Supreme Savings

Anthony33 · Mar 14, 2013

[attachment=3912]
[attachment=3913]
[attachment=3911]

Hi,

I am having problems removing Supreme Savings from my computer.

As per this blog post http://malwaretips.com/blogs/remove-supreme-savings/ , I have run AdwCleaner, Malwarebytes and HitmanPro. However, the chrome extension for Supreme Savings is still in my extension list (with no option to disable or remove to trash). So, as suggested in the comments section of the above blog post, I have run the avast! Browser Cleanup. This also has not worked. I have also uninstalled chrome and reinstalled it, but the extension is still there.

When it came to uninstalling Supreme Savings through the control panel, I received a message saying that the program cannot be found, and asked me if I should remove the program name from the list. I stupidly said yes, and now supreme savings is not on my programme list in the control panel. When I search for it on my system, I cannot find it either. I have read that it comes under a number of different names, including Excellent apps and 215 Apps, but neither of these names appear to be on my system either.

Thanks in advance for any help you can give me.

Anthony

Fiery · Mar 14, 2013

Hi and welcome to MalwareTips!

I'm Fiery and I would gladly assist you in removing the malware on your computer.

Before we start:

Note that the removal process is not immediate. Depending on the severity of your infection, it could take a long time.
Malware removal can be dangerous. I cannot guarantee the safety of your system as malware can be unpredictable. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system. Therefore, I would advise you to backup all your important files before we start.
Please be patient and stay with me until I give you the green lights and inform you that your PC is clean.
Some tools may be flagged by your antivirus as harmful. Rest assure that ALL the tools we use are safe, the detections are false positives.
The absence of symptoms does not mean your PC is fully disinfected.
If you are unclear about the instructions, please stop and ask. Following the steps in the order that I post them in is vital.
Lastly, if you have requested help on other sites, that will delay and hinder the removal process. Please only stick to one site.

<hr>
To begin, Goto Start > Control Panel > uninstall a program. Uninstall the follow:

Optimizer Pro

<hr>
Open OTL. Under custom scan/fixes, copy and paste the following:

tl
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{4263CB95-460E-4B30-8C87-34CC3714D6B8}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933
CHR - Extension: Supreme Savings = C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\crossrider
CHR - Extension: Supreme Savings = C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.

:Files
C:\ProgramData\BrowserProtect
C:\ProgramData\ism_0_llatsni.pad
C:\Users\Eileen Martin\AppData\Local\Updater19962
C:\Program Files (x86)\Supreme Savings
C:\Users\Eileen Martin\AppData\Local\Supreme Savings
ipconfig /flushdns /c

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.

<hr>

Please download Junkware Removal Tool to your desktop from here

Turn off your antivirus software now to avoid potential conflicts
Double-click to run the tool. For Windows Vista or 7 users, right-click the file and select Run as Administrator
The tool will open and start scanning your system
Please be patient as this can take a while to complete depending on your system's specifications
On completion, a log (JRT.txt) will be saved to your desktop and will automatically open
Post the contents of JRT.txt into your next reply

Anthony33 · Mar 14, 2013

Hi Fiery,

Thanks for your reply and thanks for helping me out, I really appreciate it.

I have deleted Optimizer Pro and ran the scans. Below are the 2 logs. Thanks.

OTL log:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4263CB95-460E-4B30-8C87-34CC3714D6B8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4263CB95-460E-4B30-8C87-34CC3714D6B8}\ not found.
File C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\crossrider not found.
C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\js\lib folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\js\api folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\js folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\icons\actions folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0\icons folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk\1.23.45_0 folder moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1392B8D2-5C05-419F-A8F6-B9F15A596612} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}\ not found.
========== FILES ==========
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully.
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content folder moved successfully.
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components folder moved successfully.
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully.
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
C:\ProgramData\BrowserProtect\2.6.1095.52 folder moved successfully.
C:\ProgramData\BrowserProtect folder moved successfully.
C:\ProgramData\ism_0_llatsni.pad moved successfully.
C:\Users\Eileen Martin\AppData\Local\Updater19962 folder moved successfully.
C:\Program Files (x86)\Supreme Savings folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Supreme Savings\Chrome folder moved successfully.
C:\Users\Eileen Martin\AppData\Local\Supreme Savings folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
c:\Users\Eileen Martin\Downloads\cmd.bat deleted successfully.
c:\Users\Eileen Martin\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Eileen Martin
->Temp folder emptied: 163123258 bytes
->Temporary Internet Files folder emptied: 14126629 bytes
->Java cache emptied: 3195251 bytes
->Google Chrome cache emptied: 28553777 bytes
->Flash cache emptied: 57020 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 653608818 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 823.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03142013_163728

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

---------------------------------------------------------------------------------------------

JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.1 (03.12.2013:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Eileen Martin on 14/03/2013 at 16:46:51.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}

~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"

~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/03/2013 at 17:03:38.96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fiery · Mar 14, 2013

You're welcome

Is the Supreme Saving thing gone? Please do a new OTL scan with the same setting as before. Then,

Run Eset NOD32 Online AntiVirus

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator

Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
Click Start
Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
- Scan unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click Scan
Wait for the scan to finish
Re-enable your antivirus software.
A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

Anthony33 · Mar 14, 2013

Yes, the Supreme Savings adware seems to have gone

I just wanted to double check. When you say to do a new OTL scan with the same settings as before, do you mean the settings on the initial scan I attached to my first message or the one where I copy and pasted the code into the custom/scan fixes?

Fiery · Mar 14, 2013

Yes, the settings are as below.

Click the Scan All Users checkbox.
Check the boxes beside LOP Check and Purity Check
Click on Run Scan at the top left hand corner.

Anthony33 · Mar 15, 2013

Below is the new OTL log. I ran the Eset scan but can't find the log anywhere on my system. I have searched "EsetOnlineScanner" in my computer and it brings back no search results.. any ideas?

OTL log:

OTL logfile created on: 15/03/2013 09:01:41 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Eileen Martin\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.96 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 47.78% Memory free
8.11 Gb Paging File | 5.65 Gb Available in Paging File | 69.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134.36 Gb Total Space | 35.83 Gb Free Space | 26.67% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 5.35 Gb Free Space | 36.52% Space Free | Partition Type: NTFS

Computer Name: ANTHONY | User Name: Eileen Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - c:\Users\Eileen Martin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\d186bf251ae14af93b3a943d472ee9f5\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e811d24215804856eac6eb0ed162331c\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (wltrysvc) -- C:\Windows\SysNative\WLTRYSVC.EXE ()
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dlcc_device) -- C:\Windows\SysNative\dlcccoms.exe ( )
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe (McAfee, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\DRIVERS\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (VCam_WDM) -- C:\Windows\SysNative\DRIVERS\VCam_WDM.sys (e2eSoft)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (OA009Vid) -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (OA009Ufd) -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys (Creative Technology Ltd.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\BCM42RLY.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (SCDEmu) -- C:\Windows\SysWow64\drivers\scdemu.sys (PowerISO Computing, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\

[2012/06/03 09:58:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eileen Martin\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2012/06/03 09:58:41 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\Eileen Martin\AppData\Roaming\mozilla\firefox\profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi
[2012/05/03 11:58:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

O1 HOSTS File: ([2006/09/18 21:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run File not found
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000..\Run: [SplitCam] C:\Program Files (x86)\SplitCam\SplitCam.exe File not found
O4 - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Eileen Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2500189218-2240394871-3610433392-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8C1207C-020D-4E7F-AE30-6D026A027B9F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Eileen Martin\Desktop\Neurosci\Scribe Project\saint-matthew-and-the-angel-1602(1).jpg
O24 - Desktop BackupWallPaper: C:\Users\Eileen Martin\Desktop\Neurosci\Scribe Project\saint-matthew-and-the-angel-1602(1).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 22:01:00 | 000,000,053 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{2445d1f2-fb34-11e1-ac69-0025644d8d6c}\Shell - "" = AutoRun
O33 - MountPoints2\{2445d1f2-fb34-11e1-ac69-0025644d8d6c}\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/14 16:46:42 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/03/14 16:46:32 | 000,000,000 | ---D | C] -- C:\JRT
[2013/03/14 16:37:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/14 16:10:22 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\Desktop\backup
[2013/03/14 12:25:34 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/03/14 12:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013/03/14 12:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/03/14 12:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/03/14 11:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013/03/14 11:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/13 03:05:00 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 03:05:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 03:04:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 03:04:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 03:04:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 03:04:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 03:04:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 03:04:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 03:04:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 03:04:53 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 03:04:53 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 03:04:52 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 03:04:49 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 03:04:48 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 03:04:48 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/12 20:09:16 | 016,486,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/03/07 19:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2013/03/07 13:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/03/07 13:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2013/03/03 21:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\DomaIQ Uninstaller
[2013/03/03 21:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashPlayer
[2013/03/03 21:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tuguu SL
[2013/03/03 21:46:57 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\AppData\Roaming\player
[2013/03/03 21:41:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/03/03 21:41:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/03/01 20:21:20 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\AppData\Roaming\TuxPaint
[2013/02/22 15:29:01 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\Desktop\Auditory Rubber Hand
[2013/02/18 15:56:51 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\Desktop\PhD
[2013/02/18 10:42:59 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\VirtualBox VMs
[2013/02/18 10:42:20 | 000,000,000 | ---D | C] -- C:\Users\Eileen Martin\.VirtualBox
[2013/02/18 10:41:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013/02/18 10:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013/02/14 10:55:48 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/02/14 10:55:48 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/02/14 10:55:46 | 004,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/02/22 12:06:11 | 002,097,152 | ---- | C] (Dell, Inc. ) -- C:\Users\Eileen Martin\AppData\Roaming\DataSafeDotNet.exe

========== Files - Modified Within 30 Days ==========

[2013/03/15 09:00:06 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/15 09:00:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/15 08:59:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/15 08:59:51 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 08:59:51 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 16:42:21 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/03/14 16:42:05 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/14 16:41:51 | 4253,405,184 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/14 16:14:04 | 000,645,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/14 16:14:03 | 000,756,378 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/14 16:14:03 | 000,123,804 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/14 13:49:03 | 000,000,512 | ---- | M] () -- C:\Users\Eileen Martin\Desktop\MBR.dat
[2013/03/14 12:25:34 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/03/14 12:15:18 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/03/14 11:55:32 | 000,002,051 | ---- | M] () -- C:\Users\Eileen Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/14 11:51:53 | 000,001,762 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/03/14 11:01:15 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/12 20:09:26 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/12 20:09:26 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/12 20:09:16 | 016,486,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/03/07 13:31:15 | 000,002,003 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/03/07 11:00:24 | 000,092,160 | ---- | M] () -- C:\Users\Eileen Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/05 03:16:31 | 000,743,178 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/26 21:50:03 | 000,000,680 | ---- | M] () -- C:\Users\Eileen Martin\AppData\Local\d3d9caps.dat
[2013/02/18 10:41:08 | 000,001,009 | ---- | M] () -- C:\Users\Eileen Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013/02/15 03:39:35 | 004,835,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2013/03/14 13:49:03 | 000,000,512 | ---- | C] () -- C:\Users\Eileen Martin\Desktop\MBR.dat
[2013/03/14 12:15:18 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/03/14 11:51:34 | 000,001,762 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/03/14 11:39:20 | 000,002,051 | ---- | C] () -- C:\Users\Eileen Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/14 11:36:58 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/14 11:36:58 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/07 13:31:15 | 000,002,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/03/03 21:45:29 | 000,743,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/18 10:41:08 | 000,001,009 | ---- | C] () -- C:\Users\Eileen Martin\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2013/01/03 22:25:30 | 000,087,080 | ---- | C] () -- C:\Users\Eileen Martin\pip.py
[2012/10/17 22:54:42 | 000,000,218 | ---- | C] () -- C:\Users\Eileen Martin\.recently-used.xbel
[2012/04/27 09:22:50 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2012/04/27 09:22:50 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2012/01/15 20:56:10 | 000,000,680 | ---- | C] () -- C:\Users\Eileen Martin\AppData\Local\d3d9caps.dat
[2011/11/22 15:04:54 | 000,000,132 | ---- | C] () -- C:\Users\Eileen Martin\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2009/09/13 20:05:00 | 000,092,160 | ---- | C] () -- C:\Users\Eileen Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/13 10:07:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2006/11/02 15:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-2500189218-2240394871-3610433392-1000\$c791174ae567f19e9677adf66795fa27\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-2500189218-2240394871-3610433392-1000\$c791174ae567f19e9677adf66795fa27\n.

