1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Malware Infection 5-15-12 HELP!

Discussion in 'Virus & Other Malware Removal' started by TonyDublino, May 15, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    I am experiencing several unusual symptoms of malware:
    1. Search engine redirects.
    2. Can't turn on the McAffee Firewall in security center (I try, and it turns on for a second, and then off)
    3. It appears that the firewall is on when I look in McAffee Security Scan Plus

    I am trying to follow the instructions as best I can, but can't figure out how to upload the attach file from DDS, and believe I am not supposed to post it.

    Thanks

    Tony

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:15:21 PM, on 5/15/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
    C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
    C:\Users\Dublino\AppData\Roaming\Spotify\spotify.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files (x86)\Fitbit\fitbit-tray.exe
    C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
    C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\FATrayMon.exe
    C:\Users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\FATrayAlert.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\jre\bin\javaw.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
    C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
    C:\Program Files (x86)\Microsoft Office10\Office14\OUTLOOK.EXE
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Users\Dublino\Downloads\HiJack This\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430084145.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIDFEA~1\Office14\URLREDIR.DLL
    O2 - BHO: SSOIEAddonBHO - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\FAIESSO.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [Dell V310-V510 Series] "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office10\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\FATrayMon.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
    O4 - HKLM\..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\RunOnce: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Spotify] "C:\Users\Dublino\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [Fitbit Service Monitor] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
    O4 - HKCU\..\Run: [Amazon Cloud Drive] C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Startup: Dropbox.lnk = Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIDFEA~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIDFEA~1\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
    O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: dleaCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
    O23 - Service: dlea_device - - C:\Windows\system32\dleacoms.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\FAService.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Fitbit Data Uploader (Fitbit) - Fitbit, Inc. - C:\Program Files (x86)\Fitbit\fitbit.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 20617 bytes
     
  2. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Dublino at 8:12:34 on 2012-05-16
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.1780 [GMT -4:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files (x86)\FAService.exe
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\system32\spool\DRIVERS\x64\3\dleaserv.exe
    C:\Windows\system32\dleacoms.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Fitbit\fitbit.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
    C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Users\Dublino\AppData\Roaming\Spotify\spotify.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files (x86)\Fitbit\fitbit-tray.exe
    C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
    C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files (x86)\FATrayMon.exe
    C:\Users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\FATrayAlert.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\jre\bin\javaw.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Microsoft Office10\Office14\OUTLOOK.EXE
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Users\Dublino\AppData\Local\AOL\AIM\aim.exe
    C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
    C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\taskhost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430084145.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIDFEA~1\Office14\URLREDIR.DLL
    BHO: Face recognition web login for FastAccess: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files (x86)\FAIESSO.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll
    TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Google Update] "C:\Users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Spotify] "C:\Users\Dublino\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    uRun: [Fitbit Service Monitor] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
    uRun: [Amazon Cloud Drive] C:\Users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe
    uRun: [Spotify Web Helper] "C:\Users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [FAStartup]
    mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [Dell V310-V510 Series] "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office10\Office14\BCSSync.exe" /DelayServices
    mRun: [FATrayAlert] C:\Program Files (x86)\FATrayMon.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
    mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRunOnce: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
    StartupFolder: C:\Users\Dublino\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
    StartupFolder: C:\Users\Dublino\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIDFEA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MIDFEA~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office10\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
    DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 10.0.0.1
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86} : DhcpNameServer = 10.0.0.1
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\052796D656023496761627 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\1466963696F6E61646F637 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\265616E6374716C6B60236F6666656560286F6573756 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\445726C696E6F6 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\B416262616C61686 : DhcpNameServer = 192.168.5.13 10.101.17.21 10.101.17.12
    TCP: Interfaces\{55B20CBB-3F6B-4298-B10D-12CCB0DA3C86}\E4544574541425D25374 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{79D6EAF5-68E3-49EF-B9F2-39AEEBB70190} : DhcpNameServer = 192.168.1.254
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
    LSA: Notification Packages = scecli FAPassSync
    BHO-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO-X64: McAfee Phishing Filter - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120430084145.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIDFEA~1\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\FAIESSO.dll
    BHO-X64: SSOIEAddonBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun-x64: [FAStartup]
    mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun-x64: [Dell V310-V510 Series] "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s
    mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office10\Office14\BCSSync.exe" /DelayServices
    mRun-x64: [FATrayAlert] C:\Program Files (x86)\FATrayMon.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    mRun-x64: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
    mRun-x64: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRunOnce-x64: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIDFEA~1\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 dlea_device;dlea_device;C:\Windows\system32\dleacoms.exe -service --> C:\Windows\system32\dleacoms.exe -service [?]
    R2 dleaCATSCustConnectService;dleaCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\dleaserv.exe [2010-7-17 33448]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 FAService;FAService;C:\Program Files (x86)\FAService.exe [2011-4-23 2412728]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys --> C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [?]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
    R3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
    R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 257696]
    S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
    S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-4-10 25072]
    S3 SIUSBXP;SIUSBXP;C:\Windows\system32\drivers\SiUSBXp.sys --> C:\Windows\system32\drivers\SiUSBXp.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-05-12 05:34:57 -------- d-----w- C:\Users\Dublino\AppData\Roaming\McAfee
    2012-05-11 19:01:37 -------- d-----w- C:\Users\Dublino\AppData\Roaming\Malwarebytes
    2012-05-11 19:01:16 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-05-11 19:01:12 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-05-11 19:01:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-05-11 15:26:33 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-05-11 15:18:57 -------- d-----w- C:\Users\Dublino\AppData\Local\{7A9CFD24-D145-44D6-B0C0-CFA2E2684D9D}
    2012-05-11 15:18:32 -------- d-----w- C:\Users\Dublino\AppData\Local\{98FF54FB-665C-46BF-A30E-AFADBEA26340}
    2012-05-10 22:38:20 1544704 ----a-w- C:\Windows\System32\DWrite.dll
    2012-05-10 22:38:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2012-05-10 22:38:14 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-05-10 22:38:11 3146240 ----a-w- C:\Windows\System32\win32k.sys
    2012-05-10 22:38:10 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-05-10 22:38:09 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-05-10 22:37:58 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
    2012-05-10 22:37:09 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-05-10 22:37:02 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
    2012-05-10 22:37:02 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-10 22:37:00 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-10 22:36:59 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
    2012-05-10 22:36:59 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
    2012-05-09 12:40:17 -------- d-----w- C:\Users\Dublino\AppData\Local\WinZip
    2012-05-02 22:17:56 -------- d-----w- C:\Users\Dublino\AppData\Local\PSFactoryBuffer
    2012-05-02 19:15:19 -------- d-----w- C:\Users\Dublino\AppData\Roaming\WinZip
    2012-05-02 04:23:38 -------- d-----w- C:\ProgramData\Fitbit
    2012-05-02 04:23:10 31976 ----a-w- C:\Windows\System32\drivers\SiLib.sys
    2012-05-02 04:23:10 26856 ----a-w- C:\Windows\System32\drivers\SiUSBXp.sys
    2012-05-02 04:23:09 -------- d-----w- C:\Program Files (x86)\Fitbit
    2012-05-01 14:23:18 -------- d-----w- C:\Users\Dublino\AppData\Local\{EDF2F7FF-1C07-40DD-B636-F26B8720C0E8}
    2012-05-01 14:22:44 -------- d-----w- C:\Users\Dublino\AppData\Local\{2AD49F7E-1A1D-48A4-B5CC-8892CF6705E2}
    2012-05-01 13:48:05 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A83039D6-E3D3-463C-AC3D-DB3D35E407FF}\mpengine.dll
    2012-04-27 13:26:27 -------- d-----w- C:\Users\Dublino\AppData\Roaming\Helios
    2012-04-27 13:26:18 -------- d-----w- C:\Program Files (x86)\TextPad 5
    2012-04-26 18:21:57 14456 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\mjcriu.dll
    2012-04-26 18:21:56 16448 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\kfgresk.dll
    2012-04-26 17:56:17 1758720 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\engine_vx.dll
    2012-04-26 17:56:17 17472 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\rsaadjd.dll
    2012-04-26 17:56:17 17472 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\1eaadjc.dll
    2012-04-26 17:56:17 12352 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\peaadje.dll
    2012-04-26 17:56:16 29784 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\qwadjb.dll
    2012-04-26 17:56:16 18724 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\bass.dll
    2012-04-26 17:56:16 105016 ----atw- C:\Users\Dublino\AppData\Roaming\Microsoft\~DFK2e463352.tmp
    2012-04-26 17:43:50 257784 ---ha-w- C:\Windows\SysWow64\BytescoutScreenCapturingFilter.dll
    2012-04-26 17:43:50 175864 ---ha-w- C:\Windows\SysWow64\BytescoutVideoMixerFilter.dll
    2012-04-26 17:43:47 421624 ---ha-w- C:\Windows\SysWow64\BytescoutScreenCapturing.dll
    2012-04-26 17:43:47 29288 ----a-w- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys
    2012-04-26 17:43:47 231672 ----a-w- C:\Windows\System32\BytescoutVideoMixerFilter.dll
    2012-04-26 17:43:46 65536 ---ha-w- C:\Windows\SysWow64\WebCamLib.dll
    2012-04-26 17:43:46 574200 ----a-w- C:\Windows\System32\BytescoutScreenCapturing.dll
    2012-04-26 17:43:46 362232 ----a-w- C:\Windows\System32\BytescoutScreenCapturingFilter.dll
    2012-04-26 17:43:46 -------- d-----w- C:\Users\Dublino\AppData\Roaming\Apowersoft
    2012-04-26 17:43:16 -------- d-----w- C:\Program Files (x86)\Apowersoft
    2012-04-25 17:59:06 -------- d-----w- C:\Windows\SysWow64\Dell
    2012-04-25 15:50:25 -------- d-----w- C:\ProgramData\Dell V310-V510 Series
    2012-04-20 03:03:16 -------- d-----w- C:\Windows\en
    2012-04-20 02:58:19 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
    2012-04-20 02:54:11 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dcbc613d1cd1ea002\MeshBetaRemover.exe
    2012-04-20 02:54:09 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DSETUP.dll
    2012-04-20 02:54:09 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DXSETUP.exe
    2012-04-20 02:54:09 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\dsetup32.dll
    2012-04-20 02:50:41 -------- d-----w- C:\Users\Dublino\AppData\Local\{38DF3340-6F0D-489B-9B55-119FFDC54F1B}
    2012-04-20 02:50:17 -------- d-----w- C:\Users\Dublino\AppData\Local\{23660397-3555-4375-AC2A-8CB15EE9C4ED}
    2012-04-20 01:51:47 -------- d-----w- C:\Users\Dublino\Pond5_T570643
    2012-04-20 01:45:00 -------- d-----w- C:\Users\Dublino\AppData\Local\{E21FCDAE-F314-40FF-82E5-B74547161BF0}
    2012-04-20 01:44:48 -------- d-----w- C:\Users\Dublino\AppData\Local\{4DE9CE29-1C2B-49F9-B987-10A040CFA352}
    2012-04-19 20:48:15 -------- d-----w- C:\Users\Dublino\AppData\Local\{4CF393FF-63AD-4B9F-BDC1-B51D69874C67}
    2012-04-19 20:48:02 -------- d-----w- C:\Users\Dublino\AppData\Local\{5B5057FF-B498-417D-8109-D76C1D152B68}
    2012-04-19 14:33:16 -------- d-----w- C:\Users\Dublino\AppData\Local\{794F1E82-DB68-4D2E-89FE-73360CA67797}
    2012-04-19 14:32:42 -------- d-----w- C:\Users\Dublino\AppData\Local\{EE4731EC-4A14-40DF-AE4D-7DB0DAFE7B8D}
    2012-04-19 14:32:16 -------- d-----w- C:\Users\Dublino\AppData\Local\{1DF9EA22-D942-4FA2-802C-A205836A9C7B}
    2012-04-17 18:47:36 -------- d-----w- C:\Users\Dublino\AppData\Local\{662047E7-3290-4B60-AA93-821491AD6767}
    2012-04-17 18:46:56 -------- d-----w- C:\Users\Dublino\AppData\Local\{256C0ACE-32D7-4E0C-BC90-AD772E7E53BC}
    .
    ==================== Find3M ====================
    .
    2012-05-11 15:26:10 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-05-05 01:32:14 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-05 01:32:14 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-05 01:32:05 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-03-20 17:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
    2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
    2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
    2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
    2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2012-02-22 17:29:46 75936 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
    2012-02-22 17:29:46 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys
    2012-02-22 17:29:46 647208 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
    2012-02-22 17:29:46 487296 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
    2012-02-22 17:29:46 289664 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
    2012-02-22 17:29:46 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
    2012-02-22 17:29:46 160792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
    2012-02-22 17:29:46 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
    2012-02-22 17:29:46 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
    2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2011-04-24 02:20:20 213176 ----a-w- C:\Program Files (x86)\FACons.exe
    2011-04-24 02:16:58 582328 ----a-w- C:\Program Files (x86)\FAIESSO.dll
    2011-04-24 02:16:56 291000 ----a-w- C:\Program Files (x86)\FAEnrollWiz.exe
    2011-04-24 02:16:54 516280 ----a-w- C:\Program Files (x86)\rFAConsU.exe
    2011-04-24 02:16:54 516280 ----a-w- C:\Program Files (x86)\rFACons.exe
    2011-04-24 02:16:46 57528 ----a-w- C:\Program Files (x86)\FAStartup.exe
    2011-04-24 02:16:42 75960 ----a-w- C:\Program Files (x86)\devcon_x64.exe
    2011-04-23 23:58:24 32768 ----a-w- C:\Program Files (x86)\FAsvif.dll
    2011-04-20 18:54:26 40960 ----a-w- C:\Program Files (x86)\FATrackBarLib.dll
    2011-03-14 19:09:02 2044088 ----a-w- C:\Program Files (x86)\FAus.exe
    2010-07-09 19:30:44 128328 ----a-w- C:\Program Files (x86)\FAUpdateClient.exe
    2010-06-16 14:35:52 25600 ----a-w- C:\Program Files (x86)\FA_Helper.UAC.dll
    2009-12-22 16:18:22 2023424 ----a-w- C:\Program Files (x86)\QtCore4.dll
    2009-12-08 21:35:40 25928 ----a-w- C:\Program Files (x86)\FAAuG.exe
    2009-09-29 07:47:54 7507968 ----a-w- C:\Program Files (x86)\QtGui4.dll
    2009-08-16 20:13:36 523 ----a-w- C:\Program Files (x86)\PresetPSPowerPlan_Vista.bat
    2009-02-13 23:46:48 895 ----a-w- C:\Program Files (x86)\UpdatePSPowerPlan_Vista.bat
    2008-12-11 17:59:16 41 ----a-w- C:\Program Files (x86)\FAstopstart.bat
    2006-07-11 22:02:30 1053184 ----a-w- C:\Program Files (x86)\MFC71u.dll
    2003-03-19 01:20:00 1060864 ----a-w- C:\Program Files (x86)\MFC71.dll
    2003-03-19 01:05:50 89088 ----a-w- C:\Program Files (x86)\atl71.dll
    .
    ============= FINISH: 8:15:53.62 ===============
     
  3. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    I am getting redirected in my browser searches, and can't seem to turn on my McAfee firewall.
    I can't determin how to upload my attach file from DDS
    Should I just paste it, as it's not that long?
     
  4. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    I finally figured out howto upload the DDS Attach log... here you go!
     

    Attached Files:

  5. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,161
    Hiy Tony,

    Please read carefully and follow these steps.
    • Download TDSSKiller and save it to your Desktop.
    • Doubleclick on [​IMG] to run the application.
    • The "Ready to scan" window will open, Click on "Change parameters"


      [​IMG]

    • Place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, (Leave "Service & Drivers" and "Boot Sectors" ticked. Click OK.



      [​IMG]

    • Select "Start Scan"


      [​IMG]

    • If an infected file is detected, the default action will be Cure, click on Continue.


      [​IMG]

    • If a suspicious file is detected, the default action will be Skip, click on Continue.


