MoneyPak Removal (No Safe Mode or Internet Connection)

[Fiery]

Leave it to run for another 20 minutes or so. The speed depends on your system configuration.

 

[RJude]

It's been nearly an hour now and no progress.

 

[RJude]

It worked! It asked me if I would like to reboot after removing files. Should I say yes? I appologize for all of the questions.

 

[Fiery]

Yes, reboot

 

[RJude]

Where should I start win the instructions agree booting? Sorry. I want to make sure I don't cause more damage

 

[Fiery]

In OTLPE, shut down the PC. Turn it back on, remove the OTLPE CD immediately and leave windows to boot normally (you may wish to change the BIOS again to boot from hard-drive first rather than CD)

 

[RJude]

It is doing a disk check. Is that okay?

 

[Fiery]

you can skip it for now.

 

[RJude]

It worked!!! Oh you are so wonderful! You have no idea how much you saved me. I nearly lost a yeas worth of footage for my documentary! Thank you so much! Now it is asking me "windows needs to install a driver software to your unknown device". Which should I choose?

 

[RJude]

I am not connected to the Internet and it cannot find any networka

 

[Fiery]

Glad we got your Desktop back!

Are you using wireless connection or a wired connection? I'm not sure what driver it's trying to install. Say no for now.

I would suggest you backup your files before we proceed.

Since you have no internet connection, we will use some tools first that don't depend on the internet. Ignore the instructions I gave you from the above and follow the ones below.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool(For Vista or Windows 7, right-click and select Run as Administrator to start)
• Click delete
• Please post the content of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt

Download & SAVE to your Desktop RogueKiller or from here

• Quit all programs that you may have started.
• Please disconnect any USB or external drives from the computer before you run this scan!
• For Vista or Windows 7, right-click and select Run as Administrator to start
• Wait until Prescan has finished, then click on "Scan" button
• Wait until the Status box shows "Scan Finished"
• Click delete and wait until it saids deleting finished
• Click on "Report" and copy/paste the content of the Notepad into your next reply.
• The log should be found in RKreport[1].txt on your Desktop
  Exit/Close RogueKiller+

Download TDSSkiller from here

• Double-Click on TDSSKiller.exe to run the application
• When TDSSkiller opens, click change parameters , check the box next to Loaded modules . A reboot will be required.
• After reboot, TDSSKiller will run again. Click Change parameters again and make sure everything is checked.
  
  
• click Start scan .
  
• If a suspicious object is detected, the default action will be Skip, click on Continue. (If it saids TDL4/TDSS file system, select delete)
• If malicious objects are found, ensure Cure (default) is selected, then click Continue and Reboot now to finish the cleaning process.

Post the log after (usually C:\ folder in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt

 

[RJude]

I am using wireless. The first program has just done its work and its rebooting.

 

[RJude]

I got two reports, one from before deleting and one for after the reboot. I can't remember which is which, so I will post both. Sorry about that. Other scans are in process.

# AdwCleaner v2.303 - Logfile created 06/26/2013 at 01:07:46
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Caitlin - CAITLIN-PC
# Boot Mode : Normal
# Running from : C:\Users\Caitlin\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Program Files\1ClickDownload
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Free Offers from Freeze.com
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Caitlin\AppData\Local\Conduit
Folder Found : C:\Users\Caitlin\AppData\LocalLow\Conduit
Folder Found : C:\Users\Caitlin\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Found : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\OneClickDownload@OneClickDownload.com
Folder Found : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\wecarereminder@bryan
Folder Found : C:\Users\Caitlin\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3007394
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3228856
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16447

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\prefs.js

Found : user_pref("CT3072253.autoDisableScopes", -1);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Caitlin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7332 octets] - [26/06/2013 01:07:46]

########## EOF - C:\AdwCleaner[R1].txt - [7392 octets] ##########


# AdwCleaner v2.303 - Logfile created 06/26/2013 at 01:09:54
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Caitlin - CAITLIN-PC
# Boot Mode : Normal
# Running from : C:\Users\Caitlin\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Windows\system32\roboot.exe
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Caitlin\AppData\Local\Conduit
Folder Deleted : C:\Users\Caitlin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Caitlin\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Deleted : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\OneClickDownload@OneClickDownload.com
Folder Deleted : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\wecarereminder@bryan
Folder Deleted : C:\Users\Caitlin\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3007394
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3228856
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16447

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\prefs.js

Deleted : user_pref("CT3072253.autoDisableScopes", -1);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Caitlin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7461 octets] - [26/06/2013 01:07:46]
AdwCleaner[R2].txt - [7521 octets] - [26/06/2013 01:09:22]
AdwCleaner[S1].txt - [7618 octets] - [26/06/2013 01:09:54]

########## EOF - C:\AdwCleaner[S1].txt - [7678 octets] ##########

 

[RJude]

RogueKiller V8.6.1 [Jun 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Caitlin [Admin rights]
Mode : Remove -- Date : 06/26/2013 01:27:57
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[DLL] rundll32.exe -- Root\*ISATAP\0008 [x] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[FF][PROXY] zh23lfrc.default : user_pref("network.proxy.hxxp", "127.0.0.1"); -> NOT REMOVED, USE PROXYFIX
[FF][PROXY] zh23lfrc.default : user_pref("network.proxy.hxxp_port", 61677); -> NOT REMOVED, USE PROXYFIX

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Junction] $NtUninstallKB4313$ : C:\Windows\$NtUninstallKB4313$ >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][File] @ : C:\Windows\$NtUninstallKB4313$\3170675749\@ [-] --> DELETED
[ZeroAccess][File] Desktop.ini : C:\Windows\$NtUninstallKB4313$\3170675749\Desktop.ini [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Windows\$NtUninstallKB4313$\3170675749\L\00000004.@ [-] --> DELETED
[ZeroAccess][File] 1afb2d56 : C:\Windows\$NtUninstallKB4313$\3170675749\L\1afb2d56 [-] --> DELETED
[ZeroAccess][File] 201d3dde : C:\Windows\$NtUninstallKB4313$\3170675749\L\201d3dde [-] --> DELETED
[ZeroAccess][File] 55490ac4 : C:\Windows\$NtUninstallKB4313$\3170675749\L\55490ac4 [-] --> DELETED
[ZeroAccess][File] qnbwvoto : C:\Windows\$NtUninstallKB4313$\3170675749\L\qnbwvoto [-] --> DELETED
[ZeroAccess][Folder] L : C:\Windows\$NtUninstallKB4313$\3170675749\L [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Windows\$NtUninstallKB4313$\3170675749\U\00000004.@ [-] --> DELETED
[ZeroAccess][File] 00000008.@ : C:\Windows\$NtUninstallKB4313$\3170675749\U\00000008.@ [-] --> DELETED
[ZeroAccess][File] 000000cb.@ : C:\Windows\$NtUninstallKB4313$\3170675749\U\000000cb.@ [-] --> DELETED
[ZeroAccess][File] 80000000.@ : C:\Windows\$NtUninstallKB4313$\3170675749\U\80000000.@ [-] --> DELETED
[ZeroAccess][File] 80000032.@ : C:\Windows\$NtUninstallKB4313$\3170675749\U\80000032.@ [-] --> DELETED
[ZeroAccess][Folder] U : C:\Windows\$NtUninstallKB4313$\3170675749\U [-] --> DELETED
[ZeroAccess][Folder] 3170675749 : C:\Windows\$NtUninstallKB4313$\3170675749 [-] --> DELETED
[ZeroAccess][Junction] 3936020030 : C:\Windows\$NtUninstallKB4313$\3936020030 >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][File] 3936020030 : C:\Windows\$NtUninstallKB4313$\3936020030 [-] --> DELETED
[ZeroAccess][Folder] $NtUninstallKB4313$ : C:\Windows\$NtUninstallKB4313$ [-] --> DELETED

