mtestani

It has been running fine. No search redirects since running these scans.

This is the only item that this scan found - the file you asked me to send earlier. Sorry I haven't gotten back to you sooner but I've been out of town. C:\Qoobox\Quarantine\C\Users\Testani\AppData\Roaming\msdxmu.dll.vir a variant of Win32/Ponmocup.FR trojan cleaned by deleting - quarantined

Could you offer some instruction on performing this process - I'm a bit of a novice when it comes to this stuff. Thanks

This may be a stupid question but where do I find this file?

Here's the combofix log - I appreciate the help ComboFix 13-03-13.02 - Testani 03/13/2013 23:05:47.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5777 [GMT -4:00] Running from: c:\users\Testani\Desktop\ComboFix.exe AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\PCDr\6032\AddOnDownloaded\1abc6cc6-7642-443e-ad9d-336734fd2832.dll c:\programdata\PCDr\6032\AddOnDownloaded\69eaa8a4-3131-4718-aad0-994ebde678d1.dll c:\programdata\PCDr\6032\AddOnDownloaded\9192d3e9-aa66-4560-a2e3-209867aafd30.dll c:\programdata\PCDr\6032\AddOnDownloaded\d4ffe1c0-8021-4dfa-bf52-cb9224f001ce.dll c:\programdata\PCDr\6032\AddOnDownloaded\e238f8f5-5f0a-478f-b96a-d15f6f6cac94.dll c:\programdata\PCDr\6032\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll c:\programdata\PCDr\6032\AddOnDownloaded\f8b3befb-ca07-4bff-8777-f565b237979f.dll c:\users\Testani\AppData\Roaming\msdxmu.dll . . ((((((((((((((((((((((((( Files Created from 2013-02-14 to 2013-03-14 ))))))))))))))))))))))))))))))) . . 2013-03-14 03:14 . 2013-03-14 03:14 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-03-14 03:14 . 2013-03-14 03:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-28 08:01 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll 2013-02-28 08:00 . 2013-01-13 20:31 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll 2013-02-13 08:02 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 08:02 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 02:30 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 02:30 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 02:30 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 02:30 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 02:30 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 02:30 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 02:30 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 02:30 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 02:30 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 02:30 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 02:30 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 02:30 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-13 20:33 . 2012-04-26 00:55 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-03-13 20:33 . 2011-09-17 15:57 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 11:14 . 2012-12-02 14:11 72013344 ----a-w- c:\windows\system32\MRT.exe 2013-02-12 05:45 . 2013-03-13 08:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 08:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 08:55 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 08:55 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 08:55 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 08:55 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-01-04 04:43 . 2013-02-13 02:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-16 17:11 . 2012-12-22 06:25 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-22 06:25 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-22 06:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-22 06:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 21:49 . 2012-09-26 02:09 24176 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2013-02-16 298616] "AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-09-29 12105344] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\users\Testani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [2012-09-28 24576] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-04-26 34200] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-06-16 340240] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-04 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-08-08 67664] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-12-14 274432] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-12-14 59904] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-04-26 25496] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] . . Contents of the 'Scheduled Tasks' folder . 2013-03-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 20:33] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-06-16 1935120] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.cnn.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://watcherswebclubhouse.com/dating/download/v2/cfweb_watcherswebclubhouse.com-dating-download-v2_instmodule.exe DPF: {DABA1849-E884-4DC0-B7E6-41E49B5D7C37} - hxxps://ive-ssdc.kp.org/Integrations/iSiteEMR/,DanaInfo=cidma.appl.kp.org+iSiteExt.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-Vjmvdvlf - c:\users\Testani\AppData\Roaming\msdxmu.dll Wow6432Node-HKLM-Run-<NO NAME> - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-03-13 23:16:17 ComboFix-quarantined-files.txt 2013-03-14 03:16 ComboFix2.txt 2012-10-17 03:46 . Pre-Run: 543,313,559,552 bytes free Post-Run: 545,801,326,592 bytes free . - - End Of File - - 6D65B70B95309DC4D5A47CBECF0530DC

Here is the log - Malwarebytes has never identified anything since this problem started. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.13.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Testani :: TESTANI-PC [administrator] 3/12/2013 9:52:27 PM mbam-log-2013-03-12 (21-52-27).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 213152 Time elapsed: 4 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

attach.txt Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 11/29/2011 7:14:21 PM System Uptime: 3/11/2013 9:47:23 PM (0 hours ago) . Motherboard: Dell Inc. | | 0YH79Y Processor: Intel® Core i5-2430M CPU @ 2.40GHz | CPU | 2401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 577 GiB total, 506.567 GiB free. D: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP334: 1/17/2013 9:01:39 AM - Scheduled Checkpoint RP335: 1/31/2013 12:34:13 PM - Scheduled Checkpoint RP336: 2/8/2013 9:08:00 AM - Scheduled Checkpoint RP337: 2/13/2013 3:00:33 AM - Windows Update RP338: 2/21/2013 10:17:22 AM - Scheduled Checkpoint RP339: 2/28/2013 3:00:33 AM - Windows Update RP340: 3/7/2013 9:37:35 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) MUI Advanced Audio FX Engine Apple Application Support Apple Mobile Device Support Apple Software Update Bing Bar Bing Rewards Client Installer Bonjour Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) Cozi D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Edoc Viewer Dell Getting Started Guide Dell Home Systems Service Agreement Dell Marketplace Webslice IE8 Dell MusicStage Dell PhotoStage Dell Stage Dell Support Center Dell Touchpad Dell VideoStage Dell Webcam Central DirectX 9 Runtime eBay ESET Online Scanner v3 ExamView Assessment Suite ExamView Player GoToAssist 8.0.0.514 Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Intel® Turbo Boost Technology Monitor 2.0 Intel® WiDi Intel® Wireless Display Internet Explorer iTunes Java 7 Update 9 Java Auto Updater Juniper Networks Setup Client Junk Mail filter update LeapFrog Connect LeapFrog Leapster2 Plugin LeapFrog Tag Plugin Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft IntelliPoint 8.2 Microsoft Lync 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) PhotoShowExpress Quickset64 RBVirtualFolder64Inst Realtek High Definition Audio Driver Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype Toolbars Skype™ 5.10 Sonic CinePlayer Decoder Pack Trend Micro Titanium Trend Micro™ Titanium™ TrustedID Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WOT for Internet Explorer . ==== Event Viewer Messages From Past Week ======== . 3/7/2013 1:44:02 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 3/11/2013 9:48:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. . ==== End Of File ===========================

Here are the logs dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.9.2 Run by Testani at 21:57:00 on 2013-03-11 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5587 [GMT -4:00] . AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Windows\System32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.cnn.com/ BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll uRun: [Vjmvdvlf] rundll32 "C:\Users\Testani\AppData\Roaming\msdxmu.dll",Vxbdhzlo mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Testani\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://watcherswebclubhouse.com/dating/download/v2/cfweb_watcherswebclubhouse.com-dating-download-v2_instmodule.exe DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {DABA1849-E884-4DC0-B7E6-41E49B5D7C37} - hxxps://ive-ssdc.kp.org/Integrations/iSiteEMR/,DanaInfo=cidma.appl.kp.org+iSiteExt.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ive-ssdc.kp.org/dana-cached/sc/JuniperSetupClient.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{25E196CA-531A-4DBE-A744-F99D02714D1C} : DHCPNameServer = 172.16.2.5 172.18.82.11 4.2.2.2 TCP: Interfaces\{B8626C57-8E68-4C2F-9A97-345E5A847F00} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{B8626C57-8E68-4C2F-9A97-345E5A847F00}\2656C6B696E6E2030383 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{B8626C57-8E68-4C2F-9A97-345E5A847F00}\56C647F6E6 : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll x64-Notify: igfxcui - igfxdev.dll x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-17 55856] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-9-17 98208] R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-9-20 256336] R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-25 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-25 682344] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-9-17 1692480] R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-9-20 67664] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-17 2656280] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-9-17 176096] R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-17 317440] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-4-26 25496] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-9-25 24176] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-9-17 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-9-17 181760] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-17 412264] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2012-9-28 24576] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-9-17 158976] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-4-26 34200] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-6-16 340240] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-9-17 250984] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-4 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-02-28 08:00:59 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-02-13 08:02:57 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 08:02:56 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 08:00:59 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-02-13 02:30:56 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 02:30:55 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-13 02:30:55 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-13 02:30:49 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 02:30:48 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-13 02:30:47 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-02-13 02:30:47 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-02-13 02:30:47 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-02-13 02:30:47 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-02-13 02:30:47 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-02-13 02:30:45 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-02-13 02:30:45 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2013-02-28 01:32:21 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-28 01:32:21 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 21:57:26.98 ===============

Thank you - I will run the scans and attach the results tomorrow.

Hi - I would appreciate some help with a problem I am having. After performing a search with google - when I click on one of the results, I am redirected to another site which my antivirus program blocks fortunately. This doesn't happen on the 1st search I run after opening internet explorer - only on subsequent searches. I have updated and ran malwarebytes anti malware but no malicious processes are detected. My antivirus program does not detect anything either. Is there anything else I can do to fix this? - thanks - Matt

Hi - I would appreciate some help with a problem I am having. After performing a search with google - when I click on one of the results, I am redirected to another site which my antivirus program blocks fortunately. This doesn't happen on the 1st search I run after opening internet explorer - only on subsequent searches. I have updated and run malwarebytes anti malware but no malicious processes are detected. My antivirus program does not detect anything either. Is there anything else I can do to fix this - thanks - Matt

Jeff - Everything seems fime with the system so far. There have been no problems for the last 2 days that I have seen.

Here are the threats found on ESET C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application C:\TDSSKiller_Quarantine\14.10.2012_20.44.12\mbr0000\tdlfs0000\tsk0000.dta Win64/Olmarik.AK trojan C:\TDSSKiller_Quarantine\14.10.2012_20.44.12\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYH trojan

It's almost done...4 threats found. When it's done do I do anything with the threats?

Jeff - Here are the results of the malwarebytes scan. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.10.17.13 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Testani :: TESTANI-PC [administrator] 10/17/2012 7:12:04 PM mbam-log-2012-10-17 (19-12-04).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 205276 Time elapsed: 4 minute(s), 39 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Jeff - Thanks for the clarification. Here is the latest log. System is running fine as far as I can tell. ComboFix 12-10-16.02 - Testani 10/16/2012 23:22:58.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.6081 [GMT -4:00] Running from: c:\users\Testani\Desktop\ComboFix.exe Command switches used :: c:\users\Testani\Desktop\CFScript.txt AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . . ((((((((((((((((((((((((( Files Created from 2012-09-17 to 2012-10-17 ))))))))))))))))))))))))))))))) . . 2012-10-17 03:33 . 2012-10-17 03:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-15 00:46 . 2012-10-15 22:34 -------- d-----w- C:\TDSSKiller_Quarantine 2012-09-26 03:05 . 2012-09-26 03:05 -------- d-----w- c:\users\Testani\AppData\Roaming\Camfrog Web 2012-09-26 02:09 . 2012-09-26 02:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-09-26 02:09 . 2012-09-07 21:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 22:44 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-09-23 23:58 . 1999-12-17 15:13 86016 ----a-w- c:\windows\unvise32.exe 2012-09-23 23:58 . 2012-09-24 00:03 -------- d-----w- C:\ExamView 2012-09-22 18:14 . 2012-08-24 11:15 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-09-22 18:14 . 2012-08-24 10:39 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-09-21 07:04 . 2012-09-21 07:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-09-21 03:20 . 2012-09-21 03:20 -------- dc----w- c:\windows\system32\DRVSTORE 2012-09-21 03:20 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-09-21 03:20 . 2012-09-21 03:20 -------- d-----w- c:\program files\iTunes 2012-09-21 02:20 . 2010-08-08 22:04 105552 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2012-09-21 02:20 . 2010-08-08 22:04 90704 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2012-09-21 02:20 . 2010-08-08 22:04 67664 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2012-09-21 02:20 . 2010-08-08 22:04 144464 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-21 02:12 . 2012-09-21 02:19 -------- d-----w- c:\program files\Trend Micro 2012-09-21 01:26 . 2012-10-10 13:30 -------- d-----w- c:\program files\Microsoft Lync 2012-09-21 01:26 . 2012-10-10 13:30 -------- d-----w- c:\program files (x86)\Microsoft Lync 2012-09-21 01:17 . 2012-09-21 02:02 -------- d-----w- c:\users\Testani\Tracing 2012-09-21 01:17 . 2012-09-21 01:25 -------- d-----w- c:\program files (x86)\OCSetup 2012-09-21 01:11 . 2012-09-21 01:11 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2012-09-21 01:11 . 2012-09-21 01:11 -------- d-----w- c:\windows\PCHEALTH 2012-09-21 01:11 . 2012-09-21 01:11 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2012-09-21 01:09 . 2012-09-21 01:09 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2012-09-21 01:09 . 2012-09-21 01:09 -------- d-----w- c:\program files\Microsoft Office 2012-09-21 01:09 . 2012-09-21 01:09 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-09-21 01:08 . 2012-09-21 01:08 -------- d-----r- C:\MSOCache 2012-09-21 00:32 . 2012-09-21 00:32 -------- d-----w- c:\users\Testani\AppData\Roaming\e-academy Inc 2012-09-21 00:32 . 2012-09-21 00:32 -------- d-----w- c:\users\Testani\AppData\Local\e-academy Inc . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-09 13:32 . 2012-04-26 00:55 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 13:32 . 2011-09-17 15:57 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-23 08:26 . 2012-09-18 14:10 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{87B4611A-7A8C-4E5A-B8B8-0C6B413A5446}\mpengine.dll 2012-08-22 18:12 . 2012-09-12 23:13 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 23:13 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 23:13 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 23:13 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 17:01 . 2012-08-21 17:01 125872 ----a-w- c:\windows\system32\GEARAspi64.dll 2012-08-21 17:01 . 2012-08-21 17:01 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2012-08-20 17:38 . 2012-10-10 01:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-02 17:58 . 2012-09-12 23:13 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 23:13 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-07-20 14:45 . 2012-07-20 14:45 0 ------w- c:\windows\SysWow64\sho39F3.tmp . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-07-28 12100696] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776] . c:\users\Testani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808] R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-04-26 34200] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-06-16 340240] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-04 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-08-08 67664] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-12-14 274432] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-12-14 59904] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-04-26 25496] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-06-22 8596992] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Contents of the 'Scheduled Tasks' folder . 2012-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 13:32] . 2012-07-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-08-24 05:36] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-06-16 1935120] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.cnn.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://watcherswebclubhouse.com/dating/download/v2/cfweb_watcherswebclubhouse.com-dating-download-v2_instmodule.exe . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Common Files\Java\Java Update\jusched.exe . ************************************************************************** . Completion time: 2012-10-16 23:43:58 - machine was rebooted ComboFix-quarantined-files.txt 2012-10-17 03:43 ComboFix2.txt 2012-10-15 23:03 . Pre-Run: 543,846,801,408 bytes free Post-Run: 543,908,827,136 bytes free . - - End Of File - - 3017066D3BEF306265E46E57B46E4779 Upload was successful

Jeff - I'm sorry - this is the 1st time you lost me. Not sure what notepad is or what from the box should be copied into it.

I then ran combofix - here is the log... ComboFix 12-10-15.01 - Testani 10/15/2012 18:45:45.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5930 [GMT -4:00] Running from: c:\users\Testani\Desktop\ComboFix.exe AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\etadpuelgoog.pad c:\programdata\Roaming c:\users\Testani\Documents\~WRD0005.tmp c:\windows\svchost.exe . . ((((((((((((((((((((((((( Files Created from 2012-09-15 to 2012-10-15 ))))))))))))))))))))))))))))))) . . 2012-10-15 22:59 . 2012-10-15 22:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-15 00:46 . 2012-10-15 22:34 -------- d-----w- C:\TDSSKiller_Quarantine 2012-09-26 03:05 . 2012-09-26 03:05 -------- d-----w- c:\users\Testani\AppData\Roaming\Camfrog Web 2012-09-26 02:09 . 2012-09-26 02:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-09-26 02:09 . 2012-09-07 21:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 22:44 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-09-23 23:58 . 1999-12-17 15:13 86016 ----a-w- c:\windows\unvise32.exe 2012-09-23 23:58 . 2012-09-24 00:03 -------- d-----w- C:\ExamView 2012-09-22 18:14 . 2012-08-24 11:15 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-09-22 18:14 . 2012-08-24 10:39 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-09-21 07:04 . 2012-09-21 07:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2012-09-21 03:20 . 2012-09-21 03:20 -------- dc----w- c:\windows\system32\DRVSTORE 2012-09-21 03:20 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-09-21 03:20 . 2012-09-21 03:20 -------- d-----w- c:\program files\iTunes 2012-09-21 02:20 . 2010-08-08 22:04 105552 ----a-w- c:\windows\system32\drivers\tmtdi.sys 2012-09-21 02:20 . 2010-08-08 22:04 90704 ----a-w- c:\windows\system32\drivers\tmactmon.sys 2012-09-21 02:20 . 2010-08-08 22:04 67664 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys 2012-09-21 02:20 . 2010-08-08 22:04 144464 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-21 02:12 . 2012-09-21 02:19 -------- d-----w- c:\program files\Trend Micro 2012-09-21 01:26 . 2012-10-10 13:30 -------- d-----w- c:\program files\Microsoft Lync 2012-09-21 01:26 . 2012-10-10 13:30 -------- d-----w- c:\program files (x86)\Microsoft Lync 2012-09-21 01:17 . 2012-09-21 02:02 -------- d-----w- c:\users\Testani\Tracing 2012-09-21 01:17 . 2012-09-21 01:25 -------- d-----w- c:\program files (x86)\OCSetup 2012-09-21 01:11 . 2012-09-21 01:11 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2012-09-21 01:11 . 2012-09-21 01:11 -------- d-----w- c:\windows\PCHEALTH 2012-09-21 01:11 . 2012-09-21 01:11 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2012-09-21 01:09 . 2012-09-21 01:09 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2012-09-21 01:09 . 2012-09-21 01:09 -------- d-----w- c:\program files\Microsoft Office 2012-09-21 01:09 . 2012-09-21 01:09 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-09-21 01:08 . 2012-09-21 01:08 -------- d-----r- C:\MSOCache 2012-09-21 00:32 . 2012-09-21 00:32 -------- d-----w- c:\users\Testani\AppData\Roaming\e-academy Inc 2012-09-21 00:32 . 2012-09-21 00:32 -------- d-----w- c:\users\Testani\AppData\Local\e-academy Inc 2012-09-18 14:10 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{87B4611A-7A8C-4E5A-B8B8-0C6B413A5446}\mpengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-09 13:32 . 2012-04-26 00:55 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 13:32 . 2011-09-17 15:57 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-22 18:12 . 2012-09-12 23:13 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 23:13 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 23:13 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 23:13 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 17:01 . 2012-08-21 17:01 125872 ----a-w- c:\windows\system32\GEARAspi64.dll 2012-08-21 17:01 . 2012-08-21 17:01 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll 2012-08-20 17:38 . 2012-10-10 01:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-02 17:58 . 2012-09-12 23:13 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 23:13 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-07-20 14:45 . 2012-07-20 14:45 0 ----a-w- c:\windows\SysWow64\sho39F3.tmp 2012-07-18 18:15 . 2012-08-16 01:33 3148800 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-07-28 12100696] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776] . c:\users\Testani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-04-26 34200] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-06-16 340240] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-04 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-08-08 67664] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2010-12-14 274432] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2010-12-14 59904] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-04-26 25496] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-06-22 8596992] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 51528092 *Deregistered* - 51528092 . Contents of the 'Scheduled Tasks' folder . 2012-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 13:32] . 2012-07-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-08-24 05:36] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-06-16 1935120] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.cnn.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://watcherswebclubhouse.com/dating/download/v2/cfweb_watcherswebclubhouse.com-dating-download-v2_instmodule.exe . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-01687352.sys Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-10-15 19:03:04 ComboFix-quarantined-files.txt 2012-10-15 23:03 . Pre-Run: 543,417,597,952 bytes free Post-Run: 545,339,867,136 bytes free . - - End Of File - - 3A04AA54893DA3EAA233BD6761EE8DB3