      [​IMG]

    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


      [​IMG]

    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Kevin
     
  6. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    19:38:34.0548 1752 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
    19:38:34.0928 1752 ============================================================
    19:38:34.0928 1752 Current date / time: 2012/05/16 19:38:34.0928
    19:38:34.0928 1752 SystemInfo:
    19:38:34.0928 1752
    19:38:34.0928 1752 OS Version: 6.1.7601 ServicePack: 1.0
    19:38:34.0928 1752 Product type: Workstation
    19:38:34.0929 1752 ComputerName: DUBLINO-LAPTOP
    19:38:34.0929 1752 UserName: Dublino
    19:38:34.0929 1752 Windows directory: C:\Windows
    19:38:34.0929 1752 System windows directory: C:\Windows
    19:38:34.0929 1752 Running under WOW64
    19:38:34.0929 1752 Processor architecture: Intel x64
    19:38:34.0929 1752 Number of processors: 2
    19:38:34.0929 1752 Page size: 0x1000
    19:38:34.0929 1752 Boot type: Normal boot
    19:38:34.0929 1752 ============================================================
    19:38:37.0926 1752 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:38:37.0937 1752 ============================================================
    19:38:37.0938 1752 \Device\Harddisk0\DR0:
    19:38:37.0938 1752 MBR partitions:
    19:38:37.0938 1752 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
    19:38:37.0938 1752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
    19:38:37.0938 1752 ============================================================
    19:38:37.0984 1752 C: <-> \Device\Harddisk0\DR0\Partition1
    19:38:37.0984 1752 ============================================================
    19:38:37.0984 1752 Initialize success
    19:38:37.0984 1752 ============================================================
    19:38:41.0401 3700 ============================================================
    19:38:41.0401 3700 Scan started
    19:38:41.0401 3700 Mode: Manual;
    19:38:41.0402 3700 ============================================================
    19:38:51.0559 3700 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    19:38:51.0584 3700 1394ohci - ok
    19:38:52.0734 3700 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    19:38:52.0774 3700 ACPI - ok
    19:38:52.0877 3700 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    19:38:52.0879 3700 AcpiPmi - ok
    19:38:53.0404 3700 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    19:38:53.0490 3700 AdobeARMservice - ok
    19:38:55.0826 3700 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:38:55.0875 3700 AdobeFlashPlayerUpdateSvc - ok
    19:38:57.0368 3700 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    19:38:57.0399 3700 adp94xx - ok
    19:38:58.0148 3700 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    19:38:58.0206 3700 adpahci - ok
    19:38:58.0730 3700 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    19:38:58.0767 3700 adpu320 - ok
    19:38:58.0923 3700 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    19:38:59.0041 3700 AeLookupSvc - ok
    19:39:00.0704 3700 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    19:39:00.0742 3700 AFD - ok
    19:39:00.0953 3700 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    19:39:00.0999 3700 agp440 - ok
    19:39:01.0186 3700 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    19:39:01.0262 3700 ALG - ok
    19:39:01.0695 3700 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    19:39:01.0697 3700 aliide - ok
    19:39:02.0221 3700 AMD External Events Utility (dceee24e57e8176115207312f827c130) C:\Windows\system32\atiesrxx.exe
    19:39:02.0249 3700 AMD External Events Utility - ok
    19:39:02.0387 3700 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    19:39:02.0390 3700 amdide - ok
    19:39:02.0781 3700 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    19:39:02.0784 3700 AmdK8 - ok
    19:39:21.0085 3700 amdkmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
    19:39:21.0316 3700 amdkmdag - ok
    19:39:24.0102 3700 amdkmdap (20b63276a1920b41e1c56720b395049b) C:\Windows\system32\DRIVERS\atikmpag.sys
    19:39:24.0129 3700 amdkmdap - ok
    19:39:24.0238 3700 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    19:39:24.0247 3700 AmdPPM - ok
    19:39:24.0540 3700 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    19:39:24.0581 3700 amdsata - ok
    19:39:25.0347 3700 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    19:39:25.0412 3700 amdsbs - ok
    19:39:25.0512 3700 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    19:39:25.0561 3700 amdxata - ok
    19:39:25.0721 3700 Apowersoft_AudioDevice (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
    19:39:25.0751 3700 Apowersoft_AudioDevice - ok
    19:39:25.0931 3700 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    19:39:25.0960 3700 AppID - ok
    19:39:26.0033 3700 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    19:39:26.0044 3700 AppIDSvc - ok
    19:39:26.0199 3700 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
    19:39:26.0323 3700 Appinfo - ok
    19:39:26.0871 3700 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:39:26.0983 3700 Apple Mobile Device - ok
    19:39:27.0812 3700 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    19:39:27.0834 3700 arc - ok
    19:39:28.0031 3700 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    19:39:28.0064 3700 arcsas - ok
    19:39:28.0150 3700 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    19:39:28.0183 3700 AsyncMac - ok
    19:39:28.0260 3700 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    19:39:28.0262 3700 atapi - ok
    19:39:28.0523 3700 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
    19:39:28.0552 3700 AtiHdmiService - ok
    19:39:45.0319 3700 atikmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
    19:39:45.0358 3700 atikmdag - ok
    19:39:48.0539 3700 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    19:39:48.0701 3700 AudioEndpointBuilder - ok
    19:39:48.0719 3700 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    19:39:48.0731 3700 AudioSrv - ok
    19:39:48.0971 3700 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
    19:39:49.0102 3700 AxInstSV - ok
    19:39:50.0419 3700 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    19:39:50.0449 3700 b06bdrv - ok
    19:39:50.0932 3700 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    19:39:50.0963 3700 b57nd60a - ok
    19:39:51.0089 3700 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
    19:39:51.0092 3700 BCM42RLY - ok
    19:39:57.0631 3700 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
    19:39:57.0724 3700 BCM43XX - ok
    19:40:00.0653 3700 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
    19:40:00.0694 3700 BDESVC - ok
    19:40:00.0919 3700 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    19:40:00.0924 3700 Beep - ok
    19:40:02.0298 3700 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
    19:40:02.0421 3700 BITS - ok
    19:40:02.0476 3700 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    19:40:02.0480 3700 blbdrive - ok
    19:40:02.0787 3700 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    19:40:02.0914 3700 Bonjour Service - ok
    19:40:03.0064 3700 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    19:40:03.0117 3700 bowser - ok
    19:40:03.0193 3700 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    19:40:03.0214 3700 BrFiltLo - ok
    19:40:03.0293 3700 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    19:40:03.0294 3700 BrFiltUp - ok
    19:40:03.0538 3700 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
    19:40:03.0590 3700 Browser - ok
    19:40:03.0994 3700 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    19:40:04.0007 3700 Brserid - ok
    19:40:04.0022 3700 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    19:40:04.0025 3700 BrSerWdm - ok
    19:40:04.0342 3700 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    19:40:04.0344 3700 BrUsbMdm - ok
    19:40:04.0353 3700 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    19:40:04.0354 3700 BrUsbSer - ok
    19:40:04.0440 3700 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    19:40:04.0442 3700 BthEnum - ok
    19:40:04.0472 3700 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    19:40:04.0475 3700 BTHMODEM - ok
    19:40:04.0506 3700 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    19:40:04.0510 3700 BthPan - ok
    19:40:04.0718 3700 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
    19:40:04.0750 3700 BTHPORT - ok
    19:40:04.0907 3700 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    19:40:04.0937 3700 bthserv - ok
    19:40:05.0130 3700 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
    19:40:05.0191 3700 BTHUSB - ok
    19:40:05.0469 3700 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
    19:40:05.0489 3700 btusbflt - ok
    19:40:05.0681 3700 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
    19:40:05.0686 3700 btwaudio - ok
    19:40:05.0725 3700 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
    19:40:05.0746 3700 btwavdt - ok
    19:40:06.0917 3700 btwdins (d65aa164acd0f6706dbcfbbcc9731584) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    19:40:06.0993 3700 btwdins - ok
    19:40:07.0026 3700 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
    19:40:07.0043 3700 btwl2cap - ok
    19:40:07.0084 3700 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
    19:40:07.0088 3700 btwrchid - ok
    19:40:07.0160 3700 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    19:40:07.0163 3700 cdfs - ok
    19:40:07.0460 3700 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    19:40:07.0475 3700 cdrom - ok
    19:40:07.0598 3700 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    19:40:07.0600 3700 CertPropSvc - ok
    19:40:07.0694 3700 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
    19:40:07.0696 3700 cfwids - ok
    19:40:07.0719 3700 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    19:40:07.0722 3700 circlass - ok
    19:40:07.0790 3700 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    19:40:07.0812 3700 CLFS - ok
    19:40:07.0966 3700 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:40:07.0970 3700 clr_optimization_v2.0.50727_32 - ok
    19:40:08.0081 3700 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:40:08.0114 3700 clr_optimization_v2.0.50727_64 - ok
    19:40:08.0640 3700 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:40:09.0051 3700 clr_optimization_v4.0.30319_32 - ok
    19:40:09.0358 3700 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:40:09.0375 3700 clr_optimization_v4.0.30319_64 - ok
    19:40:09.0423 3700 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    19:40:09.0436 3700 CmBatt - ok
    19:40:09.0476 3700 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    19:40:09.0479 3700 cmdide - ok
    19:40:09.0534 3700 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    19:40:09.0554 3700 CNG - ok
    19:40:09.0584 3700 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    19:40:09.0588 3700 Compbatt - ok
    19:40:09.0638 3700 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    19:40:09.0643 3700 CompositeBus - ok
    19:40:09.0663 3700 COMSysApp - ok
    19:40:09.0767 3700 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    19:40:09.0791 3700 crcdisk - ok
    19:40:09.0862 3700 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
    19:40:09.0934 3700 CryptSvc - ok
    19:40:10.0310 3700 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
    19:40:10.0315 3700 CtClsFlt - ok
    19:40:10.0855 3700 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
    19:40:11.0191 3700 dc3d - ok
    19:40:11.0769 3700 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    19:40:11.0795 3700 DcomLaunch - ok
    19:40:11.0836 3700 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    19:40:11.0859 3700 defragsvc - ok
    19:40:11.0927 3700 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    19:40:11.0932 3700 DfsC - ok
    19:40:12.0046 3700 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
    19:40:12.0138 3700 Dhcp - ok
    19:40:12.0157 3700 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    19:40:12.0160 3700 discache - ok
    19:40:12.0190 3700 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    19:40:12.0193 3700 Disk - ok
    19:40:12.0350 3700 dleaCATSCustConnectService (e0d525515537e60aba8f3e29209f02e8) C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
    19:40:12.0505 3700 dleaCATSCustConnectService - ok
    19:40:12.0569 3700 dlea_device - ok
    19:40:12.0782 3700 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
    19:40:12.0845 3700 Dnscache - ok
    19:40:13.0704 3700 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
    19:40:13.0835 3700 DockLoginService - ok
    19:40:14.0306 3700 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
    19:40:14.0416 3700 dot3svc - ok
    19:40:14.0811 3700 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
    19:40:14.0858 3700 DPS - ok
    19:40:14.0904 3700 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    19:40:14.0908 3700 drmkaud - ok
    19:40:15.0524 3700 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    19:40:15.0564 3700 DXGKrnl - ok
    19:40:16.0262 3700 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    19:40:16.0296 3700 EapHost - ok
    19:40:21.0289 3700 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    19:40:21.0397 3700 ebdrv - ok
    19:40:22.0032 3700 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
    19:40:22.0077 3700 EFS - ok
    19:40:23.0427 3700 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
    19:40:23.0471 3700 ehRecvr - ok
    19:40:23.0514 3700 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    19:40:23.0528 3700 ehSched - ok
    19:40:24.0245 3700 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    19:40:24.0267 3700 elxstor - ok
    19:40:24.0299 3700 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    19:40:24.0302 3700 ErrDev - ok
    19:40:25.0152 3700 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    19:40:25.0174 3700 EventSystem - ok
    19:40:25.0247 3700 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    19:40:25.0295 3700 exfat - ok
    19:40:25.0352 3700 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
    19:40:25.0366 3700 FACAP - ok
    19:40:28.0098 3700 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\FAService.exe
    19:40:28.0173 3700 FAService - ok
    19:40:29.0812 3700 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    19:40:29.0833 3700 fastfat - ok
    19:40:30.0886 3700 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
    19:40:30.0928 3700 Fax - ok
    19:40:30.0957 3700 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    19:40:30.0961 3700 fdc - ok
    19:40:30.0994 3700 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    19:40:31.0005 3700 fdPHost - ok
    19:40:31.0018 3700 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    19:40:31.0028 3700 FDResPub - ok
    19:40:31.0061 3700 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    19:40:31.0065 3700 FileInfo - ok
    19:40:31.0081 3700 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    19:40:31.0085 3700 Filetrace - ok
    19:40:32.0239 3700 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files (x86)\Fitbit\fitbit.exe
    19:40:32.0390 3700 Fitbit - ok
    19:40:32.0408 3700 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    19:40:32.0418 3700 flpydisk - ok
    19:40:32.0925 3700 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    19:40:32.0950 3700 FltMgr - ok
    19:40:34.0811 3700 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
    19:40:34.0990 3700 FontCache - ok
    19:40:35.0331 3700 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:40:35.0364 3700 FontCache3.0.0.0 - ok
    19:40:35.0428 3700 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    19:40:35.0432 3700 FsDepends - ok
    19:40:35.0495 3700 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
    19:40:35.0499 3700 fssfltr - ok
    19:40:37.0559 3700 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    19:40:37.0623 3700 fsssvc - ok
    19:40:39.0658 3700 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    19:40:39.0661 3700 Fs_Rec - ok
    19:40:40.0056 3700 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    19:40:40.0079 3700 fvevol - ok
    19:40:40.0148 3700 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    19:40:40.0152 3700 gagp30kx - ok
    19:40:40.0193 3700 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    19:40:40.0198 3700 GEARAspiWDM - ok
    19:40:41.0434 3700 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
    19:40:41.0576 3700 gpsvc - ok
    19:40:41.0682 3700 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    19:40:41.0712 3700 hcw85cir - ok
    19:40:41.0775 3700 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    19:40:41.0791 3700 HDAudBus - ok
    19:40:41.0816 3700 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    19:40:41.0820 3700 HidBatt - ok
    19:40:41.0848 3700 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    19:40:41.0857 3700 HidBth - ok
    19:40:41.0879 3700 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    19:40:41.0884 3700 HidIr - ok
    19:40:41.0915 3700 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
    19:40:41.0920 3700 hidserv - ok
    19:40:41.0984 3700 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    19:40:41.0987 3700 HidUsb - ok
    19:40:42.0027 3700 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
    19:40:42.0052 3700 hkmsvc - ok
    19:40:42.0440 3700 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
    19:40:42.0583 3700 HomeGroupListener - ok
    19:40:42.0661 3700 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
    19:40:42.0772 3700 HomeGroupProvider - ok
    19:40:43.0277 3700 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    19:40:43.0316 3700 HpSAMD - ok
    19:40:43.0504 3700 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    19:40:43.0556 3700 HTTP - ok
    19:40:43.0603 3700 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    19:40:43.0606 3700 hwpolicy - ok
    19:40:43.0869 3700 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    19:40:43.0878 3700 i8042prt - ok
    19:40:43.0970 3700 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    19:40:43.0991 3700 iaStorV - ok
    19:40:44.0875 3700 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:40:44.0956 3700 idsvc - ok
    19:40:46.0342 3700 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    19:40:46.0382 3700 iirsp - ok
    19:40:46.0736 3700 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
    19:40:46.0885 3700 IKEEXT - ok
    19:40:47.0095 3700 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    19:40:47.0098 3700 intelide - ok
    19:40:47.0597 3700 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    19:40:47.0625 3700 intelppm - ok
    19:40:47.0691 3700 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    19:40:47.0713 3700 IPBusEnum - ok
    19:40:47.0757 3700 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:40:47.0762 3700 IpFilterDriver - ok
    19:40:47.0837 3700 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    19:40:47.0859 3700 IPMIDRV - ok
    19:40:47.0901 3700 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    19:40:47.0912 3700 IPNAT - ok
    19:40:49.0866 3700 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
    19:40:49.0916 3700 iPod Service - ok
    19:40:49.0958 3700 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    19:40:49.0962 3700 IRENUM - ok
    19:40:50.0017 3700 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    19:40:50.0021 3700 isapnp - ok
    19:40:50.0518 3700 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    19:40:50.0546 3700 iScsiPrt - ok
    19:40:50.0627 3700 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
    19:40:50.0632 3700 itecir - ok
    19:40:50.0695 3700 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
    19:40:50.0716 3700 k57nd60a - ok
    19:40:50.0794 3700 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    19:40:50.0798 3700 kbdclass - ok
    19:40:50.0838 3700 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    19:40:50.0845 3700 kbdhid - ok
    19:40:50.0895 3700 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:40:50.0898 3700 KeyIso - ok
    19:40:50.0922 3700 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    19:40:50.0938 3700 KSecDD - ok
    19:40:50.0961 3700 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    19:40:50.0979 3700 KSecPkg - ok
    19:40:51.0015 3700 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    19:40:51.0018 3700 ksthunk - ok
    19:40:51.0083 3700 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
    19:40:51.0122 3700 KtmRm - ok
    19:40:51.0422 3700 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
    19:40:51.0506 3700 LanmanServer - ok
    19:40:52.0192 3700 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
    19:40:52.0330 3700 LanmanWorkstation - ok
    19:40:52.0367 3700 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    19:40:52.0369 3700 lltdio - ok
    19:40:52.0423 3700 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
    19:40:52.0452 3700 lltdsvc - ok