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤
-> E:\windows\system32\config\SYSTEM
E:\Windows\system32

-> E:\windows\system32\config\SOFTWARE
E:\Windows\system32

-> E:\windows\system32\config\SECURITY
E:\Windows\system32

-> E:\windows\system32\config\SAM
E:\Windows\system32

-> E:\windows\system32\config\DEFAULT
E:\Windows\system32

-> E:\Users\Default\NTUSER.DAT
E:\Windows\system32


¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVT-75ZCT2 +++++
--- User ---
[MBR] c6ca393290a92fc70ec0125a4c0201a6
[BSP] d6a428091d663a13ddcaf6e47fc482f4 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD2500BEVT-75ZCT2 +++++
--- User ---
[MBR] f0c72afbc667bdf09932d5744b671d4e
[BSP] 4b8b702b557e3455c4e0f1b634afd5c4 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 1072 | Size: 3823 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_D_06262013_012757.txt >>
RKreport[0]_S_06262013_012746.txt

 

[RJude]

Here is the final one. I have two and I'm not sure which is needed so I will post both. Again, sorry for all of the trouble.

01:28:46.0402 3576 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:28:46.0402 3576 ============================================================
01:28:46.0402 3576 Current date / time: 2013/06/26 01:28:46.0402
01:28:46.0402 3576 SystemInfo:
01:28:46.0402 3576
01:28:46.0402 3576 OS Version: 6.0.6002 ServicePack: 2.0
01:28:46.0402 3576 Product type: Workstation
01:28:46.0402 3576 ComputerName: CAITLIN-PC
01:28:46.0402 3576 UserName: Caitlin
01:28:46.0402 3576 Windows directory: C:\Windows
01:28:46.0402 3576 System windows directory: C:\Windows
01:28:46.0402 3576 Processor architecture: Intel x86
01:28:46.0402 3576 Number of processors: 2
01:28:46.0402 3576 Page size: 0x1000
01:28:46.0402 3576 Boot type: Normal boot
01:28:46.0402 3576 ============================================================
01:28:46.0870 3576 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:28:46.0870 3576 ============================================================
01:28:46.0870 3576 \Device\Harddisk0\DR0:
01:28:46.0885 3576 MBR partitions:
01:28:46.0885 3576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
01:28:46.0885 3576 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
01:28:46.0885 3576 ============================================================
01:28:47.0135 3576 C: <-> \Device\Harddisk0\DR0\Partition2
01:28:47.0166 3576 E: <-> \Device\Harddisk0\DR0\Partition1
01:28:47.0166 3576 ============================================================
01:28:47.0166 3576 Initialize success
01:28:47.0166 3576 ============================================================
01:31:09.0267 3604 Deinitialize success


