Can't delete Trojan in Registry Values

[Houseman]

Malwarebytes has detected a Trojan in Registry Values but when I select delete on reboot its still there. A few days ago I got the Metropolitan Police Virus and couldn't get onto the computer at all. I booted in safe mode and ran Malwarebytes, which detected 2 trojans but only managed to delete 1. SInce then I can get onto the computer and all seems to be working normally (not slow etc). I don't know if the trojan that won't delete is related to the Metropolitan Police virus or not.

I am attaching the two log documents requested in the sticky together with my most recent malwarebytes log.

I would appreciate any help you can give me.

Attach.txt

DDS.txt

MalLog.txt

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options...there not all bad!)

Post back the report.

MrC

[Houseman]

Thank you for such a speedy response.

Here's the report and thank you for your help:

RogueKiller V7.3.3 [04/22/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Jen [Admin rights]

Mode: Scan -- Date: 04/27/2012 15:14:07

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 6 ¤¤¤

[ROGUE ST] HKLM\[...]\Policies\Explorer\Run : 22447 (C:\PROGRA~3\LOCALS~1\Temp\mshaivy.bat) -> FOUND

[ROGUE ST] HKLM\[...]\Wow6432Node\Policies\Explorer\Run : 22447 (C:\PROGRA~3\LOCALS~1\Temp\mshaivy.bat) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ARRAY1 +++++

--- User ---

[MBR] 09e13ea7df7d32653a7284e623d8310a

[bSP] 7d83b53b93ba99f87739f69cd663d54e : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 13566 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27865088 | Size: 1894128 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

Please run RogueKiller again and click Scan

When the scan completes....click the Registry Entries tab

Put a check next to these and uncheck the rest

Now click Delete on the right hand column.

¤¤¤ Registry Entries: 6 ¤¤¤

[ROGUE ST] HKLM\[...]\Policies\Explorer\Run : 22447 (C:\PROGRA~3\LOCALS~1\Temp\mshaivy.bat) -> FOUND

[ROGUE ST] HKLM\[...]\Wow6432Node\Policies\Explorer\Run : 22447 (C:\PROGRA~3\LOCALS~1\Temp\mshaivy.bat) -> FOUND

-------------------------------------------

Please make sure system restore is running and create a new restore point before continuing.

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[Houseman]

Right, I've run Roguekiller again and deleted those two entries.

Next step is "Please make sure system restore is running and create a new restore point before continuing."

I just want to be absolutely sure what to do. I have windows 7. I'm going into system restore from the start menu - it asks me to pick a restore point (latest one I can pick is 11am this morning just after I uninstalled java) - do I pick that one and run a system restore before continuing?

Sorry to be slow.

[MrCharlie]

No, I want you to Create a new one, not restore the to an early point:

http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/

MrC

[Houseman]

Thanks for the clarification. I did that and ran TDSS Killer - I got the "threats detected" screen showing 4 files starting with "Unsigned File"; default was "skip" so I left it at the default and selected "Continue". Then I got the final screen syaing "suspicious objects were found" but it had no options - not cure or delete or skip and no option to reboot the computer (so I haven't done that).

I pasted the log but it was too long to post so will have to split it:

16:26:15.0454 9040 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43

16:26:15.0579 9040 ============================================================

16:26:15.0579 9040 Current date / time: 2012/04/27 16:26:15.0579

16:26:15.0579 9040 SystemInfo:

16:26:15.0579 9040

16:26:15.0579 9040 OS Version: 6.1.7601 ServicePack: 1.0

16:26:15.0579 9040 Product type: Workstation

16:26:15.0579 9040 ComputerName: SSQ-LDNW7-57

16:26:15.0579 9040 UserName: Jen

16:26:15.0579 9040 Windows directory: C:\Windows

16:26:15.0579 9040 System windows directory: C:\Windows

16:26:15.0579 9040 Running under WOW64

16:26:15.0579 9040 Processor architecture: Intel x64

16:26:15.0579 9040 Number of processors: 8

16:26:15.0579 9040 Page size: 0x1000

16:26:15.0579 9040 Boot type: Normal boot

16:26:15.0579 9040 ============================================================

16:26:15.0860 9040 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1700000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:26:15.0876 9040 ============================================================

16:26:15.0876 9040 \Device\Harddisk0\DR0:

16:26:15.0876 9040 MBR partitions:

16:26:15.0876 9040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000

16:26:15.0876 9040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0xE7378000

16:26:15.0876 9040 ============================================================

16:26:15.0891 9040 C: <-> \Device\Harddisk0\DR0\Partition1

16:26:15.0891 9040 ============================================================

16:26:15.0891 9040 Initialize success

16:26:15.0891 9040 ============================================================

16:26:40.0898 8816 ============================================================

16:26:40.0898 8816 Scan started

16:26:40.0898 8816 Mode: Manual; SigCheck; TDLFS;

16:26:40.0898 8816 ============================================================

16:26:41.0600 8816 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:26:41.0694 8816 1394ohci - ok

16:26:41.0740 8816 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:26:41.0772 8816 ACPI - ok

16:26:41.0772 8816 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:26:41.0803 8816 AcpiPmi - ok

16:26:41.0928 8816 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

16:26:41.0943 8816 AdobeActiveFileMonitor8.0 - ok

16:26:42.0068 8816 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

16:26:42.0084 8816 AdobeActiveFileMonitor9.0 - ok

16:26:42.0146 8816 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:26:42.0162 8816 AdobeARMservice - ok

16:26:42.0177 8816 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

16:26:42.0193 8816 adp94xx - ok

16:26:42.0208 8816 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

16:26:42.0224 8816 adpahci - ok

16:26:42.0271 8816 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

16:26:42.0286 8816 adpu320 - ok

16:26:42.0333 8816 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

16:26:42.0380 8816 AeLookupSvc - ok

16:26:42.0458 8816 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

16:26:42.0489 8816 AFD - ok

16:26:42.0505 8816 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:26:42.0505 8816 agp440 - ok

16:26:42.0520 8816 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

16:26:42.0552 8816 ALG - ok

16:26:42.0552 8816 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:26:42.0567 8816 aliide - ok

16:26:42.0614 8816 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe

16:26:42.0645 8816 AMD External Events Utility - ok

16:26:42.0676 8816 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:26:42.0676 8816 amdide - ok

16:26:42.0692 8816 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

16:26:42.0708 8816 AmdK8 - ok

16:26:42.0879 8816 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys

16:26:43.0020 8816 amdkmdag - ok

16:26:43.0082 8816 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys

16:26:43.0113 8816 amdkmdap - ok

16:26:43.0144 8816 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

16:26:43.0144 8816 AmdPPM - ok

16:26:43.0176 8816 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

16:26:43.0191 8816 amdsata - ok

16:26:43.0238 8816 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

16:26:43.0254 8816 amdsbs - ok

16:26:43.0269 8816 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

16:26:43.0285 8816 amdxata - ok

16:26:43.0300 8816 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:26:43.0363 8816 AppID - ok

16:26:43.0378 8816 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

16:26:43.0425 8816 AppIDSvc - ok

16:26:43.0441 8816 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

16:26:43.0456 8816 Appinfo - ok

16:26:43.0472 8816 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

16:26:43.0472 8816 arc - ok

16:26:43.0472 8816 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

16:26:43.0488 8816 arcsas - ok

16:26:43.0581 8816 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

16:26:43.0581 8816 aspnet_state - ok

16:26:43.0597 8816 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:26:43.0644 8816 AsyncMac - ok

16:26:43.0675 8816 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:26:43.0675 8816 atapi - ok

16:26:43.0737 8816 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys

16:26:43.0753 8816 AtiHDAudioService - ok

16:26:43.0815 8816 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

16:26:43.0878 8816 AudioEndpointBuilder - ok

16:26:43.0878 8816 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

16:26:43.0893 8816 AudioSrv - ok

16:26:44.0080 8816 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

16:26:44.0127 8816 AVGIDSAgent - ok

16:26:44.0143 8816 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

16:26:44.0174 8816 AVGIDSDriver - ok

16:26:44.0221 8816 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

16:26:44.0236 8816 AVGIDSEH - ok

16:26:44.0252 8816 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

16:26:44.0268 8816 AVGIDSFilter - ok

16:26:44.0299 8816 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

16:26:44.0314 8816 Avgldx64 - ok

16:26:44.0330 8816 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

16:26:44.0330 8816 Avgmfx64 - ok

16:26:44.0346 8816 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

16:26:44.0361 8816 Avgrkx64 - ok

16:26:44.0377 8816 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

16:26:44.0392 8816 Avgtdia - ok

16:26:44.0470 8816 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

16:26:44.0486 8816 avgwd - ok

16:26:44.0548 8816 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

16:26:44.0580 8816 AxInstSV - ok

16:26:44.0642 8816 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

16:26:44.0673 8816 b06bdrv - ok

16:26:44.0704 8816 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:26:44.0720 8816 b57nd60a - ok

16:26:44.0751 8816 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

16:26:44.0782 8816 BDESVC - ok

16:26:44.0798 8816 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:26:44.0860 8816 Beep - ok

16:26:44.0907 8816 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

16:26:44.0938 8816 BFE - ok

16:26:44.0985 8816 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

16:26:45.0016 8816 BITS - ok

16:26:45.0032 8816 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:26:45.0032 8816 blbdrive - ok

16:26:45.0094 8816 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:26:45.0110 8816 bowser - ok

16:26:45.0110 8816 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

16:26:45.0141 8816 BrFiltLo - ok

16:26:45.0157 8816 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

16:26:45.0172 8816 BrFiltUp - ok

16:26:45.0188 8816 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

16:26:45.0235 8816 Browser - ok

16:26:45.0250 8816 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:26:45.0250 8816 Brserid - ok

16:26:45.0266 8816 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:26:45.0282 8816 BrSerWdm - ok

16:26:45.0282 8816 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:26:45.0297 8816 BrUsbMdm - ok

16:26:45.0297 8816 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:26:45.0297 8816 BrUsbSer - ok

16:26:45.0313 8816 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

16:26:45.0313 8816 BTHMODEM - ok

16:26:45.0344 8816 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

16:26:45.0406 8816 bthserv - ok

16:26:45.0438 8816 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:26:45.0469 8816 cdfs - ok

16:26:45.0500 8816 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

16:26:45.0531 8816 cdrom - ok

16:26:45.0547 8816 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

16:26:45.0594 8816 CertPropSvc - ok

16:26:45.0625 8816 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

16:26:45.0656 8816 circlass - ok

16:26:45.0687 8816 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:26:45.0703 8816 CLFS - ok

16:26:45.0781 8816 CLKMSVC10_9EC60124 (730bf325e4cc1e3935b81943ac6da216) C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe

16:26:45.0796 8816 CLKMSVC10_9EC60124 - ok

16:26:45.0890 8816 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:26:45.0906 8816 clr_optimization_v2.0.50727_32 - ok

16:26:45.0968 8816 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:26:45.0984 8816 clr_optimization_v2.0.50727_64 - ok

16:26:46.0062 8816 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:26:46.0077 8816 clr_optimization_v4.0.30319_32 - ok

16:26:46.0124 8816 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:26:46.0140 8816 clr_optimization_v4.0.30319_64 - ok

16:26:46.0155 8816 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

16:26:46.0171 8816 CmBatt - ok

16:26:46.0186 8816 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:26:46.0186 8816 cmdide - ok

16:26:46.0264 8816 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:26:46.0280 8816 CNG - ok

16:26:46.0280 8816 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

16:26:46.0296 8816 Compbatt - ok

16:26:46.0311 8816 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

16:26:46.0327 8816 CompositeBus - ok

16:26:46.0342 8816 COMSysApp - ok

16:26:46.0342 8816 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

16:26:46.0358 8816 crcdisk - ok

16:26:46.0405 8816 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

16:26:46.0420 8816 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning

16:26:46.0420 8816 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)

16:26:46.0483 8816 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

16:26:46.0483 8816 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning

16:26:46.0483 8816 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)