    19:40:52.0471 3700 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
    19:40:52.0488 3700 lmhosts - ok
    19:40:52.0529 3700 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    19:40:52.0532 3700 LSI_FC - ok
    19:40:52.0552 3700 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    19:40:52.0555 3700 LSI_SAS - ok
    19:40:52.0565 3700 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    19:40:52.0568 3700 LSI_SAS2 - ok
    19:40:52.0583 3700 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    19:40:52.0595 3700 LSI_SCSI - ok
    19:40:52.0627 3700 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    19:40:52.0641 3700 luafv - ok
    19:40:52.0705 3700 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
    19:40:52.0726 3700 MBAMProtector - ok
    19:40:52.0982 3700 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    19:40:53.0101 3700 MBAMService - ok
    19:40:53.0413 3700 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:40:53.0428 3700 McAfee SiteAdvisor Service - ok
    19:40:54.0549 3700 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    19:40:54.0700 3700 McciCMService - ok
    19:40:55.0254 3700 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
    19:40:55.0360 3700 McciCMService64 - ok
    19:40:55.0844 3700 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    19:40:55.0853 3700 McComponentHostService - ok
    19:40:55.0906 3700 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:40:55.0911 3700 McMPFSvc - ok
    19:40:55.0922 3700 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:40:55.0928 3700 mcmscsvc - ok
    19:40:55.0937 3700 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:40:55.0939 3700 McNaiAnn - ok
    19:40:55.0964 3700 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:40:55.0966 3700 McNASvc - ok
    19:40:57.0354 3700 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
    19:40:57.0429 3700 McODS - ok
    19:40:57.0476 3700 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:40:57.0482 3700 McProxy - ok
    19:40:57.0967 3700 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    19:40:57.0994 3700 McShield - ok
    19:40:59.0423 3700 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
    19:40:59.0495 3700 Mcx2Svc - ok
    19:40:59.0616 3700 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    19:40:59.0620 3700 megasas - ok
    19:40:59.0658 3700 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    19:40:59.0673 3700 MegaSR - ok
    19:40:59.0889 3700 MemeoBackgroundService (671a03ca9cd0259ccbb7b78a9ce234ec) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    19:40:59.0986 3700 MemeoBackgroundService - ok
    19:41:00.0369 3700 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
    19:41:00.0399 3700 mfeapfk - ok
    19:41:01.0429 3700 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
    19:41:01.0440 3700 mfeavfk - ok
    19:41:01.0479 3700 mfeavfk01 - ok
    19:41:02.0384 3700 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    19:41:02.0390 3700 mfefire - ok
    19:41:03.0502 3700 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
    19:41:03.0520 3700 mfefirek - ok
    19:41:03.0718 3700 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
    19:41:03.0754 3700 mfehidk - ok
    19:41:03.0803 3700 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
    19:41:03.0808 3700 mfenlfk - ok
    19:41:03.0869 3700 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
    19:41:03.0874 3700 mferkdet - ok
    19:41:04.0198 3700 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
    19:41:04.0229 3700 mfevtp - ok
    19:41:04.0885 3700 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
    19:41:04.0922 3700 mfewfpk - ok
    19:41:05.0114 3700 Microsoft SharePoint Workspace Audit Service - ok
    19:41:05.0225 3700 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    19:41:05.0246 3700 MMCSS - ok
    19:41:05.0678 3700 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    19:41:05.0700 3700 Modem - ok
    19:41:05.0752 3700 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    19:41:05.0756 3700 monitor - ok
    19:41:05.0837 3700 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    19:41:05.0866 3700 mouclass - ok
    19:41:05.0898 3700 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    19:41:05.0902 3700 mouhid - ok
    19:41:05.0942 3700 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    19:41:05.0947 3700 mountmgr - ok
    19:41:05.0993 3700 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    19:41:06.0095 3700 mpio - ok
    19:41:06.0209 3700 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    19:41:06.0226 3700 mpsdrv - ok
    19:41:06.0265 3700 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    19:41:06.0281 3700 MRxDAV - ok
    19:41:06.0468 3700 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:41:06.0476 3700 mrxsmb - ok
    19:41:06.0635 3700 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:41:06.0674 3700 mrxsmb10 - ok
    19:41:06.0873 3700 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:41:06.0897 3700 mrxsmb20 - ok
    19:41:06.0961 3700 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    19:41:06.0964 3700 msahci - ok
    19:41:07.0015 3700 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    19:41:07.0026 3700 msdsm - ok
    19:41:07.0091 3700 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
    19:41:07.0111 3700 MSDTC - ok
    19:41:07.0197 3700 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    19:41:07.0200 3700 Msfs - ok
    19:41:07.0225 3700 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    19:41:07.0229 3700 mshidkmdf - ok
    19:41:07.0246 3700 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    19:41:07.0249 3700 msisadrv - ok
    19:41:07.0277 3700 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
    19:41:07.0294 3700 MSiSCSI - ok
    19:41:07.0297 3700 msiserver - ok
    19:41:07.0415 3700 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:41:07.0419 3700 MSK80Service - ok
    19:41:07.0456 3700 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    19:41:07.0460 3700 MSKSSRV - ok
    19:41:07.0736 3700 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    19:41:07.0850 3700 MSPCLOCK - ok
    19:41:07.0893 3700 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    19:41:07.0896 3700 MSPQM - ok
    19:41:08.0276 3700 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    19:41:08.0292 3700 MsRPC - ok
    19:41:08.0327 3700 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    19:41:08.0332 3700 mssmbios - ok
    19:41:08.0361 3700 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    19:41:08.0367 3700 MSTEE - ok
    19:41:08.0388 3700 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    19:41:08.0390 3700 MTConfig - ok
    19:41:08.0429 3700 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    19:41:08.0441 3700 Mup - ok
    19:41:08.0700 3700 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
    19:41:08.0714 3700 napagent - ok
    19:41:08.0890 3700 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    19:41:08.0919 3700 NativeWifiP - ok
    19:41:09.0425 3700 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    19:41:09.0464 3700 NDIS - ok
    19:41:09.0529 3700 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    19:41:09.0542 3700 NdisCap - ok
    19:41:09.0571 3700 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    19:41:09.0575 3700 NdisTapi - ok
    19:41:10.0214 3700 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    19:41:10.0251 3700 Ndisuio - ok
    19:41:10.0321 3700 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    19:41:10.0337 3700 NdisWan - ok
    19:41:10.0360 3700 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    19:41:10.0365 3700 NDProxy - ok
    19:41:10.0392 3700 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    19:41:10.0401 3700 NetBIOS - ok
    19:41:10.0479 3700 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    19:41:10.0488 3700 NetBT - ok
    19:41:10.0526 3700 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:41:10.0527 3700 Netlogon - ok
    19:41:10.0576 3700 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
    19:41:10.0607 3700 Netman - ok
    19:41:10.0716 3700 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
    19:41:10.0740 3700 netprofm - ok
    19:41:11.0097 3700 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    19:41:11.0103 3700 NetTcpPortSharing - ok
    19:41:11.0201 3700 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    19:41:11.0204 3700 nfrd960 - ok
    19:41:11.0306 3700 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
    19:41:11.0329 3700 NlaSvc - ok
    19:41:11.0354 3700 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    19:41:11.0392 3700 Npfs - ok
    19:41:11.0420 3700 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
    19:41:11.0434 3700 nsi - ok
    19:41:11.0463 3700 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    19:41:11.0466 3700 nsiproxy - ok
    19:41:12.0745 3700 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    19:41:12.0800 3700 Ntfs - ok
    19:41:13.0659 3700 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    19:41:13.0661 3700 Null - ok
    19:41:13.0712 3700 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    19:41:13.0832 3700 nvraid - ok
    19:41:14.0158 3700 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    19:41:14.0176 3700 nvstor - ok
    19:41:14.0249 3700 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    19:41:14.0270 3700 nv_agp - ok
    19:41:15.0482 3700 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    19:41:15.0552 3700 odserv - ok
    19:41:15.0813 3700 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    19:41:15.0817 3700 ohci1394 - ok
    19:41:15.0938 3700 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:41:15.0944 3700 ose - ok
    19:41:19.0990 3700 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    19:41:20.0122 3700 osppsvc - ok
    19:41:20.0592 3700 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    19:41:20.0614 3700 p2pimsvc - ok
    19:41:20.0700 3700 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
    19:41:20.0751 3700 p2psvc - ok
    19:41:21.0089 3700 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    19:41:21.0105 3700 Parport - ok
    19:41:21.0146 3700 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
    19:41:21.0224 3700 partmgr - ok
    19:41:21.0739 3700 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
    19:41:21.0763 3700 PcaSvc - ok
    19:41:21.0894 3700 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
    19:41:21.0946 3700 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
    19:41:21.0999 3700 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    19:41:22.0003 3700 pci - ok
    19:41:22.0020 3700 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    19:41:22.0026 3700 pciide - ok
    19:41:22.0220 3700 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    19:41:22.0237 3700 pcmcia - ok
    19:41:22.0272 3700 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    19:41:22.0279 3700 pcw - ok
    19:41:22.0445 3700 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    19:41:22.0477 3700 PEAUTH - ok
    19:41:22.0698 3700 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
    19:41:22.0731 3700 PerfHost - ok
    19:41:24.0161 3700 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
    19:41:24.0302 3700 pla - ok
    19:41:24.0849 3700 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
    19:41:24.0875 3700 PlugPlay - ok
    19:41:24.0900 3700 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
    19:41:24.0934 3700 PNRPAutoReg - ok
    19:41:25.0294 3700 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    19:41:25.0297 3700 PNRPsvc - ok
    19:41:25.0411 3700 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
    19:41:25.0417 3700 Point64 - ok
    19:41:26.0585 3700 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
    19:41:26.0676 3700 PolicyAgent - ok
    19:41:26.0754 3700 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
    19:41:26.0775 3700 Power - ok
    19:41:26.0859 3700 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    19:41:26.0864 3700 PptpMiniport - ok
    19:41:26.0896 3700 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    19:41:26.0902 3700 Processor - ok
    19:41:26.0940 3700 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
    19:41:26.0969 3700 ProfSvc - ok
    19:41:27.0014 3700 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:41:27.0018 3700 ProtectedStorage - ok
    19:41:27.0071 3700 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    19:41:27.0082 3700 Psched - ok
    19:41:27.0127 3700 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
    19:41:27.0131 3700 PxHlpa64 - ok
    19:41:27.0795 3700 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    19:41:27.0849 3700 ql2300 - ok
    19:41:28.0594 3700 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    19:41:28.0610 3700 ql40xx - ok
    19:41:28.0820 3700 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
    19:41:28.0847 3700 QWAVE - ok
    19:41:28.0872 3700 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    19:41:28.0876 3700 QWAVEdrv - ok
    19:41:28.0894 3700 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    19:41:28.0898 3700 RasAcd - ok
    19:41:28.0943 3700 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    19:41:28.0946 3700 RasAgileVpn - ok
    19:41:29.0004 3700 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
    19:41:29.0032 3700 RasAuto - ok
    19:41:29.0075 3700 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:41:29.0085 3700 Rasl2tp - ok
    19:41:29.0143 3700 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
    19:41:29.0217 3700 RasMan - ok
    19:41:29.0316 3700 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    19:41:29.0327 3700 RasPppoe - ok
    19:41:29.0360 3700 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    19:41:29.0364 3700 RasSstp - ok
    19:41:29.0415 3700 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    19:41:29.0432 3700 rdbss - ok
    19:41:29.0464 3700 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    19:41:29.0467 3700 rdpbus - ok
    19:41:29.0487 3700 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:41:29.0491 3700 RDPCDD - ok
    19:41:29.0528 3700 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    19:41:29.0537 3700 RDPENCDD - ok
    19:41:29.0548 3700 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    19:41:29.0550 3700 RDPREFMP - ok
    19:41:29.0591 3700 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
    19:41:29.0603 3700 RDPWD - ok
    19:41:29.0660 3700 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    19:41:29.0673 3700 rdyboost - ok
    19:41:29.0711 3700 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
    19:41:29.0732 3700 RemoteAccess - ok
    19:41:29.0779 3700 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
    19:41:29.0800 3700 RemoteRegistry - ok
    19:41:29.0839 3700 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    19:41:29.0864 3700 RFCOMM - ok
    19:41:29.0900 3700 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
    19:41:29.0906 3700 rimmptsk - ok
    19:41:29.0926 3700 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
    19:41:29.0931 3700 rimsptsk - ok
    19:41:29.0965 3700 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
    19:41:29.0968 3700 rismxdp - ok
    19:41:30.0232 3700 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    19:41:30.0753 3700 RoxMediaDB10 - ok
    19:41:30.0871 3700 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
    19:41:30.0878 3700 RpcEptMapper - ok
    19:41:30.0904 3700 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
    19:41:30.0910 3700 RpcLocator - ok
    19:41:30.0970 3700 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    19:41:30.0974 3700 RpcSs - ok
    19:41:31.0017 3700 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    19:41:31.0023 3700 rspndr - ok
    19:41:31.0035 3700 RxFilter - ok
    19:41:31.0088 3700 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:41:31.0091 3700 SamSs - ok
    19:41:31.0133 3700 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    19:41:31.0144 3700 sbp2port - ok
    19:41:31.0178 3700 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
    19:41:31.0191 3700 SCardSvr - ok
    19:41:31.0231 3700 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    19:41:31.0236 3700 scfilter - ok
    19:41:31.0325 3700 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
    19:41:31.0421 3700 Schedule - ok
    19:41:31.0491 3700 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    19:41:31.0492 3700 SCPolicySvc - ok
    19:41:31.0573 3700 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
    19:41:31.0579 3700 sdbus - ok
    19:41:31.0630 3700 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
    19:41:31.0647 3700 SDRSVC - ok
    19:41:31.0751 3700 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    19:41:31.0800 3700 SeagateDashboardService - ok
    19:41:31.0825 3700 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    19:41:31.0827 3700 secdrv - ok
    19:41:31.0843 3700 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
    19:41:31.0876 3700 seclogon - ok
    19:41:31.0907 3700 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
    19:41:31.0910 3700 SENS - ok
    19:41:31.0923 3700 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
    19:41:31.0928 3700 SensrSvc - ok
    19:41:31.0941 3700 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    19:41:31.0946 3700 Serenum - ok
    19:41:31.0980 3700 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    19:41:31.0985 3700 Serial - ok
    19:41:32.0037 3700 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    19:41:32.0041 3700 sermouse - ok
    19:41:32.0110 3700 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
    19:41:32.0191 3700 SessionEnv - ok
    19:41:32.0224 3700 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
    19:41:32.0226 3700 sffdisk - ok
    19:41:32.0254 3700 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    19:41:32.0257 3700 sffp_mmc - ok
    19:41:32.0267 3700 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
    19:41:32.0270 3700 sffp_sd - ok
    19:41:32.0275 3700 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    19:41:32.0277 3700 sfloppy - ok
    19:41:32.0367 3700 SftService (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    19:41:32.0484 3700 SftService - ok
    19:41:32.0534 3700 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
    19:41:32.0568 3700 SharedAccess - ok
    19:41:32.0885 3700 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
    19:41:32.0972 3700 ShellHWDetection - ok
    19:41:33.0041 3700 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    19:41:33.0046 3700 SiSRaid2 - ok
    19:41:33.0069 3700 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    19:41:33.0080 3700 SiSRaid4 - ok
    19:41:33.0140 3700 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys
    19:41:33.0145 3700 SIUSBXP - ok
    19:41:33.0236 3700 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
    19:41:35.0981 3700 SkypeUpdate - ok
    19:41:36.0022 3700 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    19:41:36.0032 3700 Smb - ok
    19:41:36.0082 3700 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
    19:41:36.0103 3700 SNMPTRAP - ok
    19:41:36.0137 3700 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    19:41:36.0141 3700 spldr - ok
    19:41:36.0220 3700 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
    19:41:36.0337 3700 Spooler - ok
    19:41:38.0417 3700 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
    19:41:38.0509 3700 sppsvc - ok
    19:41:38.0794 3700 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
    19:41:38.0811 3700 sppuinotify - ok
    19:41:38.0904 3700 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    19:41:38.0942 3700 srv - ok
    19:41:38.0992 3700 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    19:41:39.0017 3700 srv2 - ok
    19:41:39.0050 3700 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    19:41:39.0068 3700 srvnet - ok
    19:41:39.0099 3700 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
    19:41:39.0118 3700 SSDPSRV - ok
    19:41:39.0137 3700 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
    19:41:39.0161 3700 SstpSvc - ok
    19:41:39.0671 3700 SSUService (c193ced023f075d85cea47b475997f3f) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    19:41:39.0762 3700 SSUService - ok
    19:41:40.0141 3700 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    19:41:40.0148 3700 STacSV - ok
    19:41:40.0193 3700 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    19:41:40.0198 3700 stexstor - ok
    19:41:40.0292 3700 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
    19:41:40.0306 3700 STHDA - ok
    19:41:40.0477 3700 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
    19:41:40.0551 3700 stisvc - ok
    19:41:40.0635 3700 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    19:41:40.0729 3700 stllssvr - ok
    19:41:40.0808 3700 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    19:41:40.0810 3700 swenum - ok
    19:41:40.0877 3700 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
    19:41:40.0911 3700 swprv - ok