01:35:27.0553 1452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:35:27.0584 1452 ============================================================
01:35:27.0584 1452 Current date / time: 2013/06/26 01:35:27.0584
01:35:27.0584 1452 SystemInfo:
01:35:27.0584 1452
01:35:27.0584 1452 OS Version: 6.0.6002 ServicePack: 2.0
01:35:27.0584 1452 Product type: Workstation
01:35:27.0584 1452 ComputerName: CAITLIN-PC
01:35:27.0584 1452 UserName: Caitlin
01:35:27.0584 1452 Windows directory: C:\Windows
01:35:27.0584 1452 System windows directory: C:\Windows
01:35:27.0584 1452 Processor architecture: Intel x86
01:35:27.0584 1452 Number of processors: 2
01:35:27.0584 1452 Page size: 0x1000
01:35:27.0584 1452 Boot type: Normal boot
01:35:27.0584 1452 ============================================================
01:35:33.0465 1452 BG loaded
01:35:35.0914 1452 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
01:35:35.0977 1452 ============================================================
01:35:35.0977 1452 \Device\Harddisk0\DR0:
01:35:36.0195 1452 MBR partitions:
01:35:36.0195 1452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
01:35:36.0195 1452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
01:35:36.0195 1452 ============================================================
01:35:36.0585 1452 C: <-> \Device\Harddisk0\DR0\Partition2
01:35:36.0741 1452 E: <-> \Device\Harddisk0\DR0\Partition1
01:35:36.0741 1452 ============================================================
01:35:36.0741 1452 Initialize success
01:35:36.0741 1452 ============================================================
01:35:55.0149 2484 ============================================================
01:35:55.0149 2484 Scan started
01:35:55.0149 2484 Mode: Manual; SigCheck; TDLFS;
01:35:55.0149 2484 ============================================================
01:36:01.0342 2484 ================ Scan system memory ========================
01:36:01.0342 2484 System memory - ok
01:36:01.0342 2484 ================ Scan services =============================
01:36:01.0592 2484 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
01:36:02.0715 2484 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
01:36:02.0715 2484 !SASCORE - detected UnsignedFile.Multi.Generic (1)
01:36:03.0464 2484 A2DDA - ok
01:36:03.0776 2484 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
01:36:03.0823 2484 ACPI - ok
01:36:03.0994 2484 [ 177FF6608B48638D4066726F3A3F8444 ] AdobeActiveFileMonitor5.0 C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
01:36:04.0197 2484 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - warning
01:36:04.0197 2484 AdobeActiveFileMonitor5.0 - detected UnsignedFile.Multi.Generic (1)
01:36:04.0400 2484 [ 6C40D5ED8951AB7B90D08AF655224EE4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:36:04.0431 2484 AdobeFlashPlayerUpdateSvc - ok
01:36:04.0525 2484 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:36:04.0556 2484 adp94xx - ok
01:36:04.0587 2484 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:36:04.0603 2484 adpahci - ok
01:36:04.0603 2484 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
01:36:04.0634 2484 adpu160m - ok
01:36:04.0634 2484 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:36:04.0649 2484 adpu320 - ok
01:36:04.0774 2484 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:36:04.0883 2484 AeLookupSvc - ok
01:36:05.0086 2484 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
01:36:05.0242 2484 AESTFilters - ok
01:36:05.0398 2484 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
01:36:05.0461 2484 AFD - ok
01:36:05.0554 2484 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:36:05.0554 2484 agp440 - ok
01:36:05.0695 2484 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
01:36:05.0773 2484 aic78xx - ok
01:36:05.0819 2484 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
01:36:06.0022 2484 ALG - ok
01:36:06.0100 2484 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
01:36:06.0100 2484 aliide - ok
01:36:06.0116 2484 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
01:36:06.0116 2484 amdagp - ok
01:36:06.0131 2484 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
01:36:06.0147 2484 amdide - ok
01:36:06.0163 2484 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
01:36:06.0225 2484 AmdK7 - ok
01:36:06.0272 2484 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:36:06.0365 2484 AmdK8 - ok
01:36:06.0521 2484 [ 5BFFA4DB168D2D0F99C182732535E82F ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
01:36:06.0553 2484 ApfiltrService - ok
01:36:06.0599 2484 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
01:36:06.0677 2484 Appinfo - ok
01:36:07.0145 2484 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:36:07.0208 2484 Apple Mobile Device - ok
01:36:07.0301 2484 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
01:36:07.0301 2484 arc - ok
01:36:07.0317 2484 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:36:07.0333 2484 arcsas - ok
01:36:07.0364 2484 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:36:07.0473 2484 AsyncMac - ok
01:36:07.0489 2484 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
01:36:07.0504 2484 atapi - ok
01:36:07.0567 2484 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:36:07.0660 2484 AudioEndpointBuilder - ok
01:36:07.0691 2484 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
01:36:07.0723 2484 Audiosrv - ok
01:36:08.0066 2484 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
01:36:08.0081 2484 BBSvc - ok
01:36:08.0237 2484 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
01:36:08.0253 2484 BBUpdate - ok
01:36:08.0362 2484 [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
01:36:08.0378 2484 BCM42RLY - ok
01:36:08.0471 2484 [ 41A70777E892C3DEA606758366566A77 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
01:36:08.0752 2484 BCM43XX - ok
01:36:09.0080 2484 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
01:36:09.0329 2484 Beep - ok
01:36:09.0423 2484 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
01:36:09.0485 2484 BFE - ok
01:36:09.0860 2484 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
01:36:10.0250 2484 blbdrive - ok
01:36:10.0453 2484 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:36:10.0468 2484 Bonjour Service - ok
01:36:10.0609 2484 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:36:10.0655 2484 bowser - ok
01:36:10.0733 2484 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
01:36:10.0780 2484 BrFiltLo - ok
01:36:10.0780 2484 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
01:36:10.0874 2484 BrFiltUp - ok
01:36:10.0952 2484 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
01:36:10.0999 2484 Browser - ok
01:36:11.0092 2484 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
01:36:11.0451 2484 Brserid - ok
01:36:11.0482 2484 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
01:36:11.0529 2484 BrSerWdm - ok
01:36:11.0638 2484 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
01:36:11.0732 2484 BrUsbMdm - ok
01:36:11.0794 2484 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
01:36:11.0919 2484 BrUsbSer - ok
01:36:11.0966 2484 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:36:12.0059 2484 BTHMODEM - ok
01:36:12.0091 2484 catchme - ok
01:36:12.0215 2484 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:36:12.0325 2484 cdrom - ok
01:36:12.0403 2484 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
01:36:12.0465 2484 CertPropSvc - ok
01:36:12.0605 2484 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
01:36:12.0652 2484 circlass - ok
01:36:12.0793 2484 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
01:36:12.0824 2484 CLFS - ok
01:36:13.0136 2484 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:36:13.0151 2484 clr_optimization_v2.0.50727_32 - ok
01:36:13.0276 2484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:36:13.0354 2484 clr_optimization_v4.0.30319_32 - ok
01:36:13.0541 2484 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:36:13.0557 2484 CmBatt - ok
01:36:13.0713 2484 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:36:13.0729 2484 cmdide - ok
01:36:13.0822 2484 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:36:13.0838 2484 Compbatt - ok
01:36:13.0838 2484 COMSysApp - ok
01:36:13.0916 2484 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:36:13.0931 2484 crcdisk - ok
01:36:13.0963 2484 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
01:36:13.0994 2484 Crusoe - ok
01:36:14.0087 2484 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:36:14.0150 2484 CryptSvc - ok
01:36:14.0228 2484 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:36:14.0633 2484 DcomLaunch - ok
01:36:14.0805 2484 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:36:14.0867 2484 DfsC - ok
01:36:15.0023 2484 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
01:36:15.0304 2484 DFSR - ok
01:36:15.0335 2484 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
01:36:15.0476 2484 Dhcp - ok
01:36:15.0538 2484 DirectUpdate - ok
01:36:15.0694 2484 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
01:36:15.0694 2484 disk - ok
01:36:15.0772 2484 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:36:15.0835 2484 Dnscache - ok
01:36:15.0959 2484 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
01:36:15.0975 2484 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
01:36:15.0975 2484 DockLoginService - detected UnsignedFile.Multi.Generic (1)