Jeff - I ran tdsskiller - it did find that and I deleted it. here is the log... 19:07:31.0979 7748 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 19:07:32.0291 7748 ============================================================ 19:07:32.0291 7748 Current date / time: 2012/10/15 19:07:32.0291 19:07:32.0291 7748 SystemInfo: 19:07:32.0291 7748 19:07:32.0291 7748 OS Version: 6.1.7601 ServicePack: 1.0 19:07:32.0291 7748 Product type: Workstation 19:07:32.0291 7748 ComputerName: TESTANI-PC 19:07:32.0291 7748 UserName: Testani 19:07:32.0291 7748 Windows directory: C:\Windows 19:07:32.0291 7748 System windows directory: C:\Windows 19:07:32.0291 7748 Running under WOW64 19:07:32.0291 7748 Processor architecture: Intel x64 19:07:32.0291 7748 Number of processors: 4 19:07:32.0291 7748 Page size: 0x1000 19:07:32.0291 7748 Boot type: Normal boot 19:07:32.0291 7748 ============================================================ 19:07:32.0470 7748 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:07:32.0476 7748 ============================================================ 19:07:32.0476 7748 \Device\Harddisk0\DR0: 19:07:32.0476 7748 MBR partitions: 19:07:32.0476 7748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000 19:07:32.0476 7748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x48113AB0 19:07:32.0476 7748 ============================================================ 19:07:32.0512 7748 C: <-> \Device\Harddisk0\DR0\Partition2 19:07:32.0512 7748 ============================================================ 19:07:32.0512 7748 Initialize success 19:07:32.0512 7748 ============================================================ 19:07:41.0572 5412 ============================================================ 19:07:41.0572 5412 Scan started 19:07:41.0572 5412 Mode: Manual; TDLFS; 19:07:41.0572 5412 ============================================================ 19:07:41.0900 5412 ================ Scan system memory ======================== 19:07:41.0900 5412 System memory - ok 19:07:41.0900 5412 ================ Scan services ============================= 19:07:42.0175 5412 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:07:42.0177 5412 1394ohci - ok 19:07:42.0214 5412 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:07:42.0216 5412 ACPI - ok 19:07:42.0232 5412 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:07:42.0232 5412 AcpiPmi - ok 19:07:42.0357 5412 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:07:42.0357 5412 AdobeARMservice - ok 19:07:42.0544 5412 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:07:42.0560 5412 AdobeFlashPlayerUpdateSvc - ok 19:07:42.0606 5412 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 19:07:42.0606 5412 adp94xx - ok 19:07:42.0638 5412 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 19:07:42.0653 5412 adpahci - ok 19:07:42.0684 5412 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 19:07:42.0684 5412 adpu320 - ok 19:07:42.0716 5412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:07:42.0716 5412 AeLookupSvc - ok 19:07:42.0809 5412 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 19:07:42.0809 5412 AERTFilters - ok 19:07:42.0872 5412 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 19:07:42.0872 5412 AFD - ok 19:07:42.0918 5412 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:07:42.0918 5412 agp440 - ok 19:07:42.0934 5412 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 19:07:42.0934 5412 ALG - ok 19:07:42.0989 5412 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 19:07:42.0990 5412 aliide - ok 19:07:43.0018 5412 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 19:07:43.0021 5412 amdide - ok 19:07:43.0043 5412 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 19:07:43.0047 5412 AmdK8 - ok 19:07:43.0062 5412 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 19:07:43.0063 5412 AmdPPM - ok 19:07:43.0102 5412 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:07:43.0107 5412 amdsata - ok 19:07:43.0127 5412 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 19:07:43.0130 5412 amdsbs - ok 19:07:43.0148 5412 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:07:43.0150 5412 amdxata - ok 19:07:43.0251 5412 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe 19:07:43.0251 5412 Amsp - ok 19:07:43.0298 5412 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 19:07:43.0313 5412 ApfiltrService - ok 19:07:43.0344 5412 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 19:07:43.0360 5412 AppID - ok 19:07:43.0391 5412 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:07:43.0391 5412 AppIDSvc - ok 19:07:43.0407 5412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 19:07:43.0407 5412 Appinfo - ok 19:07:43.0500 5412 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:07:43.0500 5412 Apple Mobile Device - ok 19:07:43.0547 5412 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 19:07:43.0563 5412 arc - ok 19:07:43.0578 5412 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:07:43.0578 5412 arcsas - ok 19:07:43.0688 5412 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 19:07:43.0688 5412 aspnet_state - ok 19:07:43.0719 5412 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:07:43.0719 5412 AsyncMac - ok 19:07:43.0766 5412 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 19:07:43.0766 5412 atapi - ok 19:07:43.0812 5412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:07:43.0828 5412 AudioEndpointBuilder - ok 19:07:43.0875 5412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:07:43.0875 5412 AudioSrv - ok 19:07:43.0922 5412 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:07:43.0922 5412 AxInstSV - ok 19:07:43.0977 5412 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 19:07:43.0980 5412 b06bdrv - ok 19:07:44.0003 5412 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:07:44.0005 5412 b57nd60a - ok 19:07:44.0129 5412 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe 19:07:44.0135 5412 BBSvc - ok 19:07:44.0177 5412 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe 19:07:44.0179 5412 BBUpdate - ok 19:07:44.0215 5412 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 19:07:44.0216 5412 BDESVC - ok 19:07:44.0254 5412 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 19:07:44.0254 5412 Beep - ok 19:07:44.0332 5412 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 19:07:44.0348 5412 BFE - ok 19:07:44.0394 5412 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 19:07:44.0410 5412 BITS - ok 19:07:44.0457 5412 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:07:44.0457 5412 blbdrive - ok 19:07:44.0566 5412 [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 19:07:44.0582 5412 Bluetooth Device Monitor - ok 19:07:44.0628 5412 [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 19:07:44.0628 5412 Bluetooth Media Service - ok 19:07:44.0691 5412 [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 19:07:44.0706 5412 Bluetooth OBEX Service - ok 19:07:44.0784 5412 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:07:44.0800 5412 Bonjour Service - ok 19:07:44.0847 5412 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:07:44.0847 5412 bowser - ok 19:07:44.0894 5412 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 19:07:44.0894 5412 BrFiltLo - ok 19:07:44.0909 5412 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 19:07:44.0909 5412 BrFiltUp - ok 19:07:44.0925 5412 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 19:07:44.0940 5412 BridgeMP - ok 19:07:44.0980 5412 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 19:07:44.0984 5412 Browser - ok 19:07:45.0004 5412 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:07:45.0006 5412 Brserid - ok 19:07:45.0010 5412 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:07:45.0011 5412 BrSerWdm - ok 19:07:45.0013 5412 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:07:45.0014 5412 BrUsbMdm - ok 19:07:45.0025 5412 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:07:45.0026 5412 BrUsbSer - ok 19:07:45.0080 5412 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 19:07:45.0083 5412 BthEnum - ok 19:07:45.0099 5412 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 19:07:45.0101 5412 BTHMODEM - ok 19:07:45.0136 5412 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 19:07:45.0137 5412 BthPan - ok 19:07:45.0162 5412 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 19:07:45.0174 5412 BTHPORT - ok 19:07:45.0238 5412 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 19:07:45.0238 5412 bthserv - ok 19:07:45.0254 5412 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 19:07:45.0254 5412 BTHUSB - ok 19:07:45.0300 5412 [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 19:07:45.0300 5412 btmaux - ok 19:07:45.0332 5412 [ EC1220B647F0D995DA5CAD4153454779 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 19:07:45.0332 5412 btmhsf - ok 19:07:45.0363 5412 catchme - ok 19:07:45.0394 5412 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:07:45.0394 5412 cdfs - ok 19:07:45.0441 5412 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:07:45.0441 5412 cdrom - ok 19:07:45.0472 5412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 19:07:45.0472 5412 CertPropSvc - ok 19:07:45.0488 5412 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 19:07:45.0503 5412 circlass - ok 19:07:45.0519 5412 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 19:07:45.0519 5412 CLFS - ok 19:07:45.0581 5412 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:07:45.0581 5412 clr_optimization_v2.0.50727_32 - ok 19:07:45.0628 5412 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:07:45.0644 5412 clr_optimization_v2.0.50727_64 - ok 19:07:45.0722 5412 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:07:45.0722 5412 clr_optimization_v4.0.30319_32 - ok 19:07:45.0768 5412 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:07:45.0768 5412 clr_optimization_v4.0.30319_64 - ok 19:07:45.0800 5412 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:07:45.0800 5412 CmBatt - ok 19:07:45.0815 5412 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:07:45.0815 5412 cmdide - ok 19:07:45.0878 5412 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 19:07:45.0878 5412 CNG - ok 19:07:45.0909 5412 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:07:45.0909 5412 Compbatt - ok 19:07:45.0940 5412 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 19:07:45.0940 5412 CompositeBus - ok 19:07:45.0956 5412 COMSysApp - ok 19:07:45.0995 5412 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 19:07:45.0998 5412 crcdisk - ok 19:07:46.0052 5412 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:07:46.0058 5412 CryptSvc - ok 19:07:46.0129 5412 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 19:07:46.0135 5412 CtClsFlt - ok 19:07:46.0165 5412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:07:46.0172 5412 DcomLaunch - ok 19:07:46.0207 5412 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 19:07:46.0215 5412 defragsvc - ok 19:07:46.0239 5412 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:07:46.0239 5412 DfsC - ok 19:07:46.0270 5412 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 19:07:46.0286 5412 Dhcp - ok 19:07:46.0302 5412 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 19:07:46.0302 5412 discache - ok 19:07:46.0333 5412 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 19:07:46.0333 5412 Disk - ok 19:07:46.0364 5412 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:07:46.0364 5412 Dnscache - ok 19:07:46.0395 5412 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 19:07:46.0395 5412 dot3svc - ok 19:07:46.0442 5412 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 19:07:46.0442 5412 DPS - ok 19:07:46.0489 5412 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:07:46.0489 5412 drmkaud - ok 19:07:46.0536 5412 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:07:46.0551 5412 DXGKrnl - ok 19:07:46.0598 5412 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 19:07:46.0614 5412 EapHost - ok 19:07:46.0707 5412 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 19:07:46.0723 5412 ebdrv - ok 19:07:46.0770 5412 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 19:07:46.0770 5412 EFS - ok 19:07:46.0832 5412 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:07:46.0848 5412 ehRecvr - ok 19:07:46.0894 5412 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 19:07:46.0894 5412 ehSched - ok 19:07:46.0926 5412 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 19:07:46.0926 5412 elxstor - ok 19:07:46.0990 5412 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:07:46.0993 5412 ErrDev - ok 19:07:47.0057 5412 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 19:07:47.0067 5412 EventSystem - ok 19:07:47.0177 5412 [ ED8FBADBBAF7420ADEAE2D5D81F0D4A1 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 19:07:47.0192 5412 EvtEng - ok 19:07:47.0257 5412 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 19:07:47.0257 5412 exfat - ok 19:07:47.0288 5412 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:07:47.0288 5412 fastfat - ok 19:07:47.0335 5412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 19:07:47.0351 5412 Fax - ok 19:07:47.0382 5412 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 19:07:47.0382 5412 fdc - ok 19:07:47.0413 5412 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 19:07:47.0413 5412 fdPHost - ok 19:07:47.0444 5412 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 19:07:47.0444 5412 FDResPub - ok 19:07:47.0460 5412 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:07:47.0460 5412 FileInfo - ok 19:07:47.0491 5412 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:07:47.0491 5412 Filetrace - ok 19:07:47.0507 5412 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 19:07:47.0507 5412 flpydisk - ok 19:07:47.0522 5412 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:07:47.0522 5412 FltMgr - ok 19:07:47.0569 5412 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 19:07:47.0569 5412 FontCache - ok 19:07:47.0632 5412 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:07:47.0632 5412 FontCache3.0.0.0 - ok 19:07:47.0647 5412 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:07:47.0647 5412 FsDepends - ok 19:07:47.0694 5412 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:07:47.0694 5412 Fs_Rec - ok 19:07:47.0725 5412 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:07:47.0725 5412 fvevol - ok 19:07:47.0741 5412 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:07:47.0741 5412 gagp30kx - ok 19:07:47.0850 5412 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:07:47.0850 5412 GEARAspiWDM - ok 19:07:47.0944 5412 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe 19:07:47.0959 5412 GoToAssist - ok 19:07:48.0016 5412 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 19:07:48.0028 5412 gpsvc - ok 19:07:48.0057 5412 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:07:48.0058 5412 hcw85cir - ok 19:07:48.0087 5412 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:07:48.0095 5412 HDAudBus - ok 19:07:48.0114 5412 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 19:07:48.0116 5412 HidBatt - ok 19:07:48.0126 5412 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 19:07:48.0128 5412 HidBth - ok 19:07:48.0156 5412 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 19:07:48.0157 5412 HidIr - ok 19:07:48.0167 5412 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 19:07:48.0169 5412 hidserv - ok 19:07:48.0200 5412 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:07:48.0203 5412 HidUsb - ok 19:07:48.0238 5412 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:07:48.0240 5412 hkmsvc - ok 19:07:48.0251 5412 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:07:48.0253 5412 HomeGroupListener - ok 19:07:48.0260 5412 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:07:48.0276 5412 HomeGroupProvider - ok 19:07:48.0292 5412 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:07:48.0292 5412 HpSAMD - ok 19:07:48.0338 5412 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:07:48.0354 5412 HTTP - ok 19:07:48.0385 5412 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:07:48.0385 5412 hwpolicy - ok 19:07:48.0416 5412 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 19:07:48.0416 5412 i8042prt - ok 19:07:48.0494 5412 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys 19:07:48.0494 5412 iaStor - ok 19:07:48.0541 5412 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:07:48.0557 5412 iaStorV - ok 19:07:48.0588 5412 [ E44F0B4DC753C14930B8DC48BB7A1644 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 19:07:48.0588 5412 iBtFltCoex - ok 19:07:48.0666 5412 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 19:07:48.0682 5412 IDriverT - ok 19:07:48.0744 5412 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:07:48.0760 5412 idsvc - ok 19:07:49.0031 5412 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 19:07:49.0088 5412 igfx - ok 19:07:49.0108 5412 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 19:07:49.0110 5412 iirsp - ok 19:07:49.0157 5412 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 19:07:49.0169 5412 IKEEXT - ok 19:07:49.0212 5412 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys 19:07:49.0217 5412 Impcd - ok 19:07:49.0261 5412 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 19:07:49.0276 5412 intaud_WaveExtensible - ok 19:07:49.0354 5412 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 19:07:49.0354 5412 IntcAzAudAddService - ok 19:07:49.0401 5412 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 19:07:49.0401 5412 IntcDAud - ok 19:07:49.0417 5412 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 19:07:49.0432 5412 intelide - ok 19:07:49.0448 5412 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:07:49.0463 5412 intelppm - ok 19:07:49.0495 5412 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:07:49.0495 5412 IPBusEnum - ok 19:07:49.0510 5412 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:07:49.0510 5412 IpFilterDriver - ok 19:07:49.0557 5412 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:07:49.0573 5412 iphlpsvc - ok 19:07:49.0588 5412 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:07:49.0588 5412 IPMIDRV - ok 19:07:49.0619 5412 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:07:49.0635 5412 IPNAT - ok 19:07:49.0713 5412 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:07:49.0729 5412 iPod Service - ok 19:07:49.0760 5412 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:07:49.0760 5412 IRENUM - ok 19:07:49.0775 5412 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:07:49.0775 5412 isapnp - ok 19:07:49.0807 5412 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:07:49.0807 5412 iScsiPrt - ok 19:07:49.0853 5412 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys 19:07:49.0853 5412 iwdbus - ok 19:07:49.0885 5412 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:07:49.0885 5412 kbdclass - ok 19:07:49.0916 5412 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 19:07:49.0931 5412 kbdhid - ok 19:07:49.0947 5412 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 19:07:49.0963 5412 KeyIso - ok 19:07:49.0999 5412 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:07:50.0000 5412 KSecDD - ok 19:07:50.0035 5412 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:07:50.0039 5412 KSecPkg - ok 19:07:50.0058 5412 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:07:50.0061 5412 ksthunk - ok 19:07:50.0095 5412 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 19:07:50.0102 5412 KtmRm - ok 19:07:50.0143 5412 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 19:07:50.0146 5412 LanmanServer - ok 19:07:50.0176 5412 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:07:50.0185 5412 LanmanWorkstation - ok 19:07:50.0371 5412 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe 19:07:50.0402 5412 LeapFrog Connect Device Service - ok 19:07:50.0465 5412 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:07:50.0465 5412 lltdio - ok 19:07:50.0511 5412 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:07:50.0527 5412 lltdsvc - ok 19:07:50.0543 5412 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:07:50.0543 5412 lmhosts - ok 19:07:50.0574 5412 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 19:07:50.0574 5412 LMS - ok 19:07:50.0605 5412 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 19:07:50.0605 5412 LSI_FC - ok 19:07:50.0621 5412 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:07:50.0636 5412 LSI_SAS - ok 19:07:50.0652 5412 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 19:07:50.0652 5412 LSI_SAS2 - ok 19:07:50.0667 5412 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 19:07:50.0667 5412 LSI_SCSI - ok 19:07:50.0699 5412 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 19:07:50.0699 5412 luafv - ok 19:07:50.0745 5412 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 19:07:50.0745 5412 MBAMProtector - ok 19:07:50.0792 5412 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:07:50.0792 5412 MBAMScheduler - ok 19:07:50.0839 5412 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:07:50.0855 5412 MBAMService - ok 19:07:50.0901 5412 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:07:50.0901 5412 Mcx2Svc - ok 19:07:50.0917 5412 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 19:07:50.0933 5412 megasas - ok 19:07:50.0964 5412 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 19:07:50.0979 5412 MegaSR - ok 19:07:51.0003 5412 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 19:07:51.0004 5412 MEIx64 - ok 19:07:51.0081 5412 Microsoft SharePoint Workspace Audit Service - ok 19:07:51.0117 5412 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 19:07:51.0118 5412 MMCSS - ok 19:07:51.0133 5412 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 19:07:51.0134 5412 Modem - ok 19:07:51.0174 5412 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:07:51.0175 5412 monitor - ok 19:07:51.0194 5412 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:07:51.0198 5412 mouclass - ok 19:07:51.0208 5412 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:07:51.0209 5412 mouhid - ok 19:07:51.0223 5412 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:07:51.0225 5412 mountmgr - ok 19:07:51.0239 5412 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 19:07:51.0240 5412 mpio - ok 19:07:51.0259 5412 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:07:51.0261 5412 mpsdrv - ok 19:07:51.0294 5412 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:07:51.0310 5412 MpsSvc - ok 19:07:51.0325 5412 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:07:51.0325 5412 MRxDAV - ok 19:07:51.0357 5412 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:07:51.0357 5412 mrxsmb - ok 19:07:51.0403 5412 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:07:51.0419 5412 mrxsmb10 - ok 19:07:51.0435 5412 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:07:51.0435 5412 mrxsmb20 - ok 19:07:51.0450 5412 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 19:07:51.0450 5412 msahci - ok 19:07:51.0466 5412 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:07:51.0481 5412 msdsm - ok 19:07:51.0497 5412 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 19:07:51.0513 5412 MSDTC - ok 19:07:51.0528 5412 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:07:51.0544 5412 Msfs - ok 19:07:51.0575 5412 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:07:51.0575 5412 mshidkmdf - ok 19:07:51.0591 5412 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:07:51.0591 5412 msisadrv - ok 19:07:51.0622 5412 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:07:51.0622 5412 MSiSCSI - ok 19:07:51.0637 5412 msiserver - ok 19:07:51.0653 5412 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:07:51.0653 5412 MSKSSRV - ok 19:07:51.0684 5412 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:07:51.0684 5412 MSPCLOCK - ok 19:07:51.0700 5412 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:07:51.0700 5412 MSPQM - ok 19:07:51.0731 5412 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:07:51.0731 5412 MsRPC - ok 19:07:51.0747 5412 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:07:51.0747 5412 mssmbios - ok 19:07:51.0762 5412 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:07:51.0762 5412 MSTEE - ok 19:07:51.0778 5412 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 19:07:51.0778 5412 MTConfig - ok 19:07:51.0778 5412 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 19:07:51.0793 5412 Mup - ok 19:07:51.0856 5412 [ F02A154FDE5DA779E971352256E64CFF ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 19:07:51.0856 5412 MyWiFiDHCPDNS - ok 19:07:51.0887 5412 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 19:07:51.0903 5412 