    19:41:40.0970 3700 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
    19:41:41.0000 3700 SynTP - ok
    19:41:42.0004 3700 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
    19:41:42.0061 3700 SysMain - ok
    19:41:42.0172 3700 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
    19:41:42.0239 3700 TabletInputService - ok
    19:41:42.0267 3700 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
    19:41:42.0313 3700 TapiSrv - ok
    19:41:42.0351 3700 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
    19:41:42.0359 3700 TBS - ok
    19:41:42.0856 3700 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
    19:41:42.0894 3700 Tcpip - ok
    19:41:43.0422 3700 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
    19:41:43.0431 3700 TCPIP6 - ok
    19:41:43.0552 3700 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    19:41:43.0554 3700 tcpipreg - ok
    19:41:43.0586 3700 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    19:41:43.0588 3700 TDPIPE - ok
    19:41:43.0916 3700 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    19:41:43.0920 3700 TDTCP - ok
    19:41:43.0979 3700 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    19:41:43.0995 3700 tdx - ok
    19:41:44.0032 3700 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    19:41:44.0036 3700 TermDD - ok
    19:41:44.0155 3700 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
    19:41:44.0201 3700 TermService - ok
    19:41:44.0291 3700 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
    19:41:44.0327 3700 Themes - ok
    19:41:44.0362 3700 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    19:41:44.0366 3700 THREADORDER - ok
    19:41:44.0509 3700 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
    19:41:44.0544 3700 TrkWks - ok
    19:41:44.0863 3700 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
    19:41:44.0879 3700 TrustedInstaller - ok
    19:41:44.0953 3700 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:41:44.0956 3700 tssecsrv - ok
    19:41:45.0016 3700 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    19:41:45.0022 3700 TsUsbFlt - ok
    19:41:45.0119 3700 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    19:41:45.0123 3700 tunnel - ok
    19:41:45.0160 3700 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    19:41:45.0165 3700 uagp35 - ok
    19:41:45.0398 3700 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    19:41:45.0418 3700 udfs - ok
    19:41:45.0472 3700 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
    19:41:45.0496 3700 UI0Detect - ok
    19:41:45.0539 3700 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    19:41:45.0542 3700 uliagpkx - ok
    19:41:45.0574 3700 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    19:41:45.0579 3700 umbus - ok
    19:41:45.0601 3700 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    19:41:45.0605 3700 UmPass - ok
    19:41:45.0642 3700 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
    19:41:45.0661 3700 upnphost - ok
    19:41:45.0701 3700 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
    19:41:45.0704 3700 USBAAPL64 - ok
    19:41:45.0727 3700 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    19:41:45.0730 3700 usbccgp - ok
    19:41:45.0786 3700 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    19:41:45.0792 3700 usbcir - ok
    19:41:45.0815 3700 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    19:41:45.0820 3700 usbehci - ok
    19:41:46.0371 3700 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    19:41:46.0403 3700 usbhub - ok
    19:41:46.0457 3700 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    19:41:46.0461 3700 usbohci - ok
    19:41:46.0567 3700 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    19:41:46.0574 3700 usbprint - ok
    19:41:46.0783 3700 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    19:41:46.0788 3700 usbscan - ok
    19:41:46.0823 3700 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:41:46.0837 3700 USBSTOR - ok
    19:41:46.0856 3700 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    19:41:46.0860 3700 usbuhci - ok
    19:41:46.0940 3700 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    19:41:46.0955 3700 usbvideo - ok
    19:41:46.0991 3700 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
    19:41:46.0998 3700 UxSms - ok
    19:41:47.0049 3700 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:41:47.0053 3700 VaultSvc - ok
    19:41:47.0128 3700 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    19:41:47.0131 3700 vdrvroot - ok
    19:41:47.0350 3700 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
    19:41:47.0398 3700 vds - ok
    19:41:47.0438 3700 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    19:41:47.0442 3700 vga - ok
    19:41:47.0493 3700 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    19:41:47.0496 3700 VgaSave - ok
    19:41:47.0546 3700 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    19:41:47.0561 3700 vhdmp - ok
    19:41:47.0592 3700 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    19:41:47.0596 3700 viaide - ok
    19:41:47.0616 3700 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    19:41:47.0619 3700 volmgr - ok
    19:41:47.0671 3700 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    19:41:47.0691 3700 volmgrx - ok
    19:41:47.0736 3700 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    19:41:47.0753 3700 volsnap - ok
    19:41:47.0802 3700 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    19:41:47.0817 3700 vsmraid - ok
    19:41:48.0040 3700 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
    19:41:48.0101 3700 VSS - ok
    19:41:48.0532 3700 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    19:41:48.0534 3700 vwifibus - ok
    19:41:48.0553 3700 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    19:41:48.0555 3700 vwififlt - ok
    19:41:48.0581 3700 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
    19:41:48.0583 3700 vwifimp - ok
    19:41:48.0626 3700 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
    19:41:48.0648 3700 W32Time - ok
    19:41:48.0672 3700 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    19:41:48.0676 3700 WacomPen - ok
    19:41:48.0718 3700 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:41:48.0721 3700 WANARP - ok
    19:41:48.0724 3700 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:41:48.0725 3700 Wanarpv6 - ok
    19:41:48.0849 3700 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
    19:41:48.0969 3700 WatAdminSvc - ok
    19:41:49.0097 3700 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
    19:41:49.0231 3700 wbengine - ok
    19:41:49.0709 3700 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
    19:41:49.0744 3700 WbioSrvc - ok
    19:41:49.0997 3700 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
    19:41:50.0023 3700 wcncsvc - ok
    19:41:50.0049 3700 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
    19:41:50.0089 3700 WcsPlugInService - ok
    19:41:50.0191 3700 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    19:41:50.0199 3700 Wd - ok
    19:41:50.0276 3700 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    19:41:50.0315 3700 Wdf01000 - ok
    19:41:50.0793 3700 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    19:41:50.0816 3700 WdiServiceHost - ok
    19:41:50.0836 3700 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    19:41:50.0840 3700 WdiSystemHost - ok
    19:41:50.0915 3700 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
    19:41:50.0980 3700 WebClient - ok
    19:41:51.0148 3700 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
    19:41:51.0193 3700 Wecsvc - ok
    19:41:51.0215 3700 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
    19:41:51.0219 3700 wercplsupport - ok
    19:41:51.0237 3700 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
    19:41:51.0242 3700 WerSvc - ok
    19:41:51.0292 3700 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    19:41:51.0295 3700 WfpLwf - ok
    19:41:51.0343 3700 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
    19:41:51.0358 3700 WimFltr - ok
    19:41:51.0384 3700 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    19:41:51.0387 3700 WIMMount - ok
    19:41:51.0394 3700 WinHttpAutoProxySvc - ok
    19:41:51.0610 3700 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
    19:41:51.0651 3700 Winmgmt - ok
    19:41:53.0433 3700 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
    19:41:53.0588 3700 WinRM - ok
    19:41:54.0585 3700 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    19:41:54.0588 3700 WinUsb - ok
    19:41:55.0411 3700 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
    19:41:55.0445 3700 Wlansvc - ok
    19:41:55.0601 3700 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    19:41:55.0609 3700 wlcrasvc - ok
    19:41:57.0499 3700 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    19:41:57.0567 3700 wlidsvc - ok
    19:41:57.0783 3700 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    19:41:57.0880 3700 wltrysvc - ok
    19:41:58.0928 3700 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    19:41:58.0931 3700 WmiAcpi - ok
    19:41:59.0650 3700 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
    19:41:59.0662 3700 wmiApSrv - ok
    19:41:59.0731 3700 WMPNetworkSvc - ok
    19:41:59.0762 3700 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
    19:41:59.0792 3700 WPCSvc - ok
    19:41:59.0937 3700 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
    19:42:00.0027 3700 WPDBusEnum - ok
    19:42:00.0080 3700 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    19:42:00.0095 3700 ws2ifsl - ok
    19:42:00.0134 3700 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
    19:42:00.0139 3700 WSDPrintDevice - ok
    19:42:00.0150 3700 WSearch - ok
    19:42:01.0238 3700 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
    19:42:01.0292 3700 wuauserv - ok
    19:42:01.0897 3700 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    19:42:01.0925 3700 WudfPf - ok
    19:42:01.0985 3700 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:42:02.0001 3700 WUDFRd - ok
    19:42:02.0096 3700 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
    19:42:02.0186 3700 wudfsvc - ok
    19:42:02.0217 3700 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
    19:42:02.0279 3700 WwanSvc - ok
    19:42:02.0344 3700 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    19:42:02.0640 3700 \Device\Harddisk0\DR0 - ok
    19:42:02.0648 3700 Boot (0x1200) (4046940496e35c5daa3dfd9c0f8e3648) \Device\Harddisk0\DR0\Partition0
    19:42:02.0651 3700 \Device\Harddisk0\DR0\Partition0 - ok
    19:42:02.0665 3700 Boot (0x1200) (c492ce314e762ce903309b1cc566aee9) \Device\Harddisk0\DR0\Partition1
    19:42:02.0669 3700 \Device\Harddisk0\DR0\Partition1 - ok
    19:42:02.0670 3700 ============================================================
    19:42:02.0670 3700 Scan finished
    19:42:02.0670 3700 ============================================================
    19:42:02.0699 7768 Detected object count: 0
    19:42:02.0699 7768 Actual detected object count: 0
    19:50:20.0837 2868 ============================================================
    19:50:20.0838 2868 Scan started
    19:50:20.0838 2868 Mode: Manual; SigCheck; TDLFS;
    19:50:20.0838 2868 ============================================================
    19:50:24.0727 2868 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    19:50:25.0104 2868 1394ohci - ok
    19:50:25.0204 2868 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    19:50:25.0252 2868 ACPI - ok
    19:50:25.0290 2868 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    19:50:25.0448 2868 AcpiPmi - ok
    19:50:25.0591 2868 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    19:50:25.0621 2868 AdobeARMservice - ok
    19:50:25.0744 2868 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:50:25.0780 2868 AdobeFlashPlayerUpdateSvc - ok
    19:50:25.0831 2868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    19:50:25.0885 2868 adp94xx - ok
    19:50:25.0914 2868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    19:50:25.0931 2868 adpahci - ok
    19:50:25.0987 2868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    19:50:26.0001 2868 adpu320 - ok
    19:50:26.0114 2868 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    19:50:26.0513 2868 AeLookupSvc - ok
    19:50:26.0577 2868 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    19:50:26.0658 2868 AFD - ok
    19:50:26.0976 2868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    19:50:27.0013 2868 agp440 - ok
    19:50:27.0054 2868 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    19:50:27.0109 2868 ALG - ok
    19:50:27.0142 2868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    19:50:27.0154 2868 aliide - ok
    19:50:27.0198 2868 AMD External Events Utility (dceee24e57e8176115207312f827c130) C:\Windows\system32\atiesrxx.exe
    19:50:27.0342 2868 AMD External Events Utility - ok
    19:50:27.0463 2868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    19:50:27.0498 2868 amdide - ok
    19:50:27.0552 2868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    19:50:27.0640 2868 AmdK8 - ok
    19:50:28.0110 2868 amdkmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
    19:50:28.0219 2868 amdkmdag - ok
    19:50:28.0357 2868 amdkmdap (20b63276a1920b41e1c56720b395049b) C:\Windows\system32\DRIVERS\atikmpag.sys
    19:50:28.0375 2868 amdkmdap - ok
    19:50:28.0683 2868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    19:50:28.0721 2868 AmdPPM - ok
    19:50:28.0754 2868 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    19:50:28.0767 2868 amdsata - ok
    19:50:28.0790 2868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    19:50:28.0808 2868 amdsbs - ok
    19:50:28.0834 2868 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    19:50:28.0845 2868 amdxata - ok
    19:50:28.0874 2868 Apowersoft_AudioDevice (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
    19:50:28.0943 2868 Apowersoft_AudioDevice - ok
    19:50:29.0155 2868 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    19:50:29.0404 2868 AppID - ok
    19:50:29.0448 2868 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    19:50:29.0538 2868 AppIDSvc - ok
    19:50:29.0586 2868 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
    19:50:29.0729 2868 Appinfo - ok
    19:50:29.0887 2868 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:50:29.0915 2868 Apple Mobile Device - ok
    19:50:29.0960 2868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    19:50:29.0998 2868 arc - ok
    19:50:30.0020 2868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    19:50:30.0032 2868 arcsas - ok
    19:50:30.0062 2868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    19:50:30.0177 2868 AsyncMac - ok
    19:50:30.0221 2868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    19:50:30.0255 2868 atapi - ok
    19:50:30.0325 2868 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
    19:50:30.0356 2868 AtiHdmiService - ok
    19:50:31.0864 2868 atikmdag (f6640d83af0fd74c50e23e68548ea9a0) C:\Windows\system32\DRIVERS\atikmdag.sys
    19:50:31.0963 2868 atikmdag - ok
    19:50:32.0132 2868 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    19:50:32.0246 2868 AudioEndpointBuilder - ok
    19:50:32.0253 2868 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    19:50:32.0288 2868 AudioSrv - ok
    19:50:32.0317 2868 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
    19:50:32.0442 2868 AxInstSV - ok
    19:50:32.0553 2868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    19:50:32.0642 2868 b06bdrv - ok
    19:50:32.0728 2868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    19:50:32.0826 2868 b57nd60a - ok
    19:50:32.0888 2868 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
    19:50:32.0916 2868 BCM42RLY - ok
    19:50:33.0670 2868 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
    19:50:33.0756 2868 BCM43XX - ok
    19:50:33.0948 2868 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
    19:50:34.0066 2868 BDESVC - ok
    19:50:34.0126 2868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    19:50:34.0229 2868 Beep - ok
    19:50:34.0310 2868 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
    19:50:34.0404 2868 BITS - ok
    19:50:34.0430 2868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    19:50:34.0478 2868 blbdrive - ok
    19:50:34.0682 2868 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    19:50:34.0707 2868 Bonjour Service - ok
    19:50:34.0996 2868 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    19:50:35.0039 2868 bowser - ok
    19:50:35.0070 2868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    19:50:35.0166 2868 BrFiltLo - ok
    19:50:35.0202 2868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    19:50:35.0216 2868 BrFiltUp - ok
    19:50:35.0263 2868 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
    19:50:35.0367 2868 Browser - ok
    19:50:35.0528 2868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    19:50:35.0858 2868 Brserid - ok
    19:50:36.0049 2868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    19:50:36.0130 2868 BrSerWdm - ok
    19:50:36.0191 2868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    19:50:36.0255 2868 BrUsbMdm - ok
    19:50:36.0289 2868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    19:50:36.0343 2868 BrUsbSer - ok
    19:50:36.0425 2868 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    19:50:36.0687 2868 BthEnum - ok
    19:50:37.0146 2868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    19:50:37.0222 2868 BTHMODEM - ok
    19:50:37.0273 2868 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    19:50:37.0310 2868 BthPan - ok
    19:50:37.0392 2868 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
    19:50:37.0459 2868 BTHPORT - ok
    19:50:37.0784 2868 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    19:50:37.0947 2868 bthserv - ok
    19:50:38.0054 2868 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
    19:50:38.0067 2868 BTHUSB - ok
    19:50:38.0108 2868 btusbflt (2641a3fe3d7b0646308f33b67f3b5300) C:\Windows\system32\drivers\btusbflt.sys
    19:50:38.0119 2868 btusbflt - ok
    19:50:38.0204 2868 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
    19:50:38.0232 2868 btwaudio - ok
    19:50:38.0282 2868 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
    19:50:38.0292 2868 btwavdt - ok
    19:50:38.0516 2868 btwdins (d65aa164acd0f6706dbcfbbcc9731584) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    19:50:38.0572 2868 btwdins - ok
    19:50:38.0590 2868 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
    19:50:38.0614 2868 btwl2cap - ok
    19:50:38.0664 2868 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
    19:50:38.0691 2868 btwrchid - ok
    19:50:38.0721 2868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    19:50:38.0797 2868 cdfs - ok
    19:50:38.0829 2868 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    19:50:38.0873 2868 cdrom - ok
    19:50:38.0902 2868 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    19:50:39.0057 2868 CertPropSvc - ok
    19:50:39.0121 2868 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
    19:50:39.0151 2868 cfwids - ok
    19:50:39.0171 2868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    19:50:39.0212 2868 circlass - ok
    19:50:39.0255 2868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    19:50:39.0300 2868 CLFS - ok
    19:50:39.0418 2868 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:50:39.0450 2868 clr_optimization_v2.0.50727_32 - ok
    19:50:39.0520 2868 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:50:39.0551 2868 clr_optimization_v2.0.50727_64 - ok
    19:50:39.0668 2868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:50:39.0679 2868 clr_optimization_v4.0.30319_32 - ok
    19:50:39.0712 2868 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:50:39.0722 2868 clr_optimization_v4.0.30319_64 - ok
    19:50:39.0747 2868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    19:50:39.0774 2868 CmBatt - ok
    19:50:40.0174 2868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    19:50:40.0209 2868 cmdide - ok
    19:50:40.0322 2868 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    19:50:40.0365 2868 CNG - ok
    19:50:40.0397 2868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    19:50:40.0415 2868 Compbatt - ok
    19:50:40.0467 2868 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    19:50:40.0567 2868 CompositeBus - ok
    19:50:40.0570 2868 COMSysApp - ok
    19:50:40.0589 2868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    19:50:40.0624 2868 crcdisk - ok
    19:50:40.0719 2868 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
    19:50:40.0776 2868 CryptSvc - ok
    19:50:40.0841 2868 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
    19:50:40.0936 2868 CtClsFlt - ok
    19:50:41.0000 2868 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
    19:50:41.0110 2868 dc3d - ok
    19:50:41.0205 2868 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    19:50:41.0315 2868 DcomLaunch - ok
    19:50:41.0390 2868 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    19:50:41.0460 2868 defragsvc - ok
    19:50:41.0502 2868 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    19:50:41.0585 2868 DfsC - ok