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 17:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 07:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/21 02:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/17 22:54:42 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\.purple
[2013/03/07 20:45:48 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\Audacity
[2011/09/18 14:29:38 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\AVG
[2011/11/23 11:50:18 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\AVG2012
[2012/07/16 14:37:19 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\BrainMap
[2011/11/11 17:27:17 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/10/17 11:35:29 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\gtk-2.0
[2012/09/04 07:46:34 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\NetBeans
[2012/11/15 10:02:54 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\Notepad++
[2013/03/03 21:46:58 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\player
[2012/11/06 18:52:57 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\Spotify
[2011/11/18 18:57:03 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/03/01 20:27:40 | 000,000,000 | ---D | M] -- C:\Users\Eileen Martin\AppData\Roaming\TuxPaint

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

Anthony33 · Mar 15, 2013

Further to my reply above, I have found the ESET folder (it was in my programme files(x86) folder), but there is no log.txt file anywhere in it.

Fiery · Mar 15, 2013

Open OTL. Under custom scan/fixes, copy and paste the following:

:Files
C:\$Recycle.Bin\S-1-5-21-2500189218-2240394871-3610433392-1000\$c791174ae567f19e9677adf66795fa27\n

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Post the log afterwards.

Download TDSSkiller from here

Double-Click on TDSSKiller.exe to run the application
When TDSSkiller opens, click change parameters , check the box next to Loaded modules . A reboot will be required.
After reboot, TDSSKiller will run again. Click Change parameters again and make sure everything is checked.
click Start scan .
If a suspicious object is detected, the default action will be Skip, click on Continue. (If it saids TDL4/TDSS file system, select delete)
If malicious objects are found, ensure Cure (default) is selected, then click Continue and Reboot now to finish the cleaning process.

Post the log after (usually C:\ folder in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt

Anthony33 · Mar 15, 2013

I'm going to be really busy at work over the next couple of days so I probably won't be able to do these new scans til sunday evening.

Thanks for your continued help.

Fiery · Mar 16, 2013

Anthony33 · Mar 17, 2013

Hi,

I've run the new OTL scan and TDSSKiller. There were two logs for TDSSKiller so i've pasted them both below.

OTL log:

All processes killed
========== FILES ==========
File\Folder C:\$Recycle.Bin\S-1-5-21-2500189218-2240394871-3610433392-1000\$c791174ae567f19e9677adf66795fa27\n not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Eileen Martin
->Temp folder emptied: 265925 bytes
->Temporary Internet Files folder emptied: 786432 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 122257460 bytes
->Flash cache emptied: 523 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3914 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 118.00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 03172013_183958

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

-----------------------------------------------------------------------------------
TDSSKiller log 1

18:47:40.0273 6104 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:47:40.0401 6104 ============================================================
18:47:40.0402 6104 Current date / time: 2013/03/17 18:47:40.0401
18:47:40.0402 6104 SystemInfo:
18:47:40.0402 6104
18:47:40.0402 6104 OS Version: 6.0.6002 ServicePack: 2.0
18:47:40.0402 6104 Product type: Workstation
18:47:40.0402 6104 ComputerName: ANTHONY
18:47:40.0402 6104 UserName: Eileen Martin
18:47:40.0402 6104 Windows directory: C:\Windows
18:47:40.0402 6104 System windows directory: C:\Windows
18:47:40.0402 6104 Running under WOW64
18:47:40.0402 6104 Processor architecture: Intel x64
18:47:40.0402 6104 Number of processors: 2
18:47:40.0402 6104 Page size: 0x1000
18:47:40.0402 6104 Boot type: Normal boot
18:47:40.0402 6104 ============================================================
18:47:41.0410 6104 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:47:41.0425 6104 ============================================================
18:47:41.0426 6104 \Device\Harddisk0\DR0:
18:47:41.0427 6104 MBR partitions:
18:47:41.0427 6104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:47:41.0427 6104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
18:47:41.0427 6104 ============================================================
18:47:41.0504 6104 C: <-> \Device\Harddisk0\DR0\Partition2
18:47:41.0574 6104 E: <-> \Device\Harddisk0\DR0\Partition1
18:47:41.0574 6104 ============================================================
18:47:41.0574 6104 Initialize success
18:47:41.0574 6104 ============================================================
18:48:02.0184 6100 Deinitialize success

-------------------------------------------------------------------------------------
TDSSKiller log number 2:

18:50:21.0440 3836 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:50:21.0970 3836 ============================================================
18:50:21.0970 3836 Current date / time: 2013/03/17 18:50:21.0970
18:50:21.0970 3836 SystemInfo:
18:50:21.0970 3836
18:50:21.0970 3836 OS Version: 6.0.6002 ServicePack: 2.0
18:50:21.0970 3836 Product type: Workstation
18:50:21.0970 3836 ComputerName: ANTHONY
18:50:21.0970 3836 UserName: Eileen Martin
18:50:21.0970 3836 Windows directory: C:\Windows
18:50:21.0970 3836 System windows directory: C:\Windows
18:50:21.0970 3836 Running under WOW64
18:50:21.0970 3836 Processor architecture: Intel x64
18:50:21.0970 3836 Number of processors: 2
18:50:21.0970 3836 Page size: 0x1000
18:50:21.0970 3836 Boot type: Normal boot
18:50:21.0970 3836 ============================================================
18:50:32.0267 3836 BG loaded
18:50:32.0844 3836 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:50:32.0891 3836 ============================================================
18:50:32.0891 3836 \Device\Harddisk0\DR0:
18:50:32.0907 3836 MBR partitions:
18:50:32.0907 3836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:50:32.0907 3836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
18:50:32.0907 3836 ============================================================
18:50:33.0312 3836 C: <-> \Device\Harddisk0\DR0\Partition2
18:50:33.0421 3836 E: <-> \Device\Harddisk0\DR0\Partition1
18:50:33.0421 3836 ============================================================
18:50:33.0421 3836 Initialize success
18:50:33.0421 3836 ============================================================
18:52:48.0467 5076 ============================================================
18:52:48.0467 5076 Scan started
18:52:48.0467 5076 Mode: Manual; SigCheck; TDLFS;
18:52:48.0467 5076 ============================================================
18:52:49.0605 5076 ================ Scan system memory ========================
18:52:49.0605 5076 System memory - ok
18:52:49.0605 5076 ================ Scan services =============================
18:52:49.0793 5076 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:52:49.0995 5076 ACPI - ok
18:52:50.0229 5076 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:52:50.0245 5076 AdobeARMservice - ok
18:52:50.0510 5076 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:52:50.0604 5076 AdobeFlashPlayerUpdateSvc - ok
18:52:50.0682 5076 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:52:50.0791 5076 adp94xx - ok
18:52:50.0947 5076 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:52:51.0119 5076 adpahci - ok
18:52:51.0134 5076 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:52:51.0150 5076 adpu160m - ok
18:52:51.0212 5076 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:52:51.0228 5076 adpu320 - ok
18:52:51.0290 5076 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:52:51.0384 5076 AeLookupSvc - ok
18:52:51.0711 5076 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
18:52:51.0743 5076 AESTFilters - ok
18:52:51.0821 5076 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
18:52:51.0899 5076 AFD - ok
18:52:52.0023 5076 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:52:52.0055 5076 agp440 - ok
18:52:52.0086 5076 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:52:52.0101 5076 aic78xx - ok
18:52:52.0148 5076 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
18:52:52.0226 5076 ALG - ok
18:52:52.0289 5076 [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide C:\Windows\system32\drivers\aliide.sys
18:52:52.0304 5076 aliide - ok
18:52:52.0320 5076 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
18:52:52.0335 5076 amdide - ok
18:52:52.0382 5076 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:52:52.0445 5076 AmdK8 - ok
18:52:52.0491 5076 [ 1412E9A88FE1F7E35CE6058A2EF03664 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:52:52.0523 5076 ApfiltrService - ok
18:52:52.0601 5076 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
18:52:52.0632 5076 Appinfo - ok
18:52:52.0679 5076 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:52:52.0694 5076 Apple Mobile Device - ok
18:52:52.0772 5076 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
18:52:52.0788 5076 arc - ok
18:52:52.0850 5076 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:52:52.0866 5076 arcsas - ok
18:52:53.0115 5076 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:52:53.0193 5076 aspnet_state - ok
18:52:53.0271 5076 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:52:53.0287 5076 aswFsBlk - ok
18:52:53.0334 5076 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:52:53.0349 5076 aswMonFlt - ok
18:52:53.0396 5076 [ A4096B90F21BBD2973AFAB8EEE01CD25 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
18:52:53.0412 5076 aswRdr - ok
18:52:53.0459 5076 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:52:53.0490 5076 aswSnx - ok
18:52:53.0818 5076 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:52:53.0850 5076 aswSP - ok
18:52:53.0928 5076 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:52:53.0943 5076 aswTdi - ok
18:52:53.0990 5076 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:52:54.0052 5076 AsyncMac - ok
18:52:54.0115 5076 [ F988BB0690CD660318037908E9B8DBF7 ] atapi C:\Windows\system32\drivers\atapi.sys
18:52:54.0130 5076 atapi - ok
18:52:54.0255 5076 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:52:54.0380 5076 AudioEndpointBuilder - ok
18:52:54.0396 5076 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:52:54.0489 5076 AudioSrv - ok
18:52:54.0723 5076 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:52:54.0739 5076 avast! Antivirus - ok
18:52:54.0786 5076 [ A7C9995BA861FCE78B2CEAAE61D39FD7 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
18:52:54.0801 5076 BCM42RLY - ok
18:52:54.0879 5076 [ 912012B708A7D8E8CE2EE55AFB663DFF ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:52:55.0020 5076 BCM43XX - ok
18:52:55.0160 5076 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
18:52:55.0238 5076 BFE - ok
18:52:55.0472 5076 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
18:52:55.0644 5076 BITS - ok
18:52:55.0659 5076 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:52:55.0737 5076 blbdrive - ok
18:52:56.0127 5076 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:52:56.0143 5076 Bonjour Service - ok
18:52:56.0252 5076 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:52:56.0268 5076 bowser - ok
18:52:56.0314 5076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:52:56.0377 5076 BrFiltLo - ok
18:52:56.0424 5076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:52:56.0470 5076 BrFiltUp - ok
18:52:56.0502 5076 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
18:52:56.0580 5076 Browser - ok
18:52:56.0626 5076 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
18:52:56.0704 5076 Brserid - ok
18:52:56.0720 5076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:52:56.0798 5076 BrSerWdm - ok
18:52:56.0845 5076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:52:56.0923 5076 BrUsbMdm - ok
18:52:56.0938 5076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:52:57.0032 5076 BrUsbSer - ok
18:52:57.0094 5076 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:52:57.0188 5076 BTHMODEM - ok
18:52:57.0219 5076 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:52:57.0282 5076 cdfs - ok
18:52:57.0344 5076 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:52:57.0391 5076 cdrom - ok
18:52:57.0469 5076 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
18:52:57.0547 5076 CertPropSvc - ok
18:52:57.0578 5076 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
18:52:57.0672 5076 circlass - ok
18:52:57.0782 5076 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
18:52:57.0844 5076 CLFS - ok
18:52:57.0938 5076 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:57.0953 5076 clr_optimization_v2.0.50727_32 - ok
18:52:58.0000 5076 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:52:58.0016 5076 clr_optimization_v2.0.50727_64 - ok
18:52:58.0125 5076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:52:58.0265 5076 clr_optimization_v4.0.30319_32 - ok
18:52:58.0297 5076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:52:58.0328 5076 clr_optimization_v4.0.30319_64 - ok
18:52:58.0390 5076 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:52:58.0453 5076 CmBatt - ok
18:52:58.0562 5076 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:52:58.0577 5076 cmdide - ok
18:52:58.0640 5076 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:52:58.0655 5076 Compbatt - ok
18:52:58.0671 5076 COMSysApp - ok
18:52:58.0702 5076 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:52:58.0718 5076 crcdisk - ok
18:52:58.0766 5076 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:52:58.0828 5076 CryptSvc - ok
18:52:58.0875 5076 [ FC1F55BA03832FBB0DAF965F746C47BB ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:52:58.0906 5076 CtClsFlt - ok
18:52:59.0046 5076 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:52:59.0187 5076 DcomLaunch - ok
18:52:59.0280 5076 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:52:59.0327 5076 DfsC - ok
18:52:59.0561 5076 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
18:52:59.0874 5076 DFSR - ok
18:52:59.0968 5076 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:53:00.0015 5076 Dhcp - ok
18:53:00.0139 5076 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
18:53:00.0155 5076 disk - ok
18:53:00.0186 5076 dlcc_device - ok
18:53:00.0249 5076 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:53:00.0295 5076 Dnscache - ok
18:53:00.0373 5076 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
18:53:00.0420 5076 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
18:53:00.0420 5076 DockLoginService - detected UnsignedFile.Multi.Generic (1)
18:53:00.0451 5076 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
18:53:00.0529 5076 dot3svc - ok
18:53:00.0561 5076 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
18:53:00.0623 5076 DPS - ok
18:53:00.0685 5076 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:53:00.0748 5076 drmkaud - ok
18:53:01.0092 5076 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:53:01.0139 5076 DXGKrnl - ok
18:53:01.0264 5076 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
18:53:01.0310 5076 e1express - ok
18:53:01.0357 5076 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
18:53:01.0388 5076 E1G60 - ok
18:53:01.0466 5076 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
18:53:01.0513 5076 EapHost - ok
18:53:01.0576 5076 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
18:53:01.0591 5076 Ecache - ok
18:53:01.0700 5076 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:53:01.0732 5076 ehRecvr - ok
18:53:01.0778 5076 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
18:53:01.0779 5076 ehSched - ok
18:53:01.0826 5076 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
18:53:01.0857 5076 ehstart - ok
18:53:01.0920 5076 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
18:53:01.0935 5076 ElbyCDIO - ok
18:53:02.0060 5076 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:53:02.0154 5076 elxstor - ok
18:53:02.0247 5076 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:53:02.0419 5076 EMDMgmt - ok
18:53:02.0466 5076 [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:53:02.0528 5076 ErrDev - ok
18:53:02.0700 5076 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
18:53:02.0747 5076 EventSystem - ok
18:53:02.0793 5076 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
18:53:02.0872 5076 exfat - ok
18:53:02.0919 5076 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:53:02.0982 5076 fastfat - ok
18:53:03.0028 5076 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:53:03.0091 5076 fdc - ok
18:53:03.0153 5076 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
18:53:03.0200 5076 fdPHost - ok
18:53:03.0231 5076 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
18:53:03.0325 5076 FDResPub - ok
18:53:03.0356 5076 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:53:03.0372 5076 FileInfo - ok
18:53:03.0403 5076 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:53:03.0450 5076 Filetrace - ok
18:53:03.0465 5076 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:53:03.0512 5076 flpydisk - ok
18:53:03.0606 5076 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:53:03.0637 5076 FltMgr - ok
18:53:03.0762 5076 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
18:53:03.0809 5076 FontCache - ok
18:53:03.0903 5076 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:53:03.0919 5076 FontCache3.0.0.0 - ok
18:53:03.0950 5076 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:53:03.0981 5076 Fs_Rec - ok
18:53:04.0012 5076 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:53:04.0043 5076 gagp30kx - ok
18:53:04.0121 5076 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:53:04.0137 5076 GEARAspiWDM - ok
18:53:04.0340 5076 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
18:53:04.0433 5076 gpsvc - ok
18:53:04.0574 5076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:53:04.0589 5076 gupdate - ok
18:53:04.0621 5076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:53:04.0621 5076 gupdatem - ok
18:53:04.0887 5076 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:53:05.0027 5076 HDAudBus - ok
18:53:05.0058 5076 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:53:05.0136 5076 HidBth - ok
18:53:05.0152 5076 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:53:05.0246 5076 HidIr - ok
18:53:05.0324 5076 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
18:53:05.0370 5076 hidserv - ok
18:53:05.0433 5076 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:53:05.0480 5076 HidUsb - ok
18:53:05.0542 5076 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
18:53:05.0620 5076 hkmsvc - ok
18:53:05.0667 5076 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:53:05.0682 5076 HpCISSs - ok
18:53:05.0902 5076 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:53:05.0949 5076 HTTP - ok
18:53:05.0980 5076 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:53:05.0995 5076 i2omp - ok
18:53:06.0073 5076 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:53:06.0136 5076 i8042prt - ok
18:53:06.0323 5076 [ F148C2E931BFC20397EDC0A7B4F8E22B ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:53:06.0339 5076 IAANTMON - ok
18:53:06.0510 5076 [ 0B6C9C8F2E00E8B61C8379E62A9F921B ] iaStor C:\Windows\system32\drivers\iastor.sys
18:53:06.0541 5076 iaStor - ok
18:53:06.0588 5076 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:53:06.0619 5076 iaStorV - ok
18:53:06.0775 5076 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:53:07.0151 5076 idsvc - ok
18:53:08.0352 5076 [ F7AB8285BBECFAA5ED4050CCB89E073D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:53:08.0726 5076 igfx - ok
18:53:08.0773 5076 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:53:08.0789 5076 iirsp - ok
18:53:08.0929 5076 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:53:08.0945 5076 IJPLMSVC - ok
18:53:09.0116 5076 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
18:53:09.0179 5076 IKEEXT - ok
18:53:09.0226 5076 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
18:53:09.0241 5076 intelide - ok
18:53:09.0288 5076 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:53:09.0382 5076 intelppm - ok
18:53:09.0475 5076 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:53:09.0522 5076 IPBusEnum - ok
18:53:09.0600 5076 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:09.0647 5076 IpFilterDriver - ok
18:53:09.0787 5076 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:53:09.0834 5076 iphlpsvc - ok
18:53:09.0850 5076 IpInIp - ok
18:53:09.0896 5076 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:53:09.0959 5076 IPMIDRV - ok
18:53:10.0021 5076 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:53:10.0130 5076 IPNAT - ok
18:53:10.0349 5076 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:53:10.0380 5076 iPod Service - ok
18:53:10.0458 5076 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:53:10.0520 5076 IRENUM - ok
18:53:10.0552 5076 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:53:10.0567 5076 isapnp - ok
18:53:10.0645 5076 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:53:10.0661 5076 iScsiPrt - ok
18:53:10.0692 5076 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:53:10.0708 5076 iteatapi - ok
18:53:10.0739 5076 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:53:10.0770 5076 iteraid - ok
18:53:10.0801 5076 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:53:10.0817 5076 kbdclass - ok
18:53:10.0895 5076 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:53:10.0957 5076 kbdhid - ok
18:53:10.0988 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
18:53:11.0051 5076 KeyIso - ok
18:53:11.0285 5076 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:53:11.0332 5076 KSecDD - ok
18:53:11.0363 5076 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:53:11.0425 5076 ksthunk - ok
18:53:11.0529 5076 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
18:53:11.0613 5076 KtmRm - ok
18:53:11.0689 5076 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:53:11.0760 5076 LanmanServer - ok
18:53:11.0813 5076 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:53:11.0859 5076 LanmanWorkstation - ok
18:53:11.0933 5076 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:53:11.0978 5076 lltdio - ok
18:53:12.0080 5076 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:53:12.0161 5076 lltdsvc - ok
18:53:12.0201 5076 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:53:12.0246 5076 lmhosts - ok
18:53:12.0423 5076 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:53:12.0446 5076 LSI_FC - ok
18:53:12.0496 5076 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:53:12.0524 5076 LSI_SAS - ok
18:53:12.0637 5076 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:53:12.0663 5076 LSI_SCSI - ok
18:53:12.0818 5076 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
18:53:12.0895 5076 luafv - ok
18:53:13.0051 5076 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:53:13.0065 5076 MBAMProtector - ok
18:53:13.0278 5076 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:53:13.0299 5076 MBAMScheduler - ok
18:53:13.0530 5076 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:13.0665 5076 MBAMService - ok
18:53:13.0826 5076 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
18:53:13.0846 5076 McComponentHostService - ok
18:53:13.0904 5076 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
18:53:13.0926 5076 mcdbus - ok
18:53:14.0010 5076 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:53:14.0155 5076 Mcx2Svc - ok
18:53:14.0257 5076 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
18:53:14.0277 5076 megasas - ok
18:53:14.0343 5076 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:53:14.0411 5076 MegaSR - ok
18:53:14.0462 5076 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
18:53:14.0546 5076 MMCSS - ok
18:53:14.0574 5076 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
18:53:14.0631 5076 Modem - ok
18:53:14.0703 5076 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:53:14.0754 5076 monitor - ok
18:53:14.0794 5076 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:53:14.0811 5076 mouclass - ok
18:53:14.0865 5076 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:53:14.0969 5076 mouhid - ok
18:53:15.0000 5076 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:53:15.0016 5076 MountMgr - ok
18:53:15.0047 5076 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
18:53:15.0063 5076 mpio - ok
18:53:15.0094 5076 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:53:15.0172 5076 mpsdrv - ok
18:53:15.0281 5076 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
18:53:15.0328 5076 MpsSvc - ok
18:53:15.0390 5076 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:53:15.0406 5076 Mraid35x - ok
18:53:15.0468 5076 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:53:15.0500 5076 MRxDAV - ok
18:53:15.0656 5076 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:15.0718 5076 mrxsmb - ok
18:53:15.0780 5076 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:15.0812 5076 mrxsmb10 - ok
18:53:15.0843 5076 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:15.0874 5076 mrxsmb20 - ok
18:53:15.0921 5076 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
18:53:15.0952 5076 msahci - ok
18:53:16.0092 5076 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:53:16.0108 5076 msdsm - ok
18:53:16.0139 5076 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
18:53:16.0202 5076 MSDTC - ok
18:53:16.0295 5076 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:53:16.0358 5076 Msfs - ok
18:53:16.0420 5076 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:53:16.0436 5076 msisadrv - ok
18:53:16.0514 5076 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:53:16.0576 5076 MSiSCSI - ok
18:53:16.0592 5076 msiserver - ok
18:53:16.0638 5076 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:53:16.0701 5076 MSKSSRV - ok
18:53:16.0763 5076 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:53:16.0826 5076 MSPCLOCK - ok
18:53:16.0888 5076 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:53:16.0935 5076 MSPQM - ok
18:53:17.0044 5076 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:53:17.0075 5076 MsRPC - ok
18:53:17.0122 5076 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:53:17.0138 5076 mssmbios - ok
18:53:17.0200 5076 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:53:17.0309 5076 MSTEE - ok
18:53:17.0356 5076 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
18:53:17.0372 5076 Mup - ok
18:53:17.0481 5076 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
18:53:17.0574 5076 napagent - ok
18:53:17.0652 5076 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:53:17.0699 5076 NativeWifiP - ok
18:53:17.0793 5076 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:53:17.0855 5076 NDIS - ok
18:53:17.0886 5076 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:53:17.0918 5076 NdisTapi - ok
18:53:17.0981 5076 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:53:18.0059 5076 Ndisuio - ok
18:53:18.0137 5076 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:53:18.0184 5076 NdisWan - ok
18:53:18.0231 5076 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:53:18.0262 5076 NDProxy - ok
18:53:18.0324 5076 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:53:18.0387 5076 NetBIOS - ok