napagent - ok 19:07:51.0918 5412 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:07:51.0934 5412 NativeWifiP - ok 19:07:51.0997 5412 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:07:52.0014 5412 NDIS - ok 19:07:52.0034 5412 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:07:52.0035 5412 NdisCap - ok 19:07:52.0069 5412 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:07:52.0072 5412 NdisTapi - ok 19:07:52.0107 5412 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:07:52.0110 5412 Ndisuio - ok 19:07:52.0132 5412 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:07:52.0137 5412 NdisWan - ok 19:07:52.0146 5412 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:07:52.0147 5412 NDProxy - ok 19:07:52.0156 5412 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:07:52.0157 5412 NetBIOS - ok 19:07:52.0170 5412 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:07:52.0172 5412 NetBT - ok 19:07:52.0182 5412 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 19:07:52.0184 5412 Netlogon - ok 19:07:52.0212 5412 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 19:07:52.0215 5412 Netman - ok 19:07:52.0251 5412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:07:52.0256 5412 NetMsmqActivator - ok 19:07:52.0259 5412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:07:52.0261 5412 NetPipeActivator - ok 19:07:52.0281 5412 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 19:07:52.0281 5412 netprofm - ok 19:07:52.0281 5412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:07:52.0296 5412 NetTcpActivator - ok 19:07:52.0296 5412 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:07:52.0296 5412 NetTcpPortSharing - ok 19:07:52.0484 5412 [ C3FC3EEE5A0CE77A02B27CFDFAF0C758 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 19:07:52.0530 5412 NETwNs64 - ok 19:07:52.0546 5412 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 19:07:52.0546 5412 nfrd960 - ok 19:07:52.0577 5412 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:07:52.0577 5412 NlaSvc - ok 19:07:52.0608 5412 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:07:52.0624 5412 Npfs - ok 19:07:52.0640 5412 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 19:07:52.0640 5412 nsi - ok 19:07:52.0655 5412 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:07:52.0655 5412 nsiproxy - ok 19:07:52.0733 5412 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:07:52.0749 5412 Ntfs - ok 19:07:52.0780 5412 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 19:07:52.0780 5412 Null - ok 19:07:52.0827 5412 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 19:07:52.0827 5412 nusb3hub - ok 19:07:52.0858 5412 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 19:07:52.0874 5412 nusb3xhc - ok 19:07:52.0889 5412 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:07:52.0889 5412 nvraid - ok 19:07:52.0920 5412 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:07:52.0920 5412 nvstor - ok 19:07:52.0952 5412 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:07:52.0952 5412 nv_agp - ok 19:07:52.0983 5412 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:07:52.0983 5412 ohci1394 - ok 19:07:53.0059 5412 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:07:53.0061 5412 ose - ok 19:07:53.0200 5412 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:07:53.0223 5412 osppsvc - ok 19:07:53.0265 5412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:07:53.0266 5412 p2pimsvc - ok 19:07:53.0298 5412 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 19:07:53.0313 5412 p2psvc - ok 19:07:53.0376 5412 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 19:07:53.0376 5412 Parport - ok 19:07:53.0407 5412 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:07:53.0407 5412 partmgr - ok 19:07:53.0422 5412 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:07:53.0422 5412 PcaSvc - ok 19:07:53.0454 5412 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 19:07:53.0454 5412 pci - ok 19:07:53.0485 5412 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 19:07:53.0485 5412 pciide - ok 19:07:53.0516 5412 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:07:53.0516 5412 pcmcia - ok 19:07:53.0532 5412 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 19:07:53.0532 5412 pcw - ok 19:07:53.0563 5412 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:07:53.0563 5412 PEAUTH - ok 19:07:53.0688 5412 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:07:53.0688 5412 PerfHost - ok 19:07:53.0781 5412 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 19:07:53.0797 5412 pla - ok 19:07:53.0875 5412 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:07:53.0890 5412 PlugPlay - ok 19:07:53.0937 5412 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:07:53.0937 5412 PNRPAutoReg - ok 19:07:53.0953 5412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:07:53.0953 5412 PNRPsvc - ok 19:07:54.0047 5412 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys 19:07:54.0049 5412 Point64 - ok 19:07:54.0088 5412 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:07:54.0094 5412 PolicyAgent - ok 19:07:54.0126 5412 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 19:07:54.0130 5412 Power - ok 19:07:54.0159 5412 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:07:54.0161 5412 PptpMiniport - ok 19:07:54.0175 5412 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 19:07:54.0177 5412 Processor - ok 19:07:54.0204 5412 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 19:07:54.0208 5412 ProfSvc - ok 19:07:54.0216 5412 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:07:54.0219 5412 ProtectedStorage - ok 19:07:54.0250 5412 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:07:54.0253 5412 Psched - ok 19:07:54.0298 5412 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 19:07:54.0298 5412 PxHlpa64 - ok 19:07:54.0360 5412 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 19:07:54.0391 5412 ql2300 - ok 19:07:54.0407 5412 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 19:07:54.0423 5412 ql40xx - ok 19:07:54.0454 5412 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 19:07:54.0469 5412 QWAVE - ok 19:07:54.0485 5412 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:07:54.0485 5412 QWAVEdrv - ok 19:07:54.0501 5412 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:07:54.0501 5412 RasAcd - ok 19:07:54.0547 5412 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:07:54.0547 5412 RasAgileVpn - ok 19:07:54.0579 5412 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 19:07:54.0579 5412 RasAuto - ok 19:07:54.0594 5412 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:07:54.0594 5412 Rasl2tp - ok 19:07:54.0610 5412 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 19:07:54.0625 5412 RasMan - ok 19:07:54.0641 5412 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:07:54.0641 5412 RasPppoe - ok 19:07:54.0672 5412 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:07:54.0672 5412 RasSstp - ok 19:07:54.0688 5412 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:07:54.0688 5412 rdbss - ok 19:07:54.0703 5412 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 19:07:54.0703 5412 rdpbus - ok 19:07:54.0735 5412 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:07:54.0735 5412 RDPCDD - ok 19:07:54.0750 5412 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:07:54.0750 5412 RDPENCDD - ok 19:07:54.0781 5412 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:07:54.0781 5412 RDPREFMP - ok 19:07:54.0813 5412 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:07:54.0813 5412 RDPWD - ok 19:07:54.0844 5412 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:07:54.0844 5412 rdyboost - ok 19:07:54.0906 5412 [ 3A1EF2F8D0808BECE6A2FEF3EA3987A5 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 19:07:54.0922 5412 RegSrvc - ok 19:07:54.0953 5412 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:07:54.0969 5412 RemoteAccess - ok 19:07:54.0984 5412 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:07:55.0002 5412 RemoteRegistry - ok 19:07:55.0033 5412 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 19:07:55.0035 5412 RFCOMM - ok 19:07:55.0140 5412 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 19:07:55.0146 5412 RoxMediaDB12OEM - ok 19:07:55.0175 5412 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 19:07:55.0177 5412 RoxWatch12 - ok 19:07:55.0210 5412 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:07:55.0215 5412 RpcEptMapper - ok 19:07:55.0244 5412 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 19:07:55.0245 5412 RpcLocator - ok 19:07:55.0265 5412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 19:07:55.0268 5412 RpcSs - ok 19:07:55.0283 5412 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:07:55.0283 5412 rspndr - ok 19:07:55.0330 5412 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 19:07:55.0330 5412 RSUSBSTOR - ok 19:07:55.0361 5412 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 19:07:55.0361 5412 RTL8167 - ok 19:07:55.0393 5412 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 19:07:55.0393 5412 SamSs - ok 19:07:55.0408 5412 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:07:55.0408 5412 sbp2port - ok 19:07:55.0439 5412 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:07:55.0439 5412 SCardSvr - ok 19:07:55.0471 5412 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:07:55.0471 5412 scfilter - ok 19:07:55.0517 5412 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 19:07:55.0533 5412 Schedule - ok 19:07:55.0564 5412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:07:55.0564 5412 SCPolicySvc - ok 19:07:55.0580 5412 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:07:55.0580 5412 SDRSVC - ok 19:07:55.0611 5412 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:07:55.0611 5412 secdrv - ok 19:07:55.0627 5412 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 19:07:55.0627 5412 seclogon - ok 19:07:55.0642 5412 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 19:07:55.0642 5412 SENS - ok 19:07:55.0673 5412 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:07:55.0673 5412 SensrSvc - ok 19:07:55.0705 5412 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 19:07:55.0705 5412 Serenum - ok 19:07:55.0720 5412 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 19:07:55.0736 5412 Serial - ok 19:07:55.0751 5412 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 19:07:55.0751 5412 sermouse - ok 19:07:55.0783 5412 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 19:07:55.0783 5412 SessionEnv - ok 19:07:55.0798 5412 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:07:55.0798 5412 sffdisk - ok 19:07:55.0814 5412 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:07:55.0814 5412 sffp_mmc - ok 19:07:55.0829 5412 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:07:55.0829 5412 sffp_sd - ok 19:07:55.0845 5412 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 19:07:55.0845 5412 sfloppy - ok 19:07:55.0939 5412 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 19:07:55.0954 5412 SftService - ok 19:07:55.0985 5412 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:07:56.0001 5412 SharedAccess - ok 19:07:56.0018 5412 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:07:56.0022 5412 ShellHWDetection - ok 19:07:56.0040 5412 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 19:07:56.0041 5412 SiSRaid2 - ok 19:07:56.0054 5412 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:07:56.0055 5412 SiSRaid4 - ok 19:07:56.0100 5412 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 19:07:56.0102 5412 SkypeUpdate - ok 19:07:56.0130 5412 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:07:56.0135 5412 Smb - ok 19:07:56.0169 5412 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:07:56.0171 5412 SNMPTRAP - ok 19:07:56.0186 5412 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 19:07:56.0187 5412 spldr - ok 19:07:56.0235 5412 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 19:07:56.0247 5412 Spooler - ok 19:07:56.0316 5412 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 19:07:56.0331 5412 sppsvc - ok 19:07:56.0347 5412 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:07:56.0363 5412 sppuinotify - ok 19:07:56.0394 5412 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 19:07:56.0394 5412 srv - ok 19:07:56.0425 5412 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:07:56.0425 5412 srv2 - ok 19:07:56.0441 5412 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:07:56.0456 5412 srvnet - ok 19:07:56.0472 5412 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:07:56.0472 5412 SSDPSRV - ok 19:07:56.0487 5412 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:07:56.0487 5412 SstpSvc - ok 19:07:56.0519 5412 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 19:07:56.0519 5412 stexstor - ok 19:07:56.0565 5412 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 19:07:56.0581 5412 stisvc - ok 19:07:56.0612 5412 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 19:07:56.0612 5412 stllssvr - ok 19:07:56.0643 5412 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:07:56.0643 5412 swenum - ok 19:07:56.0659 5412 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 19:07:56.0659 5412 swprv - ok 19:07:56.0706 5412 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 19:07:56.0737 5412 SysMain - ok 19:07:56.0737 5412 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:07:56.0753 5412 TabletInputService - ok 19:07:56.0768 5412 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:07:56.0768 5412 TapiSrv - ok 19:07:56.0784 5412 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 19:07:56.0784 5412 TBS - ok 19:07:56.0877 5412 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:07:56.0877 5412 Tcpip - ok 19:07:56.0955 5412 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:07:56.0971 5412 TCPIP6 - ok 19:07:56.0987 5412 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:07:56.0987 5412 tcpipreg - ok 19:07:57.0002 5412 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:07:57.0002 5412 TDPIPE - ok 19:07:57.0051 5412 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:07:57.0052 5412 TDTCP - ok 19:07:57.0077 5412 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:07:57.0082 5412 tdx - ok 19:07:57.0107 5412 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:07:57.0108 5412 TermDD - ok 19:07:57.0138 5412 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 19:07:57.0143 5412 TermService - ok 19:07:57.0147 5412 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 19:07:57.0149 5412 Themes - ok 19:07:57.0172 5412 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 19:07:57.0174 5412 THREADORDER - ok 19:07:57.0220 5412 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys 19:07:57.0222 5412 tmactmon - ok 19:07:57.0286 5412 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys 19:07:57.0290 5412 tmcomm - ok 19:07:57.0321 5412 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys 19:07:57.0337 5412 tmevtmgr - ok 19:07:57.0368 5412 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys 19:07:57.0368 5412 tmtdi - ok 19:07:57.0415 5412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 19:07:57.0415 5412 TrkWks - ok 19:07:57.0461 5412 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:07:57.0477 5412 TrustedInstaller - ok 19:07:57.0508 5412 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:07:57.0508 5412 tssecsrv - ok 19:07:57.0524 5412 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:07:57.0539 5412 TsUsbFlt - ok 19:07:57.0571 5412 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 19:07:57.0571 5412 TsUsbGD - ok 19:07:57.0617 5412 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:07:57.0617 5412 tunnel - ok 19:07:57.0664 5412 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 19:07:57.0664 5412 TurboB - ok 19:07:57.0711 5412 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 19:07:57.0727 5412 TurboBoost - ok 19:07:57.0742 5412 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 19:07:57.0742 5412 uagp35 - ok 19:07:57.0758 5412 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:07:57.0773 5412 udfs - ok 19:07:57.0789 5412 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:07:57.0805 5412 UI0Detect - ok 19:07:57.0820 5412 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:07:57.0836 5412 uliagpkx - ok 19:07:57.0851 5412 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:07:57.0851 5412 umbus - ok 19:07:57.0883 5412 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 19:07:57.0883 5412 UmPass - ok 19:07:58.0007 5412 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 19:07:58.0023 5412 UNS - ok 19:07:58.0055 5412 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 19:07:58.0066 5412 upnphost - ok 19:07:58.0133 5412 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 19:07:58.0137 5412 USBAAPL64 - ok 19:07:58.0167 5412 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:07:58.0169 5412 usbccgp - ok 19:07:58.0189 5412 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:07:58.0191 5412 usbcir - ok 19:07:58.0201 5412 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:07:58.0203 5412 usbehci - ok 19:07:58.0248 5412 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:07:58.0256 5412 usbhub - ok 19:07:58.0279 5412 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:07:58.0280 5412 usbohci - ok 19:07:58.0290 5412 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 19:07:58.0290 5412 usbprint - ok 19:07:58.0306 5412 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:07:58.0306 5412 USBSTOR - ok 19:07:58.0337 5412 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:07:58.0337 5412 usbuhci - ok 19:07:58.0368 5412 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 19:07:58.0368 5412 usbvideo - ok 19:07:58.0415 5412 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 19:07:58.0415 5412 UxSms - ok 19:07:58.0430 5412 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 19:07:58.0430 5412 VaultSvc - ok 19:07:58.0446 5412 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:07:58.0446 5412 vdrvroot - ok 19:07:58.0477 5412 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 19:07:58.0493 5412 vds - ok 19:07:58.0540 5412 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:07:58.0540 5412 vga - ok 19:07:58.0555 5412 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 19:07:58.0555 5412 VgaSave - ok 19:07:58.0586 5412 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:07:58.0586 5412 vhdmp - ok 19:07:58.0602 5412 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 19:07:58.0602 5412 viaide - ok 19:07:58.0618 5412 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:07:58.0618 5412 volmgr - ok 19:07:58.0633 5412 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:07:58.0633 5412 volmgrx - ok 19:07:58.0664 5412 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:07:58.0664 5412 volsnap - ok 19:07:58.0680 5412 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 19:07:58.0680 5412 vsmraid - ok 19:07:58.0758 5412 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 19:07:58.0789 5412 VSS - ok 19:07:58.0805 5412 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 19:07:58.0805 5412 vwifibus - ok 19:07:58.0836 5412 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:07:58.0836 5412 vwififlt - ok 19:07:58.0867 5412 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 19:07:58.0867 5412 vwifimp - ok 19:07:58.0883 5412 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 19:07:58.0883 5412 W32Time - ok 19:07:58.0914 5412 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 19:07:58.0914 5412 WacomPen - ok 19:07:58.0945 5412 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:07:58.0945 5412 WANARP - ok 19:07:58.0945 5412 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:07:58.0945 5412 Wanarpv6 - ok 19:07:59.0031 5412 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 19:07:59.0037 5412 WatAdminSvc - ok 19:07:59.0072 5412 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 19:07:59.0084 5412 wbengine - ok 19:07:59.0108 5412 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:07:59.0111 5412 WbioSrvc - ok 19:07:59.0136 5412 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:07:59.0148 5412 wcncsvc - ok 19:07:59.0171 5412 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:07:59.0173 5412 WcsPlugInService - ok 19:07:59.0196 5412 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 19:07:59.0197 5412 Wd - ok 19:07:59.0215 5412 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:07:59.0226 5412 Wdf01000 - ok 19:07:59.0242 5412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:07:59.0247 5412 WdiServiceHost - ok 19:07:59.0250 5412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:07:59.0252 5412 WdiSystemHost - ok 19:07:59.0267 5412 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 19:07:59.0270 5412 WebClient - ok 19:07:59.0284 5412 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:07:59.0287 5412 Wecsvc - ok 19:07:59.0290 5412 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:07:59.0290 5412 wercplsupport - ok 19:07:59.0322 5412 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 19:07:59.0322 5412 WerSvc - ok 19:07:59.0337 5412 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:07:59.0337 5412 WfpLwf - ok 19:07:59.0368 5412 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 19:07:59.0368 5412 WimFltr - ok 19:07:59.0400 5412 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:07:59.0400 5412 WIMMount - ok 19:07:59.0415 5412 WinDefend - ok 19:07:59.0415 5412 WinHttpAutoProxySvc - ok 19:07:59.0478 5412 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:07:59.0478 5412 Winmgmt - ok 19:07:59.0556 5412 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 19:07:59.0556 5412 WinRM - ok 19:07:59.0602 5412 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:07:59.0602 5412 WinUsb - ok 19:07:59.0649 5412 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 19:07:59.0665 5412 Wlansvc - ok 19:07:59.0712 5412 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:07:59.0712 5412 wlcrasvc - ok 19:07:59.0821 5412 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:07:59.0821 5412 wlidsvc - ok 19:07:59.0868 5412 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 19:07:59.0868 5412 WmiAcpi - ok 19:07:59.0883 5412 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:07:59.0899 5412 wmiApSrv - ok 19:07:59.0930 5412 WMPNetworkSvc - ok 19:07:59.0946 5412 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:07:59.0946 5412 WPCSvc - ok 19:07:59.0977 5412 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:07:59.0977 5412 WPDBusEnum - ok 19:08:00.0008 5412 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:08:00.0008 5412 ws2ifsl - ok 19:08:00.0032 5412 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 19:08:00.0034 5412 wscsvc - ok 19:08:00.0036 5412 WSearch - ok 19:08:00.0120 5412 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 19:08:00.0133 5412 wuauserv - ok 19:08:00.0166 5412 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:08:00.0168 5412 WudfPf - ok 19:08:00.0195 5412 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:08:00.0201 5412 WUDFRd - ok 19:08:00.0222 5412 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:08:00.0224 5412 wudfsvc - ok 19:08:00.0244 5412 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 19:08:00.0253 5412 WwanSvc - ok 19:08:00.0280 5412 ================ Scan global =============================== 19:08:00.0292 5412 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 19:08:00.0323 5412 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 19:08:00.0354 5412 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 19:08:00.0401 5412 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 19:08:00.0432 5412 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 19:08:00.0448 5412 [Global] - ok 19:08:00.0448 5412 ================ Scan MBR ================================== 19:08:00.0494 5412 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 19:08:01.0033 5412 \Device\Harddisk0\DR0 - ok 19:08:01.0033 5412 ================ Scan VBR ================================== 19:08:01.0035 5412 [ 69B675C5EA6DD149AC56D3E563999F70 ] \Device\Harddisk0\DR0\Partition1 19:08:01.0037 5412 \Device\Harddisk0\DR0\Partition1 - ok 19:08:01.0064 5412 [ 915C3A247FB5B28AB40D14CB4701C3BA ] \Device\Harddisk0\DR0\Partition2 19:08:01.0066 5412 \Device\Harddisk0\DR0\Partition2 - ok 19:08:01.0067 5412 ============================================================ 19:08:01.0067 5412 Scan finished 19:08:01.0067 5412 ============================================================ 19:08:01.0074 2396 Detected object count: 0 19:08:01.0074 2396 Actual detected object count: 0