16:26:46.0514 8816 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

16:26:46.0576 8816 CryptSvc - ok

16:26:46.0608 8816 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

16:26:46.0623 8816 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning

16:26:46.0623 8816 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)

16:26:46.0686 8816 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys

16:26:46.0701 8816 CVirtA - ok

16:26:46.0795 8816 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

16:26:46.0810 8816 CVPND - ok

16:26:46.0857 8816 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys

16:26:46.0857 8816 CVPNDRVA - ok

16:26:46.0904 8816 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

16:26:46.0951 8816 DcomLaunch - ok

16:26:46.0982 8816 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

16:26:47.0029 8816 defragsvc - ok

16:26:47.0044 8816 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:26:47.0076 8816 DfsC - ok

16:26:47.0107 8816 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

16:26:47.0169 8816 Dhcp - ok

16:26:47.0185 8816 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:26:47.0200 8816 discache - ok

16:26:47.0216 8816 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

16:26:47.0232 8816 Disk - ok

16:26:47.0294 8816 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys

16:26:47.0310 8816 DNE - ok

16:26:47.0356 8816 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

16:26:47.0372 8816 Dnscache - ok

16:26:47.0434 8816 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

16:26:47.0481 8816 dot3svc - ok

16:26:47.0528 8816 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

16:26:47.0575 8816 DPS - ok

16:26:47.0606 8816 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:26:47.0637 8816 drmkaud - ok

16:26:47.0684 8816 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:26:47.0715 8816 DXGKrnl - ok

16:26:47.0731 8816 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

16:26:47.0762 8816 EapHost - ok

16:26:47.0871 8816 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

16:26:47.0887 8816 ebdrv - ok

16:26:47.0934 8816 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

16:26:47.0949 8816 EFS - ok

16:26:48.0012 8816 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

16:26:48.0043 8816 ehRecvr - ok

16:26:48.0090 8816 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

16:26:48.0105 8816 ehSched - ok

16:26:48.0152 8816 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

16:26:48.0168 8816 elxstor - ok

16:26:48.0183 8816 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:26:48.0199 8816 ErrDev - ok

16:26:48.0246 8816 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

16:26:48.0308 8816 EventSystem - ok

16:26:48.0308 8816 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:26:48.0339 8816 exfat - ok

16:26:48.0370 8816 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:26:48.0402 8816 fastfat - ok

16:26:48.0448 8816 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

16:26:48.0480 8816 Fax - ok

16:26:48.0480 8816 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

16:26:48.0495 8816 fdc - ok

16:26:48.0511 8816 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

16:26:48.0526 8816 fdPHost - ok

16:26:48.0542 8816 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

16:26:48.0573 8816 FDResPub - ok

16:26:48.0573 8816 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:26:48.0589 8816 FileInfo - ok

16:26:48.0604 8816 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:26:48.0636 8816 Filetrace - ok

16:26:48.0714 8816 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

16:26:48.0729 8816 FLEXnet Licensing Service - ok

16:26:48.0729 8816 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

16:26:48.0745 8816 flpydisk - ok

16:26:48.0776 8816 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:26:48.0776 8816 FltMgr - ok

16:26:48.0838 8816 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

16:26:48.0870 8816 FontCache - ok

16:26:48.0932 8816 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:26:48.0948 8816 FontCache3.0.0.0 - ok

16:26:48.0979 8816 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:26:48.0994 8816 FsDepends - ok

16:26:49.0041 8816 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

16:26:49.0057 8816 Fs_Rec - ok

16:26:49.0072 8816 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:26:49.0088 8816 fvevol - ok

16:26:49.0104 8816 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

16:26:49.0104 8816 gagp30kx - ok

16:26:49.0166 8816 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

16:26:49.0197 8816 gpsvc - ok

16:26:49.0213 8816 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:26:49.0228 8816 hcw85cir - ok

16:26:49.0275 8816 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

16:26:49.0275 8816 HdAudAddService - ok

16:26:49.0338 8816 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:26:49.0369 8816 HDAudBus - ok

16:26:49.0369 8816 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

16:26:49.0384 8816 HidBatt - ok

16:26:49.0400 8816 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

16:26:49.0431 8816 HidBth - ok

16:26:49.0447 8816 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

16:26:49.0447 8816 HidIr - ok

16:26:49.0462 8816 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

16:26:49.0509 8816 hidserv - ok

16:26:49.0509 8816 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:26:49.0509 8816 HidUsb - ok

16:26:49.0556 8816 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

16:26:49.0603 8816 hkmsvc - ok

16:26:49.0650 8816 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

16:26:49.0650 8816 HomeGroupListener - ok

16:26:49.0681 8816 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

16:26:49.0681 8816 HomeGroupProvider - ok

16:26:49.0696 8816 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:26:49.0696 8816 HpSAMD - ok

16:26:49.0728 8816 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:26:49.0759 8816 HTTP - ok

16:26:49.0774 8816 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:26:49.0774 8816 hwpolicy - ok

16:26:49.0774 8816 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

16:26:49.0790 8816 i8042prt - ok

16:26:49.0821 8816 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys

16:26:49.0837 8816 iaStor - ok

16:26:49.0884 8816 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

16:26:49.0884 8816 IAStorDataMgrSvc - ok

16:26:49.0946 8816 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:26:49.0962 8816 iaStorV - ok

16:26:50.0024 8816 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:26:50.0055 8816 idsvc - ok

16:26:50.0086 8816 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

16:26:50.0102 8816 iirsp - ok

16:26:50.0164 8816 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

16:26:50.0196 8816 IKEEXT - ok

16:26:50.0242 8816 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys

16:26:50.0258 8816 Impcd - ok

16:26:50.0289 8816 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:26:50.0289 8816 intelide - ok

16:26:50.0336 8816 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:26:50.0352 8816 intelppm - ok

16:26:50.0383 8816 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

16:26:50.0445 8816 IPBusEnum - ok

16:26:50.0476 8816 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:26:50.0523 8816 IpFilterDriver - ok

16:26:50.0554 8816 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

16:26:50.0601 8816 iphlpsvc - ok

16:26:50.0601 8816 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:26:50.0617 8816 IPMIDRV - ok

16:26:50.0648 8816 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:26:50.0710 8816 IPNAT - ok

16:26:50.0742 8816 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:26:50.0757 8816 IRENUM - ok

16:26:50.0773 8816 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:26:50.0773 8816 isapnp - ok

16:26:50.0804 8816 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:26:50.0820 8816 iScsiPrt - ok

16:26:50.0866 8816 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys

16:26:50.0882 8816 k57nd60a - ok

16:26:50.0929 8816 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:26:50.0944 8816 kbdclass - ok

16:26:50.0944 8816 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

16:26:50.0976 8816 kbdhid - ok

16:26:51.0022 8816 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:26:51.0038 8816 KeyIso - ok

16:26:51.0069 8816 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:26:51.0069 8816 KSecDD - ok

16:26:51.0116 8816 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:26:51.0132 8816 KSecPkg - ok

16:26:51.0147 8816 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:26:51.0194 8816 ksthunk - ok

16:26:51.0241 8816 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

16:26:51.0319 8816 KtmRm - ok

16:26:51.0350 8816 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

16:26:51.0397 8816 LanmanServer - ok

16:26:51.0412 8816 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

16:26:51.0444 8816 LanmanWorkstation - ok

16:26:51.0459 8816 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:26:51.0475 8816 lltdio - ok

16:26:51.0506 8816 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

16:26:51.0553 8816 lltdsvc - ok

16:26:51.0553 8816 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

16:26:51.0584 8816 lmhosts - ok

16:26:51.0600 8816 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

16:26:51.0615 8816 LSI_FC - ok

16:26:51.0615 8816 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

16:26:51.0631 8816 LSI_SAS - ok

16:26:51.0646 8816 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

16:26:51.0646 8816 LSI_SAS2 - ok

16:26:51.0646 8816 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

16:26:51.0662 8816 LSI_SCSI - ok

16:26:51.0693 8816 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:26:51.0740 8816 luafv - ok

16:26:51.0771 8816 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

16:26:51.0802 8816 Mcx2Svc - ok

16:26:51.0802 8816 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

16:26:51.0818 8816 megasas - ok

16:26:51.0834 8816 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

16:26:51.0849 8816 MegaSR - ok

16:26:51.0896 8816 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

16:26:51.0912 8816 MEIx64 - ok

16:26:51.0927 8816 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:26:51.0974 8816 MMCSS - ok

16:26:51.0974 8816 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:26:51.0990 8816 Modem - ok

16:26:52.0036 8816 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:26:52.0052 8816 monitor - ok

16:26:52.0083 8816 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:26:52.0083 8816 mouclass - ok

16:26:52.0114 8816 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:26:52.0130 8816 mouhid - ok

16:26:52.0146 8816 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:26:52.0161 8816 mountmgr - ok

16:26:52.0177 8816 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:26:52.0177 8816 mpio - ok

16:26:52.0192 8816 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:26:52.0224 8816 mpsdrv - ok

16:26:52.0270 8816 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

16:26:52.0302 8816 MpsSvc - ok

16:26:52.0317 8816 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:26:52.0333 8816 MRxDAV - ok

16:26:52.0364 8816 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:26:52.0395 8816 mrxsmb - ok

16:26:52.0426 8816 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:26:52.0442 8816 mrxsmb10 - ok

16:26:52.0473 8816 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:26:52.0473 8816 mrxsmb20 - ok

16:26:52.0489 8816 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:26:52.0504 8816 msahci - ok

16:26:52.0504 8816 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:26:52.0520 8816 msdsm - ok

16:26:52.0551 8816 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

16:26:52.0551 8816 MSDTC - ok

16:26:52.0567 8816 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:26:52.0582 8816 Msfs - ok

16:26:52.0614 8816 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:26:52.0660 8816 mshidkmdf - ok

16:26:52.0676 8816 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:26:52.0676 8816 msisadrv - ok

16:26:52.0738 8816 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

16:26:52.0770 8816 MSiSCSI - ok

16:26:52.0770 8816 msiserver - ok

16:26:52.0785 8816 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:26:52.0816 8816 MSKSSRV - ok

16:26:52.0816 8816 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:26:52.0832 8816 MSPCLOCK - ok

16:26:52.0848 8816 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:26:52.0894 8816 MSPQM - ok

16:26:52.0941 8816 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:26:52.0957 8816 MsRPC - ok

16:26:52.0988 8816 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

16:26:52.0988 8816 mssmbios - ok

16:26:53.0004 8816 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:26:53.0035 8816 MSTEE - ok

16:26:53.0050 8816 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

16:26:53.0066 8816 MTConfig - ok

16:26:53.0082 8816 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:26:53.0082 8816 Mup - ok

16:26:53.0128 8816 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

16:26:53.0160 8816 napagent - ok

16:26:53.0175 8816 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:26:53.0206 8816 NativeWifiP - ok

16:26:53.0269 8816 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

16:26:53.0300 8816 NDIS - ok

16:26:53.0300 8816 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:26:53.0347 8816 NdisCap - ok

16:26:53.0378 8816 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:26:53.0409 8816 NdisTapi - ok

16:26:53.0425 8816 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:26:53.0456 8816 Ndisuio - ok

16:26:53.0487 8816 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:26:53.0534 8816 NdisWan - ok

16:26:53.0550 8816 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:26:53.0565 8816 NDProxy - ok

16:26:53.0581 8816 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:26:53.0612 8816 NetBIOS - ok

16:26:53.0643 8816 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:26:53.0674 8816 NetBT - ok

16:26:53.0690 8816 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:26:53.0690 8816 Netlogon - ok

16:26:53.0721 8816 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

16:26:53.0752 8816 Netman - ok

16:26:53.0799 8816 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:26:53.0815 8816 NetMsmqActivator - ok

16:26:53.0815 8816 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:26:53.0830 8816 NetPipeActivator - ok