18:53:18.0449 5076 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:53:18.0480 5076 netbt - ok
18:53:18.0543 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
18:53:18.0558 5076 Netlogon - ok
18:53:18.0652 5076 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
18:53:18.0870 5076 Netman - ok
18:53:18.0933 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:18.0964 5076 NetMsmqActivator - ok
18:53:18.0979 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:18.0995 5076 NetPipeActivator - ok
18:53:19.0182 5076 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
18:53:19.0229 5076 netprofm - ok
18:53:19.0323 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:19.0338 5076 NetTcpActivator - ok
18:53:19.0354 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:19.0369 5076 NetTcpPortSharing - ok
18:53:19.0447 5076 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:53:19.0463 5076 nfrd960 - ok
18:53:19.0510 5076 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
18:53:19.0572 5076 NlaSvc - ok
18:53:19.0759 5076 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:53:19.0822 5076 Npfs - ok
18:53:19.0900 5076 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
18:53:19.0947 5076 nsi - ok
18:53:20.0056 5076 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:53:20.0196 5076 nsiproxy - ok
18:53:20.0446 5076 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:53:21.0148 5076 Ntfs - ok
18:53:21.0179 5076 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
18:53:21.0257 5076 Null - ok
18:53:21.0304 5076 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:53:21.0319 5076 nvraid - ok
18:53:21.0366 5076 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:53:21.0382 5076 nvstor - ok
18:53:21.0429 5076 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:53:21.0460 5076 nv_agp - ok
18:53:21.0460 5076 NwlnkFlt - ok
18:53:21.0475 5076 NwlnkFwd - ok
18:53:21.0522 5076 [ 404B0121AE1A75D9A63B6934EB07C258 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
18:53:21.0553 5076 OA009Ufd - ok
18:53:21.0585 5076 [ D460884EB05B90D06B35A1DBC31928DF ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
18:53:21.0616 5076 OA009Vid - ok
18:53:21.0834 5076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:53:21.0959 5076 odserv - ok
18:53:22.0037 5076 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:53:22.0115 5076 ohci1394 - ok
18:53:22.0162 5076 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:53:22.0177 5076 ose - ok
18:53:22.0255 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:53:22.0318 5076 p2pimsvc - ok
18:53:22.0505 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
18:53:22.0536 5076 p2psvc - ok
18:53:22.0645 5076 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
18:53:22.0739 5076 Parport - ok
18:53:22.0801 5076 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:53:22.0817 5076 partmgr - ok
18:53:22.0848 5076 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
18:53:22.0879 5076 PcaSvc - ok
18:53:22.0942 5076 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
18:53:22.0957 5076 pci - ok
18:53:22.0989 5076 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
18:53:23.0020 5076 pciide - ok
18:53:23.0035 5076 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:53:23.0067 5076 pcmcia - ok
18:53:23.0207 5076 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:53:23.0301 5076 PEAUTH - ok
18:53:23.0675 5076 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:53:23.0722 5076 PerfHost - ok
18:53:23.0925 5076 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
18:53:23.0987 5076 pla - ok
18:53:24.0049 5076 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:53:24.0096 5076 PlugPlay - ok
18:53:24.0205 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:53:24.0268 5076 PNRPAutoReg - ok
18:53:24.0393 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:53:24.0424 5076 PNRPsvc - ok
18:53:24.0471 5076 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:53:24.0517 5076 PolicyAgent - ok
18:53:24.0580 5076 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:53:24.0627 5076 PptpMiniport - ok
18:53:24.0705 5076 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
18:53:24.0751 5076 Processor - ok
18:53:24.0798 5076 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
18:53:24.0845 5076 ProfSvc - ok
18:53:24.0876 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:53:24.0907 5076 ProtectedStorage - ok
18:53:24.0970 5076 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:53:25.0001 5076 PSched - ok
18:53:25.0079 5076 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:53:25.0095 5076 PxHlpa64 - ok
18:53:25.0313 5076 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:53:25.0391 5076 ql2300 - ok
18:53:25.0422 5076 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:53:25.0453 5076 ql40xx - ok
18:53:25.0500 5076 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
18:53:25.0516 5076 QWAVE - ok
18:53:25.0578 5076 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:53:25.0641 5076 QWAVEdrv - ok
18:53:25.0797 5076 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:26.0109 5076 R300 - ok
18:53:26.0124 5076 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:53:26.0171 5076 RasAcd - ok
18:53:26.0202 5076 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
18:53:26.0265 5076 RasAuto - ok
18:53:26.0311 5076 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:53:26.0343 5076 Rasl2tp - ok
18:53:26.0405 5076 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
18:53:26.0483 5076 RasMan - ok
18:53:26.0545 5076 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:53:26.0592 5076 RasPppoe - ok
18:53:26.0655 5076 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:53:26.0670 5076 RasSstp - ok
18:53:26.0920 5076 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:53:27.0060 5076 rdbss - ok
18:53:27.0138 5076 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:53:27.0169 5076 RDPCDD - ok
18:53:27.0247 5076 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:53:27.0435 5076 rdpdr - ok
18:53:27.0497 5076 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:53:27.0559 5076 RDPENCDD - ok
18:53:27.0637 5076 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:53:27.0700 5076 RDPWD - ok
18:53:27.0809 5076 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:53:27.0856 5076 RemoteAccess - ok
18:53:27.0934 5076 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:53:27.0965 5076 RemoteRegistry - ok
18:53:27.0996 5076 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
18:53:28.0043 5076 RpcLocator - ok
18:53:28.0246 5076 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
18:53:28.0293 5076 RpcSs - ok
18:53:28.0355 5076 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:53:28.0402 5076 rspndr - ok
18:53:28.0449 5076 [ 39E74E264338934DBF11F8DB79A3E116 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
18:53:28.0495 5076 RTSTOR - ok
18:53:28.0527 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
18:53:28.0542 5076 SamSs - ok
18:53:28.0573 5076 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:53:28.0589 5076 sbp2port - ok
18:53:28.0745 5076 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:53:28.0807 5076 SCardSvr - ok
18:53:28.0854 5076 SCDEmu - ok
18:53:29.0041 5076 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
18:53:29.0119 5076 Schedule - ok
18:53:29.0151 5076 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:53:29.0182 5076 SCPolicySvc - ok
18:53:29.0244 5076 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:53:29.0291 5076 SDRSVC - ok
18:53:29.0353 5076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:53:29.0463 5076 secdrv - ok
18:53:29.0556 5076 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
18:53:29.0603 5076 seclogon - ok
18:53:29.0634 5076 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
18:53:29.0697 5076 SENS - ok
18:53:29.0728 5076 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:53:29.0868 5076 Serenum - ok
18:53:29.0931 5076 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
18:53:30.0024 5076 Serial - ok
18:53:30.0071 5076 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:53:30.0165 5076 sermouse - ok
18:53:30.0227 5076 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
18:53:30.0321 5076 SessionEnv - ok
18:53:30.0367 5076 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:53:30.0445 5076 sffdisk - ok
18:53:30.0492 5076 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:53:30.0539 5076 sffp_mmc - ok
18:53:30.0570 5076 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:53:30.0664 5076 sffp_sd - ok
18:53:30.0695 5076 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:53:30.0789 5076 sfloppy - ok
18:53:31.0023 5076 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:53:31.0085 5076 SftService - ok
18:53:31.0257 5076 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:53:31.0335 5076 SharedAccess - ok
18:53:31.0428 5076 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:53:31.0459 5076 ShellHWDetection - ok
18:53:31.0506 5076 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:53:31.0537 5076 SiSRaid2 - ok
18:53:31.0647 5076 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:53:31.0678 5076 SiSRaid4 - ok
18:53:31.0849 5076 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:53:31.0865 5076 SkypeUpdate - ok
18:53:32.0161 5076 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
18:53:32.0395 5076 slsvc - ok
18:53:32.0489 5076 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:53:32.0536 5076 SLUINotify - ok
18:53:32.0583 5076 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:53:32.0614 5076 Smb - ok
18:53:32.0676 5076 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:53:32.0723 5076 SNMPTRAP - ok
18:53:32.0801 5076 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
18:53:32.0817 5076 spldr - ok
18:53:32.0863 5076 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
18:53:32.0895 5076 Spooler - ok
18:53:32.0941 5076 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
18:53:32.0957 5076 sprtsvc_DellSupportCenter - ok
18:53:33.0035 5076 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
18:53:33.0066 5076 srv - ok
18:53:33.0144 5076 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:53:33.0175 5076 srv2 - ok
18:53:33.0253 5076 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:53:33.0285 5076 srvnet - ok
18:53:33.0363 5076 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:53:33.0425 5076 SSDPSRV - ok
18:53:33.0472 5076 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:53:33.0534 5076 SstpSvc - ok
18:53:33.0846 5076 [ C5DF63AE2693C9B6B01B4A2E6C1C64AC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
18:53:33.0877 5076 STacSV - ok
18:53:33.0924 5076 [ BA16447226ABFD342E130D2F24F73D32 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:53:33.0955 5076 STHDA - ok
18:53:34.0096 5076 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
18:53:34.0127 5076 stisvc - ok
18:53:34.0205 5076 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:53:34.0236 5076 stllssvr - ok
18:53:34.0324 5076 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:53:34.0366 5076 swenum - ok
18:53:34.0550 5076 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:53:34.0581 5076 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:53:34.0581 5076 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:53:34.0659 5076 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
18:53:34.0753 5076 swprv - ok
18:53:34.0815 5076 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:53:34.0831 5076 Symc8xx - ok
18:53:34.0878 5076 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:53:34.0893 5076 Sym_hi - ok
18:53:34.0940 5076 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:53:34.0956 5076 Sym_u3 - ok
18:53:35.0096 5076 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
18:53:35.0158 5076 SysMain - ok
18:53:35.0190 5076 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:53:35.0252 5076 TabletInputService - ok
18:53:35.0330 5076 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:53:35.0377 5076 TapiSrv - ok
18:53:35.0626 5076 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
18:53:35.0704 5076 TBS - ok
18:53:35.0876 5076 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:53:36.0219 5076 Tcpip - ok
18:53:36.0453 5076 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:53:36.0547 5076 Tcpip6 - ok
18:53:36.0640 5076 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:53:36.0672 5076 tcpipreg - ok
18:53:36.0734 5076 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:53:36.0812 5076 TDPIPE - ok
18:53:36.0843 5076 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:53:36.0906 5076 TDTCP - ok
18:53:36.0968 5076 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:53:36.0999 5076 tdx - ok
18:53:37.0046 5076 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:53:37.0062 5076 TermDD - ok
18:53:37.0202 5076 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
18:53:37.0249 5076 TermService - ok
18:53:37.0389 5076 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
18:53:37.0405 5076 Themes - ok
18:53:37.0452 5076 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
18:53:37.0498 5076 THREADORDER - ok
18:53:37.0561 5076 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
18:53:37.0639 5076 TrkWks - ok
18:53:37.0748 5076 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:53:37.0795 5076 TrustedInstaller - ok
18:53:37.0888 5076 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:53:37.0951 5076 tssecsrv - ok
18:53:38.0013 5076 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:53:38.0029 5076 tunmp - ok
18:53:38.0138 5076 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:53:38.0154 5076 tunnel - ok
18:53:38.0247 5076 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:53:38.0263 5076 uagp35 - ok
18:53:38.0325 5076 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:53:38.0466 5076 udfs - ok
18:53:38.0512 5076 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:53:38.0559 5076 UI0Detect - ok
18:53:38.0606 5076 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:53:38.0637 5076 uliagpkx - ok
18:53:38.0731 5076 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:53:38.0824 5076 uliahci - ok
18:53:38.0871 5076 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:53:38.0887 5076 UlSata - ok
18:53:38.0949 5076 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:53:38.0965 5076 ulsata2 - ok
18:53:38.0996 5076 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:53:39.0058 5076 umbus - ok
18:53:39.0152 5076 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
18:53:39.0230 5076 upnphost - ok
18:53:39.0324 5076 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:53:39.0370 5076 USBAAPL64 - ok
18:53:39.0495 5076 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:53:39.0526 5076 usbccgp - ok
18:53:39.0636 5076 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:53:39.0729 5076 usbcir - ok
18:53:39.0807 5076 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:53:39.0870 5076 usbehci - ok
18:53:39.0948 5076 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:53:39.0979 5076 usbhub - ok
18:53:40.0057 5076 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:53:40.0150 5076 usbohci - ok
18:53:40.0197 5076 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:53:40.0244 5076 usbprint - ok
18:53:40.0338 5076 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:53:40.0369 5076 usbscan - ok
18:53:40.0525 5076 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:53:40.0572 5076 USBSTOR - ok
18:53:40.0618 5076 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:53:40.0650 5076 usbuhci - ok
18:53:40.0774 5076 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:53:40.0837 5076 usbvideo - ok
18:53:40.0884 5076 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
18:53:40.0930 5076 UxSms - ok
18:53:41.0008 5076 [ D7FCD8FBBF6CC93140D9C7C7959ED60C ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
18:53:41.0024 5076 VBoxDrv - ok
18:53:41.0071 5076 [ 6B22F16BE58AEF1A57970611D7109507 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:53:41.0086 5076 VBoxNetAdp - ok
18:53:41.0149 5076 [ 10DD814DA2F2064F53B9694E30FF45A4 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
18:53:41.0164 5076 VBoxNetFlt - ok
18:53:41.0227 5076 [ 812C2E4EC41CFCACE761620E17463529 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:53:41.0242 5076 VBoxUSBMon - ok
18:53:41.0320 5076 [ 9024E915F803431E2C2C85070DC919FB ] VCam_WDM C:\Windows\system32\DRIVERS\VCam_WDM.sys
18:53:41.0352 5076 VCam_WDM - ok
18:53:41.0414 5076 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
18:53:41.0461 5076 VClone - ok
18:53:41.0539 5076 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
18:53:41.0586 5076 vds - ok
18:53:41.0679 5076 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:53:41.0726 5076 vga - ok
18:53:41.0788 5076 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:53:41.0835 5076 VgaSave - ok
18:53:41.0882 5076 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
18:53:41.0913 5076 viaide - ok
18:53:41.0944 5076 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:53:41.0976 5076 volmgr - ok
18:53:42.0069 5076 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:53:42.0178 5076 volmgrx - ok
18:53:42.0241 5076 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:53:42.0288 5076 volsnap - ok
18:53:42.0397 5076 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:53:42.0412 5076 vsmraid - ok
18:53:42.0631 5076 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
18:53:43.0036 5076 VSS - ok
18:53:43.0130 5076 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
18:53:43.0177 5076 W32Time - ok
18:53:43.0224 5076 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:53:43.0317 5076 WacomPen - ok
18:53:43.0364 5076 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:53:43.0411 5076 Wanarp - ok
18:53:43.0426 5076 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:53:43.0458 5076 Wanarpv6 - ok
18:53:43.0582 5076 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:53:43.0614 5076 wcncsvc - ok
18:53:43.0676 5076 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:53:43.0707 5076 WcsPlugInService - ok
18:53:43.0801 5076 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
18:53:43.0832 5076 Wd - ok
18:53:44.0004 5076 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:53:44.0035 5076 Wdf01000 - ok
18:53:44.0082 5076 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:53:44.0144 5076 WdiServiceHost - ok
18:53:44.0175 5076 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:53:44.0238 5076 WdiSystemHost - ok
18:53:44.0269 5076 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
18:53:44.0362 5076 WebClient - ok
18:53:44.0456 5076 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:53:44.0503 5076 Wecsvc - ok
18:53:44.0565 5076 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:53:44.0596 5076 wercplsupport - ok
18:53:44.0659 5076 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
18:53:44.0721 5076 WerSvc - ok
18:53:44.0768 5076 WinDefend - ok
18:53:44.0784 5076 WinHttpAutoProxySvc - ok
18:53:45.0033 5076 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:53:45.0111 5076 Winmgmt - ok
18:53:45.0408 5076 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
18:53:45.0626 5076 WinRM - ok
18:53:45.0735 5076 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:53:45.0860 5076 Wlansvc - ok
18:53:46.0234 5076 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:53:46.0406 5076 wlidsvc - ok
18:53:46.0422 5076 wltrysvc - ok
18:53:46.0484 5076 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:53:46.0562 5076 WmiAcpi - ok
18:53:46.0640 5076 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:53:46.0671 5076 wmiApSrv - ok
18:53:46.0718 5076 WMPNetworkSvc - ok
18:53:46.0812 5076 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:53:46.0858 5076 WPCSvc - ok
18:53:46.0936 5076 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:53:46.0952 5076 WPDBusEnum - ok
18:53:47.0014 5076 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:53:47.0077 5076 WpdUsb - ok
18:53:47.0857 5076 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:53:47.0904 5076 WPFFontCache_v0400 - ok
18:53:47.0935 5076 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:53:48.0060 5076 ws2ifsl - ok
18:53:48.0138 5076 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
18:53:48.0153 5076 wscsvc - ok
18:53:48.0169 5076 WSearch - ok
18:53:48.0574 5076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:53:48.0652 5076 wuauserv - ok
18:53:48.0840 5076 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:53:48.0902 5076 WudfPf - ok
18:53:48.0996 5076 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:53:49.0027 5076 WUDFRd - ok
18:53:49.0105 5076 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:53:49.0152 5076 wudfsvc - ok
18:53:49.0417 5076 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:53:49.0448 5076 YahooAUService - ok
18:53:49.0464 5076 yksvc - ok
18:53:49.0666 5076 [ B681CADB266B151061E7BAA82B0D77B7 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
18:53:49.0713 5076 yukonx64 - ok
18:53:49.0729 5076 ================ Scan global ===============================
18:53:49.0900 5076 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
18:53:50.0072 5076 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
18:53:50.0103 5076 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
18:53:50.0197 5076 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
18:53:50.0212 5076 [Global] - ok
18:53:50.0212 5076 ================ Scan MBR ==================================
18:53:50.0244 5076 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
18:54:00.0878 5076 \Device\Harddisk0\DR0 - ok
18:54:00.0878 5076 ================ Scan VBR ==================================
18:54:00.0956 5076 [ E7D520AC42F006B606FA67A86D2BE6F8 ] \Device\Harddisk0\DR0\Partition1
18:54:00.0956 5076 \Device\Harddisk0\DR0\Partition1 - ok
18:54:01.0003 5076 [ F1E58B97CB26C7C0CA22DF457CD42CE8 ] \Device\Harddisk0\DR0\Partition2
18:54:01.0019 5076 \Device\Harddisk0\DR0\Partition2 - ok
18:54:01.0019 5076 ================ Scan active images ========================
18:54:01.0019 5076 [ 4F4E1093ADFBAE48544DA6E7CCF09FE4 ] C:\Windows\System32\drivers\crashdmp.sys
18:54:01.0019 5076 C:\Windows\System32\drivers\crashdmp.sys - ok
18:54:01.0019 5076 [ 0B6C9C8F2E00E8B61C8379E62A9F921B ] C:\Windows\System32\drivers\iaStor.sys
18:54:01.0019 5076 C:\Windows\System32\drivers\iaStor.

