Jump to content

Google searches are redirected even after file was quarantined?


Recommended Posts

Any time I am googling something random, it will redirect me to a random website, listing it's IP in the url along with the name of the something, maybe the site. (The site always shows a S as the icon beside the url). I have used Norton to clean out one of the problems (trojan.tracur) but it didn't seem to work. I also tried Norton Power Eraser which deleted something harmful, but the problem still persists. Malwarebytes hasn't picked up anything so what's the problem?

Do I need to post any logs and such? Sorry I'm new to this so I forgot to.

Link to post
Share on other sites

Hello AlanBagh and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here and post both log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hello Maniac! :) I'm so happy you're here to help me. This malware has been driving me nuts.

Anyways here are both the logs:

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Shawn at 19:07:57 on 2012-06-15

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6050.3848 [GMT -5:00]

.

AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\SysWOW64\PnkBstrA.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\windows\system32\wbem\unsecapp.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\windows\system32\conhost.exe

C:\windows\System32\rundll32.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\windows\system32\conhost.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\System32\vds.exe

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\servicing\TrustedInstaller.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [Facebook Update] "C:\Users\Shawn\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

mRunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945}\2375942554034323 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945}\2375942554736323 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945}\44657533230313244383 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945}\4577F68416070797348696C6462756E6641627D6 : DhcpNameServer = 68.94.156.1 68.94.157.1

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945}\84F6D65675962756C6563737 : DhcpNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{A97BEF68-9B5D-4E74-A5B8-CFF657046945}\B495C454 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{D050E4B1-41DE-4C90-845D-12AA518A9F58} : DhcpNameServer = 192.168.1.1

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [(Default)]

mRun-x64: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

mRunOnce-x64: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Shawn\AppData\Roaming\Mozilla\Firefox\Profiles\unpjdcff.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npRLCT4Player.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Shawn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]

R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS --> C:\windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS --> C:\windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-6-5 1160824]

R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys --> C:\windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSviA64.sys [2012-6-13 488568]

R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS --> C:\windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\NAVx64\1307010.005\SYMNETS.SYS --> C:\windows\system32\Drivers\NAVx64\1307010.005\SYMNETS.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-2-24 89600]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-9-15 1166848]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-2-24 13336]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-2-24 689472]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-5-30 3048136]

R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\system32\DRIVERS\TurboB.sys --> C:\windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-2-24 2655768]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]

R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\windows\system32\DRIVERS\bpenum.sys --> C:\windows\system32\DRIVERS\bpenum.sys [?]

R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\windows\system32\DRIVERS\bpmp.sys --> C:\windows\system32\DRIVERS\bpmp.sys [?]

R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\windows\system32\Drivers\bpusb.sys --> C:\windows\system32\Drivers\bpusb.sys [?]

R3 btmaudio;Intel Bluetooth Audio Service;C:\windows\system32\drivers\btmaud.sys --> C:\windows\system32\drivers\btmaud.sys [?]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]

R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\system32\DRIVERS\CtClsFlt.sys --> C:\windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-30 138912]

R3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 iwdbus;IWD Bus Enumerator;C:\windows\system32\DRIVERS\iwdbus.sys --> C:\windows\system32\DRIVERS\iwdbus.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 tihub3;TI USB3 Hub Service;C:\windows\system32\DRIVERS\tihub3.sys --> C:\windows\system32\DRIVERS\tihub3.sys [?]

R3 tixhci;TI XHCI Service;C:\windows\system32\DRIVERS\tixhci.sys --> C:\windows\system32\DRIVERS\tixhci.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]

S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-1 257696]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\system32\drivers\intelaud.sys --> C:\windows\system32\drivers\intelaud.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-1 129976]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-9-15 340240]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-3 14544]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-06-15 06:10:56 -------- d-----w- C:\Users\Shawn\AppData\Roaming\Malwarebytes

2012-06-15 06:10:48 24904 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-06-15 06:10:48 -------- d-----w- C:\ProgramData\Malwarebytes

2012-06-15 06:10:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-06-15 06:05:56 43640 ----a-r- C:\windows\System32\drivers\SymIMV.sys

2012-06-14 01:32:10 -------- d-----w- C:\Users\Shawn\AppData\Local\NPE

2012-06-13 01:39:19 -------- d-----w- C:\Users\Shawn\AppData\Local\{12C5DC3C-ECAC-49AB-BD94-37AEF093F5F5}

2012-06-13 01:39:08 -------- d-----w- C:\Users\Shawn\AppData\Local\{38D1396B-105E-4CE7-A073-D2D9049DB0D7}

2012-06-13 01:26:21 -------- d-----w- C:\Users\Shawn\AppData\Local\{742A3028-D9A8-43CA-B534-7D4F05DDD7BD}

2012-06-13 01:26:09 -------- d-----w- C:\Users\Shawn\AppData\Local\{193DE80B-9C3E-4294-85C7-C9344BC758CA}

2012-06-12 19:25:04 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe

2012-06-12 19:25:04 77312 ----a-w- C:\windows\System32\rdpwsx.dll

2012-06-12 19:25:04 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll

2012-06-04 02:33:56 -------- d-----w- C:\Users\Shawn\AppData\Local\Facebook

2012-05-30 18:59:30 4966600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2012-05-28 03:03:58 -------- d-----w- C:\Users\Shawn\AppData\Roaming\LolClient2