16:26:53.0877 8816 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

16:26:53.0924 8816 netprofm - ok

16:26:53.0924 8816 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:26:53.0940 8816 NetTcpActivator - ok

16:26:53.0940 8816 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

16:26:53.0940 8816 NetTcpPortSharing - ok

16:26:53.0971 8816 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

16:26:53.0971 8816 nfrd960 - ok

16:26:54.0033 8816 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

16:26:54.0080 8816 NlaSvc - ok

16:26:54.0205 8816 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

16:26:54.0236 8816 NOBU - ok

16:26:54.0298 8816 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:26:54.0345 8816 Npfs - ok

16:26:54.0361 8816 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

16:26:54.0376 8816 nsi - ok

16:26:54.0376 8816 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:26:54.0408 8816 nsiproxy - ok

16:26:54.0486 8816 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:26:54.0501 8816 Ntfs - ok

16:26:54.0517 8816 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:26:54.0532 8816 Null - ok

16:26:54.0579 8816 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:26:54.0595 8816 nvraid - ok

16:26:54.0610 8816 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:26:54.0610 8816 nvstor - ok

16:26:54.0642 8816 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:26:54.0657 8816 nv_agp - ok

16:26:54.0673 8816 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:26:54.0688 8816 ohci1394 - ok

16:26:54.0766 8816 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:26:54.0782 8816 ose - ok

16:26:54.0969 8816 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:26:55.0047 8816 osppsvc - ok

16:26:55.0078 8816 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:26:55.0094 8816 p2pimsvc - ok

16:26:55.0141 8816 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

16:26:55.0156 8816 p2psvc - ok

16:26:55.0172 8816 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

16:26:55.0188 8816 Parport - ok

16:26:55.0203 8816 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

16:26:55.0219 8816 partmgr - ok

16:26:55.0250 8816 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

16:26:55.0266 8816 PcaSvc - ok

16:26:55.0312 8816 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:26:55.0328 8816 pci - ok

16:26:55.0359 8816 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:26:55.0375 8816 pciide - ok

16:26:55.0375 8816 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

16:26:55.0390 8816 pcmcia - ok

16:26:55.0406 8816 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:26:55.0406 8816 pcw - ok

16:26:55.0453 8816 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:26:55.0484 8816 PEAUTH - ok

16:26:55.0531 8816 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

16:26:55.0562 8816 PerfHost - ok

16:26:55.0624 8816 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

16:26:55.0671 8816 pla - ok

16:26:55.0780 8816 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

16:26:55.0796 8816 PlugPlay - ok

16:26:55.0812 8816 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

16:26:55.0827 8816 PNRPAutoReg - ok

16:26:55.0843 8816 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:26:55.0858 8816 PNRPsvc - ok

16:26:55.0905 8816 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

16:26:55.0968 8816 PolicyAgent - ok

16:26:55.0999 8816 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

16:26:56.0030 8816 Power - ok

16:26:56.0077 8816 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:26:56.0139 8816 PptpMiniport - ok

16:26:56.0139 8816 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

16:26:56.0155 8816 Processor - ok

16:26:56.0186 8816 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

16:26:56.0233 8816 ProfSvc - ok

16:26:56.0264 8816 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:26:56.0280 8816 ProtectedStorage - ok

16:26:56.0311 8816 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:26:56.0358 8816 Psched - ok

16:26:56.0389 8816 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

16:26:56.0404 8816 PxHlpa64 - ok

16:26:56.0467 8816 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

16:26:56.0498 8816 ql2300 - ok

16:26:56.0514 8816 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

16:26:56.0514 8816 ql40xx - ok

16:26:56.0545 8816 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

16:26:56.0576 8816 QWAVE - ok

16:26:56.0592 8816 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:26:56.0623 8816 QWAVEdrv - ok

16:26:56.0623 8816 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:26:56.0654 8816 RasAcd - ok

16:26:56.0685 8816 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:26:56.0701 8816 RasAgileVpn - ok

16:26:56.0716 8816 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

16:26:56.0748 8816 RasAuto - ok

16:26:56.0763 8816 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:26:56.0794 8816 Rasl2tp - ok

16:26:56.0841 8816 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

16:26:56.0888 8816 RasMan - ok

16:26:56.0904 8816 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:26:56.0950 8816 RasPppoe - ok

16:26:56.0982 8816 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:26:57.0013 8816 RasSstp - ok

16:26:57.0044 8816 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:26:57.0075 8816 rdbss - ok

16:26:57.0075 8816 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

16:26:57.0091 8816 rdpbus - ok

16:26:57.0091 8816 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:26:57.0106 8816 RDPCDD - ok

16:26:57.0122 8816 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:26:57.0153 8816 RDPENCDD - ok

16:26:57.0169 8816 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:26:57.0184 8816 RDPREFMP - ok

16:26:57.0247 8816 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

16:26:57.0278 8816 RDPWD - ok

16:26:57.0325 8816 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:26:57.0340 8816 rdyboost - ok

16:26:57.0387 8816 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

16:26:57.0434 8816 RemoteAccess - ok

16:26:57.0465 8816 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

16:26:57.0496 8816 RemoteRegistry - ok

16:26:57.0621 8816 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

16:26:57.0637 8816 RoxMediaDB12OEM - ok

16:26:57.0699 8816 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

16:26:57.0715 8816 RoxWatch12 - ok

16:26:57.0730 8816 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

16:26:57.0762 8816 RpcEptMapper - ok

16:26:57.0793 8816 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

16:26:57.0808 8816 RpcLocator - ok

16:26:57.0840 8816 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

16:26:57.0871 8816 RpcSs - ok

16:26:57.0886 8816 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:26:57.0902 8816 rspndr - ok

16:26:57.0918 8816 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:26:57.0918 8816 SamSs - ok

16:26:57.0949 8816 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:26:57.0964 8816 sbp2port - ok

16:26:57.0996 8816 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

16:26:58.0011 8816 SCardSvr - ok

16:26:58.0042 8816 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:26:58.0058 8816 scfilter - ok

16:26:58.0136 8816 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

16:26:58.0167 8816 Schedule - ok

16:26:58.0183 8816 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

16:26:58.0198 8816 SCPolicySvc - ok

16:26:58.0230 8816 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

16:26:58.0230 8816 SDRSVC - ok

16:26:58.0261 8816 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:26:58.0308 8816 secdrv - ok

16:26:58.0323 8816 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

16:26:58.0339 8816 seclogon - ok

16:26:58.0370 8816 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

16:26:58.0417 8816 SENS - ok

16:26:58.0448 8816 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

16:26:58.0464 8816 SensrSvc - ok

16:26:58.0495 8816 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

16:26:58.0510 8816 Serenum - ok

16:26:58.0526 8816 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

16:26:58.0542 8816 Serial - ok

16:26:58.0542 8816 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

16:26:58.0557 8816 sermouse - ok

16:26:58.0588 8816 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

16:26:58.0635 8816 SessionEnv - ok

16:26:58.0651 8816 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:26:58.0651 8816 sffdisk - ok

16:26:58.0651 8816 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:26:58.0666 8816 sffp_mmc - ok

16:26:58.0666 8816 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:26:58.0682 8816 sffp_sd - ok

16:26:58.0682 8816 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

16:26:58.0698 8816 sfloppy - ok

16:26:58.0807 8816 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

16:26:58.0838 8816 SftService - ok

16:26:58.0885 8816 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

16:26:58.0932 8816 SharedAccess - ok

16:26:58.0963 8816 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

16:26:58.0994 8816 ShellHWDetection - ok

16:26:59.0010 8816 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

16:26:59.0010 8816 SiSRaid2 - ok

16:26:59.0010 8816 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

16:26:59.0025 8816 SiSRaid4 - ok

16:26:59.0025 8816 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:26:59.0041 8816 Smb - ok

16:26:59.0056 8816 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

16:26:59.0072 8816 SNMPTRAP - ok

16:26:59.0088 8816 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:26:59.0103 8816 spldr - ok

16:26:59.0119 8816 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

16:26:59.0150 8816 Spooler - ok

16:26:59.0259 8816 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

16:26:59.0306 8816 sppsvc - ok

16:26:59.0322 8816 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

16:26:59.0353 8816 sppuinotify - ok

16:26:59.0384 8816 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys

16:26:59.0400 8816 Spyder3 - ok

16:26:59.0462 8816 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:26:59.0478 8816 srv - ok

16:26:59.0493 8816 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:26:59.0524 8816 srv2 - ok

16:26:59.0556 8816 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:26:59.0556 8816 srvnet - ok

16:26:59.0587 8816 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

16:26:59.0618 8816 SSDPSRV - ok

16:26:59.0634 8816 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

16:26:59.0665 8816 SstpSvc - ok

16:26:59.0696 8816 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

16:26:59.0696 8816 stexstor - ok

16:26:59.0758 8816 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

16:26:59.0774 8816 stisvc - ok

16:26:59.0805 8816 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

16:26:59.0821 8816 stllssvr - ok

16:26:59.0836 8816 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

16:26:59.0836 8816 swenum - ok

16:26:59.0946 8816 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

16:26:59.0961 8816 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

16:26:59.0961 8816 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

16:26:59.0992 8816 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

16:27:00.0024 8816 swprv - ok

16:27:00.0086 8816 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

16:27:00.0117 8816 SysMain - ok

16:27:00.0180 8816 t3 (6b153e518dbe6ef59191152e1ecf7ed4) C:\Windows\system32\drivers\t3.sys

16:27:00.0195 8816 t3 - ok

16:27:00.0242 8816 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

16:27:00.0258 8816 TabletInputService - ok

16:27:00.0289 8816 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

16:27:00.0320 8816 TapiSrv - ok

16:27:00.0336 8816 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

16:27:00.0367 8816 TBS - ok

16:27:00.0445 8816 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

16:27:00.0460 8816 Tcpip - ok

16:27:00.0507 8816 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

16:27:00.0538 8816 TCPIP6 - ok

16:27:00.0554 8816 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:27:00.0585 8816 tcpipreg - ok

16:27:00.0601 8816 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:27:00.0601 8816 TDPIPE - ok

16:27:00.0632 8816 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

16:27:00.0648 8816 TDTCP - ok

16:27:00.0663 8816 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:27:00.0679 8816 tdx - ok

16:27:00.0726 8816 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

16:27:00.0726 8816 TermDD - ok

16:27:00.0772 8816 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

16:27:00.0819 8816 TermService - ok

16:27:00.0835 8816 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

16:27:00.0850 8816 Themes - ok

16:27:00.0866 8816 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:27:00.0897 8816 THREADORDER - ok

16:27:00.0913 8816 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

16:27:00.0944 8816 TrkWks - ok

16:27:00.0991 8816 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

16:27:01.0006 8816 TrustedInstaller - ok

16:27:01.0022 8816 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:27:01.0053 8816 tssecsrv - ok

16:27:01.0069 8816 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:27:01.0084 8816 TsUsbFlt - ok

16:27:01.0084 8816 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

16:27:01.0084 8816 TsUsbGD - ok

16:27:01.0116 8816 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:27:01.0162 8816 tunnel - ok

16:27:01.0162 8816 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

16:27:01.0162 8816 uagp35 - ok

16:27:01.0209 8816 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:27:01.0240 8816 udfs - ok

16:27:01.0256 8816 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

16:27:01.0256 8816 UI0Detect - ok

16:27:01.0272 8816 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:27:01.0272 8816 uliagpkx - ok

16:27:01.0303 8816 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

16:27:01.0318 8816 umbus - ok

16:27:01.0318 8816 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

16:27:01.0334 8816 UmPass - ok

16:27:01.0381 8816 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

16:27:01.0412 8816 upnphost - ok

16:27:01.0459 8816 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

16:27:01.0474 8816 usbaudio - ok

16:27:01.0506 8816 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys

16:27:01.0521 8816 usbccgp - ok

16:27:01.0537 8816 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:27:01.0537 8816 usbcir - ok

16:27:01.0552 8816 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

16:27:01.0568 8816 usbehci - ok

16:27:01.0615 8816 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:27:01.0630 8816 usbhub - ok