Fiery · Mar 17, 2013

Can you attach the TDSSkiller log like you did for the OTL log?

Anthony33 · Mar 17, 2013

I'm confused... I did include the TDSS log. Here it is again though..

18:50:21.0440 3836 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:50:21.0970 3836 ============================================================
18:50:21.0970 3836 Current date / time: 2013/03/17 18:50:21.0970
18:50:21.0970 3836 SystemInfo:
18:50:21.0970 3836
18:50:21.0970 3836 OS Version: 6.0.6002 ServicePack: 2.0
18:50:21.0970 3836 Product type: Workstation
18:50:21.0970 3836 ComputerName: ANTHONY
18:50:21.0970 3836 UserName: Eileen Martin
18:50:21.0970 3836 Windows directory: C:\Windows
18:50:21.0970 3836 System windows directory: C:\Windows
18:50:21.0970 3836 Running under WOW64
18:50:21.0970 3836 Processor architecture: Intel x64
18:50:21.0970 3836 Number of processors: 2
18:50:21.0970 3836 Page size: 0x1000
18:50:21.0970 3836 Boot type: Normal boot
18:50:21.0970 3836 ============================================================
18:50:32.0267 3836 BG loaded
18:50:32.0844 3836 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:50:32.0891 3836 ============================================================
18:50:32.0891 3836 \Device\Harddisk0\DR0:
18:50:32.0907 3836 MBR partitions:
18:50:32.0907 3836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
18:50:32.0907 3836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
18:50:32.0907 3836 ============================================================
18:50:33.0312 3836 C: <-> \Device\Harddisk0\DR0\Partition2
18:50:33.0421 3836 E: <-> \Device\Harddisk0\DR0\Partition1
18:50:33.0421 3836 ============================================================
18:50:33.0421 3836 Initialize success
18:50:33.0421 3836 ============================================================
18:52:48.0467 5076 ============================================================
18:52:48.0467 5076 Scan started
18:52:48.0467 5076 Mode: Manual; SigCheck; TDLFS;
18:52:48.0467 5076 ============================================================
18:52:49.0605 5076 ================ Scan system memory ========================
18:52:49.0605 5076 System memory - ok
18:52:49.0605 5076 ================ Scan services =============================
18:52:49.0793 5076 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:52:49.0995 5076 ACPI - ok
18:52:50.0229 5076 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:52:50.0245 5076 AdobeARMservice - ok
18:52:50.0510 5076 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:52:50.0604 5076 AdobeFlashPlayerUpdateSvc - ok
18:52:50.0682 5076 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:52:50.0791 5076 adp94xx - ok
18:52:50.0947 5076 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:52:51.0119 5076 adpahci - ok
18:52:51.0134 5076 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:52:51.0150 5076 adpu160m - ok
18:52:51.0212 5076 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:52:51.0228 5076 adpu320 - ok
18:52:51.0290 5076 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:52:51.0384 5076 AeLookupSvc - ok
18:52:51.0711 5076 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
18:52:51.0743 5076 AESTFilters - ok
18:52:51.0821 5076 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
18:52:51.0899 5076 AFD - ok
18:52:52.0023 5076 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:52:52.0055 5076 agp440 - ok
18:52:52.0086 5076 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:52:52.0101 5076 aic78xx - ok
18:52:52.0148 5076 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
18:52:52.0226 5076 ALG - ok
18:52:52.0289 5076 [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide C:\Windows\system32\drivers\aliide.sys
18:52:52.0304 5076 aliide - ok
18:52:52.0320 5076 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
18:52:52.0335 5076 amdide - ok
18:52:52.0382 5076 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:52:52.0445 5076 AmdK8 - ok
18:52:52.0491 5076 [ 1412E9A88FE1F7E35CE6058A2EF03664 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:52:52.0523 5076 ApfiltrService - ok
18:52:52.0601 5076 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
18:52:52.0632 5076 Appinfo - ok
18:52:52.0679 5076 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:52:52.0694 5076 Apple Mobile Device - ok
18:52:52.0772 5076 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
18:52:52.0788 5076 arc - ok
18:52:52.0850 5076 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:52:52.0866 5076 arcsas - ok
18:52:53.0115 5076 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:52:53.0193 5076 aspnet_state - ok
18:52:53.0271 5076 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:52:53.0287 5076 aswFsBlk - ok
18:52:53.0334 5076 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:52:53.0349 5076 aswMonFlt - ok
18:52:53.0396 5076 [ A4096B90F21BBD2973AFAB8EEE01CD25 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
18:52:53.0412 5076 aswRdr - ok
18:52:53.0459 5076 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:52:53.0490 5076 aswSnx - ok
18:52:53.0818 5076 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:52:53.0850 5076 aswSP - ok
18:52:53.0928 5076 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:52:53.0943 5076 aswTdi - ok
18:52:53.0990 5076 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:52:54.0052 5076 AsyncMac - ok
18:52:54.0115 5076 [ F988BB0690CD660318037908E9B8DBF7 ] atapi C:\Windows\system32\drivers\atapi.sys
18:52:54.0130 5076 atapi - ok
18:52:54.0255 5076 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:52:54.0380 5076 AudioEndpointBuilder - ok
18:52:54.0396 5076 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:52:54.0489 5076 AudioSrv - ok
18:52:54.0723 5076 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:52:54.0739 5076 avast! Antivirus - ok
18:52:54.0786 5076 [ A7C9995BA861FCE78B2CEAAE61D39FD7 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
18:52:54.0801 5076 BCM42RLY - ok
18:52:54.0879 5076 [ 912012B708A7D8E8CE2EE55AFB663DFF ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:52:55.0020 5076 BCM43XX - ok
18:52:55.0160 5076 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
18:52:55.0238 5076 BFE - ok
18:52:55.0472 5076 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
18:52:55.0644 5076 BITS - ok
18:52:55.0659 5076 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:52:55.0737 5076 blbdrive - ok
18:52:56.0127 5076 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:52:56.0143 5076 Bonjour Service - ok
18:52:56.0252 5076 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:52:56.0268 5076 bowser - ok
18:52:56.0314 5076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:52:56.0377 5076 BrFiltLo - ok
18:52:56.0424 5076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:52:56.0470 5076 BrFiltUp - ok
18:52:56.0502 5076 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
18:52:56.0580 5076 Browser - ok
18:52:56.0626 5076 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
18:52:56.0704 5076 Brserid - ok
18:52:56.0720 5076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:52:56.0798 5076 BrSerWdm - ok
18:52:56.0845 5076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:52:56.0923 5076 BrUsbMdm - ok
18:52:56.0938 5076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:52:57.0032 5076 BrUsbSer - ok
18:52:57.0094 5076 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:52:57.0188 5076 BTHMODEM - ok
18:52:57.0219 5076 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:52:57.0282 5076 cdfs - ok
18:52:57.0344 5076 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:52:57.0391 5076 cdrom - ok
18:52:57.0469 5076 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
18:52:57.0547 5076 CertPropSvc - ok
18:52:57.0578 5076 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
18:52:57.0672 5076 circlass - ok
18:52:57.0782 5076 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
18:52:57.0844 5076 CLFS - ok
18:52:57.0938 5076 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:57.0953 5076 clr_optimization_v2.0.50727_32 - ok
18:52:58.0000 5076 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:52:58.0016 5076 clr_optimization_v2.0.50727_64 - ok
18:52:58.0125 5076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:52:58.0265 5076 clr_optimization_v4.0.30319_32 - ok
18:52:58.0297 5076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:52:58.0328 5076 clr_optimization_v4.0.30319_64 - ok
18:52:58.0390 5076 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:52:58.0453 5076 CmBatt - ok
18:52:58.0562 5076 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:52:58.0577 5076 cmdide - ok
18:52:58.0640 5076 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:52:58.0655 5076 Compbatt - ok
18:52:58.0671 5076 COMSysApp - ok
18:52:58.0702 5076 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:52:58.0718 5076 crcdisk - ok
18:52:58.0766 5076 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:52:58.0828 5076 CryptSvc - ok
18:52:58.0875 5076 [ FC1F55BA03832FBB0DAF965F746C47BB ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:52:58.0906 5076 CtClsFlt - ok
18:52:59.0046 5076 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:52:59.0187 5076 DcomLaunch - ok
18:52:59.0280 5076 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:52:59.0327 5076 DfsC - ok
18:52:59.0561 5076 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
18:52:59.0874 5076 DFSR - ok
18:52:59.0968 5076 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:53:00.0015 5076 Dhcp - ok
18:53:00.0139 5076 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
18:53:00.0155 5076 disk - ok
18:53:00.0186 5076 dlcc_device - ok
18:53:00.0249 5076 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:53:00.0295 5076 Dnscache - ok
18:53:00.0373 5076 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
18:53:00.0420 5076 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
18:53:00.0420 5076 DockLoginService - detected UnsignedFile.Multi.Generic (1)
18:53:00.0451 5076 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
18:53:00.0529 5076 dot3svc - ok
18:53:00.0561 5076 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
18:53:00.0623 5076 DPS - ok
18:53:00.0685 5076 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:53:00.0748 5076 drmkaud - ok
18:53:01.0092 5076 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:53:01.0139 5076 DXGKrnl - ok
18:53:01.0264 5076 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
18:53:01.0310 5076 e1express - ok
18:53:01.0357 5076 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
18:53:01.0388 5076 E1G60 - ok
18:53:01.0466 5076 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
18:53:01.0513 5076 EapHost - ok
18:53:01.0576 5076 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
18:53:01.0591 5076 Ecache - ok
18:53:01.0700 5076 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:53:01.0732 5076 ehRecvr - ok
18:53:01.0778 5076 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
18:53:01.0779 5076 ehSched - ok
18:53:01.0826 5076 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
18:53:01.0857 5076 ehstart - ok
18:53:01.0920 5076 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
18:53:01.0935 5076 ElbyCDIO - ok
18:53:02.0060 5076 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:53:02.0154 5076 elxstor - ok
18:53:02.0247 5076 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:53:02.0419 5076 EMDMgmt - ok
18:53:02.0466 5076 [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:53:02.0528 5076 ErrDev - ok
18:53:02.0700 5076 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
18:53:02.0747 5076 EventSystem - ok
18:53:02.0793 5076 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
18:53:02.0872 5076 exfat - ok
18:53:02.0919 5076 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:53:02.0982 5076 fastfat - ok
18:53:03.0028 5076 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:53:03.0091 5076 fdc - ok
18:53:03.0153 5076 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
18:53:03.0200 5076 fdPHost - ok
18:53:03.0231 5076 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
18:53:03.0325 5076 FDResPub - ok
18:53:03.0356 5076 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:53:03.0372 5076 FileInfo - ok
18:53:03.0403 5076 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:53:03.0450 5076 Filetrace - ok
18:53:03.0465 5076 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:53:03.0512 5076 flpydisk - ok
18:53:03.0606 5076 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:53:03.0637 5076 FltMgr - ok
18:53:03.0762 5076 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
18:53:03.0809 5076 FontCache - ok
18:53:03.0903 5076 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:53:03.0919 5076 FontCache3.0.0.0 - ok
18:53:03.0950 5076 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:53:03.0981 5076 Fs_Rec - ok
18:53:04.0012 5076 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:53:04.0043 5076 gagp30kx - ok
18:53:04.0121 5076 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:53:04.0137 5076 GEARAspiWDM - ok
18:53:04.0340 5076 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
18:53:04.0433 5076 gpsvc - ok
18:53:04.0574 5076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:53:04.0589 5076 gupdate - ok
18:53:04.0621 5076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:53:04.0621 5076 gupdatem - ok
18:53:04.0887 5076 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:53:05.0027 5076 HDAudBus - ok
18:53:05.0058 5076 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:53:05.0136 5076 HidBth - ok
18:53:05.0152 5076 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:53:05.0246 5076 HidIr - ok
18:53:05.0324 5076 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
18:53:05.0370 5076 hidserv - ok
18:53:05.0433 5076 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:53:05.0480 5076 HidUsb - ok
18:53:05.0542 5076 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
18:53:05.0620 5076 hkmsvc - ok
18:53:05.0667 5076 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:53:05.0682 5076 HpCISSs - ok
18:53:05.0902 5076 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:53:05.0949 5076 HTTP - ok
18:53:05.0980 5076 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:53:05.0995 5076 i2omp - ok
18:53:06.0073 5076 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:53:06.0136 5076 i8042prt - ok
18:53:06.0323 5076 [ F148C2E931BFC20397EDC0A7B4F8E22B ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:53:06.0339 5076 IAANTMON - ok
18:53:06.0510 5076 [ 0B6C9C8F2E00E8B61C8379E62A9F921B ] iaStor C:\Windows\system32\drivers\iastor.sys
18:53:06.0541 5076 iaStor - ok
18:53:06.0588 5076 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:53:06.0619 5076 iaStorV - ok
18:53:06.0775 5076 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:53:07.0151 5076 idsvc - ok
18:53:08.0352 5076 [ F7AB8285BBECFAA5ED4050CCB89E073D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:53:08.0726 5076 igfx - ok
18:53:08.0773 5076 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:53:08.0789 5076 iirsp - ok
18:53:08.0929 5076 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:53:08.0945 5076 IJPLMSVC - ok
18:53:09.0116 5076 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
18:53:09.0179 5076 IKEEXT - ok
18:53:09.0226 5076 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
18:53:09.0241 5076 intelide - ok
18:53:09.0288 5076 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:53:09.0382 5076 intelppm - ok
18:53:09.0475 5076 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:53:09.0522 5076 IPBusEnum - ok
18:53:09.0600 5076 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:09.0647 5076 IpFilterDriver - ok
18:53:09.0787 5076 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:53:09.0834 5076 iphlpsvc - ok
18:53:09.0850 5076 IpInIp - ok
18:53:09.0896 5076 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:53:09.0959 5076 IPMIDRV - ok
18:53:10.0021 5076 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:53:10.0130 5076 IPNAT - ok
18:53:10.0349 5076 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:53:10.0380 5076 iPod Service - ok
18:53:10.0458 5076 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:53:10.0520 5076 IRENUM - ok
18:53:10.0552 5076 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:53:10.0567 5076 isapnp - ok