01:36:16.0006 2484 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:36:16.0162 2484 dot3svc - ok
01:36:16.0209 2484 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
01:36:16.0334 2484 DPS - ok
01:36:16.0521 2484 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:36:16.0677 2484 drmkaud - ok
01:36:16.0927 2484 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:36:17.0051 2484 DXGKrnl - ok
01:36:17.0207 2484 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
01:36:17.0566 2484 e1express - ok
01:36:17.0582 2484 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
01:36:18.0284 2484 E1G60 - ok
01:36:18.0362 2484 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
01:36:18.0502 2484 EapHost - ok
01:36:18.0674 2484 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
01:36:18.0689 2484 Ecache - ok
01:36:18.0955 2484 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:36:19.0033 2484 ehRecvr - ok
01:36:19.0126 2484 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
01:36:19.0251 2484 ehSched - ok
01:36:19.0298 2484 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
01:36:19.0329 2484 ehstart - ok
01:36:19.0391 2484 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:36:19.0438 2484 elxstor - ok
01:36:19.0501 2484 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
01:36:19.0610 2484 EMDMgmt - ok
01:36:19.0703 2484 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:36:19.0781 2484 ErrDev - ok
01:36:20.0109 2484 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
01:36:20.0187 2484 EventSystem - ok
01:36:20.0249 2484 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
01:36:20.0405 2484 exfat - ok
01:36:20.0437 2484 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:36:20.0483 2484 fastfat - ok
01:36:20.0515 2484 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:36:20.0577 2484 fdc - ok
01:36:20.0639 2484 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
01:36:20.0671 2484 fdPHost - ok
01:36:20.0717 2484 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
01:36:20.0811 2484 FDResPub - ok
01:36:20.0983 2484 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:36:20.0998 2484 FileInfo - ok
01:36:21.0014 2484 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:36:21.0107 2484 Filetrace - ok
01:36:21.0154 2484 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:36:21.0170 2484 flpydisk - ok
01:36:21.0217 2484 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:36:21.0232 2484 FltMgr - ok
01:36:21.0295 2484 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
01:36:21.0466 2484 FontCache - ok
01:36:21.0622 2484 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
01:36:21.0638 2484 FontCache3.0.0.0 - ok
01:36:21.0700 2484 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
01:36:21.0700 2484 fssfltr - ok
01:36:22.0106 2484 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
01:36:22.0761 2484 fsssvc - ok
01:36:22.0886 2484 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:36:22.0979 2484 Fs_Rec - ok
01:36:23.0026 2484 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:36:23.0042 2484 gagp30kx - ok
01:36:23.0291 2484 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:36:23.0291 2484 GEARAspiWDM - ok
01:36:23.0401 2484 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
01:36:23.0572 2484 GoToAssist - ok
01:36:23.0619 2484 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
01:36:23.0697 2484 gpsvc - ok
01:36:23.0759 2484 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
01:36:23.0775 2484 gupdate - ok
01:36:23.0837 2484 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
01:36:23.0853 2484 gupdatem - ok
01:36:23.0915 2484 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:36:23.0993 2484 HDAudBus - ok
01:36:24.0087 2484 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:36:24.0149 2484 HidBth - ok
01:36:24.0165 2484 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
01:36:24.0461 2484 HidIr - ok
01:36:24.0524 2484 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
01:36:24.0742 2484 hidserv - ok
01:36:24.0805 2484 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
01:36:24.0867 2484 HidUsb - ok
01:36:24.0914 2484 HitmanPro36CrusaderBoot - ok
01:36:24.0961 2484 [ 52150B4AEC54956124B028D8830778C6 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
01:36:24.0976 2484 HitmanProScheduler - ok
01:36:25.0039 2484 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:36:25.0070 2484 hkmsvc - ok
01:36:25.0132 2484 [ 853BABC289F2B46F8150DF0E0CF0B537 ] hnmsvc c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
01:36:25.0179 2484 hnmsvc - ok
01:36:25.0210 2484 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
01:36:25.0226 2484 HpCISSs - ok
01:36:25.0304 2484 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:36:25.0413 2484 HTTP - ok
01:36:25.0663 2484 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
01:36:25.0663 2484 i2omp - ok
01:36:25.0756 2484 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:36:25.0819 2484 i8042prt - ok
01:36:25.0897 2484 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
01:36:25.0912 2484 IAANTMON - ok
01:36:26.0131 2484 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\drivers\iastor.sys
01:36:26.0146 2484 iaStor - ok
01:36:26.0177 2484 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
01:36:26.0193 2484 iaStorV - ok
01:36:26.0349 2484 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:36:26.0427 2484 idsvc - ok
01:36:26.0614 2484 [ 938753888EADDB29D4B3754139EC19E8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
01:36:26.0848 2484 igfx - ok
01:36:26.0942 2484 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:36:26.0957 2484 iirsp - ok
01:36:27.0098 2484 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
01:36:27.0113 2484 IKEEXT - ok
01:36:27.0285 2484 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
01:36:27.0301 2484 intelide - ok
01:36:27.0379 2484 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:36:27.0410 2484 intelppm - ok
01:36:27.0550 2484 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:36:27.0613 2484 IPBusEnum - ok
01:36:27.0691 2484 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:36:27.0753 2484 IpFilterDriver - ok
01:36:27.0909 2484 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:36:27.0956 2484 iphlpsvc - ok
01:36:27.0971 2484 IpInIp - ok
01:36:28.0018 2484 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
01:36:28.0096 2484 IPMIDRV - ok
01:36:28.0143 2484 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
01:36:28.0221 2484 IPNAT - ok
01:36:28.0361 2484 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:36:28.0393 2484 iPod Service - ok
01:36:28.0517 2484 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:36:28.0595 2484 IRENUM - ok
01:36:28.0627 2484 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:36:28.0642 2484 isapnp - ok
01:36:28.0705 2484 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
01:36:28.0720 2484 iScsiPrt - ok
01:36:28.0829 2484 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
01:36:28.0861 2484 iteatapi - ok
01:36:28.0970 2484 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
01:36:28.0970 2484 iteraid - ok
01:36:29.0048 2484 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:36:29.0063 2484 kbdclass - ok
01:36:29.0141 2484 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:36:29.0251 2484 kbdhid - ok
01:36:29.0469 2484 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
01:36:29.0547 2484 KeyIso - ok
01:36:29.0641 2484 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:36:29.0672 2484 KSecDD - ok
01:36:29.0797 2484 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
01:36:29.0999 2484 KtmRm - ok
01:36:30.0062 2484 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
01:36:30.0514 2484 LanmanServer - ok
01:36:30.0639 2484 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:36:31.0013 2484 LanmanWorkstation - ok
01:36:31.0060 2484 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:36:31.0450 2484 lltdio - ok
01:36:31.0606 2484 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:36:31.0669 2484 lltdsvc - ok
01:36:31.0700 2484 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:36:31.0825 2484 lmhosts - ok
01:36:31.0887 2484 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:36:31.0903 2484 LSI_FC - ok
01:36:31.0918 2484 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:36:31.0934 2484 LSI_SAS - ok
01:36:31.0949 2484 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:36:31.0965 2484 LSI_SCSI - ok
01:36:31.0996 2484 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
01:36:32.0105 2484 luafv - ok
01:36:32.0183 2484 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:36:32.0355 2484 Mcx2Svc - ok
01:36:32.0402 2484 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
01:36:32.0417 2484 megasas - ok
01:36:32.0464 2484 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
01:36:32.0480 2484 MegaSR - ok
01:36:32.0527 2484 [ 26653763D99EA717FC9E069F6BE6771E ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
01:36:32.0542 2484 mfeavfk - ok
01:36:32.0589 2484 [ E65CE1279F2C1FD9BD81184CEB7F5468 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
01:36:32.0729 2484 mfebopk - ok
01:36:33.0088 2484 [ F817BFCA67475CF04925ECE4FCF9C3C0 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
01:36:33.0104 2484 mfehidk - ok