    19:50:41.0666 2868 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
    19:50:41.0739 2868 Dhcp - ok
    19:50:41.0766 2868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    19:50:41.0875 2868 discache - ok
    19:50:41.0906 2868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    19:50:41.0918 2868 Disk - ok
    19:50:42.0023 2868 dleaCATSCustConnectService (e0d525515537e60aba8f3e29209f02e8) C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
    19:50:42.0052 2868 dleaCATSCustConnectService - ok
    19:50:42.0248 2868 dlea_device - ok
    19:50:42.0541 2868 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
    19:50:42.0718 2868 Dnscache - ok
    19:50:42.0899 2868 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
    19:50:42.0982 2868 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
    19:50:42.0982 2868 DockLoginService - detected UnsignedFile.Multi.Generic (1)
    19:50:43.0047 2868 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
    19:50:43.0161 2868 dot3svc - ok
    19:50:43.0207 2868 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
    19:50:43.0287 2868 DPS - ok
    19:50:43.0324 2868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    19:50:43.0380 2868 drmkaud - ok
    19:50:43.0484 2868 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    19:50:43.0528 2868 DXGKrnl - ok
    19:50:43.0550 2868 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    19:50:43.0636 2868 EapHost - ok
    19:50:43.0996 2868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    19:50:44.0100 2868 ebdrv - ok
    19:50:44.0593 2868 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
    19:50:44.0709 2868 EFS - ok
    19:50:45.0044 2868 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
    19:50:45.0221 2868 ehRecvr - ok
    19:50:45.0271 2868 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    19:50:45.0300 2868 ehSched - ok
    19:50:45.0398 2868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    19:50:45.0453 2868 elxstor - ok
    19:50:45.0484 2868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    19:50:45.0539 2868 ErrDev - ok
    19:50:45.0598 2868 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    19:50:45.0686 2868 EventSystem - ok
    19:50:45.0715 2868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    19:50:45.0749 2868 exfat - ok
    19:50:45.0866 2868 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
    19:50:45.0900 2868 FACAP - ok
    19:50:46.0186 2868 FAService (2b85d60e470acf871e4ef0db02e26861) C:\Program Files (x86)\FAService.exe
    19:50:46.0245 2868 FAService - ok
    19:50:46.0417 2868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    19:50:46.0527 2868 fastfat - ok
    19:50:46.0790 2868 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
    19:50:46.0902 2868 Fax - ok
    19:50:46.0935 2868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    19:50:46.0980 2868 fdc - ok
    19:50:47.0007 2868 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    19:50:47.0123 2868 fdPHost - ok
    19:50:47.0149 2868 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    19:50:47.0187 2868 FDResPub - ok
    19:50:47.0275 2868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    19:50:47.0293 2868 FileInfo - ok
    19:50:47.0306 2868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    19:50:47.0356 2868 Filetrace - ok
    19:50:47.0474 2868 Fitbit (d4c0e5c287aad7ff3176731a310ab2af) C:\Program Files (x86)\Fitbit\fitbit.exe
    19:50:47.0494 2868 Fitbit - ok
    19:50:47.0520 2868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    19:50:47.0542 2868 flpydisk - ok
    19:50:47.0594 2868 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    19:50:47.0612 2868 FltMgr - ok
    19:50:47.0702 2868 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
    19:50:47.0748 2868 FontCache - ok
    19:50:47.0892 2868 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:50:47.0912 2868 FontCache3.0.0.0 - ok
    19:50:48.0062 2868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    19:50:48.0086 2868 FsDepends - ok
    19:50:48.0217 2868 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
    19:50:48.0226 2868 fssfltr - ok
    19:50:48.0497 2868 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    19:50:48.0524 2868 fsssvc - ok
    19:50:49.0219 2868 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    19:50:49.0231 2868 Fs_Rec - ok
    19:50:49.0313 2868 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    19:50:49.0331 2868 fvevol - ok
    19:50:49.0376 2868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    19:50:49.0458 2868 gagp30kx - ok
    19:50:49.0518 2868 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    19:50:49.0527 2868 GEARAspiWDM - ok
    19:50:49.0603 2868 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
    19:50:49.0658 2868 gpsvc - ok
    19:50:49.0713 2868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    19:50:49.0785 2868 hcw85cir - ok
    19:50:49.0833 2868 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    19:50:49.0868 2868 HDAudBus - ok
    19:50:49.0917 2868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    19:50:49.0942 2868 HidBatt - ok
    19:50:49.0967 2868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    19:50:50.0021 2868 HidBth - ok
    19:50:50.0505 2868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    19:50:50.0534 2868 HidIr - ok
    19:50:50.0569 2868 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
    19:50:50.0666 2868 hidserv - ok
    19:50:50.0694 2868 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    19:50:50.0707 2868 HidUsb - ok
    19:50:50.0745 2868 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
    19:50:50.0858 2868 hkmsvc - ok
    19:50:50.0931 2868 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
    19:50:51.0335 2868 HomeGroupListener - ok
    19:50:51.0370 2868 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
    19:50:51.0421 2868 HomeGroupProvider - ok
    19:50:51.0521 2868 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    19:50:51.0558 2868 HpSAMD - ok
    19:50:51.0649 2868 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    19:50:51.0781 2868 HTTP - ok
    19:50:51.0815 2868 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    19:50:51.0826 2868 hwpolicy - ok
    19:50:51.0855 2868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    19:50:51.0893 2868 i8042prt - ok
    19:50:51.0946 2868 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    19:50:51.0994 2868 iaStorV - ok
    19:50:52.0125 2868 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:50:52.0182 2868 idsvc - ok
    19:50:52.0362 2868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    19:50:52.0410 2868 iirsp - ok
    19:50:52.0558 2868 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
    19:50:52.0633 2868 IKEEXT - ok
    19:50:52.0662 2868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    19:50:52.0673 2868 intelide - ok
    19:50:52.0709 2868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    19:50:52.0761 2868 intelppm - ok
    19:50:52.0812 2868 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    19:50:52.0935 2868 IPBusEnum - ok
    19:50:52.0976 2868 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:50:53.0089 2868 IpFilterDriver - ok
    19:50:53.0533 2868 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    19:50:53.0614 2868 IPMIDRV - ok
    19:50:53.0664 2868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    19:50:53.0795 2868 IPNAT - ok
    19:50:53.0938 2868 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
    19:50:53.0999 2868 iPod Service - ok
    19:50:54.0023 2868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    19:50:54.0117 2868 IRENUM - ok
    19:50:54.0173 2868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    19:50:54.0208 2868 isapnp - ok
    19:50:54.0255 2868 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    19:50:54.0300 2868 iScsiPrt - ok
    19:50:54.0369 2868 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
    19:50:54.0397 2868 itecir - ok
    19:50:54.0457 2868 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\Windows\system32\DRIVERS\k57nd60a.sys
    19:50:54.0469 2868 k57nd60a - ok
    19:50:54.0566 2868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    19:50:54.0606 2868 kbdclass - ok
    19:50:54.0657 2868 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    19:50:54.0670 2868 kbdhid - ok
    19:50:54.0748 2868 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:50:54.0788 2868 KeyIso - ok
    19:50:54.0835 2868 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    19:50:54.0847 2868 KSecDD - ok
    19:50:54.0889 2868 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    19:50:54.0929 2868 KSecPkg - ok
    19:50:54.0986 2868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    19:50:55.0098 2868 ksthunk - ok
    19:50:55.0152 2868 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
    19:50:55.0268 2868 KtmRm - ok
    19:50:55.0498 2868 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
    19:50:55.0629 2868 LanmanServer - ok
    19:50:55.0980 2868 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
    19:50:56.0103 2868 LanmanWorkstation - ok
    19:50:56.0160 2868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    19:50:56.0222 2868 lltdio - ok
    19:50:56.0268 2868 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
    19:50:56.0327 2868 lltdsvc - ok
    19:50:56.0362 2868 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
    19:50:56.0399 2868 lmhosts - ok
    19:50:56.0428 2868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    19:50:56.0440 2868 LSI_FC - ok
    19:50:56.0473 2868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    19:50:56.0506 2868 LSI_SAS - ok
    19:50:56.0533 2868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    19:50:56.0570 2868 LSI_SAS2 - ok
    19:50:56.0621 2868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    19:50:56.0633 2868 LSI_SCSI - ok
    19:50:56.0656 2868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    19:50:56.0735 2868 luafv - ok
    19:50:56.0793 2868 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
    19:50:56.0830 2868 MBAMProtector - ok
    19:50:57.0029 2868 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    19:50:57.0045 2868 MBAMService - ok
    19:50:57.0297 2868 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:50:57.0334 2868 McAfee SiteAdvisor Service - ok
    19:50:57.0444 2868 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    19:50:57.0482 2868 McciCMService ( UnsignedFile.Multi.Generic ) - warning
    19:50:57.0482 2868 McciCMService - detected UnsignedFile.Multi.Generic (1)
    19:50:58.0147 2868 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
    19:50:58.0188 2868 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning
    19:50:58.0188 2868 McciCMService64 - detected UnsignedFile.Multi.Generic (1)
    19:50:58.0289 2868 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    19:50:58.0324 2868 McComponentHostService - ok
    19:50:58.0334 2868 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:50:58.0348 2868 McMPFSvc - ok
    19:50:58.0363 2868 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:50:58.0378 2868 mcmscsvc - ok
    19:50:58.0387 2868 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:50:58.0399 2868 McNaiAnn - ok
    19:50:58.0426 2868 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:50:58.0438 2868 McNASvc - ok
    19:50:58.0602 2868 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
    19:50:58.0649 2868 McODS - ok
    19:50:58.0670 2868 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:50:58.0700 2868 McProxy - ok
    19:50:58.0799 2868 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    19:50:58.0833 2868 McShield - ok
    19:50:59.0086 2868 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
    19:50:59.0143 2868 Mcx2Svc - ok
    19:50:59.0229 2868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    19:50:59.0265 2868 megasas - ok
    19:50:59.0311 2868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    19:50:59.0325 2868 MegaSR - ok
    19:50:59.0450 2868 MemeoBackgroundService (671a03ca9cd0259ccbb7b78a9ce234ec) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    19:50:59.0477 2868 MemeoBackgroundService - ok
    19:50:59.0527 2868 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
    19:50:59.0560 2868 mfeapfk - ok
    19:50:59.0652 2868 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
    19:50:59.0687 2868 mfeavfk - ok
    19:50:59.0723 2868 mfeavfk01 - ok
    19:51:00.0511 2868 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    19:51:00.0546 2868 mfefire - ok
    19:51:00.0619 2868 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
    19:51:00.0665 2868 mfefirek - ok
    19:51:00.0757 2868 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
    19:51:00.0801 2868 mfehidk - ok
    19:51:00.0851 2868 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
    19:51:00.0870 2868 mfenlfk - ok
    19:51:00.0912 2868 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
    19:51:00.0943 2868 mferkdet - ok
    19:51:01.0016 2868 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
    19:51:01.0050 2868 mfevtp - ok
    19:51:01.0103 2868 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
    19:51:01.0141 2868 mfewfpk - ok
    19:51:01.0247 2868 Microsoft SharePoint Workspace Audit Service - ok
    19:51:01.0358 2868 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    19:51:01.0422 2868 MMCSS - ok
    19:51:01.0464 2868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    19:51:01.0515 2868 Modem - ok
    19:51:01.0556 2868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    19:51:01.0608 2868 monitor - ok
    19:51:01.0657 2868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    19:51:01.0670 2868 mouclass - ok
    19:51:01.0686 2868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    19:51:01.0711 2868 mouhid - ok
    19:51:01.0744 2868 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    19:51:01.0756 2868 mountmgr - ok
    19:51:01.0801 2868 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    19:51:01.0905 2868 mpio - ok
    19:51:01.0933 2868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    19:51:02.0007 2868 mpsdrv - ok
    19:51:02.0041 2868 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    19:51:02.0097 2868 MRxDAV - ok
    19:51:02.0159 2868 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:51:02.0319 2868 mrxsmb - ok
    19:51:02.0376 2868 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:51:02.0446 2868 mrxsmb10 - ok
    19:51:02.0923 2868 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:51:02.0962 2868 mrxsmb20 - ok
    19:51:02.0998 2868 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    19:51:03.0035 2868 msahci - ok
    19:51:03.0078 2868 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    19:51:03.0119 2868 msdsm - ok
    19:51:03.0170 2868 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
    19:51:03.0270 2868 MSDTC - ok
    19:51:03.0314 2868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    19:51:03.0347 2868 Msfs - ok
    19:51:03.0360 2868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    19:51:03.0454 2868 mshidkmdf - ok
    19:51:03.0470 2868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    19:51:03.0481 2868 msisadrv - ok
    19:51:03.0507 2868 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
    19:51:03.0552 2868 MSiSCSI - ok
    19:51:03.0555 2868 msiserver - ok
    19:51:03.0675 2868 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    19:51:03.0712 2868 MSK80Service - ok
    19:51:03.0747 2868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    19:51:03.0792 2868 MSKSSRV - ok
    19:51:03.0833 2868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    19:51:03.0925 2868 MSPCLOCK - ok
    19:51:03.0930 2868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    19:51:03.0984 2868 MSPQM - ok
    19:51:04.0058 2868 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    19:51:04.0106 2868 MsRPC - ok
    19:51:04.0157 2868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    19:51:04.0192 2868 mssmbios - ok
    19:51:04.0248 2868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    19:51:04.0334 2868 MSTEE - ok
    19:51:04.0358 2868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    19:51:04.0396 2868 MTConfig - ok
    19:51:04.0441 2868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    19:51:04.0482 2868 Mup - ok
    19:51:04.0534 2868 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
    19:51:04.0643 2868 napagent - ok
    19:51:04.0690 2868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    19:51:04.0749 2868 NativeWifiP - ok
    19:51:05.0277 2868 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    19:51:05.0349 2868 NDIS - ok
    19:51:05.0381 2868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    19:51:05.0415 2868 NdisCap - ok
    19:51:05.0459 2868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    19:51:05.0492 2868 NdisTapi - ok
    19:51:05.0523 2868 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    19:51:05.0606 2868 Ndisuio - ok
    19:51:05.0640 2868 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    19:51:05.0748 2868 NdisWan - ok
    19:51:05.0785 2868 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    19:51:05.0883 2868 NDProxy - ok
    19:51:06.0108 2868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    19:51:06.0312 2868 NetBIOS - ok
    19:51:06.0400 2868 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    19:51:06.0504 2868 NetBT - ok
    19:51:06.0539 2868 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:51:06.0552 2868 Netlogon - ok
    19:51:06.0607 2868 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
    19:51:06.0737 2868 Netman - ok
    19:51:06.0796 2868 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
    19:51:06.0944 2868 netprofm - ok
    19:51:07.0019 2868 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    19:51:07.0049 2868 NetTcpPortSharing - ok
    19:51:07.0554 2868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    19:51:07.0590 2868 nfrd960 - ok
    19:51:07.0653 2868 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
    19:51:07.0762 2868 NlaSvc - ok
    19:51:07.0784 2868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    19:51:07.0816 2868 Npfs - ok
    19:51:07.0843 2868 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
    19:51:07.0875 2868 nsi - ok
    19:51:07.0887 2868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    19:51:07.0957 2868 nsiproxy - ok
    19:51:08.0090 2868 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    19:51:08.0182 2868 Ntfs - ok
    19:51:08.0645 2868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    19:51:08.0730 2868 Null - ok
    19:51:08.0771 2868 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    19:51:08.0906 2868 nvraid - ok
    19:51:08.0935 2868 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    19:51:08.0948 2868 nvstor - ok
    19:51:08.0972 2868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    19:51:08.0984 2868 nv_agp - ok
    19:51:09.0137 2868 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    19:51:09.0182 2868 odserv - ok
    19:51:09.0227 2868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    19:51:09.0284 2868 ohci1394 - ok
    19:51:09.0934 2868 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:51:09.0966 2868 ose - ok
    19:51:10.0514 2868 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    19:51:10.0634 2868 osppsvc - ok
    19:51:10.0865 2868 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    19:51:10.0988 2868 p2pimsvc - ok
    19:51:11.0044 2868 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
    19:51:11.0092 2868 p2psvc - ok
    19:51:11.0194 2868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    19:51:11.0235 2868 Parport - ok
    19:51:11.0297 2868 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
    19:51:11.0430 2868 partmgr - ok
    19:51:11.0450 2868 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
    19:51:11.0494 2868 PcaSvc - ok
    19:51:11.0601 2868 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
    19:51:11.0632 2868 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
    19:51:11.0681 2868 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    19:51:11.0721 2868 pci - ok
    19:51:11.0745 2868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    19:51:11.0790 2868 pciide - ok
    19:51:12.0089 2868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    19:51:12.0130 2868 pcmcia - ok
    19:51:12.0152 2868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    19:51:12.0189 2868 pcw - ok
    19:51:12.0242 2868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    19:51:12.0332 2868 PEAUTH - ok
    19:51:12.0522 2868 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
    19:51:12.0585 2868 PerfHost - ok
    19:51:12.0820 2868 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
    19:51:12.0965 2868 pla - ok
    19:51:13.0111 2868 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
    19:51:13.0221 2868 PlugPlay - ok
    19:51:13.0254 2868 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
    19:51:13.0313 2868 PNRPAutoReg - ok
    19:51:13.0409 2868 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    19:51:13.0457 2868 PNRPsvc - ok