16:27:01.0662 8816 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

16:27:01.0677 8816 usbohci - ok

16:27:01.0677 8816 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

16:27:01.0708 8816 usbprint - ok

16:27:01.0724 8816 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:27:01.0740 8816 USBSTOR - ok

16:27:01.0771 8816 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

16:27:01.0786 8816 usbuhci - ok

16:27:01.0802 8816 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

16:27:01.0849 8816 UxSms - ok

16:27:01.0864 8816 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:27:01.0864 8816 VaultSvc - ok

16:27:01.0911 8816 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:27:01.0927 8816 vdrvroot - ok

16:27:01.0974 8816 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

16:27:02.0020 8816 vds - ok

16:27:02.0052 8816 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:27:02.0067 8816 vga - ok

16:27:02.0083 8816 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:27:02.0098 8816 VgaSave - ok

16:27:02.0130 8816 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:27:02.0145 8816 vhdmp - ok

16:27:02.0192 8816 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:27:02.0192 8816 viaide - ok

16:27:02.0208 8816 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:27:02.0223 8816 volmgr - ok

16:27:02.0270 8816 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:27:02.0286 8816 volmgrx - ok

16:27:02.0332 8816 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:27:02.0348 8816 volsnap - ok

16:27:02.0379 8816 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

16:27:02.0395 8816 vsmraid - ok

16:27:02.0473 8816 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

16:27:02.0520 8816 VSS - ok

16:27:02.0535 8816 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

16:27:02.0551 8816 vwifibus - ok

16:27:02.0598 8816 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

16:27:02.0629 8816 W32Time - ok

16:27:02.0644 8816 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

16:27:02.0660 8816 WacomPen - ok

16:27:02.0707 8816 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:27:02.0738 8816 WANARP - ok

16:27:02.0738 8816 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:27:02.0769 8816 Wanarpv6 - ok

16:27:02.0832 8816 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

16:27:02.0863 8816 WatAdminSvc - ok

16:27:02.0972 8816 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

16:27:03.0003 8816 wbengine - ok

16:27:03.0050 8816 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

16:27:03.0081 8816 WbioSrvc - ok

16:27:03.0097 8816 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

16:27:03.0128 8816 wcncsvc - ok

16:27:03.0159 8816 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

16:27:03.0159 8816 WcsPlugInService - ok

16:27:03.0159 8816 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

16:27:03.0175 8816 Wd - ok

16:27:03.0237 8816 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:27:03.0253 8816 Wdf01000 - ok

16:27:03.0300 8816 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:27:03.0362 8816 WdiServiceHost - ok

16:27:03.0362 8816 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:27:03.0378 8816 WdiSystemHost - ok

16:27:03.0424 8816 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

16:27:03.0471 8816 WebClient - ok

16:27:03.0534 8816 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

16:27:03.0565 8816 Wecsvc - ok

16:27:03.0596 8816 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

16:27:03.0643 8816 wercplsupport - ok

16:27:03.0643 8816 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

16:27:03.0674 8816 WerSvc - ok

16:27:03.0674 8816 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:27:03.0705 8816 WfpLwf - ok

16:27:03.0783 8816 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

16:27:03.0799 8816 WimFltr - ok

16:27:03.0799 8816 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:27:03.0799 8816 WIMMount - ok

[Houseman]

^{here is the second party of the log:}

^{16:27:03.0830 8816 WinDefend - ok}

^{16:27:03.0830 8816 WinHttpAutoProxySvc - ok}

^{16:27:03.0877 8816 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll}

^{16:27:03.0908 8816 Winmgmt - ok}

^{16:27:04.0002 8816 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll}

^{16:27:04.0048 8816 WinRM - ok}

^{16:27:04.0095 8816 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys}

^{16:27:04.0111 8816 WinUsb - ok}

^{16:27:04.0173 8816 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll}

^{16:27:04.0204 8816 Wlansvc - ok}

^{16:27:04.0251 8816 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe}

^{16:27:04.0267 8816 wlcrasvc - ok}

^{16:27:04.0376 8816 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE}

^{16:27:04.0407 8816 wlidsvc - ok}

^{16:27:04.0407 8816 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys}

^{16:27:04.0423 8816 WmiAcpi - ok}

^{16:27:04.0454 8816 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe}

^{16:27:04.0485 8816 wmiApSrv - ok}

^{16:27:04.0501 8816 WMPNetworkSvc - ok}

^{16:27:04.0516 8816 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll}

^{16:27:04.0516 8816 WPCSvc - ok}

^{16:27:04.0563 8816 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll}

^{16:27:04.0579 8816 WPDBusEnum - ok}

^{16:27:04.0579 8816 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys}

^{16:27:04.0610 8816 ws2ifsl - ok}

^{16:27:04.0641 8816 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll}

^{16:27:04.0657 8816 wscsvc - ok}

^{16:27:04.0672 8816 WSearch - ok}

^{16:27:04.0766 8816 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll}

^{16:27:04.0813 8816 wuauserv - ok}

^{16:27:04.0844 8816 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys}

^{16:27:04.0891 8816 WudfPf - ok}

^{16:27:04.0953 8816 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys}

^{16:27:05.0000 8816 WUDFRd - ok}

^{16:27:05.0016 8816 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll}

^{16:27:05.0031 8816 wudfsvc - ok}

^{16:27:05.0078 8816 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll}

^{16:27:05.0125 8816 WwanSvc - ok}

^{16:27:05.0140 8816 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0}

^{16:27:05.0265 8816 \Device\Harddisk0\DR0 - ok}

^{16:27:05.0265 8816 Boot (0x1200) (88d88a44934085f2334897c9db3933bd) \Device\Harddisk0\DR0\Partition0}

^{16:27:05.0265 8816 \Device\Harddisk0\DR0\Partition0 - ok}

^{16:27:05.0296 8816 Boot (0x1200) (4ffe5f7dd155a09664590409fe2329b5) \Device\Harddisk0\DR0\Partition1}

^{16:27:05.0296 8816 \Device\Harddisk0\DR0\Partition1 - ok}

^{16:27:05.0296 8816 ============================================================}

^{16:27:05.0296 8816 Scan finished}

^{16:27:05.0296 8816 ============================================================}

^{16:27:05.0312 7248 Detected object count: 4}

^{16:27:05.0312 7248 Actual detected object count: 4}

^{16:27:37.0432 7248 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:27:37.0432 7248 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:27:37.0432 7248 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:27:37.0432 7248 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:27:37.0432 7248 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:27:37.0432 7248 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:27:37.0432 7248 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:27:37.0432 7248 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:28:10.0458 7512 ============================================================}

^{16:28:10.0458 7512 Scan started}

^{16:28:10.0458 7512 Mode: Manual; SigCheck; TDLFS;}

^{16:28:10.0458 7512 ============================================================}