Hi Jeff - It again found 2 items - recommended to skip one, repair one. I did what it said and here is the follow up scan. Thanks again. 21:27:40.0774 6880 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 21:27:41.0629 6880 ============================================================ 21:27:41.0629 6880 Current date / time: 2012/10/14 21:27:41.0629 21:27:41.0629 6880 SystemInfo: 21:27:41.0629 6880 21:27:41.0629 6880 OS Version: 6.1.7601 ServicePack: 1.0 21:27:41.0629 6880 Product type: Workstation 21:27:41.0629 6880 ComputerName: TESTANI-PC 21:27:41.0629 6880 UserName: Testani 21:27:41.0629 6880 Windows directory: C:\Windows 21:27:41.0629 6880 System windows directory: C:\Windows 21:27:41.0629 6880 Running under WOW64 21:27:41.0629 6880 Processor architecture: Intel x64 21:27:41.0629 6880 Number of processors: 4 21:27:41.0629 6880 Page size: 0x1000 21:27:41.0629 6880 Boot type: Normal boot 21:27:41.0629 6880 ============================================================ 21:27:43.0184 6880 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:27:43.0190 6880 ============================================================ 21:27:43.0191 6880 \Device\Harddisk0\DR0: 21:27:43.0191 6880 MBR partitions: 21:27:43.0191 6880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000 21:27:43.0191 6880 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x48113AB0 21:27:43.0191 6880 ============================================================ 21:27:43.0253 6880 C: <-> \Device\Harddisk0\DR0\Partition2 21:27:43.0253 6880 ============================================================ 21:27:43.0254 6880 Initialize success 21:27:43.0254 6880 ============================================================ 21:27:52.0041 3224 ============================================================ 21:27:52.0041 3224 Scan started 21:27:52.0041 3224 Mode: Manual; TDLFS; 21:27:52.0041 3224 ============================================================ 21:27:52.0268 3224 ================ Scan system memory ======================== 21:27:52.0268 3224 System memory - ok 21:27:52.0269 3224 ================ Scan services ============================= 21:27:52.0650 3224 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:27:52.0662 3224 1394ohci - ok 21:27:52.0691 3224 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:27:52.0693 3224 ACPI - ok 21:27:52.0721 3224 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:27:52.0727 3224 AcpiPmi - ok 21:27:52.0856 3224 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:27:52.0871 3224 AdobeARMservice - ok 21:27:53.0330 3224 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:27:53.0332 3224 AdobeFlashPlayerUpdateSvc - ok 21:27:53.0391 3224 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:27:53.0419 3224 adp94xx - ok 21:27:53.0457 3224 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:27:53.0478 3224 adpahci - ok 21:27:53.0513 3224 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:27:53.0544 3224 adpu320 - ok 21:27:53.0576 3224 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:27:53.0591 3224 AeLookupSvc - ok 21:27:53.0685 3224 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 21:27:53.0716 3224 AERTFilters - ok 21:27:53.0903 3224 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:27:53.0934 3224 AFD - ok 21:27:53.0981 3224 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:27:53.0981 3224 agp440 - ok 21:27:54.0012 3224 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:27:54.0028 3224 ALG - ok 21:27:54.0059 3224 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:27:54.0059 3224 aliide - ok 21:27:54.0106 3224 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:27:54.0122 3224 amdide - ok 21:27:54.0153 3224 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:27:54.0168 3224 AmdK8 - ok 21:27:54.0184 3224 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:27:54.0200 3224 AmdPPM - ok 21:27:54.0231 3224 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:27:54.0253 3224 amdsata - ok 21:27:54.0280 3224 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:27:54.0291 3224 amdsbs - ok 21:27:54.0302 3224 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:27:54.0307 3224 amdxata - ok 21:27:54.0431 3224 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe 21:27:54.0451 3224 Amsp - ok 21:27:54.0519 3224 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 21:27:54.0530 3224 ApfiltrService - ok 21:27:54.0564 3224 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:27:54.0564 3224 AppID - ok 21:27:54.0595 3224 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:27:54.0595 3224 AppIDSvc - ok 21:27:54.0626 3224 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:27:54.0642 3224 Appinfo - ok 21:27:54.0751 3224 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:27:54.0766 3224 Apple Mobile Device - ok 21:27:54.0798 3224 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 21:27:54.0798 3224 arc - ok 21:27:54.0829 3224 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:27:54.0860 3224 arcsas - ok 21:27:54.0985 3224 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 21:27:55.0094 3224 aspnet_state - ok 21:27:55.0125 3224 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:27:55.0156 3224 AsyncMac - ok 21:27:55.0188 3224 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:27:55.0203 3224 atapi - ok 21:27:55.0267 3224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:27:55.0304 3224 AudioEndpointBuilder - ok 21:27:55.0316 3224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:27:55.0319 3224 AudioSrv - ok 21:27:55.0375 3224 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:27:55.0394 3224 AxInstSV - ok 21:27:55.0430 3224 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:27:55.0449 3224 b06bdrv - ok 21:27:55.0469 3224 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:27:55.0485 3224 b57nd60a - ok 21:27:55.0628 3224 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe 21:27:55.0675 3224 BBSvc - ok 21:27:55.0753 3224 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe 21:27:55.0784 3224 BBUpdate - ok 21:27:55.0847 3224 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:27:55.0862 3224 BDESVC - ok 21:27:55.0893 3224 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:27:55.0893 3224 Beep - ok 21:27:55.0956 3224 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:27:55.0956 3224 BFE - ok 21:27:56.0127 3224 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:27:56.0143 3224 BITS - ok 21:27:56.0190 3224 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:27:56.0205 3224 blbdrive - ok 21:27:56.0413 3224 [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 21:27:56.0418 3224 Bluetooth Device Monitor - ok 21:27:56.0582 3224 [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 21:27:56.0597 3224 Bluetooth Media Service - ok 21:27:56.0660 3224 [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 21:27:56.0722 3224 Bluetooth OBEX Service - ok 21:27:56.0769 3224 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:27:56.0800 3224 Bonjour Service - ok 21:27:56.0878 3224 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:27:56.0909 3224 bowser - ok 21:27:56.0940 3224 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:27:56.0972 3224 BrFiltLo - ok 21:27:56.0972 3224 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:27:56.0987 3224 BrFiltUp - ok 21:27:57.0034 3224 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:27:57.0065 3224 Browser - ok 21:27:57.0081 3224 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:27:57.0112 3224 Brserid - ok 21:27:57.0112 3224 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:27:57.0128 3224 BrSerWdm - ok 21:27:57.0128 3224 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:27:57.0128 3224 BrUsbMdm - ok 21:27:57.0143 3224 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:27:57.0159 3224 BrUsbSer - ok 21:27:57.0206 3224 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 21:27:57.0221 3224 BthEnum - ok 21:27:57.0237 3224 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:27:57.0252 3224 BTHMODEM - ok 21:27:57.0279 3224 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:27:57.0280 3224 BthPan - ok 21:27:57.0300 3224 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 21:27:57.0343 3224 BTHPORT - ok 21:27:57.0417 3224 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:27:57.0435 3224 bthserv - ok 21:27:57.0462 3224 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 21:27:57.0472 3224 BTHUSB - ok 21:27:57.0510 3224 [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 21:27:57.0525 3224 btmaux - ok 21:27:57.0543 3224 [ EC1220B647F0D995DA5CAD4153454779 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 21:27:57.0550 3224 btmhsf - ok 21:27:57.0581 3224 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:27:57.0612 3224 cdfs - ok 21:27:57.0659 3224 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:27:57.0659 3224 cdrom - ok 21:27:57.0690 3224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:27:57.0722 3224 CertPropSvc - ok 21:27:57.0784 3224 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 21:27:57.0800 3224 circlass - ok 21:27:57.0815 3224 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:27:57.0862 3224 CLFS - ok 21:27:57.0940 3224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:27:57.0971 3224 clr_optimization_v2.0.50727_32 - ok 21:27:58.0018 3224 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:27:58.0018 3224 clr_optimization_v2.0.50727_64 - ok 21:27:58.0080 3224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:27:58.0158 3224 clr_optimization_v4.0.30319_32 - ok 21:27:58.0190 3224 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:27:58.0205 3224 clr_optimization_v4.0.30319_64 - ok 21:27:58.0268 3224 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:27:58.0268 3224 CmBatt - ok 21:27:58.0311 3224 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:27:58.0318 3224 cmdide - ok 21:27:58.0370 3224 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 21:27:58.0398 3224 CNG - ok 21:27:58.0436 3224 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:27:58.0442 3224 Compbatt - ok 21:27:58.0457 3224 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:27:58.0464 3224 CompositeBus - ok 21:27:58.0475 3224 COMSysApp - ok 21:27:58.0494 3224 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:27:58.0500 3224 crcdisk - ok 21:27:58.0551 3224 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:27:58.0570 3224 CryptSvc - ok 21:27:58.0679 3224 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 21:27:58.0710 3224 CtClsFlt - ok 21:27:58.0788 3224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:27:58.0788 3224 DcomLaunch - ok 21:27:58.0882 3224 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:27:58.0913 3224 defragsvc - ok 21:27:58.0944 3224 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:27:58.0975 3224 DfsC - ok 21:27:59.0022 3224 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:27:59.0038 3224 Dhcp - ok 21:27:59.0053 3224 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:27:59.0069 3224 discache - ok 21:27:59.0085 3224 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 21:27:59.0085 3224 Disk - ok 21:27:59.0116 3224 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:27:59.0147 3224 Dnscache - ok 21:27:59.0178 3224 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:27:59.0194 3224 dot3svc - ok 21:27:59.0209 3224 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:27:59.0225 3224 DPS - ok 21:27:59.0272 3224 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:27:59.0272 3224 drmkaud - ok 21:27:59.0313 3224 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:27:59.0328 3224 DXGKrnl - ok 21:27:59.0354 3224 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:27:59.0355 3224 EapHost - ok 21:27:59.0438 3224 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:27:59.0724 3224 ebdrv - ok 21:27:59.0771 3224 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:27:59.0786 3224 EFS - ok 21:27:59.0927 3224 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:27:59.0974 3224 ehRecvr - ok 21:28:00.0005 3224 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:28:00.0020 3224 ehSched - ok 21:28:00.0145 3224 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:28:00.0161 3224 elxstor - ok 21:28:00.0176 3224 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:28:00.0192 3224 ErrDev - ok 21:28:00.0223 3224 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:28:00.0223 3224 EventSystem - ok 21:28:00.0403 3224 [ ED8FBADBBAF7420ADEAE2D5D81F0D4A1 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 21:28:00.0420 3224 EvtEng - ok 21:28:00.0484 3224 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:28:00.0518 3224 exfat - ok 21:28:00.0557 3224 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:28:00.0583 3224 fastfat - ok 21:28:00.0620 3224 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:28:00.0620 3224 Fax - ok 21:28:00.0636 3224 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 21:28:00.0651 3224 fdc - ok 21:28:00.0667 3224 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:28:00.0667 3224 fdPHost - ok 21:28:00.0682 3224 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:28:00.0682 3224 FDResPub - ok 21:28:00.0698 3224 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:28:00.0714 3224 FileInfo - ok 21:28:00.0729 3224 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:28:00.0745 3224 Filetrace - ok 21:28:00.0760 3224 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:28:00.0776 3224 flpydisk - ok 21:28:00.0807 3224 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:28:00.0823 3224 FltMgr - ok 21:28:00.0963 3224 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 21:28:00.0979 3224 FontCache - ok 21:28:01.0041 3224 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:28:01.0057 3224 FontCache3.0.0.0 - ok 21:28:01.0104 3224 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:28:01.0150 3224 FsDepends - ok 21:28:01.0197 3224 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:28:01.0213 3224 Fs_Rec - ok 21:28:01.0291 3224 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:28:01.0339 3224 fvevol - ok 21:28:01.0385 3224 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:28:01.0402 3224 gagp30kx - ok 21:28:01.0479 3224 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:28:01.0494 3224 GEARAspiWDM - ok 21:28:01.0592 3224 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe 21:28:01.0623 3224 GoToAssist - ok 21:28:01.0748 3224 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:28:01.0795 3224 gpsvc - ok 21:28:01.0811 3224 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:28:01.0826 3224 hcw85cir - ok 21:28:01.0842 3224 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:28:01.0842 3224 HDAudBus - ok 21:28:01.0857 3224 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:28:01.0873 3224 HidBatt - ok 21:28:01.0904 3224 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:28:01.0920 3224 HidBth - ok 21:28:01.0935 3224 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 21:28:01.0967 3224 HidIr - ok 21:28:01.0967 3224 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:28:01.0982 3224 hidserv - ok 21:28:02.0013 3224 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:28:02.0045 3224 HidUsb - ok 21:28:02.0060 3224 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:28:02.0060 3224 hkmsvc - ok 21:28:02.0076 3224 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:28:02.0076 3224 HomeGroupListener - ok 21:28:02.0154 3224 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:28:02.0169 3224 HomeGroupProvider - ok 21:28:02.0263 3224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:28:02.0279 3224 HpSAMD - ok 21:28:02.0399 3224 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:28:02.0436 3224 HTTP - ok 21:28:02.0471 3224 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:28:02.0492 3224 hwpolicy - ok 21:28:02.0530 3224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:28:02.0541 3224 i8042prt - ok 21:28:02.0590 3224 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys 21:28:02.0596 3224 iaStor - ok 21:28:02.0640 3224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:28:02.0686 3224 iaStorV - ok 21:28:02.0702 3224 [ E44F0B4DC753C14930B8DC48BB7A1644 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 21:28:02.0702 3224 iBtFltCoex - ok 21:28:02.0796 3224 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 21:28:02.0858 3224 IDriverT - ok 21:28:03.0108 3224 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:28:03.0232 3224 idsvc - ok 21:28:04.0045 3224 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:28:04.0311 3224 igfx - ok 21:28:04.0462 3224 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:28:04.0511 3224 iirsp - ok 21:28:04.0546 3224 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:28:04.0551 3224 IKEEXT - ok 21:28:04.0610 3224 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys 21:28:04.0634 3224 Impcd - ok 21:28:04.0693 3224 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 21:28:04.0708 3224 intaud_WaveExtensible - ok 21:28:04.0817 3224 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:28:04.0849 3224 IntcAzAudAddService - ok 21:28:04.0880 3224 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:28:04.0895 3224 IntcDAud - ok 21:28:04.0927 3224 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:28:04.0958 3224 intelide - ok 21:28:04.0973 3224 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:28:04.0973 3224 intelppm - ok 21:28:04.0989 3224 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:28:05.0020 3224 IPBusEnum - ok 21:28:05.0051 3224 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:28:05.0083 3224 IpFilterDriver - ok 21:28:05.0129 3224 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:28:05.0176 3224 iphlpsvc - ok 21:28:05.0223 3224 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:28:05.0239 3224 IPMIDRV - ok 21:28:05.0270 3224 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:28:05.0301 3224 IPNAT - ok 21:28:05.0435 3224 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:28:05.0452 3224 iPod Service - ok 21:28:05.0510 3224 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:28:05.0531 3224 IRENUM - ok 21:28:05.0541 3224 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:28:05.0549 3224 isapnp - ok 21:28:05.0566 3224 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:28:05.0580 3224 iScsiPrt - ok 21:28:05.0616 3224 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys 21:28:05.0622 3224 iwdbus - ok 21:28:05.0646 3224 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:28:05.0646 3224 kbdclass - ok 21:28:05.0662 3224 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:28:05.0677 3224 kbdhid - ok 21:28:05.0693 3224 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:28:05.0693 3224 KeyIso - ok 21:28:05.0708 3224 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:28:05.0724 3224 KSecDD - ok 21:28:05.0771 3224 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:28:05.0802 3224 KSecPkg - ok 21:28:05.0849 3224 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:28:05.0864 3224 ksthunk - ok 21:28:05.0958 3224 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:28:05.0989 3224 KtmRm - ok 21:28:06.0052 3224 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:28:06.0052 3224 LanmanServer - ok 21:28:06.0083 3224 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:28:06.0098 3224 LanmanWorkstation - ok 21:28:06.0428 3224 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe 21:28:06.0512 3224 LeapFrog Connect Device Service - ok 21:28:06.0550 3224 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:28:06.0575 3224 lltdio - ok 21:28:06.0641 3224 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:28:06.0664 3224 lltdsvc - ok 21:28:06.0695 3224 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:28:06.0711 3224 lmhosts - ok 21:28:06.0757 3224 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 21:28:06.0804 3224 LMS - ok 21:28:06.0804 3224 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:28:06.0820 3224 LSI_FC - ok 21:28:06.0867 3224 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:28:06.0882 3224 LSI_SAS - ok 21:28:06.0929 3224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:28:06.0945 3224 LSI_SAS2 - ok 21:28:06.0976 3224 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:28:06.0991 3224 LSI_SCSI - ok 21:28:07.0023 3224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:28:07.0038 3224 luafv - ok 21:28:07.0101 3224 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:28:07.0116 3224 MBAMProtector - ok 21:28:07.0163 3224 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:28:07.0210 3224 MBAMScheduler - ok 21:28:07.0272 3224 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 21:28:07.0288 3224 MBAMService - ok 21:28:07.0350 3224 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:28:07.0366 3224 Mcx2Svc - ok 21:28:07.0406 3224 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 21:28:07.0415 3224 megasas - ok 21:28:07.0457 3224 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:28:07.0471 3224 MegaSR - ok 21:28:07.0490 3224 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 21:28:07.0497 3224 MEIx64 - ok 21:28:07.0568 3224 Microsoft SharePoint Workspace Audit Service - ok 21:28:07.0615 3224 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:28:07.0616 3224 MMCSS - ok 21:28:07.0632 3224 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:28:07.0640 3224 Modem - ok 21:28:07.0679 3224 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:28:07.0679 3224 monitor - ok 21:28:07.0725 3224 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:28:07.0741 3224 mouclass - ok 21:28:07.0757 3224 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:28:07.0772 3224 mouhid - ok 21:28:07.0819 3224 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:28:07.0819 3224 mountmgr - ok 21:28:07.0881 3224 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:28:07.0913 3224 mpio - ok 21:28:07.0913 3224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:28:07.0929 3224 mpsdrv - ok 21:28:07.0976 3224 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:28:07.0992 3224 MpsSvc - ok 21:28:08.0007 3224 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:28:08.0007 3224 MRxDAV - ok 21:28:08.0038 3224 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:28:08.0070 3224 mrxsmb - ok 21:28:08.0132 3224 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:28:08.0163 3224 mrxsmb10 - ok 21:28:08.0179 3224 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:28:08.0194 