    19:51:13.0531 2868 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
    19:51:13.0557 2868 Point64 - ok
    19:51:13.0632 2868 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
    19:51:13.0683 2868 PolicyAgent - ok
    19:51:13.0841 2868 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
    19:51:13.0905 2868 Power - ok
    19:51:13.0964 2868 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    19:51:14.0045 2868 PptpMiniport - ok
    19:51:14.0495 2868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    19:51:14.0529 2868 Processor - ok
    19:51:14.0815 2868 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
    19:51:14.0939 2868 ProfSvc - ok
    19:51:14.0997 2868 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:51:15.0023 2868 ProtectedStorage - ok
    19:51:15.0074 2868 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    19:51:15.0108 2868 Psched - ok
    19:51:15.0150 2868 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
    19:51:15.0159 2868 PxHlpa64 - ok
    19:51:15.0284 2868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    19:51:15.0335 2868 ql2300 - ok
    19:51:15.0477 2868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    19:51:15.0517 2868 ql40xx - ok
    19:51:15.0566 2868 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
    19:51:15.0626 2868 QWAVE - ok
    19:51:15.0647 2868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    19:51:15.0714 2868 QWAVEdrv - ok
    19:51:15.0745 2868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    19:51:15.0793 2868 RasAcd - ok
    19:51:15.0842 2868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    19:51:15.0875 2868 RasAgileVpn - ok
    19:51:15.0898 2868 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
    19:51:15.0946 2868 RasAuto - ok
    19:51:15.0980 2868 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:51:16.0028 2868 Rasl2tp - ok
    19:51:16.0155 2868 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
    19:51:16.0237 2868 RasMan - ok
    19:51:16.0589 2868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    19:51:16.0706 2868 RasPppoe - ok
    19:51:16.0723 2868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    19:51:16.0782 2868 RasSstp - ok
    19:51:16.0826 2868 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    19:51:16.0899 2868 rdbss - ok
    19:51:16.0918 2868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    19:51:16.0937 2868 rdpbus - ok
    19:51:16.0957 2868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:51:17.0008 2868 RDPCDD - ok
    19:51:17.0033 2868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    19:51:17.0085 2868 RDPENCDD - ok
    19:51:17.0116 2868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    19:51:17.0152 2868 RDPREFMP - ok
    19:51:17.0208 2868 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
    19:51:17.0285 2868 RDPWD - ok
    19:51:17.0411 2868 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    19:51:17.0431 2868 rdyboost - ok
    19:51:17.0460 2868 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
    19:51:17.0505 2868 RemoteAccess - ok
    19:51:17.0559 2868 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
    19:51:17.0611 2868 RemoteRegistry - ok
    19:51:17.0649 2868 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    19:51:17.0680 2868 RFCOMM - ok
    19:51:17.0715 2868 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
    19:51:17.0799 2868 rimmptsk - ok
    19:51:17.0825 2868 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
    19:51:17.0878 2868 rimsptsk - ok
    19:51:17.0921 2868 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
    19:51:17.0949 2868 rismxdp - ok
    19:51:18.0103 2868 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    19:51:18.0126 2868 RoxMediaDB10 - ok
    19:51:18.0240 2868 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
    19:51:18.0327 2868 RpcEptMapper - ok
    19:51:18.0349 2868 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
    19:51:18.0392 2868 RpcLocator - ok
    19:51:18.0792 2868 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    19:51:18.0872 2868 RpcSs - ok
    19:51:18.0914 2868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    19:51:18.0947 2868 rspndr - ok
    19:51:18.0973 2868 RxFilter - ok
    19:51:19.0011 2868 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:51:19.0027 2868 SamSs - ok
    19:51:19.0054 2868 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    19:51:19.0067 2868 sbp2port - ok
    19:51:19.0099 2868 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
    19:51:19.0134 2868 SCardSvr - ok
    19:51:19.0171 2868 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    19:51:19.0222 2868 scfilter - ok
    19:51:19.0315 2868 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
    19:51:19.0415 2868 Schedule - ok
    19:51:19.0447 2868 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    19:51:19.0520 2868 SCPolicySvc - ok
    19:51:19.0601 2868 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
    19:51:19.0647 2868 sdbus - ok
    19:51:19.0696 2868 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
    19:51:19.0803 2868 SDRSVC - ok
    19:51:19.0897 2868 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    19:51:19.0921 2868 SeagateDashboardService - ok
    19:51:19.0962 2868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    19:51:19.0996 2868 secdrv - ok
    19:51:20.0031 2868 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
    19:51:20.0080 2868 seclogon - ok
    19:51:20.0177 2868 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
    19:51:20.0255 2868 SENS - ok
    19:51:20.0276 2868 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
    19:51:20.0328 2868 SensrSvc - ok
    19:51:20.0342 2868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    19:51:20.0389 2868 Serenum - ok
    19:51:20.0431 2868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    19:51:20.0444 2868 Serial - ok
    19:51:20.0481 2868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    19:51:20.0529 2868 sermouse - ok
    19:51:20.0722 2868 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
    19:51:20.0845 2868 SessionEnv - ok
    19:51:20.0954 2868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
    19:51:21.0024 2868 sffdisk - ok
    19:51:21.0044 2868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    19:51:21.0072 2868 sffp_mmc - ok
    19:51:21.0090 2868 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
    19:51:21.0127 2868 sffp_sd - ok
    19:51:21.0152 2868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    19:51:21.0187 2868 sfloppy - ok
    19:51:21.0269 2868 SftService (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    19:51:21.0286 2868 SftService - ok
    19:51:21.0350 2868 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
    19:51:21.0461 2868 SharedAccess - ok
    19:51:21.0519 2868 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
    19:51:21.0596 2868 ShellHWDetection - ok
    19:51:21.0655 2868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    19:51:21.0666 2868 SiSRaid2 - ok
    19:51:21.0689 2868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    19:51:21.0746 2868 SiSRaid4 - ok
    19:51:21.0797 2868 SIUSBXP (4c9f8e72f87f50a6125aaa31b63b2d18) C:\Windows\system32\drivers\SiUSBXp.sys
    19:51:21.0828 2868 SIUSBXP - ok
    19:51:21.0924 2868 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
    19:51:21.0935 2868 SkypeUpdate - ok
    19:51:21.0961 2868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    19:51:22.0012 2868 Smb - ok
    19:51:22.0047 2868 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
    19:51:22.0061 2868 SNMPTRAP - ok
    19:51:22.0081 2868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    19:51:22.0092 2868 spldr - ok
    19:51:22.0147 2868 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
    19:51:22.0187 2868 Spooler - ok
    19:51:22.0388 2868 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
    19:51:22.0476 2868 sppsvc - ok
    19:51:22.0943 2868 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
    19:51:22.0984 2868 sppuinotify - ok
    19:51:23.0261 2868 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    19:51:23.0336 2868 srv - ok
    19:51:23.0368 2868 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    19:51:23.0396 2868 srv2 - ok
    19:51:23.0428 2868 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    19:51:23.0486 2868 srvnet - ok
    19:51:23.0537 2868 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
    19:51:23.0660 2868 SSDPSRV - ok
    19:51:23.0695 2868 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
    19:51:23.0787 2868 SstpSvc - ok
    19:51:23.0912 2868 SSUService (c193ced023f075d85cea47b475997f3f) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    19:51:24.0031 2868 SSUService - ok
    19:51:24.0134 2868 STacSV (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    19:51:24.0165 2868 STacSV - ok
    19:51:24.0265 2868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    19:51:24.0277 2868 stexstor - ok
    19:51:24.0344 2868 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
    19:51:24.0376 2868 STHDA - ok
    19:51:24.0481 2868 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
    19:51:24.0626 2868 stisvc - ok
    19:51:24.0719 2868 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    19:51:24.0750 2868 stllssvr - ok
    19:51:24.0827 2868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    19:51:24.0838 2868 swenum - ok
    19:51:25.0110 2868 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
    19:51:25.0188 2868 swprv - ok
    19:51:25.0402 2868 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
    19:51:25.0439 2868 SynTP - ok
    19:51:25.0597 2868 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
    19:51:25.0673 2868 SysMain - ok
    19:51:25.0809 2868 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
    19:51:25.0869 2868 TabletInputService - ok
    19:51:25.0942 2868 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
    19:51:25.0991 2868 TapiSrv - ok
    19:51:26.0018 2868 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
    19:51:26.0057 2868 TBS - ok
    19:51:26.0221 2868 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
    19:51:26.0257 2868 Tcpip - ok
    19:51:26.0546 2868 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
    19:51:26.0615 2868 TCPIP6 - ok
    19:51:26.0740 2868 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    19:51:26.0844 2868 tcpipreg - ok
    19:51:26.0874 2868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    19:51:26.0942 2868 TDPIPE - ok
    19:51:26.0989 2868 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    19:51:27.0045 2868 TDTCP - ok
    19:51:27.0223 2868 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    19:51:27.0258 2868 tdx - ok
    19:51:27.0302 2868 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    19:51:27.0314 2868 TermDD - ok
    19:51:27.0608 2868 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
    19:51:27.0693 2868 TermService - ok
    19:51:27.0732 2868 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
    19:51:27.0800 2868 Themes - ok
    19:51:27.0834 2868 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    19:51:27.0868 2868 THREADORDER - ok
    19:51:27.0886 2868 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
    19:51:27.0933 2868 TrkWks - ok
    19:51:28.0004 2868 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
    19:51:28.0100 2868 TrustedInstaller - ok
    19:51:28.0223 2868 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:51:28.0291 2868 tssecsrv - ok
    19:51:28.0352 2868 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    19:51:28.0395 2868 TsUsbFlt - ok
    19:51:28.0451 2868 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    19:51:28.0502 2868 tunnel - ok
    19:51:28.0536 2868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    19:51:28.0548 2868 uagp35 - ok
    19:51:28.0598 2868 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    19:51:28.0705 2868 udfs - ok
    19:51:28.0778 2868 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
    19:51:28.0823 2868 UI0Detect - ok
    19:51:28.0855 2868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    19:51:28.0869 2868 uliagpkx - ok
    19:51:28.0910 2868 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    19:51:28.0959 2868 umbus - ok
    19:51:28.0988 2868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    19:51:29.0042 2868 UmPass - ok
    19:51:29.0095 2868 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
    19:51:29.0151 2868 upnphost - ok
    19:51:29.0384 2868 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
    19:51:29.0466 2868 USBAAPL64 - ok
    19:51:29.0509 2868 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    19:51:29.0554 2868 usbccgp - ok
    19:51:29.0796 2868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    19:51:29.0842 2868 usbcir - ok
    19:51:29.0952 2868 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    19:51:30.0014 2868 usbehci - ok
    19:51:30.0123 2868 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    19:51:30.0187 2868 usbhub - ok
    19:51:30.0222 2868 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    19:51:30.0253 2868 usbohci - ok
    19:51:30.0300 2868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    19:51:30.0327 2868 usbprint - ok
    19:51:30.0360 2868 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    19:51:30.0392 2868 usbscan - ok
    19:51:30.0417 2868 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:51:30.0460 2868 USBSTOR - ok
    19:51:30.0497 2868 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    19:51:30.0525 2868 usbuhci - ok
    19:51:30.0576 2868 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    19:51:30.0595 2868 usbvideo - ok
    19:51:30.0630 2868 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
    19:51:30.0680 2868 UxSms - ok
    19:51:30.0714 2868 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:51:30.0727 2868 VaultSvc - ok
    19:51:30.0755 2868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    19:51:30.0767 2868 vdrvroot - ok
    19:51:30.0833 2868 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
    19:51:30.0882 2868 vds - ok
    19:51:30.0914 2868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    19:51:30.0929 2868 vga - ok
    19:51:30.0954 2868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    19:51:31.0046 2868 VgaSave - ok
    19:51:31.0082 2868 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    19:51:31.0095 2868 vhdmp - ok
    19:51:31.0128 2868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    19:51:31.0160 2868 viaide - ok
    19:51:31.0175 2868 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    19:51:31.0187 2868 volmgr - ok
    19:51:31.0230 2868 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    19:51:31.0246 2868 volmgrx - ok
    19:51:31.0291 2868 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    19:51:31.0307 2868 volsnap - ok
    19:51:31.0359 2868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    19:51:31.0372 2868 vsmraid - ok
    19:51:31.0761 2868 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
    19:51:31.0892 2868 VSS - ok
    19:51:32.0100 2868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    19:51:32.0158 2868 vwifibus - ok
    19:51:32.0217 2868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    19:51:32.0268 2868 vwififlt - ok
    19:51:32.0322 2868 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
    19:51:32.0373 2868 vwifimp - ok
    19:51:32.0430 2868 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
    19:51:32.0471 2868 W32Time - ok
    19:51:32.0503 2868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    19:51:32.0537 2868 WacomPen - ok
    19:51:32.0591 2868 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:51:32.0699 2868 WANARP - ok
    19:51:32.0718 2868 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:51:32.0751 2868 Wanarpv6 - ok
    19:51:33.0054 2868 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
    19:51:33.0138 2868 WatAdminSvc - ok
    19:51:33.0264 2868 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
    19:51:33.0361 2868 wbengine - ok
    19:51:33.0462 2868 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
    19:51:33.0487 2868 WbioSrvc - ok
    19:51:33.0537 2868 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
    19:51:33.0575 2868 wcncsvc - ok
    19:51:33.0740 2868 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
    19:51:33.0818 2868 WcsPlugInService - ok
    19:51:33.0877 2868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    19:51:33.0913 2868 Wd - ok
    19:51:34.0113 2868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    19:51:34.0162 2868 Wdf01000 - ok
    19:51:34.0180 2868 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    19:51:34.0277 2868 WdiServiceHost - ok
    19:51:34.0286 2868 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    19:51:34.0307 2868 WdiSystemHost - ok
    19:51:34.0370 2868 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
    19:51:34.0405 2868 WebClient - ok
    19:51:34.0439 2868 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
    19:51:34.0488 2868 Wecsvc - ok
    19:51:34.0519 2868 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
    19:51:34.0574 2868 wercplsupport - ok
    19:51:34.0598 2868 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
    19:51:34.0637 2868 WerSvc - ok
    19:51:34.0701 2868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    19:51:34.0771 2868 WfpLwf - ok
    19:51:34.0818 2868 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
    19:51:34.0861 2868 WimFltr - ok
    19:51:34.0886 2868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    19:51:34.0897 2868 WIMMount - ok
    19:51:34.0903 2868 WinHttpAutoProxySvc - ok
    19:51:34.0966 2868 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
    19:51:35.0066 2868 Winmgmt - ok
    19:51:35.0212 2868 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
    19:51:35.0292 2868 WinRM - ok
    19:51:35.0429 2868 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    19:51:35.0462 2868 WinUsb - ok
    19:51:35.0523 2868 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
    19:51:35.0568 2868 Wlansvc - ok
    19:51:35.0655 2868 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    19:51:35.0679 2868 wlcrasvc - ok
    19:51:36.0110 2868 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    19:51:36.0164 2868 wlidsvc - ok
    19:51:36.0315 2868 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    19:51:36.0346 2868 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
    19:51:36.0346 2868 wltrysvc - detected UnsignedFile.Multi.Generic (1)
    19:51:36.0479 2868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    19:51:36.0523 2868 WmiAcpi - ok
    19:51:36.0591 2868 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
    19:51:36.0636 2868 wmiApSrv - ok
    19:51:36.0699 2868 WMPNetworkSvc - ok
    19:51:36.0730 2868 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
    19:51:36.0819 2868 WPCSvc - ok
    19:51:36.0867 2868 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
    19:51:36.0941 2868 WPDBusEnum - ok
    19:51:36.0973 2868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    19:51:37.0089 2868 ws2ifsl - ok
    19:51:37.0134 2868 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
    19:51:37.0160 2868 WSDPrintDevice - ok
    19:51:37.0167 2868 WSearch - ok
    19:51:37.0314 2868 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
    19:51:37.0387 2868 wuauserv - ok
    19:51:37.0517 2868 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    19:51:37.0560 2868 WudfPf - ok
    19:51:37.0625 2868 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:51:37.0707 2868 WUDFRd - ok
    19:51:37.0737 2868 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
    19:51:37.0802 2868 wudfsvc - ok
    19:51:37.0839 2868 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
    19:51:37.0869 2868 WwanSvc - ok
    19:51:38.0040 2868 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    19:51:38.0808 2868 \Device\Harddisk0\DR0 - ok
    19:51:38.0815 2868 Boot (0x1200) (4046940496e35c5daa3dfd9c0f8e3648) \Device\Harddisk0\DR0\Partition0
    19:51:38.0818 2868 \Device\Harddisk0\DR0\Partition0 - ok
    19:51:38.0857 2868 Boot (0x1200) (c492ce314e762ce903309b1cc566aee9) \Device\Harddisk0\DR0\Partition1
    19:51:38.0862 2868 \Device\Harddisk0\DR0\Partition1 - ok
    19:51:38.0863 2868 ============================================================
    19:51:38.0863 2868 Scan finished
    19:51:38.0863 2868 ============================================================
    19:51:38.0883 3468 Detected object count: 4
    19:51:38.0883 3468 Actual detected object count: 4
    19:52:22.0050 3468 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
    19:52:22.0050 3468 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:52:22.0051 3468 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
    19:52:22.0052 3468 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:52:22.0055 3468 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user
    19:52:22.0055 3468 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:52:22.0058 3468 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
    19:52:22.0058 3468 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
     