^{16:28:10.0739 7512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys}

^{16:28:10.0770 7512 1394ohci - ok}

^{16:28:10.0817 7512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys}

^{16:28:10.0832 7512 ACPI - ok}

^{16:28:10.0832 7512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys}

^{16:28:10.0848 7512 AcpiPmi - ok}

^{16:28:11.0004 7512 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe}

^{16:28:11.0004 7512 AdobeActiveFileMonitor8.0 - ok}

^{16:28:11.0097 7512 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe}

^{16:28:11.0113 7512 AdobeActiveFileMonitor9.0 - ok}

^{16:28:11.0222 7512 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe}

^{16:28:11.0238 7512 AdobeARMservice - ok}

^{16:28:11.0253 7512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys}

^{16:28:11.0269 7512 adp94xx - ok}

^{16:28:11.0285 7512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys}

^{16:28:11.0300 7512 adpahci - ok}

^{16:28:11.0300 7512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys}

^{16:28:11.0316 7512 adpu320 - ok}

^{16:28:11.0347 7512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll}

^{16:28:11.0378 7512 AeLookupSvc - ok}

^{16:28:11.0441 7512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys}

^{16:28:11.0456 7512 AFD - ok}

^{16:28:11.0456 7512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys}

^{16:28:11.0472 7512 agp440 - ok}

^{16:28:11.0503 7512 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe}

^{16:28:11.0519 7512 ALG - ok}

^{16:28:11.0519 7512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys}

^{16:28:11.0534 7512 aliide - ok}

^{16:28:11.0565 7512 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe}

^{16:28:11.0581 7512 AMD External Events Utility - ok}

^{16:28:11.0597 7512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys}

^{16:28:11.0597 7512 amdide - ok}

^{16:28:11.0612 7512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys}

^{16:28:11.0612 7512 AmdK8 - ok}

^{16:28:11.0784 7512 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys}

^{16:28:11.0846 7512 amdkmdag - ok}

^{16:28:11.0877 7512 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys}

^{16:28:11.0909 7512 amdkmdap - ok}

^{16:28:11.0909 7512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys}

^{16:28:11.0924 7512 AmdPPM - ok}

^{16:28:11.0955 7512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys}

^{16:28:11.0971 7512 amdsata - ok}

^{16:28:12.0002 7512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys}

^{16:28:12.0002 7512 amdsbs - ok}

^{16:28:12.0018 7512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys}

^{16:28:12.0033 7512 amdxata - ok}

^{16:28:12.0065 7512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys}

^{16:28:12.0111 7512 AppID - ok}

^{16:28:12.0111 7512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll}

^{16:28:12.0158 7512 AppIDSvc - ok}

^{16:28:12.0174 7512 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll}

^{16:28:12.0189 7512 Appinfo - ok}

^{16:28:12.0189 7512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys}

^{16:28:12.0205 7512 arc - ok}

^{16:28:12.0205 7512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys}

^{16:28:12.0205 7512 arcsas - ok}

^{16:28:12.0283 7512 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe}

^{16:28:12.0299 7512 aspnet_state - ok}

^{16:28:12.0314 7512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys}

^{16:28:12.0345 7512 AsyncMac - ok}

^{16:28:12.0361 7512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys}

^{16:28:12.0361 7512 atapi - ok}

^{16:28:12.0408 7512 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys}

^{16:28:12.0408 7512 AtiHDAudioService - ok}

^{16:28:12.0439 7512 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll}

^{16:28:12.0470 7512 AudioEndpointBuilder - ok}

^{16:28:12.0486 7512 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll}

^{16:28:12.0501 7512 AudioSrv - ok}

^{16:28:12.0689 7512 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe}

^{16:28:12.0735 7512 AVGIDSAgent - ok}

^{16:28:12.0767 7512 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys}

^{16:28:12.0767 7512 AVGIDSDriver - ok}

^{16:28:12.0798 7512 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys}

^{16:28:12.0798 7512 AVGIDSEH - ok}

^{16:28:12.0813 7512 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys}

^{16:28:12.0829 7512 AVGIDSFilter - ok}

^{16:28:12.0860 7512 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys}

^{16:28:12.0876 7512 Avgldx64 - ok}

^{16:28:12.0891 7512 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys}

^{16:28:12.0891 7512 Avgmfx64 - ok}

^{16:28:12.0907 7512 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys}

^{16:28:12.0907 7512 Avgrkx64 - ok}

^{16:28:12.0954 7512 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys}

^{16:28:12.0954 7512 Avgtdia - ok}

^{16:28:13.0016 7512 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe}

^{16:28:13.0016 7512 avgwd - ok}

^{16:28:13.0063 7512 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll}

^{16:28:13.0094 7512 AxInstSV - ok}

^{16:28:13.0125 7512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys}

^{16:28:13.0141 7512 b06bdrv - ok}

^{16:28:13.0188 7512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys}

^{16:28:13.0203 7512 b57nd60a - ok}

^{16:28:13.0219 7512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll}

^{16:28:13.0235 7512 BDESVC - ok}

^{16:28:13.0250 7512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys}

^{16:28:13.0281 7512 Beep - ok}

^{16:28:13.0344 7512 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll}

^{16:28:13.0391 7512 BFE - ok}

^{16:28:13.0437 7512 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll}

^{16:28:13.0484 7512 BITS - ok}

^{16:28:13.0484 7512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys}

^{16:28:13.0484 7512 blbdrive - ok}

^{16:28:13.0531 7512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys}

^{16:28:13.0547 7512 bowser - ok}

^{16:28:13.0547 7512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys}

^{16:28:13.0562 7512 BrFiltLo - ok}

^{16:28:13.0593 7512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys}

^{16:28:13.0609 7512 BrFiltUp - ok}

^{16:28:13.0640 7512 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll}

^{16:28:13.0671 7512 Browser - ok}

^{16:28:13.0687 7512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys}

^{16:28:13.0687 7512 Brserid - ok}

^{16:28:13.0687 7512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys}

^{16:28:13.0703 7512 BrSerWdm - ok}

^{16:28:13.0703 7512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys}

^{16:28:13.0718 7512 BrUsbMdm - ok}

^{16:28:13.0718 7512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys}

^{16:28:13.0718 7512 BrUsbSer - ok}

^{16:28:13.0718 7512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys}

^{16:28:13.0734 7512 BTHMODEM - ok}

^{16:28:13.0765 7512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll}

^{16:28:13.0812 7512 bthserv - ok}

^{16:28:13.0843 7512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys}

^{16:28:13.0874 7512 cdfs - ok}

^{16:28:13.0905 7512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys}

^{16:28:13.0921 7512 cdrom - ok}

^{16:28:13.0937 7512 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll}

^{16:28:13.0952 7512 CertPropSvc - ok}

^{16:28:13.0952 7512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys}

^{16:28:13.0968 7512 circlass - ok}

^{16:28:13.0999 7512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys}

^{16:28:14.0030 7512 CLFS - ok}

^{16:28:14.0093 7512 CLKMSVC10_9EC60124 (730bf325e4cc1e3935b81943ac6da216) C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe}