01:36:33.0166 2484 [ FE03BE0B990983A08A33389C00636175 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
01:36:33.0182 2484 mferkdk - ok
01:36:33.0307 2484 [ 9C73ACA963AD8883B9FC44B410E70B71 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
01:36:33.0322 2484 mfesmfk - ok
01:36:33.0509 2484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
01:36:33.0556 2484 MMCSS - ok
01:36:33.0587 2484 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
01:36:33.0634 2484 Modem - ok
01:36:33.0728 2484 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:36:33.0790 2484 monitor - ok
01:36:33.0853 2484 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:36:33.0868 2484 mouclass - ok
01:36:33.0899 2484 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:36:34.0024 2484 mouhid - ok
01:36:34.0071 2484 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
01:36:34.0071 2484 MountMgr - ok
01:36:34.0211 2484 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
01:36:34.0227 2484 MpFilter - ok
01:36:34.0336 2484 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
01:36:34.0352 2484 mpio - ok
01:36:34.0383 2484 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:36:34.0445 2484 mpsdrv - ok
01:36:34.0539 2484 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
01:36:34.0555 2484 Mraid35x - ok
01:36:34.0633 2484 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:36:34.0648 2484 MRxDAV - ok
01:36:34.0898 2484 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:36:34.0976 2484 mrxsmb - ok
01:36:35.0101 2484 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:36:35.0132 2484 mrxsmb10 - ok
01:36:35.0179 2484 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:36:35.0225 2484 mrxsmb20 - ok
01:36:35.0335 2484 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
01:36:35.0335 2484 msahci - ok
01:36:35.0350 2484 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:36:35.0366 2484 msdsm - ok
01:36:35.0444 2484 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
01:36:35.0491 2484 MSDTC - ok
01:36:35.0600 2484 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:36:35.0662 2484 Msfs - ok
01:36:35.0678 2484 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:36:35.0693 2484 msisadrv - ok
01:36:35.0740 2484 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:36:35.0849 2484 MSiSCSI - ok
01:36:35.0849 2484 msiserver - ok
01:36:35.0896 2484 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:36:35.0927 2484 MSKSSRV - ok
01:36:35.0943 2484 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:36:36.0083 2484 MSPCLOCK - ok
01:36:36.0099 2484 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:36:36.0161 2484 MSPQM - ok
01:36:36.0208 2484 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:36:36.0224 2484 MsRPC - ok
01:36:36.0271 2484 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:36:36.0286 2484 mssmbios - ok
01:36:36.0395 2484 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:36:36.0427 2484 MSTEE - ok
01:36:36.0520 2484 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
01:36:36.0536 2484 Mup - ok
01:36:36.0583 2484 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
01:36:36.0676 2484 napagent - ok
01:36:36.0723 2484 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:36:36.0801 2484 NativeWifiP - ok
01:36:36.0848 2484 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:36:36.0895 2484 NDIS - ok
01:36:36.0926 2484 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:36:37.0004 2484 NdisTapi - ok
01:36:37.0051 2484 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:36:37.0082 2484 Ndisuio - ok
01:36:37.0207 2484 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:36:37.0238 2484 NdisWan - ok
01:36:37.0269 2484 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:36:37.0316 2484 NDProxy - ok
01:36:37.0378 2484 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:36:37.0409 2484 NetBIOS - ok
01:36:37.0441 2484 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
01:36:37.0456 2484 Netlogon - ok
01:36:37.0550 2484 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
01:36:37.0659 2484 Netman - ok
01:36:37.0706 2484 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
01:36:37.0831 2484 netprofm - ok
01:36:37.0924 2484 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:36:37.0924 2484 NetTcpPortSharing - ok
01:36:38.0002 2484 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:36:38.0018 2484 nfrd960 - ok
01:36:38.0111 2484 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:36:38.0127 2484 NisDrv - ok
01:36:38.0236 2484 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
01:36:38.0267 2484 NisSrv - ok
01:36:38.0299 2484 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:36:38.0345 2484 NlaSvc - ok
01:36:38.0455 2484 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:36:38.0501 2484 Npfs - ok
01:36:38.0579 2484 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
01:36:41.0590 2484 nsi - ok
01:36:41.0746 2484 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:36:41.0933 2484 nsiproxy - ok
01:36:42.0027 2484 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:36:42.0136 2484 Ntfs - ok
01:36:42.0183 2484 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
01:36:42.0245 2484 ntrigdigi - ok
01:36:42.0308 2484 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
01:36:42.0479 2484 Null - ok
01:36:42.0557 2484 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:36:42.0557 2484 nvraid - ok
01:36:42.0573 2484 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:36:42.0589 2484 nvstor - ok
01:36:42.0589 2484 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:36:42.0604 2484 nv_agp - ok
01:36:42.0620 2484 NwlnkFlt - ok
01:36:42.0635 2484 NwlnkFwd - ok
01:36:42.0776 2484 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:36:44.0055 2484 odserv - ok
01:36:44.0149 2484 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:36:44.0195 2484 ohci1394 - ok
01:36:44.0320 2484 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:36:44.0336 2484 ose - ok
01:36:44.0461 2484 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
01:36:44.0695 2484 p2pimsvc - ok
01:36:44.0741 2484 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
01:36:44.0773 2484 p2psvc - ok
01:36:44.0897 2484 [ 9D80E0BE979C3EDAF2863F23B88F4DE6 ] Packet C:\Windows\system32\DRIVERS\packet.sys
01:36:44.0960 2484 Packet - ok
01:36:45.0007 2484 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
01:36:45.0069 2484 Parport - ok
01:36:45.0194 2484 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:36:45.0209 2484 partmgr - ok
01:36:45.0241 2484 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
01:36:45.0303 2484 Parvdm - ok
01:36:45.0412 2484 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
01:36:45.0974 2484 PcaSvc - ok
01:36:46.0130 2484 [ 42EDE7D217325FF56CB8A9983CD7F73B ] PCD5SRVC{3F6A8B78-EC003E00-05040104} C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
01:36:46.0255 2484 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
01:36:46.0364 2484 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
01:36:46.0379 2484 pci - ok
01:36:46.0411 2484 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
01:36:46.0411 2484 pciide - ok
01:36:46.0457 2484 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:36:46.0473 2484 pcmcia - ok
01:36:46.0504 2484 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:36:46.0738 2484 PEAUTH - ok
01:36:46.0863 2484 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
01:36:47.0003 2484 pla - ok
01:36:47.0191 2484 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:36:47.0284 2484 PlugPlay - ok
01:36:47.0565 2484 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
01:36:47.0581 2484 PNRPAutoReg - ok
01:36:47.0627 2484 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
01:36:47.0659 2484 PNRPsvc - ok
01:36:47.0752 2484 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:36:47.0783 2484 PolicyAgent - ok
01:36:47.0846 2484 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:36:47.0877 2484 PptpMiniport - ok
01:36:48.0064 2484 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
01:36:48.0142 2484 Processor - ok
01:36:48.0220 2484 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
01:36:48.0283 2484 ProfSvc - ok
01:36:48.0392 2484 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
01:36:48.0407 2484 ProtectedStorage - ok
01:36:48.0532 2484 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
01:36:48.0610 2484 PSched - ok
01:36:48.0657 2484 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
01:36:48.0673 2484 PxHelp20 - ok
01:36:48.0719 2484 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:36:48.0797 2484 ql2300 - ok
01:36:48.0860 2484 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:36:48.0875 2484 ql40xx - ok
01:36:49.0000 2484 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
01:36:49.0063 2484 QWAVE - ok
01:36:49.0078 2484 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:36:49.0187 2484 QWAVEdrv - ok
01:36:49.0312 2484 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
01:36:49.0531 2484 R300 - ok
01:36:49.0562 2484 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:36:49.0655 2484 RasAcd - ok
01:36:49.0702 2484 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
01:36:49.0921 2484 RasAuto - ok
01:36:49.0967 2484 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:36:50.0030 2484 Rasl2tp - ok
01:36:50.0155 2484 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