  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,161
    Continue as follows:

    Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

    Link 1
    Link 2

    • Ensure that Combofix is saved directly to the Desktop <--- Very important
    • Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
    • Close any open browsers and any other programs you might have running
    • Double click the [​IMG] icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
    • Instructions for running Combofix available Here if required.
    • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
    • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why disabling autoruns is recommended.

    *EXTRA NOTES*
    • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

    Post the log in next reply please...

    Kevin
     
  8. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    ComboFix 12-05-16.02 - Dublino 05/16/2012 22:22:12.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2612 [GMT -4:00]
    Running from: c:\users\Dublino\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Search Toolbar
    c:\program files (x86)\Search Toolbar\icon.ico
    c:\program files (x86)\Search Toolbar\SearchToolbar.dll
    c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
    c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
    c:\programdata\PCDr\5907\Downloads\15fc9c67-6e4d-42b6-b215-fee7bb01b1c7.dll
    c:\programdata\SPL1B8D.tmp
    c:\programdata\SPL3540.tmp
    c:\programdata\SPL8050.tmp
    c:\programdata\SPL95A2.tmp
    c:\programdata\SPLC1B8.tmp
    c:\programdata\SPLC543.tmp
    c:\programdata\SPLD181.tmp
    c:\programdata\SPLD47B.tmp
    c:\programdata\SPLE24D.tmp
    c:\programdata\SPLF01C.tmp
    c:\users\Dublino\AppData\Roaming\Install.dat
    c:\users\Dublino\AppData\Roaming\Microsoft\~DFK2e463352.tmp
    c:\users\Dublino\AppData\Roaming\Microsoft\1eaadjc.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\bass.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\engine_vx.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\kfgresk.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\mjcriu.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\peaadje.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\qwadjb.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\rsaadjd.dll
    c:\users\Dublino\g2mdlhlpx.exe
    c:\users\Dublino\uz.dat
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-17 02:36 . 2012-05-17 02:36 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files\Microsoft Silverlight
    2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
    2012-05-12 05:34 . 2012-05-12 05:34 -------- d-----w- c:\users\Dublino\AppData\Roaming\McAfee
    2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\users\Dublino\AppData\Roaming\Malwarebytes
    2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\programdata\Malwarebytes
    2012-05-11 15:27 . 2012-05-11 15:27 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-05-11 15:26 . 2012-05-11 15:26 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
    2012-05-11 15:26 . 2012-05-11 15:26 -------- d-----w- c:\program files (x86)\Java
    2012-05-10 22:38 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
    2012-05-10 22:38 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
    2012-05-10 22:38 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-10 22:38 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
    2012-05-10 22:38 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2012-05-10 22:38 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2012-05-10 22:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
    2012-05-10 22:37 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-05-10 22:37 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
    2012-05-10 22:37 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-10 22:37 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-10 22:36 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
    2012-05-10 22:36 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
    2012-05-09 12:40 . 2012-05-09 12:40 -------- d-----w- c:\users\Dublino\AppData\Local\WinZip
    2012-05-02 22:17 . 2012-05-04 00:44 -------- d-----w- c:\users\Dublino\AppData\Local\PSFactoryBuffer
    2012-05-02 19:15 . 2012-05-02 19:15 -------- d-----w- c:\users\Dublino\AppData\Roaming\WinZip
    2012-05-02 19:06 . 2012-05-02 19:17 -------- d-----w- c:\users\Dublino\AppData\Roaming\FileZilla
    2012-05-02 18:58 . 2012-05-02 18:58 -------- d-----w- c:\programdata\WinZip
    2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\programdata\Fitbit
    2012-05-02 04:23 . 2011-12-01 09:46 31976 ----a-w- c:\windows\system32\drivers\SiLib.sys
    2012-05-02 04:23 . 2011-12-01 09:46 26856 ----a-w- c:\windows\system32\drivers\SiUSBXp.sys
    2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\program files (x86)\Fitbit
    2012-05-01 13:48 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A83039D6-E3D3-463C-AC3D-DB3D35E407FF}\mpengine.dll
    2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\users\Dublino\AppData\Roaming\Helios
    2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\program files (x86)\TextPad 5
    2012-04-26 17:43 . 2012-03-01 00:39 257784 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
    2012-04-26 17:43 . 2012-03-01 00:39 175864 ---ha-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
    2012-04-26 17:43 . 2012-03-01 00:39 421624 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
    2012-04-26 17:43 . 2012-03-01 00:39 231672 ----a-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
    2012-04-26 17:43 . 2010-12-24 15:43 29288 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
    2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\users\Dublino\AppData\Roaming\Apowersoft
    2012-04-26 17:43 . 2012-03-01 00:39 362232 ----a-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
    2012-04-26 17:43 . 2012-03-01 00:39 574200 ----a-w- c:\windows\system32\BytescoutScreenCapturing.dll
    2012-04-26 17:43 . 2008-09-23 23:23 65536 ---ha-w- c:\windows\SysWow64\WebCamLib.dll
    2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\program files (x86)\Apowersoft
    2012-04-25 17:59 . 2012-04-25 17:59 -------- d-----w- c:\windows\SysWow64\Dell
    2012-04-25 15:50 . 2012-04-25 15:50 -------- d-----w- c:\programdata\Dell V310-V510 Series
    2012-04-20 03:03 . 2012-04-20 03:03 -------- d-----w- c:\windows\en
    2012-04-20 02:58 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
    2012-04-20 02:54 . 2012-04-20 02:54 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dcbc613d1cd1ea002\MeshBetaRemover.exe
    2012-04-20 02:54 . 2012-04-20 02:54 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DSETUP.dll
    2012-04-20 02:54 . 2012-04-20 02:54 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DXSETUP.exe
    2012-04-20 02:54 . 2012-04-20 02:54 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\dsetup32.dll
    2012-04-20 01:51 . 2012-04-20 01:51 -------- d-----w- c:\users\Dublino\Pond5_T570643
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-11 15:26 . 2011-11-01 15:51 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-05-05 01:32 . 2012-04-11 13:08 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-05 01:32 . 2011-11-02 16:47 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-05 01:32 . 2012-04-11 13:32 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-03-24 21:32 . 2010-06-03 19:06 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
    2012-03-20 17:11 . 2012-02-01 21:00 162192 ----a-w- c:\windows\system32\mfevtps.exe
    2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
    2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
    2012-03-01 06:46 . 2012-04-11 07:03 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-03-01 06:38 . 2012-04-11 07:03 220672 ----a-w- c:\windows\system32\wintrust.dll
    2012-03-01 06:33 . 2012-04-11 07:03 81408 ----a-w- c:\windows\system32\imagehlp.dll
    2012-03-01 06:28 . 2012-04-11 07:03 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-03-01 05:37 . 2012-04-11 07:03 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
    2012-03-01 05:33 . 2012-04-11 07:03 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
    2012-03-01 05:29 . 2012-04-11 07:03 5120 ----a-w- c:\windows\SysWow64\wmi.dll
    2012-02-28 06:56 . 2012-04-11 07:10 2311168 ----a-w- c:\windows\system32\jscript9.dll
    2012-02-28 06:49 . 2012-04-11 07:10 1390080 ----a-w- c:\windows\system32\wininet.dll
    2012-02-28 06:48 . 2012-04-11 07:10 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-02-28 06:42 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-02-28 01:18 . 2012-04-11 07:10 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
    2012-02-28 01:11 . 2012-04-11 07:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2012-02-28 01:11 . 2012-04-11 07:10 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
    2012-02-28 01:03 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2012-02-23 14:18 . 2012-01-31 22:00 279656 ------w- c:\windows\system32\MpSigStub.exe
    2012-02-22 17:29 . 2012-02-01 21:01 10248 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 75936 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 289664 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 100912 ----a-w- c:\windows\system32\drivers\mferkdet.sys
    2012-02-22 17:29 . 2012-02-01 21:00 647208 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 487296 ----a-w- c:\windows\system32\drivers\mfefirek.sys
    2012-02-22 17:29 . 2012-02-01 21:00 229528 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 160792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 65264 ----a-w- c:\windows\system32\drivers\cfwids.sys
    2012-02-17 06:38 . 2012-03-14 15:46 1031680 ----a-w- c:\windows\system32\rdpcore.dll
    2012-02-17 05:34 . 2012-03-14 15:46 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
    2012-02-17 04:58 . 2012-03-14 15:46 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-02-17 04:57 . 2012-03-14 15:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2011-04-24 02:20 . 2011-04-24 02:20 213176 ----a-w- c:\program files (x86)\FACons.exe
    2011-04-24 02:17 . 2011-04-24 02:17 98488 ----a-w- c:\program files (x86)\FATrayMon.exe
    2011-04-24 02:17 . 2011-04-24 02:17 1994936 ----a-w- c:\program files (x86)\FATrayAlert.exe
    2011-04-24 02:17 . 2011-04-24 02:17 59064 ----a-w- c:\program files (x86)\LiteZip.dll
    2011-04-24 02:17 . 2011-04-24 02:17 55992 ----a-w- c:\program files (x86)\LiteUnzip.dll
    2011-04-24 02:17 . 2011-04-24 02:17 18104 ----a-w- c:\program files (x86)\FAEventMessage.dll
    2011-04-24 02:17 . 2011-04-24 02:17 28856 ----a-w- c:\program files (x86)\FAVistaHelper.dll
    2011-04-24 02:17 . 2011-04-24 02:17 2412728 ----a-w- c:\program files (x86)\FAService.exe
    2011-04-24 02:17 . 2011-04-24 02:17 213176 ----a-w- c:\program files (x86)\FAConsU.exe
    2011-04-24 02:17 . 2011-04-24 02:17 250040 ----a-w- c:\program files (x86)\FASuppMon.exe
    2011-04-24 02:17 . 2011-04-24 02:17 14008 ----a-w- c:\program files (x86)\FASuppL.dll
    2011-04-24 02:17 . 2011-04-24 02:17 29368 ----a-w- c:\program files (x86)\FAResource.dll
    2011-04-24 02:17 . 2011-04-24 02:17 176312 ----a-w- c:\program files (x86)\FASecFacX.exe
    2011-04-24 02:17 . 2011-04-24 02:17 52920 ----a-w- c:\program files (x86)\SSOIEAddonPS.dll
    2011-04-24 02:16 . 2011-04-24 02:16 582328 ----a-w- c:\program files (x86)\FAIESSO.dll
    2011-04-24 02:16 . 2011-04-24 02:16 291000 ----a-w- c:\program files (x86)\FAEnrollWiz.exe
    2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFAConsU.exe
    2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFACons.exe
    2011-04-24 02:16 . 2011-04-24 02:16 57528 ----a-w- c:\program files (x86)\FAStartup.exe
    2011-04-24 02:16 . 2011-04-24 02:16 75960 ----a-w- c:\program files (x86)\devcon_x64.exe
    2011-04-23 23:58 . 2011-04-23 23:58 32768 ----a-w- c:\program files (x86)\FAsvif.dll
    2011-04-20 18:54 . 2011-04-20 18:54 40960 ----a-w- c:\program files (x86)\FATrackBarLib.dll
    2011-03-14 19:09 . 2011-03-14 19:09 2044088 ----a-w- c:\program files (x86)\FAus.exe
    2010-07-09 19:30 . 2010-07-09 19:30 128328 ----a-w- c:\program files (x86)\FAUpdateClient.exe
    2010-06-16 14:35 . 2010-06-16 14:35 25600 ----a-w- c:\program files (x86)\FA_Helper.UAC.dll
    2009-12-22 16:18 . 2009-12-22 16:18 2023424 ----a-w- c:\program files (x86)\QtCore4.dll
    2009-12-08 21:35 . 2009-12-08 21:35 25928 ----a-w- c:\program files (x86)\FAAuG.exe
    2009-09-29 07:47 . 2009-09-29 07:47 7507968 ----a-w- c:\program files (x86)\QtGui4.dll
    2009-08-16 20:13 . 2009-08-16 20:13 523 ----a-w- c:\program files (x86)\PresetPSPowerPlan_Vista.bat
    2009-02-13 23:46 . 2009-02-13 23:46 895 ----a-w- c:\program files (x86)\UpdatePSPowerPlan_Vista.bat
    2008-12-11 17:59 . 2008-12-11 17:59 41 ----a-w- c:\program files (x86)\FAstopstart.bat
    2006-07-11 22:02 . 2006-07-11 22:02 1053184 ----a-w- c:\program files (x86)\MFC71u.dll
    2003-03-19 01:20 . 2003-03-19 01:20 1060864 ----a-w- c:\program files (x86)\MFC71.dll
    2003-03-19 01:05 . 2003-03-19 01:05 89088 ----a-w- c:\program files (x86)\atl71.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Spotify"="c:\users\Dublino\AppData\Roaming\Spotify\Spotify.exe" [2012-05-11 9478320]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17151624]
    "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
    "Fitbit Service Monitor"="c:\program files (x86)\Fitbit\fitbit-tray.exe" [2011-10-26 2164256]
    "Amazon Cloud Drive"="c:\users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe" [2012-03-28 380776]
    "Spotify Web Helper"="c:\users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-11 932528]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
    "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
    "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
    "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
    "Dell V310-V510 Series"="c:\program files (x86)\Dell V310-V510 Series\fm3032.exe" [2010-01-18 316072]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
    "BCSSync"="c:\program files (x86)\Microsoft Office10\Office14\BCSSync.exe" [2010-03-13 91520]
    "FATrayAlert"="c:\program files (x86)\FATrayMon.exe" [2011-04-24 98488]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
    "Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-05-04 136416]
    "Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2011-05-04 144608]
    "Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    .
    c:\users\Dublino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    Dropbox.lnk - c:\users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
    Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli FAPassSync
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
    R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office10\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
    R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
    R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2010-01-07 1052328]
    S2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [2010-01-07 33448]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
    S2 FAService;FAService;c:\program files (x86)\FAService.exe [2011-04-24 2412728]
    S2 Fitbit;Fitbit Data Uploader;c:\program files (x86)\Fitbit\fitbit.exe [2011-10-26 788000]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-10-22 517632]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-05-04 25824]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
    S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
    S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-03-08 341832]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
    S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
    S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x]
    S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
    S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - mfeavfk01
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 01:32]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001Core.job
    - c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001UA.job
    - c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
    .
    2012-05-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
    - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
    .
    2012-05-17 c:\windows\Tasks\SystemToolsDailyTest.job
    - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
    .
    2012-05-13 c:\windows\Tasks\vtscheduletask.job
    - c:\program files (x86)\McAfee\Supportability\MVT\MvtApp.exe [2012-05-12 05:33]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
    "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
    "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
    "dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-01-18 770728]
    "EzPrint"="c:\program files (x86)\Dell V310-V510 Series\ezprint.exe" [2010-01-18 139944]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~2\MIDFEA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MIDFEA~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    TCP: DhcpNameServer = 10.0.0.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKLM-Run-FAStartup - (no file)
    Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
    SafeBoot-rpcnet
    Toolbar-Locked - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-FITBIT&10C4&84C4 - c:\program files (x86)\Fitbit\Base Station\DriverUninstaller.exe USBXpress\FITBIT&10C4&84C4
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
    "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Common Files\Motive\McciCMService.exe
    c:\windows\SysWOW64\rundll32.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-16 22:47:16 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-17 02:47
    .
    Pre-Run: 295,126,351,872 bytes free
    Post-Run: 297,354,592,256 bytes free
    .
    - - End Of File - - B6EE265911D260A2F83BF7895440AB30
     
  9. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    I must be honest. I ran this, and then freaked out when it rebooted and I couldn't launch any applications (including IE) and so couldn't get back to this site. When that happened I did a RESTORE to the point created by COMBOFIX, and so I may have to do it again, but here's the report it generated for your review. Better safe than sorry, as I need my computer every day. Let me know if that's common, or screwed anything up, or if I should run it again, and just restart again at that point in the process. Thanks
    Tony
     
  10. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,161
    What exactly happened when you tried to launch an application, I do not see anything that CF removed that should cause that issue.
    When you tried to launch an app did you get an alert saying it had been marked for deletion? If that happened another re-boot would clear the alert, I gave that warning in the instructions.
    If the deletion alert is what happened rerun CF and follow the instructions. If it was something different post back and let me know...