^{16:28:14.0108 7512 CLKMSVC10_9EC60124 - ok}

^{16:28:14.0202 7512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe}

^{16:28:14.0202 7512 clr_optimization_v2.0.50727_32 - ok}

^{16:28:14.0280 7512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe}

^{16:28:14.0280 7512 clr_optimization_v2.0.50727_64 - ok}

^{16:28:14.0327 7512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe}

^{16:28:14.0342 7512 clr_optimization_v4.0.30319_32 - ok}

^{16:28:14.0373 7512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe}

^{16:28:14.0389 7512 clr_optimization_v4.0.30319_64 - ok}

^{16:28:14.0389 7512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys}

^{16:28:14.0405 7512 CmBatt - ok}

^{16:28:14.0420 7512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys}

^{16:28:14.0420 7512 cmdide - ok}

^{16:28:14.0467 7512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys}

^{16:28:14.0498 7512 CNG - ok}

^{16:28:14.0498 7512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys}

^{16:28:14.0514 7512 Compbatt - ok}

^{16:28:14.0514 7512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys}

^{16:28:14.0529 7512 CompositeBus - ok}

^{16:28:14.0529 7512 COMSysApp - ok}

^{16:28:14.0545 7512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys}

^{16:28:14.0545 7512 crcdisk - ok}

^{16:28:14.0592 7512 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe}

^{16:28:14.0592 7512 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning}

^{16:28:14.0592 7512 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)}

^{16:28:14.0607 7512 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe}

^{16:28:14.0623 7512 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning}

^{16:28:14.0623 7512 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)}

^{16:28:14.0639 7512 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll}

^{16:28:14.0685 7512 CryptSvc - ok}

^{16:28:14.0732 7512 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe}

^{16:28:14.0748 7512 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning}

^{16:28:14.0748 7512 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)}

^{16:28:14.0779 7512 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys}

^{16:28:14.0795 7512 CVirtA - ok}

^{16:28:14.0888 7512 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe}

^{16:28:14.0919 7512 CVPND - ok}

^{16:28:14.0935 7512 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys}

^{16:28:14.0951 7512 CVPNDRVA - ok}

^{16:28:14.0997 7512 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll}

^{16:28:15.0044 7512 DcomLaunch - ok}

^{16:28:15.0075 7512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll}

^{16:28:15.0107 7512 defragsvc - ok}

^{16:28:15.0122 7512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys}

^{16:28:15.0138 7512 DfsC - ok}

^{16:28:15.0169 7512 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll}

^{16:28:15.0185 7512 Dhcp - ok}

^{16:28:15.0200 7512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys}

^{16:28:15.0216 7512 discache - ok}

^{16:28:15.0231 7512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys}

^{16:28:15.0231 7512 Disk - ok}

^{16:28:15.0294 7512 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys}

^{16:28:15.0309 7512 DNE - ok}

^{16:28:15.0341 7512 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll}

^{16:28:15.0356 7512 Dnscache - ok}

^{16:28:15.0403 7512 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll}

^{16:28:15.0450 7512 dot3svc - ok}

^{16:28:15.0497 7512 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll}

^{16:28:15.0528 7512 DPS - ok}

^{16:28:15.0543 7512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys}

^{16:28:15.0559 7512 drmkaud - ok}

^{16:28:15.0606 7512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys}

^{16:28:15.0637 7512 DXGKrnl - ok}

^{16:28:15.0653 7512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll}

^{16:28:15.0668 7512 EapHost - ok}

^{16:28:15.0777 7512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys}

^{16:28:15.0809 7512 ebdrv - ok}

^{16:28:15.0855 7512 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe}

^{16:28:15.0871 7512 EFS - ok}

^{16:28:15.0933 7512 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe}

^{16:28:15.0965 7512 ehRecvr - ok}

^{16:28:15.0980 7512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe}

^{16:28:15.0996 7512 ehSched - ok}

^{16:28:16.0027 7512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys}

^{16:28:16.0043 7512 elxstor - ok}

^{16:28:16.0058 7512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys}

^{16:28:16.0058 7512 ErrDev - ok}

^{16:28:16.0105 7512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll}

^{16:28:16.0121 7512 EventSystem - ok}

^{16:28:16.0121 7512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys}

^{16:28:16.0152 7512 exfat - ok}

^{16:28:16.0167 7512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys}

^{16:28:16.0183 7512 fastfat - ok}

^{16:28:16.0230 7512 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe}

^{16:28:16.0261 7512 Fax - ok}

^{16:28:16.0261 7512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys}

^{16:28:16.0277 7512 fdc - ok}

^{16:28:16.0277 7512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll}

^{16:28:16.0308 7512 fdPHost - ok}

^{16:28:16.0323 7512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll}

^{16:28:16.0370 7512 FDResPub - ok}

^{16:28:16.0386 7512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys}

^{16:28:16.0386 7512 FileInfo - ok}

^{16:28:16.0417 7512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys}

^{16:28:16.0448 7512 Filetrace - ok}

^{16:28:16.0526 7512 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe}

^{16:28:16.0542 7512 FLEXnet Licensing Service - ok}

^{16:28:16.0542 7512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys}

^{16:28:16.0557 7512 flpydisk - ok}

^{16:28:16.0589 7512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys}

^{16:28:16.0589 7512 FltMgr - ok}

^{16:28:16.0651 7512 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll}

^{16:28:16.0682 7512 FontCache - ok}

^{16:28:16.0760 7512 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe}

^{16:28:16.0760 7512 FontCache3.0.0.0 - ok}

^{16:28:16.0791 7512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys}

^{16:28:16.0807 7512 FsDepends - ok}

^{16:28:16.0854 7512 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys}

^{16:28:16.0869 7512 Fs_Rec - ok}

^{16:28:16.0932 7512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys}

^{16:28:16.0947 7512 fvevol - ok}

^{16:28:16.0963 7512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys}

^{16:28:16.0963 7512 gagp30kx - ok}

^{16:28:17.0025 7512 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll}

^{16:28:17.0057 7512 gpsvc - ok}

^{16:28:17.0072 7512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys}

^{16:28:17.0088 7512 hcw85cir - ok}

^{16:28:17.0135 7512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys}

^{16:28:17.0150 7512 HdAudAddService - ok}

^{16:28:17.0181 7512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys}

^{16:28:17.0213 7512 HDAudBus - ok}

^{16:28:17.0213 7512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys}

^{16:28:17.0228 7512 HidBatt - ok}

^{16:28:17.0244 7512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys}

^{16:28:17.0259 7512 HidBth - ok}

^{16:28:17.0275 7512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys}

^{16:28:17.0291 7512 HidIr - ok}

^{16:28:17.0306 7512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll}

^{16:28:17.0322 7512 hidserv - ok}

^{16:28:17.0322 7512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys}

^{16:28:17.0337 7512 HidUsb - ok}

^{16:28:17.0369 7512 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll}

^{16:28:17.0400 7512 hkmsvc - ok}

^{16:28:17.0447 7512 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll}

^{16:28:17.0462 7512 HomeGroupListener - ok}

^{16:28:17.0493 7512 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll}

^{16:28:17.0509 7512 HomeGroupProvider - ok}

^{16:28:17.0509 7512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys}

^{16:28:17.0525 7512 HpSAMD - ok}

^{16:28:17.0556 7512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys}

^{16:28:17.0571 7512 HTTP - ok}

^{16:28:17.0587 7512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys}

^{16:28:17.0587 7512 hwpolicy - ok}

^{16:28:17.0603 7512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys}

^{16:28:17.0603 7512 i8042prt - ok}

^{16:28:17.0634 7512 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys}

^{16:28:17.0649 7512 iaStor - ok}

^{16:28:17.0681 7512 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe}

^{16:28:17.0681 7512 IAStorDataMgrSvc - ok}

^{16:28:17.0743 7512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys}

^{16:28:17.0759 7512 iaStorV - ok}

^{16:28:17.0821 7512 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe}

^{16:28:17.0852 7512 idsvc - ok}

^{16:28:17.0868 7512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys}

^{16:28:17.0883 7512 iirsp - ok}

^{16:28:17.0915 7512 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll}

^{16:28:17.0961 7512 IKEEXT - ok}

^{16:28:17.0993 7512 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys}

^{16:28:18.0008 7512 Impcd - ok}

^{16:28:18.0024 7512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys}

^{16:28:18.0039 7512 intelide - ok}

^{16:28:18.0055 7512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys}

^{16:28:18.0071 7512 intelppm - ok}

^{16:28:18.0117 7512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll}

^{16:28:18.0164 7512 IPBusEnum - ok}

^{16:28:18.0164 7512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys}

^{16:28:18.0180 7512 IpFilterDriver - ok}

^{16:28:18.0211 7512 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll}

^{16:28:18.0258 7512 iphlpsvc - ok}

^{16:28:18.0258 7512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys}

^{16:28:18.0273 7512 IPMIDRV - ok}

^{16:28:18.0305 7512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys}

^{16:28:18.0320 7512 IPNAT - ok}

^{16:28:18.0351 7512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys}

^{16:28:18.0351 7512 IRENUM - ok}

^{16:28:18.0351 7512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys}

^{16:28:18.0367 7512 isapnp - ok}

^{16:28:18.0414 7512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys}

^{16:28:18.0429 7512 iScsiPrt - ok}

^{16:28:18.0461 7512 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys}

^{16:28:18.0492 7512 k57nd60a - ok}

^{16:28:18.0507 7512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys}

^{16:28:18.0507 7512 kbdclass - ok}

^{16:28:18.0539 7512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys}

^{16:28:18.0554 7512 kbdhid - ok}

^{16:28:18.0585 7512 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe}

^{16:28:18.0601 7512 KeyIso - ok}

^{16:28:18.0663 7512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys}

^{16:28:18.0679 7512 KSecDD - ok}

^{16:28:18.0726 7512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys}

^{16:28:18.0741 7512 KSecPkg - ok}

^{16:28:18.0757 7512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys}

^{16:28:18.0773 7512 ksthunk - ok}

^{16:28:18.0851 7512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll}

^{16:28:18.0882 7512 KtmRm - ok}

^{16:28:18.0929 7512 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll}

^{16:28:18.0960 7512 LanmanServer - ok}

^{16:28:18.0975 7512 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll}

^{16:28:19.0007 7512 LanmanWorkstation - ok}

^{16:28:19.0007 7512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys}

^{16:28:19.0038 7512 lltdio - ok}

^{16:28:19.0116 7512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll}

^{16:28:19.0147 7512 lltdsvc - ok}

^{16:28:19.0163 7512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll}

^{16:28:19.0209 7512 lmhosts - ok}

^{16:28:19.0225 7512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys}

^{16:28:19.0241 7512 LSI_FC - ok}

^{16:28:19.0241 7512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys}

^{16:28:19.0256 7512 LSI_SAS - ok}

^{16:28:19.0272 7512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys}

^{16:28:19.0272 7512 LSI_SAS2 - ok}

^{16:28:19.0272 7512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys}

^{16:28:19.0287 7512 LSI_SCSI - ok}

^{16:28:19.0319 7512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys}

^{16:28:19.0334 7512 luafv - ok}

^{16:28:19.0381 7512 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll}

^{16:28:19.0397 7512 Mcx2Svc - ok}

^{16:28:19.0397 7512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys}

^{16:28:19.0397 7512 megasas - ok}

^{16:28:19.0412 7512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys}

^{16:28:19.0428 7512 MegaSR - ok}

^{16:28:19.0490 7512 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys}

^{16:28:19.0490 7512 MEIx64 - ok}

^{16:28:19.0506 7512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll}

^{16:28:19.0537 7512 MMCSS - ok}

^{16:28:19.0537 7512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys}

^{16:28:19.0553 7512 Modem - ok}

^{16:28:19.0615 7512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys}

^{16:28:19.0646 7512 monitor - ok}

^{16:28:19.0646 7512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys}

^{16:28:19.0662 7512 mouclass - ok}

^{16:28:19.0677 7512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys}

^{16:28:19.0693 7512 mouhid - ok}

^{16:28:19.0709 7512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys}

^{16:28:19.0724 7512 mountmgr - ok}

^{16:28:19.0740 7512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys}

^{16:28:19.0755 7512 mpio - ok}

^{16:28:19.0755 7512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys}

^{16:28:19.0787 7512 mpsdrv - ok}

^{16:28:19.0818 7512 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll}

^{16:28:19.0865 7512 MpsSvc - ok}

^{16:28:19.0865 7512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys}

^{16:28:19.0880 7512 MRxDAV - ok}

^{16:28:19.0911 7512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys}

^{16:28:19.0927 7512 mrxsmb - ok}

^{16:28:19.0958 7512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys}

^{16:28:19.0974 7512 mrxsmb10 - ok}

^{16:28:19.0989 7512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys}

^{16:28:20.0005 7512 mrxsmb20 - ok}

^{16:28:20.0021 7512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys}

^{16:28:20.0036 7512 msahci - ok}

^{16:28:20.0036 7512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys}

^{16:28:20.0052 7512 msdsm - ok}

^{16:28:20.0083 7512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe}

^{16:28:20.0099 7512 MSDTC - ok}

^{16:28:20.0114 7512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys}

^{16:28:20.0130 7512 Msfs - ok}

^{16:28:20.0192 7512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys}

^{16:28:20.0239 7512 mshidkmdf - ok}

^{16:28:20.0255 7512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys}

^{16:28:20.0255 7512 msisadrv - ok}

^{16:28:20.0301 7512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll}