3224 mrxsmb20 - ok 21:28:08.0226 3224 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:28:08.0226 3224 msahci - ok 21:28:08.0257 3224 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:28:08.0288 3224 msdsm - ok 21:28:08.0304 3224 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:28:08.0319 3224 MSDTC - ok 21:28:08.0335 3224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:28:08.0350 3224 Msfs - ok 21:28:08.0385 3224 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:28:08.0404 3224 mshidkmdf - ok 21:28:08.0422 3224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:28:08.0427 3224 msisadrv - ok 21:28:08.0448 3224 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:28:08.0458 3224 MSiSCSI - ok 21:28:08.0462 3224 msiserver - ok 21:28:08.0497 3224 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:28:08.0503 3224 MSKSSRV - ok 21:28:08.0517 3224 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:28:08.0522 3224 MSPCLOCK - ok 21:28:08.0531 3224 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:28:08.0537 3224 MSPQM - ok 21:28:08.0551 3224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:28:08.0565 3224 MsRPC - ok 21:28:08.0579 3224 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:28:08.0580 3224 mssmbios - ok 21:28:08.0594 3224 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:28:08.0600 3224 MSTEE - ok 21:28:08.0614 3224 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:28:08.0620 3224 MTConfig - ok 21:28:08.0623 3224 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:28:08.0630 3224 Mup - ok 21:28:08.0649 3224 [ F02A154FDE5DA779E971352256E64CFF ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 21:28:08.0680 3224 MyWiFiDHCPDNS - ok 21:28:08.0727 3224 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:28:08.0758 3224 napagent - ok 21:28:08.0789 3224 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:28:08.0836 3224 NativeWifiP - ok 21:28:09.0039 3224 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:28:09.0054 3224 NDIS - ok 21:28:09.0101 3224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:28:09.0117 3224 NdisCap - ok 21:28:09.0132 3224 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:28:09.0132 3224 NdisTapi - ok 21:28:09.0163 3224 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:28:09.0195 3224 Ndisuio - ok 21:28:09.0210 3224 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:28:09.0273 3224 NdisWan - ok 21:28:09.0288 3224 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:28:09.0319 3224 NDProxy - ok 21:28:09.0335 3224 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:28:09.0351 3224 NetBIOS - ok 21:28:09.0367 3224 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:28:09.0367 3224 NetBT - ok 21:28:09.0393 3224 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:28:09.0394 3224 Netlogon - ok 21:28:09.0422 3224 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:28:09.0430 3224 Netman - ok 21:28:09.0471 3224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:28:09.0545 3224 NetMsmqActivator - ok 21:28:09.0552 3224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:28:09.0553 3224 NetPipeActivator - ok 21:28:09.0576 3224 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:28:09.0579 3224 netprofm - ok 21:28:09.0583 3224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:28:09.0584 3224 NetTcpActivator - ok 21:28:09.0588 3224 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:28:09.0589 3224 NetTcpPortSharing - ok 21:28:09.0933 3224 [ C3FC3EEE5A0CE77A02B27CFDFAF0C758 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 21:28:10.0229 3224 NETwNs64 - ok 21:28:10.0292 3224 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:28:10.0307 3224 nfrd960 - ok 21:28:10.0354 3224 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:28:10.0370 3224 NlaSvc - ok 21:28:10.0385 3224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:28:10.0405 3224 Npfs - ok 21:28:10.0422 3224 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:28:10.0423 3224 nsi - ok 21:28:10.0455 3224 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:28:10.0462 3224 nsiproxy - ok 21:28:10.0536 3224 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:28:10.0609 3224 Ntfs - ok 21:28:10.0623 3224 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:28:10.0628 3224 Null - ok 21:28:10.0669 3224 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 21:28:10.0700 3224 nusb3hub - ok 21:28:10.0747 3224 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 21:28:10.0778 3224 nusb3xhc - ok 21:28:10.0794 3224 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:28:10.0856 3224 nvraid - ok 21:28:10.0872 3224 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:28:10.0887 3224 nvstor - ok 21:28:10.0919 3224 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:28:10.0951 3224 nv_agp - ok 21:28:10.0998 3224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:28:11.0029 3224 ohci1394 - ok 21:28:11.0091 3224 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:28:11.0122 3224 ose - ok 21:28:11.0388 3224 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:28:11.0670 3224 osppsvc - ok 21:28:11.0701 3224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:28:11.0748 3224 p2pimsvc - ok 21:28:11.0795 3224 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:28:11.0811 3224 p2psvc - ok 21:28:11.0842 3224 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 21:28:11.0873 3224 Parport - ok 21:28:11.0889 3224 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:28:11.0904 3224 partmgr - ok 21:28:11.0920 3224 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:28:11.0920 3224 PcaSvc - ok 21:28:11.0935 3224 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:28:11.0967 3224 pci - ok 21:28:11.0982 3224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:28:11.0998 3224 pciide - ok 21:28:12.0013 3224 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:28:12.0045 3224 pcmcia - ok 21:28:12.0091 3224 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:28:12.0107 3224 pcw - ok 21:28:12.0123 3224 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:28:12.0154 3224 PEAUTH - ok 21:28:12.0357 3224 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:28:12.0403 3224 PerfHost - ok 21:28:12.0526 3224 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:28:12.0585 3224 pla - ok 21:28:12.0622 3224 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:28:12.0639 3224 PlugPlay - ok 21:28:12.0651 3224 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:28:12.0658 3224 PNRPAutoReg - ok 21:28:12.0675 3224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:28:12.0677 3224 PNRPsvc - ok 21:28:12.0733 3224 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys 21:28:12.0733 3224 Point64 - ok 21:28:12.0780 3224 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:28:12.0811 3224 PolicyAgent - ok 21:28:12.0874 3224 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 21:28:12.0874 3224 Power - ok 21:28:12.0920 3224 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:28:12.0920 3224 PptpMiniport - ok 21:28:12.0952 3224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 21:28:12.0952 3224 Processor - ok 21:28:12.0998 3224 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:28:12.0998 3224 ProfSvc - ok 21:28:13.0014 3224 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:28:13.0014 3224 ProtectedStorage - ok 21:28:13.0045 3224 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:28:13.0061 3224 Psched - ok 21:28:13.0108 3224 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 21:28:13.0123 3224 PxHlpa64 - ok 21:28:13.0170 3224 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:28:13.0279 3224 ql2300 - ok 21:28:13.0404 3224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:28:13.0420 3224 ql40xx - ok 21:28:13.0475 3224 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:28:13.0491 3224 QWAVE - ok 21:28:13.0507 3224 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:28:13.0516 3224 QWAVEdrv - ok 21:28:13.0535 3224 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:28:13.0542 3224 RasAcd - ok 21:28:13.0564 3224 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:28:13.0579 3224 RasAgileVpn - ok 21:28:13.0604 3224 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:28:13.0612 3224 RasAuto - ok 21:28:13.0645 3224 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:28:13.0665 3224 Rasl2tp - ok 21:28:13.0684 3224 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:28:13.0697 3224 RasMan - ok 21:28:13.0712 3224 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:28:13.0722 3224 RasPppoe - ok 21:28:13.0724 3224 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:28:13.0740 3224 RasSstp - ok 21:28:13.0755 3224 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:28:13.0771 3224 rdbss - ok 21:28:13.0786 3224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 21:28:13.0802 3224 rdpbus - ok 21:28:13.0833 3224 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:28:13.0833 3224 RDPCDD - ok 21:28:13.0849 3224 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:28:13.0849 3224 RDPENCDD - ok 21:28:13.0864 3224 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:28:13.0864 3224 RDPREFMP - ok 21:28:13.0896 3224 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:28:13.0942 3224 RDPWD - ok 21:28:13.0974 3224 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:28:13.0989 3224 rdyboost - ok 21:28:14.0067 3224 [ 3A1EF2F8D0808BECE6A2FEF3EA3987A5 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 21:28:14.0098 3224 RegSrvc - ok 21:28:14.0176 3224 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:28:14.0208 3224 RemoteAccess - ok 21:28:14.0239 3224 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:28:14.0270 3224 RemoteRegistry - ok 21:28:14.0317 3224 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:28:14.0364 3224 RFCOMM - ok 21:28:14.0535 3224 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 21:28:14.0598 3224 RoxMediaDB12OEM - ok 21:28:14.0629 3224 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 21:28:14.0660 3224 RoxWatch12 - ok 21:28:14.0707 3224 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:28:14.0707 3224 RpcEptMapper - ok 21:28:14.0769 3224 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:28:14.0785 3224 RpcLocator - ok 21:28:14.0816 3224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:28:14.0832 3224 RpcSs - ok 21:28:14.0847 3224 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:28:14.0863 3224 rspndr - ok 21:28:14.0894 3224 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 21:28:14.0910 3224 RSUSBSTOR - ok 21:28:14.0988 3224 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:28:15.0019 3224 RTL8167 - ok 21:28:15.0034 3224 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:28:15.0034 3224 SamSs - ok 21:28:15.0050 3224 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:28:15.0066 3224 sbp2port - ok 21:28:15.0097 3224 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:28:15.0112 3224 SCardSvr - ok 21:28:15.0159 3224 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:28:15.0159 3224 scfilter - ok 21:28:15.0206 3224 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:28:15.0284 3224 Schedule - ok 21:28:15.0331 3224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:28:15.0331 3224 SCPolicySvc - ok 21:28:15.0378 3224 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:28:15.0378 3224 SDRSVC - ok 21:28:15.0409 3224 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:28:15.0409 3224 secdrv - ok 21:28:15.0424 3224 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:28:15.0440 3224 seclogon - ok 21:28:15.0456 3224 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:28:15.0456 3224 SENS - ok 21:28:15.0483 3224 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:28:15.0490 3224 SensrSvc - ok 21:28:15.0512 3224 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 21:28:15.0519 3224 Serenum - ok 21:28:15.0533 3224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 21:28:15.0543 3224 Serial - ok 21:28:15.0578 3224 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:28:15.0586 3224 sermouse - ok 21:28:15.0608 3224 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:28:15.0670 3224 SessionEnv - ok 21:28:15.0687 3224 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:28:15.0694 3224 sffdisk - ok 21:28:15.0713 3224 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:28:15.0719 3224 sffp_mmc - ok 21:28:15.0735 3224 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:28:15.0742 3224 sffp_sd - ok 21:28:15.0744 3224 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:28:15.0744 3224 sfloppy - ok 21:28:15.0853 3224 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 21:28:15.0916 3224 SftService - ok 21:28:15.0963 3224 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:28:15.0978 3224 SharedAccess - ok 21:28:16.0009 3224 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:28:16.0056 3224 ShellHWDetection - ok 21:28:16.0087 3224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:28:16.0087 3224 SiSRaid2 - ok 21:28:16.0119 3224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:28:16.0119 3224 SiSRaid4 - ok 21:28:16.0165 3224 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 21:28:16.0462 3224 SkypeUpdate - ok 21:28:16.0494 3224 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:28:16.0505 3224 Smb - ok 21:28:16.0534 3224 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:28:16.0542 3224 SNMPTRAP - ok 21:28:16.0551 3224 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:28:16.0558 3224 spldr - ok 21:28:16.0606 3224 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:28:16.0621 3224 Spooler - ok 21:28:16.0685 3224 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:28:16.0714 3224 sppsvc - ok 21:28:16.0726 3224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:28:16.0734 3224 sppuinotify - ok 21:28:16.0759 3224 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:28:16.0775 3224 srv - ok 21:28:16.0806 3224 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:28:16.0853 3224 srv2 - ok 21:28:16.0884 3224 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:28:16.0931 3224 srvnet - ok 21:28:16.0993 3224 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:28:16.0993 3224 SSDPSRV - ok 21:28:17.0009 3224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:28:17.0024 3224 SstpSvc - ok 21:28:17.0040 3224 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:28:17.0055 3224 stexstor - ok 21:28:17.0087 3224 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:28:17.0118 3224 stisvc - ok 21:28:17.0180 3224 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 21:28:17.0180 3224 stllssvr - ok 21:28:17.0211 3224 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:28:17.0211 3224 swenum - ok 21:28:17.0227 3224 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:28:17.0243 3224 swprv - ok 21:28:17.0289 3224 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:28:17.0305 3224 SysMain - ok 21:28:17.0321 3224 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:28:17.0336 3224 TabletInputService - ok 21:28:17.0352 3224 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:28:17.0352 3224 TapiSrv - ok 21:28:17.0367 3224 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:28:17.0383 3224 TBS - ok 21:28:17.0461 3224 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:28:17.0543 3224 Tcpip - ok 21:28:17.0586 3224 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:28:17.0621 3224 TCPIP6 - ok 21:28:17.0688 3224 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:28:17.0712 3224 tcpipreg - ok 21:28:17.0735 3224 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:28:17.0742 3224 TDPIPE - ok 21:28:17.0783 3224 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:28:17.0790 3224 TDTCP - ok 21:28:17.0794 3224 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:28:17.0810 3224 tdx - ok 21:28:17.0841 3224 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:28:17.0841 3224 TermDD - ok 21:28:17.0888 3224 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:28:17.0888 3224 TermService - ok 21:28:17.0904 3224 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:28:17.0919 3224 Themes - ok 21:28:17.0935 3224 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:28:17.0935 3224 THREADORDER - ok 21:28:17.0997 3224 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys 21:28:17.0997 3224 tmactmon - ok 21:28:18.0060 3224 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys 21:28:18.0091 3224 tmcomm - ok 21:28:18.0153 3224 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys 21:28:18.0169 3224 tmevtmgr - ok 21:28:18.0200 3224 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys 21:28:18.0200 3224 tmtdi - ok 21:28:18.0247 3224 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:28:18.0247 3224 TrkWks - ok 21:28:18.0325 3224 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:28:18.0356 3224 TrustedInstaller - ok 21:28:18.0372 3224 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:28:18.0387 3224 tssecsrv - ok 21:28:18.0418 3224 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:28:18.0434 3224 TsUsbFlt - ok 21:28:18.0450 3224 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:28:18.0481 3224 TsUsbGD - ok 21:28:18.0512 3224 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:28:18.0553 3224 tunnel - ok 21:28:18.0586 3224 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 21:28:18.0592 3224 TurboB - ok 21:28:18.0675 3224 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 21:28:18.0702 3224 TurboBoost - ok 21:28:18.0722 3224 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:28:18.0731 3224 uagp35 - ok 21:28:18.0760 3224 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:28:18.0792 3224 udfs - ok 21:28:18.0813 3224 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:28:18.0829 3224 UI0Detect - ok 21:28:18.0860 3224 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:28:18.0860 3224 uliagpkx - ok 21:28:18.0891 3224 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:28:18.0907 3224 umbus - ok 21:28:18.0922 3224 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 21:28:18.0938 3224 UmPass - ok 21:28:19.0141 3224 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 21:28:19.0172 3224 UNS - ok 21:28:19.0234 3224 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:28:19.0250 3224 upnphost - ok 21:28:19.0297 3224 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 21:28:19.0328 3224 USBAAPL64 - ok 21:28:19.0359 3224 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:28:19.0359 3224 usbccgp - ok 21:28:19.0406 3224 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:28:19.0422 3224 usbcir - ok 21:28:19.0422 3224 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:28:19.0437 3224 usbehci - ok 21:28:19.0468 3224 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:28:19.0515 3224 usbhub - ok 21:28:19.0545 3224 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:28:19.0552 3224 usbohci - ok 21:28:19.0571 3224 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:28:19.0579 3224 usbprint - ok 21:28:19.0598 3224 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:28:19.0608 3224 USBSTOR - ok 21:28:19.0658 3224 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:28:19.0675 3224 usbuhci - ok 21:28:19.0743 3224 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:28:19.0758 3224 usbvideo - ok 21:28:19.0792 3224 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:28:19.0798 3224 UxSms - ok 21:28:19.0814 3224 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:28:19.0814 3224 VaultSvc - ok 21:28:19.0846 3224 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:28:19.0861 3224 vdrvroot - ok 21:28:19.0955 3224 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:28:19.0986 3224 vds - ok 21:28:19.0986 3224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:28:20.0002 3224 vga - ok 21:28:20.0017 3224 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:28:20.0017 3224 VgaSave - ok 21:28:20.0033 3224 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:28:20.0048 3224 vhdmp - ok 21:28:20.0064 3224 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:28:20.0080 3224 viaide - ok 21:28:20.0095 3224 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:28:20.0111 3224 volmgr - ok 21:28:20.0158 3224 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:28:20.0204 3224 volmgrx - ok 21:28:20.0220 3224 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:28:20.0267 3224 volsnap - ok 21:28:20.0298 3224 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:28:20.0329 3224 vsmraid - ok 21:28:20.0392 3224 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:28:20.0438 3224 VSS - ok 21:28:20.0454 3224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:28:20.0454 3224 vwifibus - ok 21:28:20.0470 3224 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:28:20.0485 3224 vwififlt - ok 21:28:20.0501 3224 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:28:20.0501 3224 vwifimp - ok 21:28:20.0585 3224 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:28:20.0593 3224 W32Time - ok 21:28:20.0619 3224 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:28:20.0644 3224 WacomPen - ok 21:28:20.0692 3224 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:28:20.0703 3224 WANARP - ok 21:28:20.0706 3224 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:28:20.0707 3224 Wanarpv6 - ok 21:28:20.0772 3224 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:28:20.0832 3224 WatAdminSvc - ok 21:28:20.0957 3224 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:28:21.0004 3224 wbengine - ok 21:28:21.0019 3224 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:28:21.0035 3224 WbioSrvc - ok 21:28:21.0050 3224 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:28:21.0066 3224 wcncsvc - ok 21:28:21.0097 3224 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:28:21.0113 3224 WcsPlugInService - ok 21:28:21.0144 3224 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 21:28:21.0144 3224 Wd - ok 21:28:21.0175 3224 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:28:21.0222 3224 Wdf01000 - ok 21:28:21.0269 3224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:28:21.0284 3224 WdiServiceHost - ok 21:28:21.0300 3224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:28:21.0300 3224 WdiSystemHost - ok 21:28:21.0378 3224 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:28:21.0409 3224 WebClient - ok 21:28:21.0425 3224 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:28:21.0456 3224 Wecsvc - ok 