18:53:10.0645 5076 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:53:10.0661 5076 iScsiPrt - ok
18:53:10.0692 5076 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:53:10.0708 5076 iteatapi - ok
18:53:10.0739 5076 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:53:10.0770 5076 iteraid - ok
18:53:10.0801 5076 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:53:10.0817 5076 kbdclass - ok
18:53:10.0895 5076 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:53:10.0957 5076 kbdhid - ok
18:53:10.0988 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
18:53:11.0051 5076 KeyIso - ok
18:53:11.0285 5076 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:53:11.0332 5076 KSecDD - ok
18:53:11.0363 5076 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:53:11.0425 5076 ksthunk - ok
18:53:11.0529 5076 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
18:53:11.0613 5076 KtmRm - ok
18:53:11.0689 5076 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:53:11.0760 5076 LanmanServer - ok
18:53:11.0813 5076 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:53:11.0859 5076 LanmanWorkstation - ok
18:53:11.0933 5076 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:53:11.0978 5076 lltdio - ok
18:53:12.0080 5076 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:53:12.0161 5076 lltdsvc - ok
18:53:12.0201 5076 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:53:12.0246 5076 lmhosts - ok
18:53:12.0423 5076 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:53:12.0446 5076 LSI_FC - ok
18:53:12.0496 5076 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:53:12.0524 5076 LSI_SAS - ok
18:53:12.0637 5076 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:53:12.0663 5076 LSI_SCSI - ok
18:53:12.0818 5076 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
18:53:12.0895 5076 luafv - ok
18:53:13.0051 5076 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:53:13.0065 5076 MBAMProtector - ok
18:53:13.0278 5076 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:53:13.0299 5076 MBAMScheduler - ok
18:53:13.0530 5076 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:13.0665 5076 MBAMService - ok
18:53:13.0826 5076 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
18:53:13.0846 5076 McComponentHostService - ok
18:53:13.0904 5076 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
18:53:13.0926 5076 mcdbus - ok
18:53:14.0010 5076 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:53:14.0155 5076 Mcx2Svc - ok
18:53:14.0257 5076 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
18:53:14.0277 5076 megasas - ok
18:53:14.0343 5076 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:53:14.0411 5076 MegaSR - ok
18:53:14.0462 5076 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
18:53:14.0546 5076 MMCSS - ok
18:53:14.0574 5076 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
18:53:14.0631 5076 Modem - ok
18:53:14.0703 5076 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:53:14.0754 5076 monitor - ok
18:53:14.0794 5076 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:53:14.0811 5076 mouclass - ok
18:53:14.0865 5076 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:53:14.0969 5076 mouhid - ok
18:53:15.0000 5076 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:53:15.0016 5076 MountMgr - ok
18:53:15.0047 5076 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
18:53:15.0063 5076 mpio - ok
18:53:15.0094 5076 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:53:15.0172 5076 mpsdrv - ok
18:53:15.0281 5076 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
18:53:15.0328 5076 MpsSvc - ok
18:53:15.0390 5076 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:53:15.0406 5076 Mraid35x - ok
18:53:15.0468 5076 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:53:15.0500 5076 MRxDAV - ok
18:53:15.0656 5076 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:15.0718 5076 mrxsmb - ok
18:53:15.0780 5076 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:15.0812 5076 mrxsmb10 - ok
18:53:15.0843 5076 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:15.0874 5076 mrxsmb20 - ok
18:53:15.0921 5076 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
18:53:15.0952 5076 msahci - ok
18:53:16.0092 5076 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:53:16.0108 5076 msdsm - ok
18:53:16.0139 5076 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
18:53:16.0202 5076 MSDTC - ok
18:53:16.0295 5076 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:53:16.0358 5076 Msfs - ok
18:53:16.0420 5076 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:53:16.0436 5076 msisadrv - ok
18:53:16.0514 5076 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:53:16.0576 5076 MSiSCSI - ok
18:53:16.0592 5076 msiserver - ok
18:53:16.0638 5076 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:53:16.0701 5076 MSKSSRV - ok
18:53:16.0763 5076 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:53:16.0826 5076 MSPCLOCK - ok
18:53:16.0888 5076 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:53:16.0935 5076 MSPQM - ok
18:53:17.0044 5076 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:53:17.0075 5076 MsRPC - ok
18:53:17.0122 5076 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:53:17.0138 5076 mssmbios - ok
18:53:17.0200 5076 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:53:17.0309 5076 MSTEE - ok
18:53:17.0356 5076 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
18:53:17.0372 5076 Mup - ok
18:53:17.0481 5076 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
18:53:17.0574 5076 napagent - ok
18:53:17.0652 5076 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:53:17.0699 5076 NativeWifiP - ok
18:53:17.0793 5076 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:53:17.0855 5076 NDIS - ok
18:53:17.0886 5076 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:53:17.0918 5076 NdisTapi - ok
18:53:17.0981 5076 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:53:18.0059 5076 Ndisuio - ok
18:53:18.0137 5076 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:53:18.0184 5076 NdisWan - ok
18:53:18.0231 5076 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:53:18.0262 5076 NDProxy - ok
18:53:18.0324 5076 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:53:18.0387 5076 NetBIOS - ok
18:53:18.0449 5076 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:53:18.0480 5076 netbt - ok
18:53:18.0543 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
18:53:18.0558 5076 Netlogon - ok
18:53:18.0652 5076 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
18:53:18.0870 5076 Netman - ok
18:53:18.0933 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:18.0964 5076 NetMsmqActivator - ok
18:53:18.0979 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:18.0995 5076 NetPipeActivator - ok
18:53:19.0182 5076 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
18:53:19.0229 5076 netprofm - ok
18:53:19.0323 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:19.0338 5076 NetTcpActivator - ok
18:53:19.0354 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:53:19.0369 5076 NetTcpPortSharing - ok
18:53:19.0447 5076 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:53:19.0463 5076 nfrd960 - ok
18:53:19.0510 5076 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
18:53:19.0572 5076 NlaSvc - ok
18:53:19.0759 5076 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:53:19.0822 5076 Npfs - ok
18:53:19.0900 5076 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
18:53:19.0947 5076 nsi - ok
18:53:20.0056 5076 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:53:20.0196 5076 nsiproxy - ok
18:53:20.0446 5076 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:53:21.0148 5076 Ntfs - ok
18:53:21.0179 5076 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
18:53:21.0257 5076 Null - ok
18:53:21.0304 5076 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:53:21.0319 5076 nvraid - ok
18:53:21.0366 5076 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:53:21.0382 5076 nvstor - ok
18:53:21.0429 5076 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:53:21.0460 5076 nv_agp - ok
18:53:21.0460 5076 NwlnkFlt - ok
18:53:21.0475 5076 NwlnkFwd - ok
18:53:21.0522 5076 [ 404B0121AE1A75D9A63B6934EB07C258 ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys
18:53:21.0553 5076 OA009Ufd - ok
18:53:21.0585 5076 [ D460884EB05B90D06B35A1DBC31928DF ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys
18:53:21.0616 5076 OA009Vid - ok
18:53:21.0834 5076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:53:21.0959 5076 odserv - ok
18:53:22.0037 5076 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:53:22.0115 5076 ohci1394 - ok
18:53:22.0162 5076 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:53:22.0177 5076 ose - ok
18:53:22.0255 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:53:22.0318 5076 p2pimsvc - ok
18:53:22.0505 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
18:53:22.0536 5076 p2psvc - ok
18:53:22.0645 5076 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
18:53:22.0739 5076 Parport - ok
18:53:22.0801 5076 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:53:22.0817 5076 partmgr - ok
18:53:22.0848 5076 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
18:53:22.0879 5076 PcaSvc - ok
18:53:22.0942 5076 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
18:53:22.0957 5076 pci - ok
18:53:22.0989 5076 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
18:53:23.0020 5076 pciide - ok
18:53:23.0035 5076 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:53:23.0067 5076 pcmcia - ok
18:53:23.0207 5076 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:53:23.0301 5076 PEAUTH - ok
18:53:23.0675 5076 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:53:23.0722 5076 PerfHost - ok
18:53:23.0925 5076 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
18:53:23.0987 5076 pla - ok
18:53:24.0049 5076 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:53:24.0096 5076 PlugPlay - ok
18:53:24.0205 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:53:24.0268 5076 PNRPAutoReg - ok
18:53:24.0393 5076 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:53:24.0424 5076 PNRPsvc - ok
18:53:24.0471 5076 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:53:24.0517 5076 PolicyAgent - ok
18:53:24.0580 5076 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:53:24.0627 5076 PptpMiniport - ok
18:53:24.0705 5076 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
18:53:24.0751 5076 Processor - ok
18:53:24.0798 5076 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
18:53:24.0845 5076 ProfSvc - ok
18:53:24.0876 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:53:24.0907 5076 ProtectedStorage - ok
18:53:24.0970 5076 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:53:25.0001 5076 PSched - ok
18:53:25.0079 5076 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:53:25.0095 5076 PxHlpa64 - ok
18:53:25.0313 5076 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:53:25.0391 5076 ql2300 - ok
18:53:25.0422 5076 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:53:25.0453 5076 ql40xx - ok
18:53:25.0500 5076 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
18:53:25.0516 5076 QWAVE - ok
18:53:25.0578 5076 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:53:25.0641 5076 QWAVEdrv - ok
18:53:25.0797 5076 [ 2A09A6B271D1F50ADF5E33B37D460DE6 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:26.0109 5076 R300 - ok
18:53:26.0124 5076 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:53:26.0171 5076 RasAcd - ok
18:53:26.0202 5076 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
18:53:26.0265 5076 RasAuto - ok
18:53:26.0311 5076 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:53:26.0343 5076 Rasl2tp - ok
18:53:26.0405 5076 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
18:53:26.0483 5076 RasMan - ok
18:53:26.0545 5076 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:53:26.0592 5076 RasPppoe - ok
18:53:26.0655 5076 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:53:26.0670 5076 RasSstp - ok
18:53:26.0920 5076 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:53:27.0060 5076 rdbss - ok
18:53:27.0138 5076 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:53:27.0169 5076 RDPCDD - ok
18:53:27.0247 5076 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:53:27.0435 5076 rdpdr - ok
18:53:27.0497 5076 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:53:27.0559 5076 RDPENCDD - ok
18:53:27.0637 5076 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:53:27.0700 5076 RDPWD - ok
18:53:27.0809 5076 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:53:27.0856 5076 RemoteAccess - ok
18:53:27.0934 5076 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:53:27.0965 5076 RemoteRegistry - ok
18:53:27.0996 5076 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
18:53:28.0043 5076 RpcLocator - ok
18:53:28.0246 5076 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
18:53:28.0293 5076 RpcSs - ok
18:53:28.0355 5076 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:53:28.0402 5076 rspndr - ok
18:53:28.0449 5076 [ 39E74E264338934DBF11F8DB79A3E116 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
18:53:28.0495 5076 RTSTOR - ok
18:53:28.0527 5076 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
18:53:28.0542 5076 SamSs - ok
18:53:28.0573 5076 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:53:28.0589 5076 sbp2port - ok
18:53:28.0745 5076 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:53:28.0807 5076 SCardSvr - ok
18:53:28.0854 5076 SCDEmu - ok
18:53:29.0041 5076 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
18:53:29.0119 5076 Schedule - ok
18:53:29.0151 5076 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:53:29.0182 5076 SCPolicySvc - ok
18:53:29.0244 5076 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:53:29.0291 5076 SDRSVC - ok
18:53:29.0353 5076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:53:29.0463 5076 secdrv - ok
18:53:29.0556 5076 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
18:53:29.0603 5076 seclogon - ok
18:53:29.0634 5076 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
18:53:29.0697 5076 SENS - ok
18:53:29.0728 5076 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:53:29.0868 5076 Serenum - ok
18:53:29.0931 5076 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
18:53:30.0024 5076 Serial - ok
18:53:30.0071 5076 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:53:30.0165 5076 sermouse - ok
18:53:30.0227 5076 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
18:53:30.0321 5076 SessionEnv - ok
18:53:30.0367 5076 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:53:30.0445 5076 sffdisk - ok
18:53:30.0492 5076 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:53:30.0539 5076 sffp_mmc - ok
18:53:30.0570 5076 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:53:30.0664 5076 sffp_sd - ok
18:53:30.0695 5076 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:53:30.0789 5076 sfloppy - ok
18:53:31.0023 5076 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:53:31.0085 5076 SftService - ok
18:53:31.0257 5076 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:53:31.0335 5076 SharedAccess - ok
18:53:31.0428 5076 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:53:31.0459 5076 ShellHWDetection - ok
18:53:31.0506 5076 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:53:31.0537 5076 SiSRaid2 - ok
18:53:31.0647 5076 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:53:31.0678 5076 SiSRaid4 - ok
18:53:31.0849 5076 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:53:31.0865 5076 SkypeUpdate - ok
18:53:32.0161 5076 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
18:53:32.0395 5076 slsvc - ok
18:53:32.0489 5076 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:53:32.0536 5076 SLUINotify - ok
18:53:32.0583 5076 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:53:32.0614 5076 Smb - ok
18:53:32.0676 5076 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:53:32.0723 5076 SNMPTRAP - ok
18:53:32.0801 5076 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
18:53:32.0817 5076 spldr - ok
18:53:32.0863 5076 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
18:53:32.0895 5076 Spooler - ok
18:53:32.0941 5076 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