01:36:50.0591 2484 RasMan - ok
01:36:50.0638 2484 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:36:50.0669 2484 RasPppoe - ok
01:36:50.0732 2484 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:36:50.0747 2484 RasSstp - ok
01:36:50.0779 2484 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:36:50.0857 2484 rdbss - ok
01:36:50.0935 2484 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:36:51.0044 2484 RDPCDD - ok
01:36:51.0137 2484 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
01:36:51.0215 2484 rdpdr - ok
01:36:51.0247 2484 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:36:51.0340 2484 RDPENCDD - ok
01:36:51.0465 2484 [ 79C6DF8477250F5C54F7C5AE1D6B814E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:36:51.0699 2484 RDPWD - ok
01:36:51.0855 2484 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:36:52.0245 2484 RemoteAccess - ok
01:36:52.0292 2484 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:36:52.0323 2484 RemoteRegistry - ok
01:36:52.0448 2484 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
01:36:52.0510 2484 RMCAST - ok
01:36:52.0697 2484 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
01:36:53.0087 2484 RpcLocator - ok
01:36:53.0228 2484 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
01:36:53.0259 2484 RpcSs - ok
01:36:53.0290 2484 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:36:53.0399 2484 rspndr - ok
01:36:53.0477 2484 [ D97D8259293B7A82CB891F37F997DF3F ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
01:36:53.0587 2484 RTSTOR - ok
01:36:53.0805 2484 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
01:36:53.0852 2484 SamSs - ok
01:36:54.0086 2484 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
01:36:54.0101 2484 SASDIFSV - ok
01:36:54.0164 2484 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
01:36:54.0179 2484 SASKUTIL - ok
01:36:54.0413 2484 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:36:54.0445 2484 sbp2port - ok
01:36:54.0679 2484 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:36:54.0757 2484 SCardSvr - ok
01:36:56.0363 2484 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
01:36:56.0566 2484 Schedule - ok
01:36:57.0533 2484 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:36:57.0565 2484 SCPolicySvc - ok
01:36:57.0689 2484 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:36:58.0376 2484 SDRSVC - ok
01:36:58.0438 2484 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:36:58.0485 2484 secdrv - ok
01:36:58.0532 2484 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
01:36:58.0891 2484 seclogon - ok
01:36:59.0125 2484 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
01:36:59.0390 2484 SENS - ok
01:36:59.0546 2484 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
01:36:59.0702 2484 Serenum - ok
01:36:59.0858 2484 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
01:36:59.0967 2484 Serial - ok
01:36:59.0983 2484 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:37:00.0029 2484 sermouse - ok
01:37:00.0107 2484 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
01:37:00.0139 2484 SessionEnv - ok
01:37:00.0326 2484 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:37:00.0529 2484 sffdisk - ok
01:37:00.0669 2484 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:37:00.0763 2484 sffp_mmc - ok
01:37:00.0778 2484 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:37:01.0355 2484 sffp_sd - ok
01:37:01.0433 2484 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:37:01.0589 2484 sfloppy - ok
01:37:02.0026 2484 [ 21D48D7C9BDEF13AF16FDCBC5719FC3B ] SftService C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
01:37:02.0073 2484 SftService ( UnsignedFile.Multi.Generic ) - warning
01:37:02.0073 2484 SftService - detected UnsignedFile.Multi.Generic (1)
01:37:02.0167 2484 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:37:02.0323 2484 SharedAccess - ok
01:37:02.0416 2484 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:37:02.0494 2484 ShellHWDetection - ok
01:37:02.0572 2484 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
01:37:02.0572 2484 sisagp - ok
01:37:02.0588 2484 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
01:37:02.0603 2484 SiSRaid2 - ok
01:37:02.0603 2484 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:37:02.0619 2484 SiSRaid4 - ok
01:37:02.0759 2484 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
01:37:02.0947 2484 slsvc - ok
01:37:03.0071 2484 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
01:37:03.0118 2484 SLUINotify - ok
01:37:03.0290 2484 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:37:03.0415 2484 Smb - ok
01:37:03.0555 2484 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:37:03.0898 2484 SNMPTRAP - ok
01:37:04.0007 2484 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
01:37:04.0023 2484 spldr - ok
01:37:04.0070 2484 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
01:37:04.0132 2484 Spooler - ok
01:37:04.0319 2484 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellComms C:\Program Files\Dell\DellComms\bin\sprtsvc.exe
01:37:04.0444 2484 sprtsvc_DellComms - ok
01:37:04.0631 2484 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
01:37:04.0647 2484 sprtsvc_DellSupportCenter - ok
01:37:04.0819 2484 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:37:04.0959 2484 srv - ok
01:37:05.0068 2484 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:37:05.0115 2484 srv2 - ok
01:37:05.0240 2484 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:37:05.0318 2484 srvnet - ok
01:37:05.0380 2484 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:37:05.0458 2484 SSDPSRV - ok
01:37:05.0489 2484 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:37:05.0552 2484 SstpSvc - ok
01:37:05.0708 2484 [ DDEB942850278D67EDC108D57F774BF8 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
01:37:05.0755 2484 STacSV - ok
01:37:05.0833 2484 [ C4BE9C3AF8AF6F2E4CDD22FCABF77A1B ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
01:37:06.0004 2484 STHDA - ok
01:37:06.0067 2484 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
01:37:06.0145 2484 stisvc - ok
01:37:06.0176 2484 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:37:06.0191 2484 swenum - ok
01:37:06.0238 2484 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
01:37:06.0269 2484 swprv - ok
01:37:06.0332 2484 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
01:37:06.0347 2484 Symc8xx - ok
01:37:06.0347 2484 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
01:37:06.0363 2484 Sym_hi - ok
01:37:06.0379 2484 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
01:37:06.0394 2484 Sym_u3 - ok
01:37:06.0457 2484 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
01:37:06.0488 2484 SysMain - ok
01:37:06.0519 2484 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:37:06.0535 2484 TabletInputService - ok
01:37:06.0566 2484 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:37:06.0597 2484 TapiSrv - ok
01:37:06.0659 2484 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
01:37:06.0753 2484 TBS - ok
01:37:06.0940 2484 [ 814A1C66FBD4E1B310A517221F1456BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:37:07.0018 2484 Tcpip - ok
01:37:07.0283 2484 [ 814A1C66FBD4E1B310A517221F1456BF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
01:37:07.0627 2484 Tcpip6 - ok
01:37:07.0705 2484 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:37:07.0751 2484 tcpipreg - ok
01:37:07.0829 2484 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:37:07.0985 2484 TDPIPE - ok
01:37:07.0985 2484 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:37:08.0017 2484 TDTCP - ok
01:37:08.0063 2484 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:37:08.0095 2484 tdx - ok
01:37:08.0251 2484 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:37:08.0251 2484 TermDD - ok
01:37:08.0375 2484 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
01:37:08.0469 2484 TermService - ok
01:37:08.0469 2484 TfFsMon - ok
01:37:08.0485 2484 TfNetMon - ok
01:37:08.0485 2484 TfSysMon - ok
01:37:08.0531 2484 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
01:37:08.0547 2484 Themes - ok
01:37:08.0625 2484 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
01:37:08.0656 2484 THREADORDER - ok
01:37:08.0687 2484 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
01:37:08.0875 2484 TrkWks - ok
01:37:09.0046 2484 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:37:09.0171 2484 TrustedInstaller - ok
01:37:09.0280 2484 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:37:09.0545 2484 tssecsrv - ok
01:37:09.0717 2484 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
01:37:09.0873 2484 tunmp - ok
01:37:10.0107 2484 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:37:10.0310 2484 tunnel - ok
01:37:10.0481 2484 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:37:10.0684 2484 uagp35 - ok
01:37:10.0778 2484 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:37:10.0871 2484 udfs - ok
01:37:11.0012 2484 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:37:11.0043 2484 UI0Detect - ok
01:37:11.0074 2484 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:37:11.0090 2484 uliagpkx - ok
01:37:11.0137 2484 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
01:37:11.0168 2484 uliahci - ok
01:37:11.0215 2484 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
01:37:11.0371 2484 UlSata - ok
01:37:11.0417 2484 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