21:28:21.0472 3224 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:28:21.0472 3224 wercplsupport - ok 21:28:21.0503 3224 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:28:21.0518 3224 WerSvc - ok 21:28:21.0518 3224 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:28:21.0518 3224 WfpLwf - ok 21:28:21.0576 3224 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 21:28:21.0588 3224 WimFltr - ok 21:28:21.0600 3224 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:28:21.0607 3224 WIMMount - ok 21:28:21.0624 3224 WinDefend - ok 21:28:21.0628 3224 WinHttpAutoProxySvc - ok 21:28:21.0744 3224 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:28:21.0764 3224 Winmgmt - ok 21:28:21.0821 3224 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:28:21.0914 3224 WinRM - ok 21:28:21.0961 3224 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:28:21.0977 3224 WinUsb - ok 21:28:22.0023 3224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:28:22.0055 3224 Wlansvc - ok 21:28:22.0101 3224 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:28:22.0117 3224 wlcrasvc - ok 21:28:22.0273 3224 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:28:22.0289 3224 wlidsvc - ok 21:28:22.0320 3224 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:28:22.0320 3224 WmiAcpi - ok 21:28:22.0335 3224 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:28:22.0351 3224 wmiApSrv - ok 21:28:22.0382 3224 WMPNetworkSvc - ok 21:28:22.0398 3224 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:28:22.0429 3224 WPCSvc - ok 21:28:22.0460 3224 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:28:22.0491 3224 WPDBusEnum - ok 21:28:22.0507 3224 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:28:22.0507 3224 ws2ifsl - ok 21:28:22.0523 3224 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:28:22.0523 3224 wscsvc - ok 21:28:22.0523 3224 WSearch - ok 21:28:22.0602 3224 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:28:22.0625 3224 wuauserv - ok 21:28:22.0642 3224 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:28:22.0652 3224 WudfPf - ok 21:28:22.0680 3224 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:28:22.0692 3224 WUDFRd - ok 21:28:22.0709 3224 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:28:22.0717 3224 wudfsvc - ok 21:28:22.0731 3224 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:28:22.0743 3224 WwanSvc - ok 21:28:22.0771 3224 ================ Scan global =============================== 21:28:22.0787 3224 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:28:22.0833 3224 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 21:28:22.0849 3224 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 21:28:22.0865 3224 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:28:22.0943 3224 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:28:22.0974 3224 [Global] - ok 21:28:22.0974 3224 ================ Scan MBR ================================== 21:28:22.0989 3224 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 21:28:24.0331 3224 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 21:28:24.0331 3224 \Device\Harddisk0\DR0 - detected TDSS File System (1) 21:28:24.0331 3224 ================ Scan VBR ================================== 21:28:24.0347 3224 [ 69B675C5EA6DD149AC56D3E563999F70 ] \Device\Harddisk0\DR0\Partition1 21:28:24.0362 3224 \Device\Harddisk0\DR0\Partition1 - ok 21:28:24.0393 3224 [ 915C3A247FB5B28AB40D14CB4701C3BA ] \Device\Harddisk0\DR0\Partition2 21:28:24.0393 3224 \Device\Harddisk0\DR0\Partition2 - ok 21:28:24.0393 3224 ============================================================ 21:28:24.0393 3224 Scan finished 21:28:24.0393 3224 ============================================================ 21:28:24.0425 5252 Detected object count: 1 21:28:24.0425 5252 Actual detected object count: 1 21:30:21.0348 5252 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 21:30:21.0348 5252 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Here are the last 2. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-10-14 12:56:12 ----------------------------- 12:56:12.044 OS Version: Windows x64 6.1.7601 Service Pack 1 12:56:12.044 Number of processors: 4 586 0x2A07 12:56:12.044 ComputerName: TESTANI-PC UserName: Testani 12:56:17.396 Initialize success 12:57:48.019 AVAST engine defs: 12101400 12:59:30.233 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 12:59:30.233 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3 12:59:30.233 Device \Driver\iaStor -> MajorFunction fffffa8009ce55e8 12:59:30.233 Disk 0 MBR read successfully 12:59:30.233 Disk 0 MBR scan 12:59:30.249 Disk 0 Windows VISTA default MBR code 12:59:30.249 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63 12:59:30.264 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992 12:59:30.295 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 590375 MB offset 41172992 12:59:30.358 Disk 0 scanning C:\Windows\system32\drivers 12:59:47.066 Service scanning 13:00:21.588 Modules scanning 13:00:21.604 Disk 0 trace - called modules: 13:00:21.979 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8009ce55e8]<< 13:00:21.994 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009658060] 13:00:22.010 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007713050] 13:00:22.010 \Driver\iaStor[0xfffffa8009c1b230] -> IRP_MJ_CREATE -> 0xfffffa8009ce55e8 13:00:24.075 AVAST engine scan C:\Windows 13:00:27.997 AVAST engine scan C:\Windows\system32 13:04:54.663 AVAST engine scan C:\Windows\system32\drivers 13:05:15.779 AVAST engine scan C:\Users\Testani 13:12:12.866 Disk 0 MBR has been saved successfully to "C:\Users\Testani\Desktop\MBR.dat" 13:12:12.866 The log file has been saved successfully to "C:\Users\Testani\Desktop\aswMBR.txt" aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-10-14 13:27:38 ----------------------------- 13:27:38.653 OS Version: Windows x64 6.1.7601 Service Pack 1 13:27:38.653 Number of processors: 4 586 0x2A07 13:27:38.654 ComputerName: TESTANI-PC UserName: Testani 13:27:40.805 Initialize success 13:27:46.801 AVAST engine defs: 12101400 13:27:54.965 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 13:27:54.965 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3 13:27:54.965 Device \Driver\iaStor -> MajorFunction fffffa8009ce55e8 13:27:54.996 Disk 0 MBR read successfully 13:27:54.996 Disk 0 MBR scan 13:27:54.996 Disk 0 Windows VISTA default MBR code 13:27:54.996 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63 13:27:55.043 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992 13:27:55.074 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 590375 MB offset 41172992 13:27:55.137 Disk 0 scanning C:\Windows\system32\drivers 13:28:09.469 Service scanning 13:28:41.632 Modules scanning 13:28:41.652 Disk 0 trace - called modules: 13:28:41.986 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8009ce55e8]<< 13:28:41.990 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009658060] 13:28:41.994 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007713050] 13:28:41.999 \Driver\iaStor[0xfffffa8009c1b230] -> IRP_MJ_CREATE -> 0xfffffa8009ce55e8 13:28:44.182 AVAST engine scan C:\Windows 13:28:49.137 AVAST engine scan C:\Windows\system32 13:32:15.116 AVAST engine scan C:\Windows\system32\drivers 13:32:31.771 AVAST engine scan C:\Users\Testani 13:45:38.271 Disk 0 MBR has been saved successfully to "C:\Users\Testani\Desktop\MBR.dat" 13:45:38.521 The log file has been saved successfully to "C:\Users\Testani\Desktop\aswMBR.txt" 13:13:07.0907 2940 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 13:13:08.0204 2940 ============================================================ 13:13:08.0204 2940 Current date / time: 2012/10/14 13:13:08.0204 13:13:08.0204 2940 SystemInfo: 13:13:08.0204 2940 13:13:08.0204 2940 OS Version: 6.1.7601 ServicePack: 1.0 13:13:08.0204 2940 Product type: Workstation 13:13:08.0204 2940 ComputerName: TESTANI-PC 13:13:08.0204 2940 UserName: Testani 13:13:08.0204 2940 Windows directory: C:\Windows 13:13:08.0204 2940 System windows directory: C:\Windows 13:13:08.0204 2940 Running under WOW64 13:13:08.0204 2940 Processor architecture: Intel x64 13:13:08.0204 2940 Number of processors: 4 13:13:08.0204 2940 Page size: 0x1000 13:13:08.0204 2940 Boot type: Normal boot 13:13:08.0204 2940 ============================================================ 13:13:08.0841 2940 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:13:08.0847 2940 ============================================================ 13:13:08.0847 2940 \Device\Harddisk0\DR0: 13:13:08.0847 2940 MBR partitions: 13:13:08.0847 2940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000 13:13:08.0847 2940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x48113AB0 13:13:08.0847 2940 ============================================================ 13:13:08.0878 2940 C: <-> \Device\Harddisk0\DR0\Partition2 13:13:08.0878 2940 ============================================================ 13:13:08.0878 2940 Initialize success 13:13:08.0878 2940 ============================================================ 13:13:32.0088 8000 ============================================================ 13:13:32.0088 8000 Scan started 13:13:32.0088 8000 Mode: Manual; TDLFS; 13:13:32.0088 8000 ============================================================ 13:13:32.0854 8000 ================ Scan system memory ======================== 13:13:32.0854 8000 System memory - ok 13:13:32.0854 8000 ================ Scan services ============================= 13:13:33.0061 8000 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:13:33.0076 8000 1394ohci - ok 13:13:33.0123 8000 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:13:33.0123 8000 ACPI - ok 13:13:33.0139 8000 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:13:33.0139 8000 AcpiPmi - ok 13:13:33.0279 8000 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:13:33.0310 8000 AdobeARMservice - ok 13:13:33.0482 8000 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:13:33.0529 8000 AdobeFlashPlayerUpdateSvc - ok 13:13:33.0591 8000 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 13:13:33.0607 8000 adp94xx - ok 13:13:33.0638 8000 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 13:13:33.0638 8000 adpahci - ok 13:13:33.0654 8000 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 13:13:33.0654 8000 adpu320 - ok 13:13:33.0685 8000 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:13:33.0685 8000 AeLookupSvc - ok 13:13:33.0773 8000 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 13:13:33.0794 8000 AERTFilters - ok 13:13:33.0858 8000 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 13:13:33.0868 8000 AFD - ok 13:13:33.0894 8000 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 13:13:33.0895 8000 agp440 - ok 13:13:33.0921 8000 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 13:13:33.0922 8000 ALG - ok 13:13:33.0952 8000 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 13:13:33.0954 8000 aliide - ok 13:13:33.0968 8000 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 13:13:33.0970 8000 amdide - ok 13:13:33.0994 8000 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 13:13:33.0995 8000 AmdK8 - ok 13:13:34.0014 8000 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 13:13:34.0017 8000 AmdPPM - ok 13:13:34.0065 8000 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:13:34.0065 8000 amdsata - ok 13:13:34.0096 8000 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 13:13:34.0096 8000 amdsbs - ok 13:13:34.0112 8000 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:13:34.0112 8000 amdxata - ok 13:13:34.0221 8000 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe 13:13:34.0252 8000 Amsp - ok 13:13:34.0330 8000 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 13:13:34.0346 8000 ApfiltrService - ok 13:13:34.0362 8000 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 13:13:34.0377 8000 AppID - ok 13:13:34.0393 8000 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:13:34.0408 8000 AppIDSvc - ok 13:13:34.0424 8000 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 13:13:34.0424 8000 Appinfo - ok 13:13:34.0533 8000 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:13:34.0564 8000 Apple Mobile Device - ok 13:13:34.0596 8000 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 13:13:34.0596 8000 arc - ok 13:13:34.0611 8000 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 13:13:34.0611 8000 arcsas - ok 13:13:34.0720 8000 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 13:13:34.0752 8000 aspnet_state - ok 13:13:34.0794 8000 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:13:34.0796 8000 AsyncMac - ok 13:13:34.0835 8000 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 13:13:34.0836 8000 atapi - ok 13:13:34.0875 8000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:13:34.0879 8000 AudioEndpointBuilder - ok 13:13:34.0895 8000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:13:34.0899 8000 AudioSrv - ok 13:13:34.0961 8000 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:13:34.0962 8000 AxInstSV - ok 13:13:35.0004 8000 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 13:13:35.0007 8000 b06bdrv - ok 13:13:35.0022 8000 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:13:35.0024 8000 b57nd60a - ok 13:13:35.0125 8000 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe 13:13:35.0141 8000 BBSvc - ok 13:13:35.0188 8000 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe 13:13:35.0235 8000 BBUpdate - ok 13:13:35.0281 8000 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:13:35.0281 8000 BDESVC - ok 13:13:35.0344 8000 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:13:35.0344 8000 Beep - ok 13:13:35.0407 8000 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 13:13:35.0423 8000 BFE - ok 13:13:35.0454 8000 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 13:13:35.0470 8000 BITS - ok 13:13:35.0501 8000 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:13:35.0501 8000 blbdrive - ok 13:13:35.0610 8000 [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 13:13:35.0719 8000 Bluetooth Device Monitor - ok 13:13:35.0750 8000 [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 13:13:35.0833 8000 Bluetooth Media Service - ok 13:13:35.0880 8000 [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 13:13:35.0958 8000 Bluetooth OBEX Service - ok 13:13:36.0028 8000 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:13:36.0048 8000 Bonjour Service - ok 13:13:36.0096 8000 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:13:36.0096 8000 bowser - ok 13:13:36.0128 8000 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 13:13:36.0143 8000 BrFiltLo - ok 13:13:36.0143 8000 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 13:13:36.0143 8000 BrFiltUp - ok 13:13:36.0206 8000 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 13:13:36.0206 8000 Browser - ok 13:13:36.0221 8000 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:13:36.0221 8000 Brserid - ok 13:13:36.0237 8000 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:13:36.0237 8000 BrSerWdm - ok 13:13:36.0237 8000 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:13:36.0237 8000 BrUsbMdm - ok 13:13:36.0252 8000 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:13:36.0252 8000 BrUsbSer - ok 13:13:36.0299 8000 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 13:13:36.0299 8000 BthEnum - ok 13:13:36.0315 8000 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 13:13:36.0330 8000 BTHMODEM - ok 13:13:36.0362 8000 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 13:13:36.0377 8000 BthPan - ok 13:13:36.0408 8000 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 13:13:36.0408 8000 BTHPORT - ok 13:13:36.0455 8000 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 13:13:36.0471 8000 bthserv - ok 13:13:36.0486 8000 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 13:13:36.0486 8000 BTHUSB - ok 13:13:36.0533 8000 [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 13:13:36.0533 8000 btmaux - ok 13:13:36.0564 8000 [ EC1220B647F0D995DA5CAD4153454779 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 13:13:36.0564 8000 btmhsf - ok 13:13:36.0580 8000 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:13:36.0580 8000 cdfs - ok 13:13:36.0627 8000 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:13:36.0627 8000 cdrom - ok 13:13:36.0642 8000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 13:13:36.0642 8000 CertPropSvc - ok 13:13:36.0674 8000 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 13:13:36.0689 8000 circlass - ok 13:13:36.0705 8000 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 13:13:36.0720 8000 CLFS - ok 13:13:36.0767 8000 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:13:36.0795 8000 clr_optimization_v2.0.50727_32 - ok 13:13:36.0851 8000 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:13:36.0856 8000 clr_optimization_v2.0.50727_64 - ok 13:13:36.0922 8000 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:13:36.0927 8000 clr_optimization_v4.0.30319_32 - ok 13:13:36.0964 8000 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:13:36.0966 8000 clr_optimization_v4.0.30319_64 - ok 13:13:36.0998 8000 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:13:36.0999 8000 CmBatt - ok 13:13:37.0009 8000 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:13:37.0010 8000 cmdide - ok 13:13:37.0053 8000 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 13:13:37.0068 8000 CNG - ok 13:13:37.0100 8000 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:13:37.0100 8000 Compbatt - ok 13:13:37.0115 8000 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 13:13:37.0115 8000 CompositeBus - ok 13:13:37.0131 8000 COMSysApp - ok 13:13:37.0178 8000 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 13:13:37.0178 8000 crcdisk - ok 13:13:37.0224 8000 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:13:37.0240 8000 CryptSvc - ok 13:13:37.0365 8000 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys 13:13:37.0365 8000 CtClsFlt - ok 13:13:37.0412 8000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:13:37.0412 8000 DcomLaunch - ok 13:13:37.0443 8000 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 13:13:37.0443 8000 defragsvc - ok 13:13:37.0458 8000 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:13:37.0474 8000 DfsC - ok 13:13:37.0490 8000 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 13:13:37.0505 8000 Dhcp - ok 13:13:37.0521 8000 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 13:13:37.0521 8000 discache - ok 13:13:37.0568 8000 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 13:13:37.0568 8000 Disk - ok 13:13:37.0599 8000 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:13:37.0599 8000 Dnscache - ok 13:13:37.0614 8000 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 13:13:37.0646 8000 dot3svc - ok 13:13:37.0677 8000 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 13:13:37.0692 8000 DPS - ok 13:13:37.0795 8000 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:13:37.0796 8000 drmkaud - ok 13:13:37.0841 8000 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:13:37.0846 8000 DXGKrnl - ok 13:13:37.0874 8000 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:13:37.0880 8000 EapHost - ok 13:13:37.0966 8000 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 13:13:38.0045 8000 ebdrv - ok 13:13:38.0071 8000 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 13:13:38.0071 8000 EFS - ok 13:13:38.0149 8000 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:13:38.0211 8000 ehRecvr - ok 13:13:38.0258 8000 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 13:13:38.0289 8000 ehSched - ok 13:13:38.0320 8000 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 13:13:38.0320 8000 elxstor - ok 13:13:38.0336 8000 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:13:38.0336 8000 ErrDev - ok 13:13:38.0383 8000 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 13:13:38.0383 8000 EventSystem - ok 13:13:38.0476 8000 [ ED8FBADBBAF7420ADEAE2D5D81F0D4A1 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 13:13:38.0507 8000 EvtEng - ok 13:13:38.0539 8000 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 13:13:38.0539 8000 exfat - ok 13:13:38.0554 8000 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:13:38.0554 8000 fastfat - ok 13:13:38.0585 8000 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 13:13:38.0585 8000 Fax - ok 13:13:38.0617 8000 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 13:13:38.0617 8000 fdc - ok 13:13:38.0648 8000 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:13:38.0663 8000 fdPHost - ok 13:13:38.0663 8000 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:13:38.0663 8000 FDResPub - ok 13:13:38.0679 8000 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:13:38.0679 8000 FileInfo - ok 13:13:38.0695 8000 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:13:38.0695 8000 Filetrace - ok 13:13:38.0710 8000 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 13:13:38.0710 8000 flpydisk - ok 13:13:38.0726 8000 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:13:38.0726 8000 FltMgr - ok 13:13:38.0773 8000 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 13:13:38.0791 8000 FontCache - ok 13:13:38.0841 8000 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:13:38.0863 8000 FontCache3.0.0.0 - ok 13:13:38.0882 8000 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:13:38.0883 8000 FsDepends - ok 13:13:38.0916 8000 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:13:38.0917 8000 Fs_Rec - ok 13:13:38.0934 8000 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:13:38.0940 8000 fvevol - ok 13:13:38.0971 8000 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 13:13:38.0972 8000 gagp30kx - ok 13:13:39.0020 8000 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 13:13:39.0023 8000 GEARAspiWDM - ok 13:13:39.0117 8000 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe 13:13:39.0132 8000 GoToAssist - ok 13:13:39.0195 8000 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 13:13:39.0195 8000 gpsvc - ok 13:13:39.0226 8000 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:13:39.0226 8000 hcw85cir - ok 13:13:39.0257 8000 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 13:13:39.0257 8000 HDAudBus - ok 13:13:39.0288 8000 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 13:13:39.0288 8000 HidBatt - ok 13:13:39.0304 8000 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 13:13:39.0304 8000 HidBth - ok 13:13:39.0335 8000 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 13:13:39.0335 8000 HidIr - ok 