^{16:28:20.0348 7512 MSiSCSI - ok}

^{16:28:20.0348 7512 msiserver - ok}

^{16:28:20.0348 7512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys}

^{16:28:20.0379 7512 MSKSSRV - ok}

^{16:28:20.0379 7512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys}

^{16:28:20.0395 7512 MSPCLOCK - ok}

^{16:28:20.0395 7512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys}

^{16:28:20.0426 7512 MSPQM - ok}

^{16:28:20.0457 7512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys}

^{16:28:20.0473 7512 MsRPC - ok}

^{16:28:20.0473 7512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys}

^{16:28:20.0489 7512 mssmbios - ok}

^{16:28:20.0489 7512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys}

^{16:28:20.0504 7512 MSTEE - ok}

^{16:28:20.0520 7512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys}

^{16:28:20.0520 7512 MTConfig - ok}

^{16:28:20.0520 7512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys}

^{16:28:20.0535 7512 Mup - ok}

^{16:28:20.0551 7512 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll}

^{16:28:20.0582 7512 napagent - ok}

^{16:28:20.0598 7512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys}

^{16:28:20.0613 7512 NativeWifiP - ok}

^{16:28:20.0676 7512 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys}

^{16:28:20.0691 7512 NDIS - ok}

^{16:28:20.0691 7512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys}

^{16:28:20.0723 7512 NdisCap - ok}

^{16:28:20.0723 7512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys}

^{16:28:20.0738 7512 NdisTapi - ok}

^{16:28:20.0754 7512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys}

^{16:28:20.0785 7512 Ndisuio - ok}

^{16:28:20.0801 7512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys}

^{16:28:20.0816 7512 NdisWan - ok}

^{16:28:20.0832 7512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys}

^{16:28:20.0847 7512 NDProxy - ok}

^{16:28:20.0863 7512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys}

^{16:28:20.0879 7512 NetBIOS - ok}

^{16:28:20.0910 7512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys}

^{16:28:20.0925 7512 NetBT - ok}

^{16:28:20.0925 7512 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe}

^{16:28:20.0941 7512 Netlogon - ok}

^{16:28:20.0957 7512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll}

^{16:28:20.0988 7512 Netman - ok}

^{16:28:21.0050 7512 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe}

^{16:28:21.0066 7512 NetMsmqActivator - ok}

^{16:28:21.0066 7512 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe}

^{16:28:21.0081 7512 NetPipeActivator - ok}

^{16:28:21.0113 7512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll}

^{16:28:21.0159 7512 netprofm - ok}

^{16:28:21.0159 7512 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe}

^{16:28:21.0159 7512 NetTcpActivator - ok}

^{16:28:21.0175 7512 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe}

^{16:28:21.0175 7512 NetTcpPortSharing - ok}

^{16:28:21.0191 7512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys}

^{16:28:21.0191 7512 nfrd960 - ok}

^{16:28:21.0237 7512 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll}

^{16:28:21.0253 7512 NlaSvc - ok}

^{16:28:21.0362 7512 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe}

^{16:28:21.0393 7512 NOBU - ok}

^{16:28:21.0456 7512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys}

^{16:28:21.0487 7512 Npfs - ok}

^{16:28:21.0487 7512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll}

^{16:28:21.0518 7512 nsi - ok}

^{16:28:21.0518 7512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys}

^{16:28:21.0549 7512 nsiproxy - ok}

^{16:28:21.0612 7512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys}

^{16:28:21.0643 7512 Ntfs - ok}

^{16:28:21.0659 7512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys}

^{16:28:21.0674 7512 Null - ok}

^{16:28:21.0705 7512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys}

^{16:28:21.0721 7512 nvraid - ok}

^{16:28:21.0737 7512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys}

^{16:28:21.0737 7512 nvstor - ok}

^{16:28:21.0768 7512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys}

^{16:28:21.0768 7512 nv_agp - ok}

^{16:28:21.0783 7512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys}

^{16:28:21.0783 7512 ohci1394 - ok}

^{16:28:21.0861 7512 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE}

^{16:28:21.0861 7512 ose - ok}

^{16:28:22.0064 7512 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE}

^{16:28:22.0111 7512 osppsvc - ok}

^{16:28:22.0142 7512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll}

^{16:28:22.0158 7512 p2pimsvc - ok}

^{16:28:22.0205 7512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll}

^{16:28:22.0220 7512 p2psvc - ok}

^{16:28:22.0236 7512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys}

^{16:28:22.0236 7512 Parport - ok}

^{16:28:22.0251 7512 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys}

^{16:28:22.0267 7512 partmgr - ok}

^{16:28:22.0283 7512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll}

^{16:28:22.0283 7512 PcaSvc - ok}

^{16:28:22.0329 7512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys}

^{16:28:22.0345 7512 pci - ok}

^{16:28:22.0376 7512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys}

^{16:28:22.0376 7512 pciide - ok}

^{16:28:22.0392 7512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys}

^{16:28:22.0392 7512 pcmcia - ok}

^{16:28:22.0423 7512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys}

^{16:28:22.0423 7512 pcw - ok}

^{16:28:22.0470 7512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys}

^{16:28:22.0501 7512 PEAUTH - ok}

^{16:28:22.0563 7512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe}

^{16:28:22.0595 7512 PerfHost - ok}

^{16:28:22.0673 7512 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll}

^{16:28:22.0704 7512 pla - ok}

^{16:28:22.0751 7512 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll}

^{16:28:22.0782 7512 PlugPlay - ok}

^{16:28:22.0797 7512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll}

^{16:28:22.0813 7512 PNRPAutoReg - ok}

^{16:28:22.0813 7512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll}

^{16:28:22.0829 7512 PNRPsvc - ok}

^{16:28:22.0875 7512 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll}

^{16:28:22.0907 7512 PolicyAgent - ok}

^{16:28:22.0938 7512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll}

^{16:28:22.0969 7512 Power - ok}

^{16:28:23.0000 7512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys}

^{16:28:23.0031 7512 PptpMiniport - ok}

^{16:28:23.0031 7512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys}

^{16:28:23.0047 7512 Processor - ok}

^{16:28:23.0063 7512 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll}

^{16:28:23.0078 7512 ProfSvc - ok}

^{16:28:23.0125 7512 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe}

^{16:28:23.0125 7512 ProtectedStorage - ok}

^{16:28:23.0141 7512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys}

^{16:28:23.0172 7512 Psched - ok}

^{16:28:23.0203 7512 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys}

^{16:28:23.0219 7512 PxHlpa64 - ok}

^{16:28:23.0297 7512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys}

^{16:28:23.0328 7512 ql2300 - ok}

^{16:28:23.0328 7512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys}

^{16:28:23.0343 7512 ql40xx - ok}

^{16:28:23.0375 7512 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll}

^{16:28:23.0390 7512 QWAVE - ok}

^{16:28:23.0406 7512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys}

^{16:28:23.0437 7512 QWAVEdrv - ok}

^{16:28:23.0437 7512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys}

^{16:28:23.0453 7512 RasAcd - ok}

^{16:28:23.0468 7512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys}

^{16:28:23.0499 7512 RasAgileVpn - ok}

^{16:28:23.0515 7512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll}

^{16:28:23.0531 7512 RasAuto - ok}

^{16:28:23.0562 7512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys}

^{16:28:23.0577 7512 Rasl2tp - ok}

^{16:28:23.0609 7512 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll}

^{16:28:23.0624 7512 RasMan - ok}

^{16:28:23.0671 7512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys}

^{16:28:23.0687 7512 RasPppoe - ok}

^{16:28:23.0718 7512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys}

^{16:28:23.0749 7512 RasSstp - ok}

^{16:28:23.0780 7512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys}

^{16:28:23.0811 7512 rdbss - ok}

^{16:28:23.0811 7512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys}

^{16:28:23.0827 7512 rdpbus - ok}

^{16:28:23.0827 7512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys}

^{16:28:23.0858 7512 RDPCDD - ok}

^{16:28:23.0874 7512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys}

^{16:28:23.0889 7512 RDPENCDD - ok}

^{16:28:23.0905 7512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys}

^{16:28:23.0921 7512 RDPREFMP - ok}

^{16:28:23.0967 7512 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys}

^{16:28:23.0983 7512 RDPWD - ok}

^{16:28:24.0030 7512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys}

^{16:28:24.0045 7512 rdyboost - ok}

^{16:28:24.0077 7512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll}

^{16:28:24.0108 7512 RemoteAccess - ok}

^{16:28:24.0139 7512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll}

^{16:28:24.0170 7512 RemoteRegistry - ok}

^{16:28:24.0279 7512 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe}

^{16:28:24.0311 7512 RoxMediaDB12OEM - ok}

^{16:28:24.0373 7512 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe}

^{16:28:24.0389 7512 RoxWatch12 - ok}

^{16:28:24.0404 7512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll}

^{16:28:24.0420 7512 RpcEptMapper - ok}

^{16:28:24.0435 7512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe}

^{16:28:24.0451 7512 RpcLocator - ok}

^{16:28:24.0482 7512 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll}

^{16:28:24.0529 7512 RpcSs - ok}

^{16:28:24.0545 7512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys}

^{16:28:24.0560 7512 rspndr - ok}

^{16:28:24.0576 7512 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe}

^{16:28:24.0576 7512 SamSs - ok}

^{16:28:24.0607 7512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys}

^{16:28:24.0623 7512 sbp2port - ok}

^{16:28:24.0654 7512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll}

^{16:28:24.0701 7512 SCardSvr - ok}

^{16:28:24.0716 7512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys}

^{16:28:24.0732 7512 scfilter - ok}

^{16:28:24.0810 7512 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll}

^{16:28:24.0841 7512 Schedule - ok}

^{16:28:24.0857 7512 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll}

^{16:28:24.0872 7512 SCPolicySvc - ok}

^{16:28:24.0903 7512 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll}

^{16:28:24.0919 7512 SDRSVC - ok}

^{16:28:24.0935 7512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys}

^{16:28:24.0966 7512 secdrv - ok}

^{16:28:24.0981 7512 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll}

^{16:28:24.0997 7512 seclogon - ok}

^{16:28:25.0028 7512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll}

^{16:28:25.0044 7512 SENS - ok}

^{16:28:25.0075 7512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll}

^{16:28:25.0075 7512 SensrSvc - ok}

^{16:28:25.0091 7512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys}

^{16:28:25.0091 7512 Serenum - ok}

^{16:28:25.0091 7512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys}

^{16:28:25.0106 7512 Serial - ok}

^{16:28:25.0106 7512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys}

^{16:28:25.0106 7512 sermouse - ok}

^{16:28:25.0137 7512 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll}

^{16:28:25.0169 7512 SessionEnv - ok}

^{16:28:25.0184 7512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys}

^{16:28:25.0184 7512 sffdisk - ok}

^{16:28:25.0184 7512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys}

^{16:28:25.0200 7512 sffp_mmc - ok}

^{16:28:25.0200 7512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys}

^{16:28:25.0200 7512 sffp_sd - ok}

^{16:28:25.0215 7512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys}

^{16:28:25.0215 7512 sfloppy - ok}

^{16:28:25.0309 7512 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE}

^{16:28:25.0340 7512 SftService - ok}

^{16:28:25.0371 7512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll}

^{16:28:25.0403 7512 SharedAccess - ok}

^{16:28:25.0434 7512 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll}

^{16:28:25.0449 7512 ShellHWDetection - ok}

^{16:28:25.0449 7512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys}

^{16:28:25.0465 7512 SiSRaid2 - ok}

^{16:28:25.0465 7512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys}

^{16:28:25.0465 7512 SiSRaid4 - ok}

^{16:28:25.0481 7512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys}

^{16:28:25.0496 7512 Smb - ok}

^{16:28:25.0512 7512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe}

^{16:28:25.0512 7512 SNMPTRAP - ok}

^{16:28:25.0543 7512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys}

^{16:28:25.0543 7512 spldr - ok}

^{16:28:25.0559 7512 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe}

^{16:28:25.0590 7512 Spooler - ok}

^{16:28:25.0683 7512 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe}

^{16:28:25.0730 7512 sppsvc - ok}

^{16:28:25.0761 7512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll}

^{16:28:25.0777 7512 sppuinotify - ok}

^{16:28:25.0808 7512 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys}

^{16:28:25.0824 7512 Spyder3 - ok}

^{16:28:25.0886 7512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys}

^{16:28:25.0902 7512 srv - ok}

^{16:28:25.0949 7512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys}

^{16:28:25.0964 7512 srv2 - ok}

^{16:28:26.0011 7512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys}

^{16:28:26.0027 7512 srvnet - ok}

^{16:28:26.0058 7512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll}

^{16:28:26.0089 7512 SSDPSRV - ok}

^{16:28:26.0120 7512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll}

^{16:28:26.0151 7512 SstpSvc - ok}

^{16:28:26.0167 7512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys}

^{16:28:26.0183 7512 stexstor - ok}

^{16:28:26.0229 7512 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll}

^{16:28:26.0261 7512 stisvc - ok}

^{16:28:26.0307 7512 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe}

^{16:28:26.0307 7512 stllssvr - ok}

^{16:28:26.0339 7512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys}

^{16:28:26.0354 7512 swenum - ok}

^{16:28:26.0448 7512 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe}

^{16:28:26.0479 7512 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning}

^{16:28:26.0479 7512 SwitchBoard - detected UnsignedFile.Multi.Generic (1)}

^{16:28:26.0495 7512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll}

^{16:28:26.0541 7512 swprv - ok}

^{16:28:26.0619 7512 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll}

^{16:28:26.0651 7512 SysMain - ok}

^{16:28:26.0713 7512 t3 (6b153e518dbe6ef59191152e1ecf7ed4) C:\Windows\system32\drivers\t3.sys}