01:37:11.0433 2484 ulsata2 - ok
01:37:11.0464 2484 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:37:11.0495 2484 umbus - ok
01:37:11.0589 2484 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
01:37:11.0620 2484 upnphost - ok
01:37:11.0714 2484 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
01:37:12.0010 2484 USBAAPL - ok
01:37:12.0104 2484 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:37:12.0494 2484 usbccgp - ok
01:37:12.0587 2484 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:37:12.0821 2484 usbcir - ok
01:37:12.0868 2484 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:37:12.0915 2484 usbehci - ok
01:37:13.0149 2484 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:37:13.0633 2484 usbhub - ok
01:37:13.0773 2484 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:37:14.0272 2484 usbohci - ok
01:37:14.0319 2484 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
01:37:14.0803 2484 usbprint - ok
01:37:14.0834 2484 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:37:14.0865 2484 USBSTOR - ok
01:37:14.0896 2484 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:37:15.0411 2484 usbuhci - ok
01:37:15.0489 2484 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
01:37:15.0551 2484 UxSms - ok
01:37:15.0785 2484 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
01:37:15.0863 2484 vds - ok
01:37:15.0941 2484 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:37:15.0973 2484 vga - ok
01:37:16.0097 2484 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
01:37:16.0144 2484 VgaSave - ok
01:37:16.0175 2484 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
01:37:16.0191 2484 viaagp - ok
01:37:16.0191 2484 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
01:37:16.0253 2484 ViaC7 - ok
01:37:16.0253 2484 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
01:37:16.0269 2484 viaide - ok
01:37:16.0378 2484 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:37:16.0394 2484 volmgr - ok
01:37:16.0441 2484 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:37:16.0456 2484 volmgrx - ok
01:37:16.0565 2484 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:37:16.0581 2484 volsnap - ok
01:37:16.0612 2484 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:37:16.0628 2484 vsmraid - ok
01:37:16.0690 2484 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
01:37:16.0768 2484 VSS - ok
01:37:16.0799 2484 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
01:37:16.0862 2484 W32Time - ok
01:37:16.0893 2484 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:37:17.0158 2484 WacomPen - ok
01:37:17.0174 2484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
01:37:17.0267 2484 Wanarp - ok
01:37:17.0345 2484 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:37:17.0377 2484 Wanarpv6 - ok
01:37:17.0423 2484 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:37:17.0579 2484 wcncsvc - ok
01:37:17.0751 2484 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:37:17.0767 2484 WcsPlugInService - ok
01:37:17.0798 2484 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
01:37:17.0813 2484 Wd - ok
01:37:17.0845 2484 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:37:17.0860 2484 Wdf01000 - ok
01:37:17.0938 2484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:37:17.0969 2484 WdiServiceHost - ok
01:37:18.0110 2484 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:37:18.0141 2484 WdiSystemHost - ok
01:37:18.0235 2484 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
01:37:18.0344 2484 WebClient - ok
01:37:18.0593 2484 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:37:18.0640 2484 Wecsvc - ok
01:37:18.0687 2484 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:37:18.0765 2484 wercplsupport - ok
01:37:18.0859 2484 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
01:37:18.0874 2484 WerSvc - ok
01:37:18.0890 2484 WinHttpAutoProxySvc - ok
01:37:18.0952 2484 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:37:18.0983 2484 Winmgmt - ok
01:37:19.0202 2484 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
01:37:19.0327 2484 WinRM - ok
01:37:19.0639 2484 [ 4CC0B0FCA1E6EF1D5E2A4DD6A32269F7 ] WINZIPSSDiskOptimizer C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
01:37:19.0670 2484 WINZIPSSDiskOptimizer - ok
01:37:19.0701 2484 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:37:19.0841 2484 Wlansvc - ok
01:37:20.0200 2484 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:37:20.0528 2484 wlidsvc - ok
01:37:20.0575 2484 wltrysvc - ok
01:37:20.0621 2484 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
01:37:20.0699 2484 WmiAcpi - ok
01:37:20.0918 2484 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:37:20.0949 2484 wmiApSrv - ok
01:37:21.0183 2484 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
01:37:21.0308 2484 WMPNetworkSvc - ok
01:37:21.0339 2484 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:37:21.0370 2484 WPCSvc - ok
01:37:21.0495 2484 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:37:21.0573 2484 WPDBusEnum - ok
01:37:21.0635 2484 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
01:37:21.0682 2484 WpdUsb - ok
01:37:21.0869 2484 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:37:21.0901 2484 WPFFontCache_v0400 - ok
01:37:21.0963 2484 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:37:21.0994 2484 ws2ifsl - ok
01:37:21.0994 2484 WSearch - ok
01:37:22.0150 2484 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:37:22.0181 2484 WUDFRd - ok
01:37:22.0306 2484 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:37:22.0369 2484 wudfsvc - ok
01:37:22.0821 2484 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
01:37:22.0837 2484 YahooAUService - ok
01:37:22.0837 2484 yksvc - ok
01:37:22.0899 2484 [ 1A51DF1A5C658D534ED980D18F7982DE ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
01:37:22.0961 2484 yukonwlh - ok
01:37:22.0961 2484 ================ Scan global ===============================
01:37:23.0055 2484 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
01:37:23.0180 2484 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
01:37:23.0195 2484 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
01:37:23.0258 2484 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
01:37:23.0258 2484 [Global] - ok
01:37:23.0258 2484 ================ Scan MBR ==================================
01:37:23.0273 2484 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
01:37:23.0960 2484 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:37:23.0960 2484 \Device\Harddisk0\DR0 - detected TDSS File System (1)
01:37:23.0960 2484 ================ Scan VBR ==================================
01:37:23.0991 2484 [ AA4E06478E79009610F297B7B978B815 ] \Device\Harddisk0\DR0\Partition1
01:37:23.0991 2484 \Device\Harddisk0\DR0\Partition1 - ok
01:37:24.0022 2484 [ 2F5CA4A860936E3BD9D462C071BE5DC6 ] \Device\Harddisk0\DR0\Partition2
01:37:24.0022 2484 \Device\Harddisk0\DR0\Partition2 - ok
01:37:24.0022 2484 ================ Scan active images ========================
01:37:24.0022 2484 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
01:37:24.0022 2484 C:\Windows\System32\drivers\crashdmp.sys - ok
01:37:24.0038 2484 [ 80C633722DA72E97F3F5B3B11325696D ] C:\Windows\System32\drivers\iaStor.sys
01:37:24.0038 2484 C:\Windows\System32\drivers\iaStor.sys - ok
01:37:24.0038 2484 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
01:37:24.0038 2484 C:\Windows\System32\drivers\tunnel.sys - ok
01:37:24.0053 2484 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
01:37:24.0053 2484 C:\Windows\System32\drivers\TUNMP.SYS - ok
01:37:24.0053 2484 [ 938753888EADDB29D4B3754139EC19E8 ] C:\Windows\System32\drivers\igdkmd32.sys
01:37:24.0053 2484 C:\Windows\System32\drivers\igdkmd32.sys - ok
01:37:24.0053 2484 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
01:37:24.0053 2484 C:\Windows\System32\drivers\dxgkrnl.sys - ok
01:37:24.0069 2484 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
01:37:24.0069 2484 C:\Windows\System32\drivers\watchdog.sys - ok
01:37:24.0069 2484 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
01:37:24.0069 2484 C:\Windows\System32\drivers\usbport.sys - ok
01:37:24.0085 2484 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
01:37:24.0085 2484 C:\Windows\System32\drivers\usbuhci.sys - ok
01:37:24.0085 2484 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
01:37:24.0085 2484 C:\Windows\System32\drivers\usbehci.sys - ok
01:37:24.0100 2484 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
01:37:24.0100 2484 C:\Windows\System32\drivers\hdaudbus.sys - ok
01:37:24.0100 2484 [ 41A70777E892C3DEA606758366566A77 ] C:\Windows\System32\drivers\BCMWL6.SYS
01:37:24.0100 2484 C:\Windows\System32\drivers\BCMWL6.SYS - ok
01:37:24.0116 2484 [ 1A51DF1A5C658D534ED980D18F7982DE ] C:\Windows\System32\drivers\yk60x86.sys
01:37:24.0116 2484 C:\Windows\System32\drivers\yk60x86.sys - ok
01:37:24.0116 2484 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys
01:37:24.0116 2484 C:\Windows\System32\drivers\i8042prt.sys - ok
01:37:24.0131 2484 [ 5BFFA4DB168D2D0F99C182732535E82F ] C:\Windows\System32\drivers\Apfiltr.sys
01:37:24.0131 2484 C:\Windows\System32\drivers\Apfiltr.sys - ok
01:37:24.0131 2484 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
01:37:24.0131 2484 C:\Windows\System32\drivers\kbdclass.sys - ok
01:37:24.0131 2484 [ 5BF6A1326A335C5298477754A506