13:13:39.0351 8000 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 13:13:39.0366 8000 hidserv - ok 13:13:39.0414 8000 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:13:39.0414 8000 HidUsb - ok 13:13:39.0445 8000 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:13:39.0445 8000 hkmsvc - ok 13:13:39.0461 8000 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:13:39.0461 8000 HomeGroupListener - ok 13:13:39.0492 8000 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:13:39.0508 8000 HomeGroupProvider - ok 13:13:39.0523 8000 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:13:39.0523 8000 HpSAMD - ok 13:13:39.0570 8000 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:13:39.0586 8000 HTTP - ok 13:13:39.0601 8000 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:13:39.0601 8000 hwpolicy - ok 13:13:39.0617 8000 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 13:13:39.0617 8000 i8042prt - ok 13:13:39.0679 8000 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys 13:13:39.0679 8000 iaStor - ok 13:13:39.0710 8000 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:13:39.0710 8000 iaStorV - ok 13:13:39.0742 8000 [ E44F0B4DC753C14930B8DC48BB7A1644 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 13:13:39.0742 8000 iBtFltCoex - ok 13:13:39.0840 8000 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 13:13:39.0879 8000 IDriverT - ok 13:13:39.0951 8000 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:13:40.0005 8000 idsvc - ok 13:13:40.0261 8000 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 13:13:40.0495 8000 igfx - ok 13:13:40.0526 8000 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 13:13:40.0526 8000 iirsp - ok 13:13:40.0589 8000 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 13:13:40.0604 8000 IKEEXT - ok 13:13:40.0651 8000 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys 13:13:40.0651 8000 Impcd - ok 13:13:40.0698 8000 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 13:13:40.0698 8000 intaud_WaveExtensible - ok 13:13:40.0807 8000 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 13:13:40.0823 8000 IntcAzAudAddService - ok 13:13:40.0854 8000 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 13:13:40.0870 8000 IntcDAud - ok 13:13:40.0901 8000 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 13:13:40.0916 8000 intelide - ok 13:13:40.0948 8000 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:13:40.0948 8000 intelppm - ok 13:13:40.0979 8000 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:13:40.0979 8000 IPBusEnum - ok 13:13:40.0994 8000 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:13:41.0010 8000 IpFilterDriver - ok 13:13:41.0057 8000 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:13:41.0072 8000 iphlpsvc - ok 13:13:41.0088 8000 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:13:41.0088 8000 IPMIDRV - ok 13:13:41.0104 8000 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:13:41.0104 8000 IPNAT - ok 13:13:41.0182 8000 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:13:41.0213 8000 iPod Service - ok 13:13:41.0228 8000 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:13:41.0228 8000 IRENUM - ok 13:13:41.0260 8000 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:13:41.0260 8000 isapnp - ok 13:13:41.0260 8000 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:13:41.0275 8000 iScsiPrt - ok 13:13:41.0306 8000 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys 13:13:41.0306 8000 iwdbus - ok 13:13:41.0322 8000 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:13:41.0338 8000 kbdclass - ok 13:13:41.0369 8000 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 13:13:41.0369 8000 kbdhid - ok 13:13:41.0400 8000 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 13:13:41.0400 8000 KeyIso - ok 13:13:41.0431 8000 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:13:41.0431 8000 KSecDD - ok 13:13:41.0478 8000 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:13:41.0478 8000 KSecPkg - ok 13:13:41.0509 8000 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:13:41.0509 8000 ksthunk - ok 13:13:41.0540 8000 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 13:13:41.0572 8000 KtmRm - ok 13:13:41.0603 8000 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 13:13:41.0603 8000 LanmanServer - ok 13:13:41.0634 8000 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:13:41.0650 8000 LanmanWorkstation - ok 13:13:41.0846 8000 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe 13:13:41.0925 8000 LeapFrog Connect Device Service - ok 13:13:41.0974 8000 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:13:41.0978 8000 lltdio - ok 13:13:42.0016 8000 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:13:42.0027 8000 lltdsvc - ok 13:13:42.0050 8000 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:13:42.0056 8000 lmhosts - ok 13:13:42.0123 8000 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 13:13:42.0155 8000 LMS - ok 13:13:42.0201 8000 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 13:13:42.0201 8000 LSI_FC - ok 13:13:42.0217 8000 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 13:13:42.0233 8000 LSI_SAS - ok 13:13:42.0248 8000 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 13:13:42.0248 8000 LSI_SAS2 - ok 13:13:42.0279 8000 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 13:13:42.0279 8000 LSI_SCSI - ok 13:13:42.0295 8000 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 13:13:42.0295 8000 luafv - ok 13:13:42.0342 8000 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 13:13:42.0357 8000 MBAMProtector - ok 13:13:42.0404 8000 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 13:13:42.0451 8000 MBAMScheduler - ok 13:13:42.0498 8000 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 13:13:42.0529 8000 MBAMService - ok 13:13:42.0560 8000 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:13:42.0576 8000 Mcx2Svc - ok 13:13:42.0607 8000 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 13:13:42.0607 8000 megasas - ok 13:13:42.0654 8000 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 13:13:42.0654 8000 MegaSR - ok 13:13:42.0685 8000 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 13:13:42.0685 8000 MEIx64 - ok 13:13:42.0763 8000 Microsoft SharePoint Workspace Audit Service - ok 13:13:42.0779 8000 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 13:13:42.0794 8000 MMCSS - ok 13:13:42.0794 8000 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:13:42.0794 8000 Modem - ok 13:13:42.0848 8000 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:13:42.0849 8000 monitor - ok 13:13:42.0868 8000 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:13:42.0871 8000 mouclass - ok 13:13:42.0888 8000 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:13:42.0889 8000 mouhid - ok 13:13:42.0908 8000 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:13:42.0909 8000 mountmgr - ok 13:13:42.0924 8000 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 13:13:42.0925 8000 mpio - ok 13:13:42.0944 8000 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:13:42.0953 8000 mpsdrv - ok 13:13:42.0979 8000 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:13:42.0984 8000 MpsSvc - ok 13:13:42.0996 8000 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:13:42.0997 8000 MRxDAV - ok 13:13:43.0029 8000 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:13:43.0031 8000 mrxsmb - ok 13:13:43.0073 8000 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:13:43.0077 8000 mrxsmb10 - ok 13:13:43.0079 8000 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:13:43.0079 8000 mrxsmb20 - ok 13:13:43.0110 8000 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 13:13:43.0110 8000 msahci - ok 13:13:43.0126 8000 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:13:43.0126 8000 msdsm - ok 13:13:43.0157 8000 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 13:13:43.0157 8000 MSDTC - ok 13:13:43.0188 8000 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:13:43.0188 8000 Msfs - ok 13:13:43.0204 8000 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:13:43.0204 8000 mshidkmdf - ok 13:13:43.0235 8000 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:13:43.0235 8000 msisadrv - ok 13:13:43.0266 8000 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:13:43.0282 8000 MSiSCSI - ok 13:13:43.0282 8000 msiserver - ok 13:13:43.0313 8000 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:13:43.0313 8000 MSKSSRV - ok 13:13:43.0344 8000 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:13:43.0344 8000 MSPCLOCK - ok 13:13:43.0360 8000 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:13:43.0360 8000 MSPQM - ok 13:13:43.0375 8000 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:13:43.0375 8000 MsRPC - ok 13:13:43.0391 8000 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 13:13:43.0391 8000 mssmbios - ok 13:13:43.0406 8000 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:13:43.0406 8000 MSTEE - ok 13:13:43.0422 8000 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 13:13:43.0422 8000 MTConfig - ok 13:13:43.0438 8000 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:13:43.0438 8000 Mup - ok 13:13:43.0517 8000 [ F02A154FDE5DA779E971352256E64CFF ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 13:13:43.0563 8000 MyWiFiDHCPDNS - ok 13:13:43.0595 8000 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 13:13:43.0626 8000 napagent - ok 13:13:43.0673 8000 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:13:43.0704 8000 NativeWifiP - ok 13:13:43.0766 8000 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 13:13:43.0782 8000 NDIS - ok 13:13:43.0782 8000 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:13:43.0797 8000 NdisCap - ok 13:13:43.0813 8000 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:13:43.0813 8000 NdisTapi - ok 13:13:43.0844 8000 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:13:43.0844 8000 Ndisuio - ok 13:13:43.0860 8000 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:13:43.0875 8000 NdisWan - ok 13:13:43.0891 8000 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:13:43.0891 8000 NDProxy - ok 13:13:43.0907 8000 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:13:43.0922 8000 NetBIOS - ok 13:13:43.0938 8000 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:13:43.0938 8000 NetBT - ok 13:13:43.0953 8000 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 13:13:43.0969 8000 Netlogon - ok 13:13:44.0000 8000 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 13:13:44.0016 8000 Netman - ok 13:13:44.0047 8000 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:13:44.0078 8000 NetMsmqActivator - ok 13:13:44.0094 8000 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:13:44.0094 8000 NetPipeActivator - ok 13:13:44.0109 8000 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 13:13:44.0109 8000 netprofm - ok 13:13:44.0109 8000 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:13:44.0125 8000 NetTcpActivator - ok 13:13:44.0125 8000 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:13:44.0125 8000 NetTcpPortSharing - ok 13:13:44.0343 8000 [ C3FC3EEE5A0CE77A02B27CFDFAF0C758 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 13:13:44.0468 8000 NETwNs64 - ok 13:13:44.0531 8000 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 13:13:44.0531 8000 nfrd960 - ok 13:13:44.0577 8000 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:13:44.0577 8000 NlaSvc - ok 13:13:44.0593 8000 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:13:44.0609 8000 Npfs - ok 13:13:44.0624 8000 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:13:44.0624 8000 nsi - ok 13:13:44.0640 8000 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:13:44.0640 8000 nsiproxy - ok 13:13:44.0702 8000 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:13:44.0733 8000 Ntfs - ok 13:13:44.0765 8000 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 13:13:44.0765 8000 Null - ok 13:13:44.0796 8000 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 13:13:44.0796 8000 nusb3hub - ok 13:13:44.0848 8000 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 13:13:44.0854 8000 nusb3xhc - ok 13:13:44.0871 8000 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:13:44.0872 8000 nvraid - ok 13:13:44.0884 8000 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:13:44.0886 8000 nvstor - ok 13:13:44.0916 8000 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:13:44.0917 8000 nv_agp - ok 13:13:44.0935 8000 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:13:44.0938 8000 ohci1394 - ok 13:13:45.0002 8000 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:13:45.0026 8000 ose - ok 13:13:45.0206 8000 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 13:13:45.0237 8000 osppsvc - ok 13:13:45.0269 8000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:13:45.0269 8000 p2pimsvc - ok 13:13:45.0300 8000 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:13:45.0331 8000 p2psvc - ok 13:13:45.0347 8000 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 13:13:45.0347 8000 Parport - ok 13:13:45.0378 8000 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:13:45.0393 8000 partmgr - ok 13:13:45.0409 8000 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:13:45.0409 8000 PcaSvc - ok 13:13:45.0440 8000 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 13:13:45.0440 8000 pci - ok 13:13:45.0471 8000 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 13:13:45.0471 8000 pciide - ok 13:13:45.0503 8000 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 13:13:45.0503 8000 pcmcia - ok 13:13:45.0534 8000 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:13:45.0534 8000 pcw - ok 13:13:45.0549 8000 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:13:45.0549 8000 PEAUTH - ok 13:13:45.0659 8000 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:13:45.0690 8000 PerfHost - ok 13:13:45.0768 8000 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 13:13:45.0783 8000 pla - ok 13:13:45.0830 8000 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:13:45.0846 8000 PlugPlay - ok 13:13:45.0860 8000 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:13:45.0862 8000 PNRPAutoReg - ok 13:13:45.0886 8000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:13:45.0895 8000 PNRPsvc - ok 13:13:45.0955 8000 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys 13:13:45.0958 8000 Point64 - ok 13:13:46.0007 8000 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:13:46.0018 8000 PolicyAgent - ok 13:13:46.0055 8000 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 13:13:46.0057 8000 Power - ok 13:13:46.0076 8000 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:13:46.0078 8000 PptpMiniport - ok 13:13:46.0093 8000 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 13:13:46.0094 8000 Processor - ok 13:13:46.0114 8000 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 13:13:46.0114 8000 ProfSvc - ok 13:13:46.0129 8000 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:13:46.0129 8000 ProtectedStorage - ok 13:13:46.0161 8000 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:13:46.0161 8000 Psched - ok 13:13:46.0207 8000 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 13:13:46.0207 8000 PxHlpa64 - ok 13:13:46.0301 8000 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 13:13:46.0301 8000 ql2300 - ok 13:13:46.0348 8000 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 13:13:46.0348 8000 ql40xx - ok 13:13:46.0426 8000 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 13:13:46.0426 8000 QWAVE - ok 13:13:46.0473 8000 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:13:46.0473 8000 QWAVEdrv - ok 13:13:46.0504 8000 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:13:46.0504 8000 RasAcd - ok 13:13:46.0535 8000 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:13:46.0535 8000 RasAgileVpn - ok 13:13:46.0551 8000 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 13:13:46.0551 8000 RasAuto - ok 13:13:46.0566 8000 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:13:46.0566 8000 Rasl2tp - ok 13:13:46.0613 8000 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 13:13:46.0613 8000 RasMan - ok 13:13:46.0660 8000 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:13:46.0660 8000 RasPppoe - ok 13:13:46.0675 8000 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:13:46.0675 8000 RasSstp - ok 13:13:46.0691 8000 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:13:46.0707 8000 rdbss - ok 13:13:46.0707 8000 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 13:13:46.0707 8000 rdpbus - ok 13:13:46.0722 8000 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:13:46.0722 8000 RDPCDD - ok 13:13:46.0753 8000 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:13:46.0753 8000 RDPENCDD - ok 13:13:46.0769 8000 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:13:46.0769 8000 RDPREFMP - ok 13:13:46.0816 8000 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:13:46.0816 8000 RDPWD - ok 13:13:46.0863 8000 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:13:46.0865 8000 rdyboost - ok 13:13:46.0926 8000 [ 3A1EF2F8D0808BECE6A2FEF3EA3987A5 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 13:13:46.0956 8000 RegSrvc - ok 13:13:46.0995 8000 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:13:47.0002 8000 RemoteAccess - ok 13:13:47.0026 8000 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:13:47.0029 8000 RemoteRegistry - ok 13:13:47.0062 8000 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 13:13:47.0064 8000 RFCOMM - ok 13:13:47.0162 8000 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 13:13:47.0240 8000 RoxMediaDB12OEM - ok 13:13:47.0287 8000 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 13:13:47.0333 8000 RoxWatch12 - ok 13:13:47.0349 8000 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:13:47.0365 8000 RpcEptMapper - ok 13:13:47.0396 8000 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 13:13:47.0396 8000 RpcLocator - ok 13:13:47.0443 8000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 13:13:47.0443 8000 RpcSs - ok 13:13:47.0474 8000 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:13:47.0474 8000 rspndr - ok 13:13:47.0505 8000 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 13:13:47.0521 8000 RSUSBSTOR - ok 13:13:47.0567 8000 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 13:13:47.0567 8000 RTL8167 - ok 13:13:47.0599 8000 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 13:13:47.0599 8000 SamSs - ok 13:13:47.0599 8000 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:13:47.0614 8000 sbp2port - ok 13:13:47.0630 8000 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:13:47.0630 8000 SCardSvr - ok 13:13:47.0645 8000 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:13:47.0645 8000 scfilter - ok 13:13:47.0692 8000 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 13:13:47.0708 8000 Schedule - ok 13:13:47.0739 8000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:13:47.0739 8000 SCPolicySvc - ok 13:13:47.0755 8000 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:13:47.0770 8000 SDRSVC - ok 13:13:47.0786 8000 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:13:47.0786 8000 secdrv - ok 13:13:47.0801 8000 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 13:13:47.0817 8000 seclogon - ok 13:13:47.0853 8000 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 13:13:47.0857 8000 SENS - ok 13:13:47.0869 8000 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:13:47.0873 8000 SensrSvc - ok 13:13:47.0910 8000 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 13:13:47.0911 8000 Serenum - ok 13:13:47.0930 8000 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 13:13:47.0933 8000 Serial - ok 13:13:47.0964 8000 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 13:13:47.0966 8000 sermouse - ok 13:13:47.0995 8000 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 13:13:47.0997 8000 SessionEnv - ok 13:13:48.0007 8000 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:13:48.0007 8000 sffdisk - ok 13:13:48.0021 8000 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:13:48.0027 8000 sffp_mmc - ok 13:13:48.0044 8000 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:13:48.0044 8000 sffp_sd - ok 13:13:48.0070 8000 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 13:13:48.0073 8000 sfloppy - ok 13:13:48.0163 8000 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 13:13:48.0194 8000 SftService - ok 13:13:48.0241 8000 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:13:48.0257 8000 SharedAccess - ok 13:13:48.0272 8000 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:13:48.0288 8000 ShellHWDetection - ok 13:13:48.0319 8000 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 13:13:48.0319 8000 SiSRaid2 - ok 13:13:48.0350 8000 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 13:13:48.0350 8000 SiSRaid4 - ok 13:13:48.0397 8000 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:13:48.0647 8000 SkypeUpdate - ok 13:13:48.0678 8000 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:13:48.0678 8000 Smb - ok 13:13:48.0709 8000 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:13:48.0709 8000 SNMPTRAP - ok 13:13:48.0725 8000 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:13:48.0725 8000 spldr - ok 13:13:48.0772 8000 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 13:13:48.0803 8000 Spooler - ok 13:13:48.0888 8000 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 13:13:48.0907 8000 sppsvc - ok 13:13:48.0925 8000 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:13:48.0926 8000 sppuinotify - ok 13:13:48.0954 8000 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 13:13:48.0957 8000 srv - ok 13:13:48.0981 8000 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:13:48.0983 8000 srv2 - ok 13:13:49.0004 8000 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:13:49.0009 8000 srvnet - ok 13:13:49.0047 8000 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:13:49.0049 8000 SSDPSRV - ok 13:13:49.0062 8000 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:13:49.0069 8000 SstpSvc - ok 13:13:49.0091 8000 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 13:13:49.0092 8000 stexstor - ok 13:13:49.0120 8000 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 13:13:49.0135 8000 stisvc - ok 13:13:49.0166 8000 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 13:13:49.0198 8000 stllssvr - ok 13:13:49.0213 8000 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 13:13:49.0213 8000 swenum - ok 13:13:49.0229 8000 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 