisk0\DR0\Partition0
    20:30:55.0827 3292 \Device\Harddisk0\DR0\Partition0 - ok
    20:30:55.0874 3292 Boot (0x1200) (2340c985aa75654c7597e3a6ea3097d0) \Device\Harddisk0\DR0\Partition1
    20:30:55.0874 3292 \Device\Harddisk0\DR0\Partition1 - ok
    20:30:55.0874 3292 ============================================================
    20:30:55.0874 3292 Scan finished
    20:30:55.0874 3292 ============================================================
    20:30:55.0874 1324 Detected object count: 1
    20:30:55.0874 1324 Actual detected object count: 1
    20:31:23.0350 1324 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
    20:31:23.0350 1324 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
     
  4. thedej

    thedej Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    4
    hello?
     
  5. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi Thedej and welcome to TSG, my name is Mark and I will be helping you.

    Sorry you have had to wait, there simply are not enough helpers to cope with the demand.


    I give my time freely to help those in need and there are a lot of people on this forum waiting for help. If you are looking for a quick and easy fix and are not prepared to stick with me to the end your best solution would be to format the hard drive and re-install Windows. That being said, if you want to get to the bottom of your PC's performance issues and are prepared to follow my instructions without deviating then I will help you all the way and do my best to leave you with a clean, fully functional and updated system, you may even learn a few useful things during the process. If you would prefer to re-install Windows please let me know so I can move on to help someone that is waiting.

    During the process your PC may suddenly loose all the performance issues you had and return to normal functionality, please don't assume that is all you need to do. Further scans and checks on your systems security may be needed to complete the job and the tools used will need to be removed, some of which require specific instructions to cleanly and safely remove them, this also ensures no traces of the infection/s are left in System Restore points or anywhere else in your system. Failure to stick with my guidance until I say "we are done" may result in your PC becoming reinfected or left in a vulnerable condition.

    Please make sure you answer all questions that I may ask and follow the instructions carefully. If you get stuck or do not understand something please ask and wait for my answer before moving on and do not make any changes or run any scans that I have not asked you to do.

    If you know in advance that you will not be able to respond for a day ot two then please let me know. If a period of three days or more goes by without a reponse from you I will mark the thread as Solved and move on to help someone else that is waiting. You will be able to post back in the thread at any time to resume the clean up, but please only do so when you are ready and know that you will have the time to respond. Some infections will be harder to remove the longer you leave them so speed of removal is important.

    If you have any file sharing programs on your system, uTorrent, Bit Torrent, etc. please do not use them during the clean up. Their use is one of the easiest ways to get your PC infected. For your own security, limit internet use to connecting to this site and downloading the various tools as directed. Also, if you use this PC for on-line banking or connection with any financial institutions change all your passwords on a clean machine and do not connect with any of them using this PC until I tell you it is clean.

    If you want to go for it then lets get started.

    TDSSKiller has found a Rootkit infection that needs to be removed, please follow these instructions to make sure you have it set up correctly. Cure should be available when it finds the Rootkit again, please select that option as detailed in the instructions.


    Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option DO NOT select delete as you may remove files needed for the system to operate.
    Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!
    -- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again.


    Be sure to print out and follow the instructions for performing a scan.
    • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
    • Alternatively, you can download TDSSKiller.exe and use that instead.
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If an update is available, TDSSKiller will prompt you to update and download the most current version. Click Load Update. Close TDSSKiller and start again.
    • When the program opens, click the Change parameters.
      [​IMG]
    • Under "Additional options", check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
      [​IMG]
    • Click the Start Scan button.
      [​IMG]
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If 'Suspicious objects' are detected, the default action will be Skip. Leave the default set to Skip and click on Continue.
    • If Malicious objects are detected, they will show in the Scan results - Select action for found objects and offer three options.
      [​IMG]
    • Ensure Cure is selected...then click Continue -> Reboot computer for cure completion.
      [​IMG]
    • Important! -> If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed. If you choose Delete you may remove critical system files and make your PC unstable or possibly unbootable.
    • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C: ).
    • Copy and paste the contents of that file in your next reply.
    -- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else before beginning the download and saving to the computer or to perform the scan in "safe mode".
     
  6. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Two days without a response, will you please let me know if you wish to proceed.
     
  7. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Three days without a response so I am marking this thread as Solved.

    If you wish to continue then please feel free to reply when you are ready.
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1060594