 

[Fiery]

Hi,

You'll have to attach the TDSS log since it's toooooo long. Click New Reply and scroll down to the attachment section. Choose the TDSS file and click Add attachment.

 

[RJude]

Sorry about that! I also have another question. I bubble came up after I logged on saying:

Failed to connect to a windows service

Windows could not connect to the System Event Notification Service service. This problem prevents limited users from logging onto the system. As an administrative user, you can review the System Event Log for details about why the service didn't respond."

Do you know what this means?

 

[Fiery]

There are many system files that are damaged. We will try to repair them once we remove all the bad files first. Remember to backup your files!

Re-run TDSSKiller again. For \Device\Harddisk0\DR0 ( TDSS File System ) choose the delete option.

Next, Please download ComboFix from one of these locations:

<a title="External link" href="http://download.bleepingcomputer.com/sUBs/ComboFix.exe" rel="external"><>Link 1</></a>
<a title="External link" href="http://www.infospyware.net/antimalware/combofix/" rel="external"><>Link 2</></a>
<ul>
<li>Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See <a title="External link" href="http://www.bleepingcomputer.com/forums/topic114351.html" rel="external">HERE</a> for help</li>
<li>Double click on Combo-Fix & follow the prompts.</li>
</ul>

When finished, ComboFix will produce a log.

<>Note:</>
1. Do not mouseclick combofix's window while it's running. That may cause it to stall!
2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet.

 

[RJude]

What is the best way to back Thekla's up?

---

I meant them up. I am using my kindle to write and it does weird autocorrects. Sorry.

 

[Fiery]

copy the files to an external hard drive or USB would be the best method. Since I need to head off now to sleep, I will leave you with some additional instructions so you can do them until I get back from work tomorrow.

After backing up your files, Run TDSSKiller and Combofix. Afterwards,

Download and Run Windows Repair (all in one)

Download Windows Repair (all in one)

• Install the program then run it.
• Go to step 2 and allow it to run Disc check by clicking Do It
• Go to step 3 and allow it to run SFC
• Go to start repairs tab and click start.
• Allow the program to create a system restore and backup registries when prompted.
• Check the box next to "Restart/Shutdown system when finished" and ensure all the boxes are checked along with the default checks
• Then click Start.