    Kevin
     
  11. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    ComboFix 12-05-17.05 - Dublino 05/17/2012 15:00:01.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2867 [GMT -4:00]
    Running from: c:\users\Dublino\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Search Toolbar
    c:\program files (x86)\Search Toolbar\icon.ico
    c:\program files (x86)\Search Toolbar\SearchToolbar.dll
    c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
    c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
    c:\programdata\PCDr\5907\Downloads\15fc9c67-6e4d-42b6-b215-fee7bb01b1c7.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\1eaadjc.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\bass.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\engine_vx.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\kfgresk.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\mjcriu.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\peaadje.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\qwadjb.dll
    c:\users\Dublino\AppData\Roaming\Microsoft\rsaadjd.dll
    c:\users\Dublino\g2mdlhlpx.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-17 19:16 . 2012-05-17 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-05-17 18:43 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34A190E5-B11C-40D7-8DA4-0FBB3B5A9853}\mpengine.dll
    2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files\Microsoft Silverlight
    2012-05-13 07:01 . 2012-05-13 07:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
    2012-05-12 05:34 . 2012-05-12 05:34 -------- d-----w- c:\users\Dublino\AppData\Roaming\McAfee
    2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\users\Dublino\AppData\Roaming\Malwarebytes
    2012-05-11 19:01 . 2012-05-11 19:01 -------- d-----w- c:\programdata\Malwarebytes
    2012-05-11 15:27 . 2012-05-11 15:27 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-05-11 15:26 . 2012-05-11 15:26 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
    2012-05-11 15:26 . 2012-05-11 15:26 -------- d-----w- c:\program files (x86)\Java
    2012-05-10 22:38 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
    2012-05-10 22:38 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
    2012-05-10 22:38 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-10 22:38 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
    2012-05-10 22:38 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2012-05-10 22:38 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2012-05-10 22:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
    2012-05-10 22:37 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-05-10 22:37 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
    2012-05-10 22:37 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-10 22:37 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-10 22:36 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
    2012-05-10 22:36 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
    2012-05-09 12:40 . 2012-05-09 12:40 -------- d-----w- c:\users\Dublino\AppData\Local\WinZip
    2012-05-02 22:17 . 2012-05-04 00:44 -------- d-----w- c:\users\Dublino\AppData\Local\PSFactoryBuffer
    2012-05-02 19:15 . 2012-05-02 19:15 -------- d-----w- c:\users\Dublino\AppData\Roaming\WinZip
    2012-05-02 19:06 . 2012-05-02 19:17 -------- d-----w- c:\users\Dublino\AppData\Roaming\FileZilla
    2012-05-02 18:58 . 2012-05-02 18:58 -------- d-----w- c:\programdata\WinZip
    2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\programdata\Fitbit
    2012-05-02 04:23 . 2011-12-01 09:46 31976 ----a-w- c:\windows\system32\drivers\SiLib.sys
    2012-05-02 04:23 . 2011-12-01 09:46 26856 ----a-w- c:\windows\system32\drivers\SiUSBXp.sys
    2012-05-02 04:23 . 2012-05-02 04:23 -------- d-----w- c:\program files (x86)\Fitbit
    2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\users\Dublino\AppData\Roaming\Helios
    2012-04-27 13:26 . 2012-04-27 13:26 -------- d-----w- c:\program files (x86)\TextPad 5
    2012-04-26 17:43 . 2012-03-01 00:39 257784 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
    2012-04-26 17:43 . 2012-03-01 00:39 175864 ---ha-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
    2012-04-26 17:43 . 2012-03-01 00:39 421624 ---ha-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
    2012-04-26 17:43 . 2012-03-01 00:39 231672 ----a-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
    2012-04-26 17:43 . 2010-12-24 15:43 29288 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
    2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\users\Dublino\AppData\Roaming\Apowersoft
    2012-04-26 17:43 . 2012-03-01 00:39 362232 ----a-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
    2012-04-26 17:43 . 2012-03-01 00:39 574200 ----a-w- c:\windows\system32\BytescoutScreenCapturing.dll
    2012-04-26 17:43 . 2008-09-23 23:23 65536 ---ha-w- c:\windows\SysWow64\WebCamLib.dll
    2012-04-26 17:43 . 2012-04-26 17:43 -------- d-----w- c:\program files (x86)\Apowersoft
    2012-04-25 17:59 . 2012-04-25 17:59 -------- d-----w- c:\windows\SysWow64\Dell
    2012-04-25 15:50 . 2012-04-25 15:50 -------- d-----w- c:\programdata\Dell V310-V510 Series
    2012-04-20 03:03 . 2012-04-20 03:03 -------- d-----w- c:\windows\en
    2012-04-20 02:58 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
    2012-04-20 02:54 . 2012-04-20 02:54 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dcbc613d1cd1ea002\MeshBetaRemover.exe
    2012-04-20 02:54 . 2012-04-20 02:54 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DSETUP.dll
    2012-04-20 02:54 . 2012-04-20 02:54 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\DXSETUP.exe
    2012-04-20 02:54 . 2012-04-20 02:54 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\dbe363301cd1ea001\dsetup32.dll
    2012-04-20 01:51 . 2012-04-20 01:51 -------- d-----w- c:\users\Dublino\Pond5_T570643
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-11 15:26 . 2011-11-01 15:51 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-05-05 01:32 . 2012-04-11 13:08 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-05 01:32 . 2011-11-02 16:47 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-05 01:32 . 2012-04-11 13:32 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-03-24 21:32 . 2010-06-03 19:06 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
    2012-03-20 17:11 . 2012-02-01 21:00 162192 ----a-w- c:\windows\system32\mfevtps.exe
    2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
    2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
    2012-03-01 06:46 . 2012-04-11 07:03 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-03-01 06:38 . 2012-04-11 07:03 220672 ----a-w- c:\windows\system32\wintrust.dll
    2012-03-01 06:33 . 2012-04-11 07:03 81408 ----a-w- c:\windows\system32\imagehlp.dll
    2012-03-01 06:28 . 2012-04-11 07:03 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-03-01 05:37 . 2012-04-11 07:03 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
    2012-03-01 05:33 . 2012-04-11 07:03 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
    2012-03-01 05:29 . 2012-04-11 07:03 5120 ----a-w- c:\windows\SysWow64\wmi.dll
    2012-02-28 06:56 . 2012-04-11 07:10 2311168 ----a-w- c:\windows\system32\jscript9.dll
    2012-02-28 06:49 . 2012-04-11 07:10 1390080 ----a-w- c:\windows\system32\wininet.dll
    2012-02-28 06:48 . 2012-04-11 07:10 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-02-28 06:42 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-02-28 01:18 . 2012-04-11 07:10 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
    2012-02-28 01:11 . 2012-04-11 07:10 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2012-02-28 01:11 . 2012-04-11 07:10 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
    2012-02-28 01:03 . 2012-04-11 07:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2012-02-23 14:18 . 2012-01-31 22:00 279656 ------w- c:\windows\system32\MpSigStub.exe
    2012-02-22 17:29 . 2012-02-01 21:01 10248 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 75936 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 289664 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 100912 ----a-w- c:\windows\system32\drivers\mferkdet.sys
    2012-02-22 17:29 . 2012-02-01 21:00 647208 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 487296 ----a-w- c:\windows\system32\drivers\mfefirek.sys
    2012-02-22 17:29 . 2012-02-01 21:00 229528 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 160792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    2012-02-22 17:29 . 2012-02-01 21:00 65264 ----a-w- c:\windows\system32\drivers\cfwids.sys
    2011-04-24 02:20 . 2011-04-24 02:20 213176 ----a-w- c:\program files (x86)\FACons.exe
    2011-04-24 02:17 . 2011-04-24 02:17 98488 ----a-w- c:\program files (x86)\FATrayMon.exe
    2011-04-24 02:17 . 2011-04-24 02:17 1994936 ----a-w- c:\program files (x86)\FATrayAlert.exe
    2011-04-24 02:17 . 2011-04-24 02:17 59064 ----a-w- c:\program files (x86)\LiteZip.dll
    2011-04-24 02:17 . 2011-04-24 02:17 55992 ----a-w- c:\program files (x86)\LiteUnzip.dll
    2011-04-24 02:17 . 2011-04-24 02:17 18104 ----a-w- c:\program files (x86)\FAEventMessage.dll
    2011-04-24 02:17 . 2011-04-24 02:17 28856 ----a-w- c:\program files (x86)\FAVistaHelper.dll
    2011-04-24 02:17 . 2011-04-24 02:17 2412728 ----a-w- c:\program files (x86)\FAService.exe
    2011-04-24 02:17 . 2011-04-24 02:17 213176 ----a-w- c:\program files (x86)\FAConsU.exe
    2011-04-24 02:17 . 2011-04-24 02:17 250040 ----a-w- c:\program files (x86)\FASuppMon.exe
    2011-04-24 02:17 . 2011-04-24 02:17 14008 ----a-w- c:\program files (x86)\FASuppL.dll
    2011-04-24 02:17 . 2011-04-24 02:17 29368 ----a-w- c:\program files (x86)\FAResource.dll
    2011-04-24 02:17 . 2011-04-24 02:17 176312 ----a-w- c:\program files (x86)\FASecFacX.exe
    2011-04-24 02:17 . 2011-04-24 02:17 52920 ----a-w- c:\program files (x86)\SSOIEAddonPS.dll
    2011-04-24 02:16 . 2011-04-24 02:16 582328 ----a-w- c:\program files (x86)\FAIESSO.dll
    2011-04-24 02:16 . 2011-04-24 02:16 291000 ----a-w- c:\program files (x86)\FAEnrollWiz.exe
    2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFAConsU.exe
    2011-04-24 02:16 . 2011-04-24 02:16 516280 ----a-w- c:\program files (x86)\rFACons.exe
    2011-04-24 02:16 . 2011-04-24 02:16 57528 ----a-w- c:\program files (x86)\FAStartup.exe
    2011-04-24 02:16 . 2011-04-24 02:16 75960 ----a-w- c:\program files (x86)\devcon_x64.exe
    2011-04-23 23:58 . 2011-04-23 23:58 32768 ----a-w- c:\program files (x86)\FAsvif.dll
    2011-04-20 18:54 . 2011-04-20 18:54 40960 ----a-w- c:\program files (x86)\FATrackBarLib.dll
    2011-03-14 19:09 . 2011-03-14 19:09 2044088 ----a-w- c:\program files (x86)\FAus.exe
    2010-07-09 19:30 . 2010-07-09 19:30 128328 ----a-w- c:\program files (x86)\FAUpdateClient.exe
    2010-06-16 14:35 . 2010-06-16 14:35 25600 ----a-w- c:\program files (x86)\FA_Helper.UAC.dll
    2009-12-22 16:18 . 2009-12-22 16:18 2023424 ----a-w- c:\program files (x86)\QtCore4.dll
    2009-12-08 21:35 . 2009-12-08 21:35 25928 ----a-w- c:\program files (x86)\FAAuG.exe
    2009-09-29 07:47 . 2009-09-29 07:47 7507968 ----a-w- c:\program files (x86)\QtGui4.dll
    2009-08-16 20:13 . 2009-08-16 20:13 523 ----a-w- c:\program files (x86)\PresetPSPowerPlan_Vista.bat
    2009-02-13 23:46 . 2009-02-13 23:46 895 ----a-w- c:\program files (x86)\UpdatePSPowerPlan_Vista.bat
    2008-12-11 17:59 . 2008-12-11 17:59 41 ----a-w- c:\program files (x86)\FAstopstart.bat
    2006-07-11 22:02 . 2006-07-11 22:02 1053184 ----a-w- c:\program files (x86)\MFC71u.dll
    2003-03-19 01:20 . 2003-03-19 01:20 1060864 ----a-w- c:\program files (x86)\MFC71.dll
    2003-03-19 01:05 . 2003-03-19 01:05 89088 ----a-w- c:\program files (x86)\atl71.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 94208 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Spotify"="c:\users\Dublino\AppData\Roaming\Spotify\Spotify.exe" [2012-05-11 9478320]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17151624]
    "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
    "Fitbit Service Monitor"="c:\program files (x86)\Fitbit\fitbit-tray.exe" [2011-10-26 2164256]
    "Amazon Cloud Drive"="c:\users\Dublino\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exe" [2012-03-28 380776]
    "Spotify Web Helper"="c:\users\Dublino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-11 932528]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
    "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
    "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
    "FAStartup"="" [BU]
    "DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [BU]
    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
    "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
    "Dell V310-V510 Series"="c:\program files (x86)\Dell V310-V510 Series\fm3032.exe" [2010-01-18 316072]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
    "BCSSync"="c:\program files (x86)\Microsoft Office10\Office14\BCSSync.exe" [2010-03-13 91520]
    "FATrayAlert"="c:\program files (x86)\FATrayMon.exe" [2011-04-24 98488]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
    "Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-05-04 136416]
    "Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2011-05-04 144608]
    "Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    .
    c:\users\Dublino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    Dropbox.lnk - c:\users\Dublino\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
    Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli FAPassSync
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
    R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office10\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
    R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
    R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2010-01-07 1052328]
    S2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [2010-01-07 33448]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
    S2 FAService;FAService;c:\program files (x86)\FAService.exe [2011-04-24 2412728]
    S2 Fitbit;Fitbit Data Uploader;c:\program files (x86)\Fitbit\fitbit.exe [2011-10-26 788000]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-10-22 517632]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
    S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-05-04 25824]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
    S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
    S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-03-08 341832]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
    S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
    S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [x]
    S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [x]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
    S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - mfeavfk01
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 01:32]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001Core.job
    - c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3421637325-69102753-2988473796-1001UA.job
    - c:\users\Dublino\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-04 11:32]
    .
    2012-05-01 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
    - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
    .
    2012-05-17 c:\windows\Tasks\SystemToolsDailyTest.job
    - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
    .
    2012-05-13 c:\windows\Tasks\vtscheduletask.job
    - c:\program files (x86)\McAfee\Supportability\MVT\MvtApp.exe [2012-05-12 05:33]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2011-02-18 05:12 97792 ----a-w- c:\users\Dublino\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
    "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
    "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
    "dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-01-18 770728]
    "EzPrint"="c:\program files (x86)\Dell V310-V510 Series\ezprint.exe" [2010-01-18 139944]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~2\MIDFEA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MIDFEA~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    TCP: DhcpNameServer = 10.0.0.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
    "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Common Files\Motive\McciCMService.exe
    c:\windows\SysWOW64\rundll32.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-17 15:26:38 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-17 19:26
    ComboFix2.txt 2012-05-17 02:47
    .
    Pre-Run: 295,899,144,192 bytes free
    Post-Run: 295,395,549,184 bytes free
    .
    - - End Of File - - EBDDB6B2506881FCAB22CAFE4B42FBB9
     
  12. TonyDublino

    TonyDublino Thread Starter

    Joined:
    May 15, 2012
    Messages:
    9
    That's what I got after restoring, and running again. I wanted to post it again, as I am not sure what to do next. Tony
     
  13. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,161
    What exactly do you mean by this:

    What did you get? are you able to continue? The issues you mentioned before, are they ok now...

    If you can continue run the following and post its log:

    Run ESET Online Scan
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    • Click the [​IMG] button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on [​IMG] to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the [​IMG] icon on your desktop.
    • Check [​IMG]
    • Click the [​IMG] button.
    • Accept any security warnings from your browser.
    • Check [​IMG]
    • Leave the tick out of remove found threats
    • Push the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push [​IMG]
    • Push [​IMG], and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Push the [​IMG] button.
    • Push [​IMG]
    You can refer to this animation by neomage if needed.
    Frequently asked questions available Here Please read them before running the scan.

    Also be aware this scan can take several hours to complete depending on the size of your system.

    ESET log can be found here "C:\Program Files\ESET\EsetOnlineScanner\log.txt".
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1053378