18:53:32.0957 5076 sprtsvc_DellSupportCenter - ok
18:53:33.0035 5076 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
18:53:33.0066 5076 srv - ok
18:53:33.0144 5076 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:53:33.0175 5076 srv2 - ok
18:53:33.0253 5076 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:53:33.0285 5076 srvnet - ok
18:53:33.0363 5076 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:53:33.0425 5076 SSDPSRV - ok
18:53:33.0472 5076 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:53:33.0534 5076 SstpSvc - ok
18:53:33.0846 5076 [ C5DF63AE2693C9B6B01B4A2E6C1C64AC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
18:53:33.0877 5076 STacSV - ok
18:53:33.0924 5076 [ BA16447226ABFD342E130D2F24F73D32 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:53:33.0955 5076 STHDA - ok
18:53:34.0096 5076 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
18:53:34.0127 5076 stisvc - ok
18:53:34.0205 5076 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:53:34.0236 5076 stllssvr - ok
18:53:34.0324 5076 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:53:34.0366 5076 swenum - ok
18:53:34.0550 5076 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:53:34.0581 5076 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
18:53:34.0581 5076 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
18:53:34.0659 5076 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
18:53:34.0753 5076 swprv - ok
18:53:34.0815 5076 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:53:34.0831 5076 Symc8xx - ok
18:53:34.0878 5076 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:53:34.0893 5076 Sym_hi - ok
18:53:34.0940 5076 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:53:34.0956 5076 Sym_u3 - ok
18:53:35.0096 5076 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
18:53:35.0158 5076 SysMain - ok
18:53:35.0190 5076 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:53:35.0252 5076 TabletInputService - ok
18:53:35.0330 5076 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:53:35.0377 5076 TapiSrv - ok
18:53:35.0626 5076 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
18:53:35.0704 5076 TBS - ok
18:53:35.0876 5076 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:53:36.0219 5076 Tcpip - ok
18:53:36.0453 5076 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:53:36.0547 5076 Tcpip6 - ok
18:53:36.0640 5076 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:53:36.0672 5076 tcpipreg - ok
18:53:36.0734 5076 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:53:36.0812 5076 TDPIPE - ok
18:53:36.0843 5076 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:53:36.0906 5076 TDTCP - ok
18:53:36.0968 5076 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:53:36.0999 5076 tdx - ok
18:53:37.0046 5076 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:53:37.0062 5076 TermDD - ok
18:53:37.0202 5076 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
18:53:37.0249 5076 TermService - ok
18:53:37.0389 5076 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
18:53:37.0405 5076 Themes - ok
18:53:37.0452 5076 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
18:53:37.0498 5076 THREADORDER - ok
18:53:37.0561 5076 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
18:53:37.0639 5076 TrkWks - ok
18:53:37.0748 5076 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:53:37.0795 5076 TrustedInstaller - ok
18:53:37.0888 5076 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:53:37.0951 5076 tssecsrv - ok
18:53:38.0013 5076 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:53:38.0029 5076 tunmp - ok
18:53:38.0138 5076 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:53:38.0154 5076 tunnel - ok
18:53:38.0247 5076 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:53:38.0263 5076 uagp35 - ok
18:53:38.0325 5076 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:53:38.0466 5076 udfs - ok
18:53:38.0512 5076 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:53:38.0559 5076 UI0Detect - ok
18:53:38.0606 5076 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:53:38.0637 5076 uliagpkx - ok
18:53:38.0731 5076 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:53:38.0824 5076 uliahci - ok
18:53:38.0871 5076 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:53:38.0887 5076 UlSata - ok
18:53:38.0949 5076 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:53:38.0965 5076 ulsata2 - ok
18:53:38.0996 5076 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:53:39.0058 5076 umbus - ok
18:53:39.0152 5076 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
18:53:39.0230 5076 upnphost - ok
18:53:39.0324 5076 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:53:39.0370 5076 USBAAPL64 - ok
18:53:39.0495 5076 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:53:39.0526 5076 usbccgp - ok
18:53:39.0636 5076 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:53:39.0729 5076 usbcir - ok
18:53:39.0807 5076 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:53:39.0870 5076 usbehci - ok
18:53:39.0948 5076 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:53:39.0979 5076 usbhub - ok
18:53:40.0057 5076 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:53:40.0150 5076 usbohci - ok
18:53:40.0197 5076 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:53:40.0244 5076 usbprint - ok
18:53:40.0338 5076 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:53:40.0369 5076 usbscan - ok
18:53:40.0525 5076 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:53:40.0572 5076 USBSTOR - ok
18:53:40.0618 5076 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:53:40.0650 5076 usbuhci - ok
18:53:40.0774 5076 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:53:40.0837 5076 usbvideo - ok
18:53:40.0884 5076 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
18:53:40.0930 5076 UxSms - ok
18:53:41.0008 5076 [ D7FCD8FBBF6CC93140D9C7C7959ED60C ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
18:53:41.0024 5076 VBoxDrv - ok
18:53:41.0071 5076 [ 6B22F16BE58AEF1A57970611D7109507 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:53:41.0086 5076 VBoxNetAdp - ok
18:53:41.0149 5076 [ 10DD814DA2F2064F53B9694E30FF45A4 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
18:53:41.0164 5076 VBoxNetFlt - ok
18:53:41.0227 5076 [ 812C2E4EC41CFCACE761620E17463529 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:53:41.0242 5076 VBoxUSBMon - ok
18:53:41.0320 5076 [ 9024E915F803431E2C2C85070DC919FB ] VCam_WDM C:\Windows\system32\DRIVERS\VCam_WDM.sys
18:53:41.0352 5076 VCam_WDM - ok
18:53:41.0414 5076 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
18:53:41.0461 5076 VClone - ok
18:53:41.0539 5076 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
18:53:41.0586 5076 vds - ok
18:53:41.0679 5076 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:53:41.0726 5076 vga - ok
18:53:41.0788 5076 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:53:41.0835 5076 VgaSave - ok
18:53:41.0882 5076 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
18:53:41.0913 5076 viaide - ok
18:53:41.0944 5076 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:53:41.0976 5076 volmgr - ok
18:53:42.0069 5076 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:53:42.0178 5076 volmgrx - ok
18:53:42.0241 5076 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:53:42.0288 5076 volsnap - ok
18:53:42.0397 5076 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:53:42.0412 5076 vsmraid - ok
18:53:42.0631 5076 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
18:53:43.0036 5076 VSS - ok
18:53:43.0130 5076 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
18:53:43.0177 5076 W32Time - ok
18:53:43.0224 5076 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:53:43.0317 5076 WacomPen - ok
18:53:43.0364 5076 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:53:43.0411 5076 Wanarp - ok
18:53:43.0426 5076 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:53:43.0458 5076 Wanarpv6 - ok
18:53:43.0582 5076 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:53:43.0614 5076 wcncsvc - ok
18:53:43.0676 5076 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:53:43.0707 5076 WcsPlugInService - ok
18:53:43.0801 5076 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
18:53:43.0832 5076 Wd - ok
18:53:44.0004 5076 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:53:44.0035 5076 Wdf01000 - ok
18:53:44.0082 5076 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:53:44.0144 5076 WdiServiceHost - ok
18:53:44.0175 5076 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:53:44.0238 5076 WdiSystemHost - ok
18:53:44.0269 5076 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
18:53:44.0362 5076 WebClient - ok
18:53:44.0456 5076 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:53:44.0503 5076 Wecsvc - ok
18:53:44.0565 5076 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:53:44.0596 5076 wercplsupport - ok
18:53:44.0659 5076 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
18:53:44.0721 5076 WerSvc - ok
18:53:44.0768 5076 WinDefend - ok
18:53:44.0784 5076 WinHttpAutoProxySvc - ok
18:53:45.0033 5076 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:53:45.0111 5076 Winmgmt - ok
18:53:45.0408 5076 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
18:53:45.0626 5076 WinRM - ok
18:53:45.0735 5076 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:53:45.0860 5076 Wlansvc - ok
18:53:46.0234 5076 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:53:46.0406 5076 wlidsvc - ok
18:53:46.0422 5076 wltrysvc - ok
18:53:46.0484 5076 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:53:46.0562 5076 WmiAcpi - ok
18:53:46.0640 5076 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:53:46.0671 5076 wmiApSrv - ok
18:53:46.0718 5076 WMPNetworkSvc - ok
18:53:46.0812 5076 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:53:46.0858 5076 WPCSvc - ok
18:53:46.0936 5076 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:53:46.0952 5076 WPDBusEnum - ok
18:53:47.0014 5076 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:53:47.0077 5076 WpdUsb - ok
18:53:47.0857 5076 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:53:47.0904 5076 WPFFontCache_v0400 - ok
18:53:47.0935 5076 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:53:48.0060 5076 ws2ifsl - ok
18:53:48.0138 5076 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
18:53:48.0153 5076 wscsvc - ok
18:53:48.0169 5076 WSearch - ok
18:53:48.0574 5076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:53:48.0652 5076 wuauserv - ok
18:53:48.0840 5076 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:53:48.0902 5076 WudfPf - ok
18:53:48.0996 5076 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:53:49.0027 5076 WUDFRd - ok
18:53:49.0105 5076 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:53:49.0152 5076 wudfsvc - ok
18:53:49.0417 5076 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
18:53:49.0448 5076 YahooAUService - ok
18:53:49.0464 5076 yksvc - ok
18:53:49.0666 5076 [ B681CADB266B151061E7BAA82B0D77B7 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
18:53:49.0713 5076 yukonx64 - ok
18:53:49.0729 5076 ================ Scan global ===============================
18:53:49.0900 5076 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
18:53:50.0072 5076 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
18:53:50.0103 5076 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
18:53:50.0197 5076 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
18:53:50.0212 5076 [Global] - ok
18:53:50.0212 5076 ================ Scan MBR ==================================
18:53:50.0244 5076 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
18:54:00.0878 5076 \Device\Harddisk0\DR0 - ok
18:54:00.0878 5076 ================ Scan VBR ==================================
18:54:00.0956 5076 [ E7D520AC42F006B606FA67A86D2BE6F8 ] \Device\Harddisk0\DR0\Partition1
18:54:00.0956 5076 \Device\Harddisk0\DR0\Partition1 - ok
18:54:01.0003 5076 [ F1E58B97CB26C7C0CA22DF457CD42CE8 ] \Device\Harddisk0\DR0\Partition2
18:54:01.0019 5076 \Device\Harddisk0\DR0\Partition2 - ok
18:54:01.0019 5076 ================ Scan active images ========================
18:54:01.0019 5076 [ 4F4E1093ADFBAE48544DA6E7CCF09FE4 ] C:\Windows\System32\drivers\crashdmp.sys
18:54:01.0019 5076 C:\Windows\System32\drivers\crashdmp.sys - ok
18:54:01.0019 5076 [ 0B6C9C8F2E00E8B61C8379E62A9F921B ] C:\Windows\System32\drivers\iaStor.sys
18:54:01.0019 5076 C:\Windows\System32\drivers\iaStor.sys - ok
18:54:01.0034 5076 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] C:\Windows\System32\drivers\tunnel.sys
18:54:01.0034 5076 C:\Windows\System32\drivers\tunnel.sys - ok
18:54:01.0034 5076 [ 89EC74A9E602D16A75A4170511029B3C ] C:\Windows\System32\drivers\TUNMP.SYS
18:54:01.0034 5076 C:\Windows\System32\drivers\TUNMP.SYS - ok
18:54:01.0050 5076 [ F7AB8285BBECFAA5ED4050CCB89E073D ] C:\Windows\System32\drivers\igdkmd64.sys
18:54:01.0050 5076 C:\Windows\System32\drivers\igdkmd64.sys - ok
18:54:01.0050 5076 [ B8E554E502D5123BC111F99D6A2181B4 ] C:\Windows\System32\drivers\dxgkrnl.sys
18:54:01.0050 5076 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:54:01.0065 5076 [ 2F956EA22FCCE4C9F15C64175C891A1E ] C:\Windows\System32\drivers\watchdog.sys
18:54:01.0065 5076 C:\Windows\System32\drivers\watchdog.sys - ok
18:54:01.0065 5076 [ A60FDA63F3901AE49C244FF988427A9C ] C:\Windows\System32\drivers\usbport.sys
18:54:01.0065 5076 C:\Windows\System32\drivers\usbport.sys - ok
18:54:01.0065 5076 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] C:\Windows\System32\drivers\usbuhci.sys
18:54:01.0065 5076 C:\Windows\System32\drivers\usbuhci.sys - ok
18:54:01.0081 5076 [ 827E44DE934A736EA31E91D353EB126F ] C:\Windows\System32\drivers\usbehci.sys
18:54:01.0081 5076 C:\Windows\System32\drivers\usbehci.sys - ok
18:54:01.0097 5076 [ F942C5820205F2FB453243EDFEC82A3D ] C:\Windows\System32\drivers\hdaudbus.sys
18:54:01.0097 5076 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:54:01.0097 5076 [ 912012B708A7D8E8CE2EE55AFB663DFF ] C:\Windows\System32\drivers\BCMWL664.SYS
18:54:01.0097 5076 C:\Windows\System32\drivers\BCMWL664.SYS - ok
18:54:01.0112 5076 [ B681CADB266B151061E7BAA82B0D77B7 ] C:\Windows\System32\drivers\yk60x64.sys
18:54:01.0112 5076 C:\Windows\System32\drivers\yk60x64.sys - ok
18:54:01.0112 5076 [ CBB597659A2713CE0C9CC20C88C7591F ] C:\Windows\System32\drivers\i8042prt.sys
18:54:01.0112 5076 C:\Windows\System32\drivers\i8042prt.sys - ok
18:54:01.0128 5076 [ 1412E9A88FE1F7E35CE6058A2EF03664 ] C:\Windows\System32\drivers\Apfiltr.sys
18:54:01.0128 5076 C:\Windows\System32\drivers\Apfiltr.sys - ok
18:54:01.0128 5076 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] C:\Windows\System32\drivers\mouclass.sys
18:54:01.0128 5076 C:\Windows\System32\drivers\mouclass.sys - ok
18:54:01.0128 5076 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] C:\Windows\System32\drivers\cdrom.sys
18:54:01.0128 5076 C:\Windows\System32\drivers\cdrom.sys - ok
18:54:01.0143 5076 [ 423696F3BA6472DD17699209B933BC26 ] C:\Windows\System32\drivers\kbdclass.sys
18:54:01.0143 5076 C:\Windows\System32\drivers\kbdclass.sys - ok
18:54:01.0143 5076 [ B52D9A14CE4101577900A364BA86F3DF ] C:\Windows\System32\drivers\CmBatt.sys
18:54:01.0143 5076 C:\Windows\System32\drivers\CmBatt.sys - ok
18:54:01.0159 5076 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:54:01.0159 5076 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:54:01.0159 5076 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] C:\Windows\System32\drivers\wmiacpi.sys
18:54:01.0159 5076 C:\Windows\System32\drivers\wmiacpi.sys - ok
18:54:01.0175 5076 [ BFD84AF32FA1BAD6231C4585CB469630 ] C:\Windows\System32\drivers\intelppm.sys
18:54:01.0175 5076 C:\Windows\System32\drivers\intelppm.sys - ok
18:54:01.0175 5076 [ F78A39ED87D918058A14F36159DE5BDA ] C:\Windows\System32\drivers\Storport.sys
18:54:01.0175 5076 C:\Windows\System32\drivers\Storport.sys - ok
18:54:01.0190 5076 [ E4FDF99599F27EC25D2CF6D754243520 ] C:\Windows\System32\drivers\msiscsi.sys
18:54:01.0190 5076 C:\Windows\System32\drivers\msiscsi.sys - ok
18:54:01.0190 5076 [ C39A90534C5B1E28B8BC8B38A3900AFF ] C:\Windows\System32\drivers\tdi.sys
18:54:01.0190 5076 C:\Windows\System32\drivers\tdi.sys - ok
18:54:01.0190 5076 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] C:\Windows\System32\drivers\rasl2tp.sys
18:54:01.0190 5076 C:\Windows\Syst