^{16:28:26.0744 7512 t3 - ok}

^{16:28:26.0775 7512 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll}

^{16:28:26.0791 7512 TabletInputService - ok}

^{16:28:26.0838 7512 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll}

^{16:28:26.0869 7512 TapiSrv - ok}

^{16:28:26.0885 7512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll}

^{16:28:26.0916 7512 TBS - ok}

^{16:28:27.0009 7512 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys}

^{16:28:27.0041 7512 Tcpip - ok}

^{16:28:27.0072 7512 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys}

^{16:28:27.0087 7512 TCPIP6 - ok}

^{16:28:27.0103 7512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys}

^{16:28:27.0119 7512 tcpipreg - ok}

^{16:28:27.0134 7512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys}

^{16:28:27.0150 7512 TDPIPE - ok}

^{16:28:27.0181 7512 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys}

^{16:28:27.0181 7512 TDTCP - ok}

^{16:28:27.0212 7512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys}

^{16:28:27.0228 7512 tdx - ok}

^{16:28:27.0243 7512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys}

^{16:28:27.0259 7512 TermDD - ok}

^{16:28:27.0321 7512 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll}

^{16:28:27.0353 7512 TermService - ok}

^{16:28:27.0384 7512 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll}

^{16:28:27.0384 7512 Themes - ok}

^{16:28:27.0415 7512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll}

^{16:28:27.0431 7512 THREADORDER - ok}

^{16:28:27.0477 7512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll}

^{16:28:27.0493 7512 TrkWks - ok}

^{16:28:27.0540 7512 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe}

^{16:28:27.0587 7512 TrustedInstaller - ok}

^{16:28:27.0602 7512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys}

^{16:28:27.0618 7512 tssecsrv - ok}

^{16:28:27.0633 7512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys}

^{16:28:27.0649 7512 TsUsbFlt - ok}

^{16:28:27.0649 7512 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys}

^{16:28:27.0649 7512 TsUsbGD - ok}

^{16:28:27.0665 7512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys}

^{16:28:27.0696 7512 tunnel - ok}

^{16:28:27.0696 7512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys}

^{16:28:27.0696 7512 uagp35 - ok}

^{16:28:27.0743 7512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys}

^{16:28:27.0789 7512 udfs - ok}

^{16:28:27.0805 7512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe}

^{16:28:27.0821 7512 UI0Detect - ok}

^{16:28:27.0821 7512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys}

^{16:28:27.0821 7512 uliagpkx - ok}

^{16:28:27.0852 7512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys}

^{16:28:27.0852 7512 umbus - ok}

^{16:28:27.0867 7512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys}

^{16:28:27.0867 7512 UmPass - ok}

^{16:28:27.0914 7512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll}

^{16:28:27.0945 7512 upnphost - ok}

^{16:28:27.0992 7512 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys}

^{16:28:28.0008 7512 usbaudio - ok}

^{16:28:28.0039 7512 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys}

^{16:28:28.0055 7512 usbccgp - ok}

^{16:28:28.0055 7512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys}

^{16:28:28.0070 7512 usbcir - ok}

^{16:28:28.0070 7512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys}

^{16:28:28.0086 7512 usbehci - ok}

^{16:28:28.0133 7512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys}

^{16:28:28.0148 7512 usbhub - ok}

^{16:28:28.0164 7512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys}

^{16:28:28.0179 7512 usbohci - ok}

^{16:28:28.0179 7512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys}

^{16:28:28.0179 7512 usbprint - ok}

^{16:28:28.0211 7512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS}

^{16:28:28.0211 7512 USBSTOR - ok}

^{16:28:28.0242 7512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys}

^{16:28:28.0242 7512 usbuhci - ok}

^{16:28:28.0273 7512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll}

^{16:28:28.0289 7512 UxSms - ok}

^{16:28:28.0320 7512 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe}

^{16:28:28.0320 7512 VaultSvc - ok}

^{16:28:28.0367 7512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys}

^{16:28:28.0367 7512 vdrvroot - ok}

^{16:28:28.0413 7512 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe}

^{16:28:28.0460 7512 vds - ok}

^{16:28:28.0476 7512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys}

^{16:28:28.0476 7512 vga - ok}

^{16:28:28.0507 7512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys}

^{16:28:28.0538 7512 VgaSave - ok}

^{16:28:28.0585 7512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys}

^{16:28:28.0585 7512 vhdmp - ok}

^{16:28:28.0616 7512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys}

^{16:28:28.0616 7512 viaide - ok}

^{16:28:28.0616 7512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys}

^{16:28:28.0632 7512 volmgr - ok}

^{16:28:28.0679 7512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys}

^{16:28:28.0694 7512 volmgrx - ok}

^{16:28:28.0725 7512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys}

^{16:28:28.0741 7512 volsnap - ok}

^{16:28:28.0803 7512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys}

^{16:28:28.0819 7512 vsmraid - ok}

^{16:28:28.0881 7512 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe}

^{16:28:28.0913 7512 VSS - ok}

^{16:28:28.0944 7512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys}

^{16:28:28.0944 7512 vwifibus - ok}

^{16:28:29.0006 7512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll}

^{16:28:29.0053 7512 W32Time - ok}

^{16:28:29.0053 7512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys}

^{16:28:29.0053 7512 WacomPen - ok}

^{16:28:29.0100 7512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys}

^{16:28:29.0131 7512 WANARP - ok}

^{16:28:29.0131 7512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys}

^{16:28:29.0162 7512 Wanarpv6 - ok}

^{16:28:29.0225 7512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe}

^{16:28:29.0256 7512 WatAdminSvc - ok}

^{16:28:29.0334 7512 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe}

^{16:28:29.0349 7512 wbengine - ok}

^{16:28:29.0381 7512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll}

^{16:28:29.0396 7512 WbioSrvc - ok}

^{16:28:29.0412 7512 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll}

^{16:28:29.0427 7512 wcncsvc - ok}

^{16:28:29.0443 7512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll}

^{16:28:29.0443 7512 WcsPlugInService - ok}

^{16:28:29.0443 7512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys}

^{16:28:29.0459 7512 Wd - ok}

^{16:28:29.0505 7512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys}

^{16:28:29.0537 7512 Wdf01000 - ok}

^{16:28:29.0552 7512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll}

^{16:28:29.0568 7512 WdiServiceHost - ok}

^{16:28:29.0568 7512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll}

^{16:28:29.0583 7512 WdiSystemHost - ok}

^{16:28:29.0615 7512 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll}

^{16:28:29.0630 7512 WebClient - ok}

^{16:28:29.0693 7512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll}

^{16:28:29.0739 7512 Wecsvc - ok}

^{16:28:29.0739 7512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll}

^{16:28:29.0771 7512 wercplsupport - ok}

^{16:28:29.0786 7512 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll}

^{16:28:29.0802 7512 WerSvc - ok}

^{16:28:29.0802 7512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys}

^{16:28:29.0833 7512 WfpLwf - ok}

^{16:28:29.0895 7512 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys}

^{16:28:29.0911 7512 WimFltr - ok}

^{16:28:29.0911 7512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys}

^{16:28:29.0927 7512 WIMMount - ok}

^{16:28:29.0958 7512 WinDefend - ok}

^{16:28:29.0958 7512 WinHttpAutoProxySvc - ok}

^{16:28:30.0020 7512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll}

^{16:28:30.0051 7512 Winmgmt - ok}

^{16:28:30.0145 7512 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll}

^{16:28:30.0176 7512 WinRM - ok}

^{16:28:30.0223 7512 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys}

^{16:28:30.0239 7512 WinUsb - ok}

^{16:28:30.0301 7512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll}

^{16:28:30.0332 7512 Wlansvc - ok}

^{16:28:30.0379 7512 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe}

^{16:28:30.0395 7512 wlcrasvc - ok}

^{16:28:30.0488 7512 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE}

^{16:28:30.0535 7512 wlidsvc - ok}

^{16:28:30.0535 7512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys}

^{16:28:30.0535 7512 WmiAcpi - ok}

^{16:28:30.0582 7512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe}

^{16:28:30.0597 7512 wmiApSrv - ok}

^{16:28:30.0597 7512 WMPNetworkSvc - ok}

^{16:28:30.0613 7512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll}

^{16:28:30.0629 7512 WPCSvc - ok}

^{16:28:30.0660 7512 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll}

^{16:28:30.0675 7512 WPDBusEnum - ok}

^{16:28:30.0691 7512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys}

^{16:28:30.0707 7512 ws2ifsl - ok}

^{16:28:30.0738 7512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll}

^{16:28:30.0753 7512 wscsvc - ok}

^{16:28:30.0753 7512 WSearch - ok}

^{16:28:30.0847 7512 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll}

^{16:28:30.0878 7512 wuauserv - ok}

^{16:28:30.0909 7512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys}

^{16:28:30.0941 7512 WudfPf - ok}

^{16:28:30.0956 7512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys}

^{16:28:30.0972 7512 WUDFRd - ok}

^{16:28:30.0987 7512 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll}

^{16:28:31.0019 7512 wudfsvc - ok}

^{16:28:31.0065 7512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll}

^{16:28:31.0081 7512 WwanSvc - ok}

^{16:28:31.0097 7512 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0}

^{16:28:31.0237 7512 \Device\Harddisk0\DR0 - ok}

^{16:28:31.0237 7512 Boot (0x1200) (88d88a44934085f2334897c9db3933bd) \Device\Harddisk0\DR0\Partition0}

^{16:28:31.0237 7512 \Device\Harddisk0\DR0\Partition0 - ok}

^{16:28:31.0268 7512 Boot (0x1200) (4ffe5f7dd155a09664590409fe2329b5) \Device\Harddisk0\DR0\Partition1}

^{16:28:31.0268 7512 \Device\Harddisk0\DR0\Partition1 - ok}

^{16:28:31.0268 7512 ============================================================}

^{16:28:31.0268 7512 Scan finished}

^{16:28:31.0268 7512 ============================================================}

^{16:28:31.0284 2564 Detected object count: 4}

^{16:28:31.0284 2564 Actual detected object count: 4}

^{16:31:03.0181 2564 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:31:03.0181 2564 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:31:03.0181 2564 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:31:03.0196 2564 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:31:03.0196 2564 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:31:03.0196 2564 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip}

^{16:31:03.0196 2564 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user}

^{16:31:03.0196 2564 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip}

[MrCharlie]

That scan was clean.....

Please download and run ComboFix. (you don't have to worry about the Recovery Console)

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:

If you get the message Illegal operation attempted on registry key that has been marked for deletion. after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[Houseman]

Ok, I did that.

When I ran Combofix, I didn't get any message about the Windows Recovery Console. Combofix rebooted the PC. I got a message "No registered debugger found" - I had the option to retry and manually install or cancel so I selected cancel.

Here is the log:

ComboFix 12-04-27.02 - Jen 27/04/2012 17:17:25.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8174.6071 [GMT 1:00]

Running from: c:\users\Jen\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk

c:\windows\SysWow64\CmdRtr.DLL.tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-03-27 to 2012-04-27 )))))))))))))))))))))))))))))))

.

.

2012-04-27 09:30 . 2012-04-27 09:30 -------- d-----w- c:\users\Jen\AppData\Roaming\AVG

2012-04-25 14:10 . 2012-04-25 14:10 -------- d-----w- c:\users\Jen\AppData\Roaming\Malwarebytes

2012-04-25 14:10 . 2012-04-27 13:36 -------- d-----w- c:\programdata\Malwarebytes

2012-04-25 14:10 . 2012-04-25 14:10 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-04-25 14:10 . 2012-04-04 14:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-24 19:10 . 2012-04-25 06:47 -------- d-----w- c:\users\Jen\AppData\Roaming\gizza

2012-04-24 19:10 . 2012-04-24 19:10 -------- d-----w- c:\programdata\Local Settings

2012-04-18 17:49 . 2012-04-18 17:49 -------- d-----w- c:\users\Jen\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-04-18 17:49 . 2012-04-18 17:49 -------- d-----w- c:\users\Jen\AppData\Roaming\Adobe Mini Bridge CS5

2012-04-18 17:14 . 2012-04-18 17:14 -------- d-----w- c:\users\Jen\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2012-04-12 22:22 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-12 22:22 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-04-12 22:22 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-12 22:22 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-12 22:22 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-12 22:22 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-12 22:22 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-08 23:35 . 2012-03-08 23:35 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-03-08 23:35 . 2012-03-08 23:35 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-03-08 23:35 . 2012-03-08 23:35 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-03-08 23:35 . 2012-03-08 23:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-03-08 23:35 . 2012-03-08 23:35 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-03-08 23:35 . 2012-03-08 23:35 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-03-08 23:35 . 2012-03-08 23:35 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-03-08 23:35 . 2012-03-08 23:35 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-03-08 23:35 . 2012-03-08 23:35 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-03-08 23:35 . 2012-03-08 23:35 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-03-08 23:35 . 2012-03-08 23:35 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-03-08 23:35 . 2012-03-08 23:35 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-03-08 23:35 . 2012-03-08 23:35 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-03-08 23:35 . 2012-03-08 23:35 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-03-08 23:35 . 2012-03-08 23:35 448512 ----a-w- c:\windows\system32\html.iec

2012-03-08 23:35 . 2012-03-08 23:35 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-03-08 23:35 . 2012-03-08 23:35 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-03-08 23:35 . 2012-03-08 23:35 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-03-08 23:35 . 2012-03-08 23:35 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-03-08 23:35 . 2012-03-08 23:35 222208 ----a-w- c:\windows\system32\msls31.dll

2012-03-08 23:35 . 2012-03-08 23:35 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-03-08 23:35 . 2012-03-08 23:35 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-03-08 23:35 . 2012-03-08 23:35 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-03-08 23:35 . 2012-03-08 23:35 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-03-08 23:35 . 2012-03-08 23:35 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-03-08 23:35 . 2012-03-08 23:35 12288 ----a-w- c:\windows\system32\mshta.exe

2012-03-08 23:35 . 2012-03-08 23:35 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-03-08 23:35 . 2012-03-08 23:35 114176 ----a-w- c:\windows\system32\admparse.dll

2012-03-08 23:35 . 2012-03-08 23:35 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-03-08 23:35 . 2012-03-08 23:35 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-03-08 23:35 . 2012-03-08 23:35 603648 ----a-w- c:\windows\system32\vbscript.dll

2012-03-08 23:35 . 2012-03-08 23:35 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-08 23:35 . 2012-03-08 23:35 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-03-08 23:35 . 2012-03-08 23:35 160256 ----a-w- c:\windows\system32\wextract.exe

2012-02-17 06:38 . 2012-03-14 07:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-17 05:34 . 2012-03-14 07:38 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-02-17 04:58 . 2012-03-14 07:38 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-17 04:57 . 2012-03-14 07:38 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-14 11:09 . 2012-02-14 11:09 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-02-10 06:36 . 2012-03-14 07:38 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-02-10 05:38 . 2012-03-14 07:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-02-03 04:34 . 2012-03-14 07:38 3145728 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1492456]

.

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2011-05-17 19:40 1492456 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1492456]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeBridge"="c:\program files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" [2010-03-09 11989960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-02-03 237693]

"SPIRunE"="SPIRunE.dll" [2009-07-27 18432]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]

"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]

"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]

"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-27 75048]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 1117528]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]

"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-07-07 75064]

"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-29 885760]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 395240]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe [2009-8-11 6798714]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/11/03 23:52;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-26 236016]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-11-03 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-11-03 79360]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]

S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

*Deregistered* - CLKMDRV10_9EC60124

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

2010-11-21 03:24 302592 ----a-w- c:\windows\System32\cmd.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2493259579-2056338842-1346216974-1001Core.job

- c:\users\Jen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-15 14:29]

.

2012-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2493259579-2056338842-1346216974-1001UA.job

- c:\users\Jen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-15 14:29]

.

2012-01-04 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20]

.

2012-04-27 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]

"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]

"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-27 2022976]

"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-29 2055016]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.co.uk/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.252.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe

c:\program files (x86)\Dell\Stage Remote\StageRemoteService.exe

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\AVG\AVG2012\avgmfapx.exe

.

**************************************************************************

.

Completion time: 2012-04-27 17:26:22 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-27 16:26

.

Pre-Run: 1,603,648,380,928 bytes free

Post-Run: 1,603,787,874,304 bytes free

.

- - End Of File - - 3D882DAB5DD56A5497266ECBFF4B8F61

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how it is, MrC

[Houseman]

I did the scan - no malicious items detected. Does that mean you've got rid of it?

Here's the log:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.27.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jen :: SSQ-LDNW7-57 [administrator]

27/04/2012 20:32:11

mbam-log-2012-04-27 (20-32-11).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 240741

Time elapsed: 1 minute(s), 43 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[MrCharlie]

Looks like it's gone right??

You said you repeated the scans and it was still there....looks like it's gone, because the scan is clean.

How's it running??

MrC

[Houseman]

Yes it does seem to be gone. Before going through this clean-up, MBAM found a trojan but couldn't delete it and if I went to the registry I could see an entry there. Now MBAM finds nothing and the entry is not in the registry anymore. The PC is running fine but to be fair, it seemed to be running fine even with the trojan.

That's amazing, thank you so much. You just saved me having to get my whole PC rebuilt. I will certainly make a donation to your site - you and your team are amazing to do this for nothing.

Hopefully this thing is gone for good.

Thank you.

[MrCharlie]

OK....Good

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[Houseman]

OK done (and checked the registry again to see if it came back on a re-boot and it didn't)

No questions, just a huge thank you. I am so grateful.

I had AVG antivirus and thought that was enough but I obviously need to do a lot more to protect my PC so thank you as well for your tips on that.

[MrCharlie]

OK...Take Care MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!