13:13:49.0244 8000 swprv - ok 13:13:49.0307 8000 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 13:13:49.0307 8000 SysMain - ok 13:13:49.0322 8000 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:13:49.0338 8000 TabletInputService - ok 13:13:49.0354 8000 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 13:13:49.0354 8000 TapiSrv - ok 13:13:49.0369 8000 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 13:13:49.0385 8000 TBS - ok 13:13:49.0478 8000 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:13:49.0494 8000 Tcpip - ok 13:13:49.0588 8000 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:13:49.0603 8000 TCPIP6 - ok 13:13:49.0634 8000 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:13:49.0634 8000 tcpipreg - ok 13:13:49.0650 8000 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:13:49.0650 8000 TDPIPE - ok 13:13:49.0681 8000 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:13:49.0681 8000 TDTCP - ok 13:13:49.0712 8000 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:13:49.0712 8000 tdx - ok 13:13:49.0728 8000 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 13:13:49.0728 8000 TermDD - ok 13:13:49.0759 8000 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 13:13:49.0775 8000 TermService - ok 13:13:49.0790 8000 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 13:13:49.0790 8000 Themes - ok 13:13:49.0806 8000 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 13:13:49.0806 8000 THREADORDER - ok 13:13:49.0861 8000 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys 13:13:49.0862 8000 tmactmon - ok 13:13:49.0916 8000 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys 13:13:49.0921 8000 tmcomm - ok 13:13:49.0964 8000 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys 13:13:49.0967 8000 tmevtmgr - ok 13:13:50.0004 8000 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys 13:13:50.0005 8000 tmtdi - ok 13:13:50.0033 8000 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 13:13:50.0040 8000 TrkWks - ok 13:13:50.0094 8000 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:13:50.0116 8000 TrustedInstaller - ok 13:13:50.0135 8000 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:13:50.0135 8000 tssecsrv - ok 13:13:50.0167 8000 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:13:50.0167 8000 TsUsbFlt - ok 13:13:50.0182 8000 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 13:13:50.0198 8000 TsUsbGD - ok 13:13:50.0245 8000 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:13:50.0245 8000 tunnel - ok 13:13:50.0276 8000 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 13:13:50.0276 8000 TurboB - ok 13:13:50.0338 8000 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 13:13:50.0354 8000 TurboBoost - ok 13:13:50.0432 8000 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 13:13:50.0432 8000 uagp35 - ok 13:13:50.0447 8000 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:13:50.0463 8000 udfs - ok 13:13:50.0525 8000 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:13:50.0525 8000 UI0Detect - ok 13:13:50.0572 8000 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:13:50.0572 8000 uliagpkx - ok 13:13:50.0588 8000 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:13:50.0588 8000 umbus - ok 13:13:50.0619 8000 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 13:13:50.0619 8000 UmPass - ok 13:13:50.0744 8000 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 13:13:50.0791 8000 UNS - ok 13:13:50.0806 8000 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 13:13:50.0806 8000 upnphost - ok 13:13:50.0863 8000 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 13:13:50.0889 8000 USBAAPL64 - ok 13:13:50.0907 8000 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:13:50.0908 8000 usbccgp - ok 13:13:50.0941 8000 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:13:50.0942 8000 usbcir - ok 13:13:50.0954 8000 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:13:50.0978 8000 usbehci - ok 13:13:51.0022 8000 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:13:51.0030 8000 usbhub - ok 13:13:51.0064 8000 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:13:51.0065 8000 usbohci - ok 13:13:51.0080 8000 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys 13:13:51.0083 8000 usbprint - ok 13:13:51.0107 8000 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:13:51.0108 8000 USBSTOR - ok 13:13:51.0121 8000 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 13:13:51.0137 8000 usbuhci - ok 13:13:51.0168 8000 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 13:13:51.0183 8000 usbvideo - ok 13:13:51.0199 8000 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 13:13:51.0215 8000 UxSms - ok 13:13:51.0230 8000 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 13:13:51.0230 8000 VaultSvc - ok 13:13:51.0277 8000 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:13:51.0277 8000 vdrvroot - ok 13:13:51.0324 8000 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 13:13:51.0339 8000 vds - ok 13:13:51.0355 8000 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:13:51.0355 8000 vga - ok 13:13:51.0371 8000 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 13:13:51.0371 8000 VgaSave - ok 13:13:51.0417 8000 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:13:51.0433 8000 vhdmp - ok 13:13:51.0449 8000 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 13:13:51.0449 8000 viaide - ok 13:13:51.0464 8000 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:13:51.0464 8000 volmgr - ok 13:13:51.0480 8000 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:13:51.0480 8000 volmgrx - ok 13:13:51.0495 8000 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:13:51.0495 8000 volsnap - ok 13:13:51.0527 8000 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 13:13:51.0542 8000 vsmraid - ok 13:13:51.0620 8000 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 13:13:51.0651 8000 VSS - ok 13:13:51.0667 8000 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:13:51.0667 8000 vwifibus - ok 13:13:51.0698 8000 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:13:51.0714 8000 vwififlt - ok 13:13:51.0729 8000 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 13:13:51.0729 8000 vwifimp - ok 13:13:51.0745 8000 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 13:13:51.0745 8000 W32Time - ok 13:13:51.0761 8000 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 13:13:51.0761 8000 WacomPen - ok 13:13:51.0792 8000 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:13:51.0792 8000 WANARP - ok 13:13:51.0807 8000 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:13:51.0807 8000 Wanarpv6 - ok 13:13:51.0906 8000 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 13:13:51.0976 8000 WatAdminSvc - ok 13:13:52.0023 8000 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 13:13:52.0039 8000 wbengine - ok 13:13:52.0060 8000 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:13:52.0063 8000 WbioSrvc - ok 13:13:52.0085 8000 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:13:52.0088 8000 wcncsvc - ok 13:13:52.0101 8000 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:13:52.0103 8000 WcsPlugInService - ok 13:13:52.0126 8000 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 13:13:52.0129 8000 Wd - ok 13:13:52.0157 8000 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:13:52.0173 8000 Wdf01000 - ok 13:13:52.0235 8000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:13:52.0251 8000 WdiServiceHost - ok 13:13:52.0267 8000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:13:52.0267 8000 WdiSystemHost - ok 13:13:52.0282 8000 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 13:13:52.0298 8000 WebClient - ok 13:13:52.0313 8000 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:13:52.0313 8000 Wecsvc - ok 13:13:52.0345 8000 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:13:52.0345 8000 wercplsupport - ok 13:13:52.0360 8000 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:13:52.0360 8000 WerSvc - ok 13:13:52.0376 8000 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:13:52.0376 8000 WfpLwf - ok 13:13:52.0423 8000 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 13:13:52.0423 8000 WimFltr - ok 13:13:52.0454 8000 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:13:52.0454 8000 WIMMount - ok 13:13:52.0469 8000 WinDefend - ok 13:13:52.0485 8000 WinHttpAutoProxySvc - ok 13:13:52.0547 8000 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:13:52.0563 8000 Winmgmt - ok 13:13:52.0641 8000 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 13:13:52.0641 8000 WinRM - ok 13:13:52.0703 8000 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:13:52.0703 8000 WinUsb - ok 13:13:52.0766 8000 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 13:13:52.0781 8000 Wlansvc - ok 13:13:52.0828 8000 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 13:13:52.0859 8000 wlcrasvc - ok 13:13:52.0989 8000 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:13:53.0012 8000 wlidsvc - ok 13:13:53.0044 8000 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 13:13:53.0044 8000 WmiAcpi - ok 13:13:53.0066 8000 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:13:53.0082 8000 wmiApSrv - ok 13:13:53.0106 8000 WMPNetworkSvc - ok 13:13:53.0128 8000 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:13:53.0130 8000 WPCSvc - ok 13:13:53.0140 8000 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:13:53.0140 8000 WPDBusEnum - ok 13:13:53.0156 8000 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:13:53.0156 8000 ws2ifsl - ok 13:13:53.0171 8000 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 13:13:53.0187 8000 wscsvc - ok 13:13:53.0187 8000 WSearch - ok 13:13:53.0280 8000 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 13:13:53.0296 8000 wuauserv - ok 13:13:53.0312 8000 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:13:53.0312 8000 WudfPf - ok 13:13:53.0343 8000 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:13:53.0343 8000 WUDFRd - ok 13:13:53.0358 8000 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:13:53.0358 8000 wudfsvc - ok 13:13:53.0374 8000 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 13:13:53.0390 8000 WwanSvc - ok 13:13:53.0405 8000 ================ Scan global =============================== 13:13:53.0421 8000 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 13:13:53.0468 8000 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 13:13:53.0483 8000 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 13:13:53.0514 8000 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 13:13:53.0530 8000 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 13:13:53.0530 8000 [Global] - ok 13:13:53.0530 8000 ================ Scan MBR ================================== 13:13:53.0546 8000 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 13:13:53.0546 8000 Suspicious mbr (Forged): \Device\Harddisk0\DR0 13:13:53.0624 8000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 13:13:53.0624 8000 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 13:13:53.0733 8000 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 13:13:53.0733 8000 \Device\Harddisk0\DR0 - detected TDSS File System (1) 13:13:53.0733 8000 ================ Scan VBR ================================== 13:13:53.0733 8000 [ 69B675C5EA6DD149AC56D3E563999F70 ] \Device\Harddisk0\DR0\Partition1 13:13:53.0733 8000 \Device\Harddisk0\DR0\Partition1 - ok 13:13:53.0780 8000 [ 915C3A247FB5B28AB40D14CB4701C3BA ] \Device\Harddisk0\DR0\Partition2 13:13:53.0780 8000 \Device\Harddisk0\DR0\Partition2 - ok 13:13:53.0780 8000 ============================================================ 13:13:53.0780 8000 Scan finished 13:13:53.0780 8000 ============================================================ 13:13:53.0795 4944 Detected object count: 2 13:13:53.0795 4944 Actual detected object count: 2 13:14:47.0275 4944 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user 13:14:47.0275 4944 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip 13:14:47.0275 4944 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 13:14:47.0275 4944 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Jeff - Thanks for your help. Here are the logs you requested. Not sure how to send these more compactly. DDS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Testani at 12:49:52 on 2012-10-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5570 [GMT -4:00] . AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Windows\system32\conhost.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\rundll32.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Windows\system32\conhost.exe -netsvcs C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe C:\Windows\system32\conhost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\conhost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.cnn.com/ mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\Testani\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - hxxp://watcherswebclubhouse.com/dating/download/v2/cfweb_watcherswebclubhouse.com-dating-download-v2_instmodule.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ive-ssdc.kp.org/dana-cached/sc/JuniperSetupClient.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{25E196CA-531A-4DBE-A744-F99D02714D1C} : DHCPNameServer = 13.35.0.1 13.35.0.2 TCP: Interfaces\{B8626C57-8E68-4C2F-9A97-345E5A847F00} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{B8626C57-8E68-4C2F-9A97-345E5A847F00}\2656C6B696E6E2030383 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{B8626C57-8E68-4C2F-9A97-345E5A847F00}\960586F6E656 : DHCPNameServer = 172.26.38.1 172.26.38.2 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1088\TmIEPlg.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-17 55856] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-9-17 98208] R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-9-20 256336] R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-25 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-25 676936] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-9-17 1692480] R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-9-20 67664] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-17 2656280] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-9-17 176096] R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-17 317440] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-4-26 25496] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-9-25 25928] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-9-17 56344] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETwNs64.sys [2011-9-17 8596992] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-9-17 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-9-17 181760] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-17 412264] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-25 250808] S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-9-17 158976] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-4-26 34200] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-6-16 340240] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-9-17 250984] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-4 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-10-14 01:48:56 20480 ----a-w- C:\Windows\svchost.exe 2012-09-26 03:05:20 -------- d-----w- C:\Users\Testani\AppData\Roaming\Camfrog Web 2012-09-26 02:09:22 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-26 02:09:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-09-25 22:44:23 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-09-23 23:58:39 86016 ----a-w- C:\Windows\unvise32.exe 2012-09-23 23:58:38 -------- d-----w- C:\ExamView 2012-09-21 03:20:13 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-09-21 03:20:07 -------- d-----w- C:\Program Files\iTunes 2012-09-21 02:20:37 105552 ----a-w- C:\Windows\System32\drivers\tmtdi.sys 2012-09-21 02:20:16 90704 ----a-w- C:\Windows\System32\drivers\tmactmon.sys 2012-09-21 02:20:16 67664 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys 2012-09-21 02:20:16 144464 ----a-w- C:\Windows\System32\drivers\tmcomm.sys 2012-09-21 02:12:35 -------- d-----w- C:\Program Files\Trend Micro 2012-09-21 01:26:24 -------- d-----w- C:\Program Files\Microsoft Lync 2012-09-21 01:26:18 -------- d-----w- C:\Program Files (x86)\Microsoft Lync 2012-09-21 01:17:47 -------- d-----w- C:\Users\Testani\Tracing 2012-09-21 01:17:47 -------- d-----w- C:\Program Files (x86)\OCSetup 2012-09-21 01:11:59 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-09-21 01:11:44 -------- d-----w- C:\Windows\PCHEALTH 2012-09-21 01:09:42 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-09-21 01:09:14 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-09-21 00:32:36 -------- d-----w- C:\Users\Testani\AppData\Roaming\e-academy Inc 2012-09-21 00:32:36 -------- d-----w- C:\Users\Testani\AppData\Local\e-academy Inc 2012-09-18 14:10:17 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{87B4611A-7A8C-4E5A-B8B8-0C6B413A5446}\mpengine.dll 2012-09-15 15:20:24 -------- d-----w- C:\Users\Testani\AppData\Local\Apple Computer 2012-09-15 15:19:11 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-09-15 15:19:11 -------- d-----w- C:\Program Files\iPod 2012-09-15 15:19:11 -------- d-----w- C:\Program Files (x86)\iTunes 2012-09-15 15:18:43 -------- d-----w- C:\Users\Testani\AppData\Local\Apple 2012-09-15 15:18:25 -------- d-----w- C:\Program Files\Bonjour 2012-09-15 15:18:25 -------- d-----w- C:\Program Files (x86)\Bonjour . ==================== Find3M ==================== . 2012-10-09 13:32:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 13:32:24 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-07-20 14:45:38 0 ----a-w- C:\Windows\SysWow64\sho39F3.tmp 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 12:52:22.07 =============== DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 11/29/2011 7:14:21 PM System Uptime: 10/14/2012 12:43:00 PM (0 hours ago) . Motherboard: Dell Inc. | | 0YH79Y Processor: Intel® Core i5-2430M CPU @ 2.40GHz | CPU | 2401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 577 GiB total, 506.744 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP262: 9/30/2012 11:48:50 PM - Windows Update RP263: 10/1/2012 6:22:24 AM - Windows Update RP264: 10/1/2012 3:46:34 PM - Windows Update RP265: 10/2/2012 12:26:26 AM - Windows Update RP266: 10/2/2012 9:46:22 AM - Windows Update RP267: 10/2/2012 10:34:56 AM - Windows Update RP268: 10/2/2012 3:57:45 PM - Windows Update RP269: 10/3/2012 8:30:35 AM - Windows Update RP270: 10/3/2012 1:22:00 PM - Windows Update RP271: 10/3/2012 3:10:19 PM - Windows Update RP272: 10/4/2012 12:58:23 PM - Windows Update RP273: 10/4/2012 2:11:11 PM - Windows Update RP274: 10/5/2012 12:30:09 AM - Windows Update RP275: 10/5/2012 10:55:19 AM - Windows Update RP276: 10/6/2012 8:19:11 AM - Windows Update RP277: 10/6/2012 12:24:23 PM - Windows Update RP278: 10/7/2012 12:15:36 PM - Windows Update RP279: 10/7/2012 10:34:44 PM - Windows Update RP280: 10/8/2012 8:13:31 AM - Windows Update RP281: 10/8/2012 12:00:18 PM - Windows Update RP282: 10/9/2012 12:06:13 AM - Windows Update RP283: 10/9/2012 5:20:54 PM - Windows Update RP284: 10/10/2012 9:26:57 AM - Windows Update RP285: 10/10/2012 11:40:19 AM - Windows Update RP286: 10/11/2012 8:30:53 AM - Windows Update RP287: 10/11/2012 3:11:20 PM - Windows Update RP288: 10/11/2012 11:44:01 PM - Windows Update RP289: 10/12/2012 2:43:20 PM - Windows Update RP290: 10/13/2012 10:18:48 AM - Windows Update RP291: 10/13/2012 3:48:41 PM - Windows Update RP292: 10/14/2012 1:06:42 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) MUI Advanced Audio FX Engine Apple Application Support Apple Mobile Device Support Apple Software Update Bing Bar Bing Rewards Client Installer Bonjour Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) Cozi D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Edoc Viewer Dell Getting Started Guide Dell Home Systems Service Agreement Dell Marketplace Webslice IE8 Dell MusicStage Dell PhotoStage Dell Stage Dell Support Center Dell Touchpad Dell VideoStage Dell Webcam Central DirectX 9 Runtime eBay ExamView Assessment Suite ExamView Player GoToAssist 8.0.0.514 Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Intel® Turbo Boost Technology Monitor 2.0 Intel® WiDi Intel® Wireless Display Internet Explorer iTunes Java Auto Updater Java 6 Update 27 Java 6 Update 27 (64-bit) Juniper Networks Setup Client Junk Mail filter update LeapFrog Connect LeapFrog Leapster2 Plugin Malwarebytes Anti-Malware version 1.65.0.1400 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft IntelliPoint 8.2 Microsoft Lync 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) PhotoShowExpress Quickset64 RBVirtualFolder64Inst Realtek High Definition Audio Driver Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Skype Toolbars Skype™ 5.10 Sonic CinePlayer Decoder Pack Trend Micro Titanium Trend Micro™ Titanium™ TrustedID Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 10/9/2012 5:21:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715). 10/14/2012 12:45:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. 10/14/2012 1:07:04 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2724197). . ==== End Of File ===========================

Hi - About a month ago we were infected with the FBI moneypak virus. At the time I was able to start in safe mode, update malwarebytes antimalware and run a scan. After the scan was complete the computer seemed to return to normal functioning. Since then we have only occasional small issues with the computer. When I continue to run scans with malwarebytes, the same 2 items continue to be identified and are not removed with re boot of the computer. One is listed as file and 1 as memory process - both svchost.exe. I will attach the log from the most recent scan - this was a quick scan - a previous full scan identified onlty the same 2 items. As I said, the computer runs well and I have been hesitatnt to try to manually remove these items as I am not very computer savvy and don't want to erase something I shouldn't. Any instruction would be greatly appreciated. Thanks in advance. Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Database version: v2012.10.13.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Testani :: TESTANI-PC [administrator] 10/13/2012 8:42:27 PM mbam-log-2012-10-13 (20-42-27).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 218423 Time elapsed: 17 minute(s), 54 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 5152 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end)