Fiery · Mar 17, 2013

Sorry, I meant post the TDSSkiller log as an attachment since it's too long to fit into one reply.

Click "new reply" and scroll down to the attachments section

Anthony33 · Mar 17, 2013

Aha, I see. Here you go. Again, there are 2 logs.

Fiery · Mar 17, 2013

Ok, go to this link and follow the instructions there to run the tool.

http://www.mcafee.com/ca/downloads/free-tools/how-to-use-rootkitremover.aspx

Save the tool to the Desktop so that when it completes, it will create the log on your desktop. Please attach the log afterwards.

Anthony33 · Mar 18, 2013

McAfee log below:

[TimeStamp: 20130318215642]

Rootkit Remover v0.8.9.160 [Dec 4 2012 - 17:44:01]

McAfee Labs.

Windows build 6.0.6002 x64 Service Pack 2

Checking for updates ...

Now Scanning...

Malware Found --> ZeroAccess trojan detected!!!

--> Registry key: HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32 ( fixed )

ZeroAccess trojan was cleaned successfully!

Scan Finished

PLEASE REBOOT IMMEDIATELY TO COMPLETE CLEANING.

Other recommendations:

1. Perform full scan with McAfee VirusScan product after reboot.

Press any key to exit.

Fiery · Mar 18, 2013

Ok good, how is your PC running?

Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A notepad document should open automatically called checkup.txt.
Please post the contents of that document in your next reply. Please do not attach it!

Anthony33 · Mar 19, 2013

Computer seems to be running well thanks. I'm guessing my system was riddled with more than just the supreme savings malware?

checkup.txt log below:

Results of screen317's Security Check version 0.99.61
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java(TM) 6 Update 30
Java version out of Date!
Adobe Flash Player 11.6.602.180
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.1 Adobe Reader out of Date!
Google Chrome 25.0.1364.172
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````

Supreme Savings

New Member

Attachments

Level 1

New Member

Level 1

New Member

Level 1

New Member

New Member

Level 1

New Member

Level 1

New Member

Level 1

New Member

Level 1

New Member

Attachments

Level 1

New Member

Level 1

New Member

Similar threads