2012-05-27 22:47:52 68616 ----a-w- C:\windows\SysWow64\XAPOFX1_1.dll

2012-05-27 22:47:52 509448 ----a-w- C:\windows\SysWow64\XAudio2_2.dll

2012-05-27 22:47:51 467984 ----a-w- C:\windows\SysWow64\d3dx10_39.dll

2012-05-27 22:47:51 3851784 ----a-w- C:\windows\SysWow64\D3DX9_39.dll

2012-05-27 22:47:51 1493528 ----a-w- C:\windows\SysWow64\D3DCompiler_39.dll

2012-05-27 22:44:24 -------- d-----w- C:\Riot Games

2012-05-27 22:11:10 -------- d-----w- C:\Program Files (x86)\LeagueOfLegends

2012-05-27 22:10:09 -------- d-----w- C:\Users\Shawn\AppData\Local\PMB Files

2012-05-27 22:10:07 -------- d-----w- C:\ProgramData\PMB Files

2012-05-27 22:10:00 -------- d-----w- C:\Program Files (x86)\Pando Networks

2012-05-25 15:03:32 -------- d-----w- C:\Program Files\Dell Support Center

2012-05-25 15:00:59 -------- d-----w- C:\Users\Shawn\AppData\Roaming\PCDr

2012-05-25 15:00:06 -------- d-----w- C:\ProgramData\PCDr

2012-05-21 03:26:02 -------- d-----w- C:\Users\Shawn\AppData\Local\Diagnostics

2012-05-20 23:09:24 -------- d-----w- C:\ProgramData\VirtualizedApplications

2012-05-20 21:58:54 -------- d-----w- C:\Users\Shawn\AppData\Local\Sony

2012-05-20 21:27:20 -------- d-----w- C:\Adobe After Effects CS6

2012-05-20 21:22:51 -------- d-----w- C:\Users\Shawn\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-05-20 21:22:49 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2012-05-20 21:05:27 -------- d-----w- C:\Users\Shawn\AppData\Local\{5B557685-F953-48D6-8E27-78153918F29B}

2012-05-20 21:05:16 -------- d-----w- C:\Users\Shawn\AppData\Local\{E3D97FE2-1768-42CA-9084-769C9D2D88C3}

2012-05-20 18:48:43 -------- d-----w- C:\Users\Shawn\AppData\Local\SoftGrid Client

2012-05-20 18:48:42 -------- d-----w- C:\Users\Shawn\AppData\Roaming\SoftGrid Client

2012-05-20 18:48:04 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client

2012-05-20 18:47:44 -------- d-----w- C:\Users\Shawn\AppData\Roaming\TP

2012-05-20 18:45:47 -------- d-----w- C:\Users\Shawn\AppData\Local\Windows Live

2012-05-20 18:45:29 -------- d-----w- C:\Users\Shawn\AppData\Local\{758E8858-AEB9-467D-9A19-746974E56732}

2012-05-20 18:45:29 -------- d-----w- C:\Users\Shawn\AppData\Local\{316905F3-CAFB-4E1B-8238-664E73F372F7}

2012-05-19 01:05:30 -------- d-----w- C:\windows\SysWow64\spool

2012-05-19 01:04:26 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared

2012-05-18 05:16:43 737912 ----a-w- C:\windows\System32\drivers\NAVx64\1307010.005\srtsp64.sys

2012-05-18 05:16:43 451192 ----a-r- C:\windows\System32\drivers\NAVx64\1307010.005\symds64.sys

2012-05-18 05:16:43 405624 ----a-w- C:\windows\System32\drivers\NAVx64\1307010.005\symnets.sys

2012-05-18 05:16:43 37496 ----a-w- C:\windows\System32\drivers\NAVx64\1307010.005\srtspx64.sys

2012-05-18 05:16:43 190072 ----a-w- C:\windows\System32\drivers\NAVx64\1307010.005\ironx64.sys

2012-05-18 05:16:43 167048 ----a-w- C:\windows\System32\drivers\NAVx64\1307010.005\ccsetx64.sys

2012-05-18 05:16:43 1092728 ----a-w- C:\windows\System32\drivers\NAVx64\1307010.005\symefa64.sys

2012-05-18 05:16:36 -------- d-----w- C:\windows\System32\drivers\NAVx64\1307010.005

2012-05-18 05:02:24 283416 ----a-w- C:\windows\SysWow64\PnkBstrB.xtr

2012-05-18 05:02:20 -------- d-----w- C:\Users\Shawn\AppData\Local\PunkBuster

2012-05-18 04:59:56 283416 ----a-w- C:\windows\SysWow64\PnkBstrB.exe

2012-05-18 04:59:56 189248 ----a-w- C:\windows\SysWow64\PnkBstrB.ex0

2012-05-18 04:59:54 76888 ----a-w- C:\windows\SysWow64\PnkBstrA.exe

2012-05-18 04:58:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2012-05-18 04:58:51 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2012-05-18 02:33:56 -------- d-----w- C:\Program Files (x86)\Diablo IIIpref

2012-05-18 02:09:26 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2012-05-18 02:09:26 -------- d-----w- C:\Program Files (x86)\Diablo III

2012-05-18 02:09:26 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2012-05-18 02:07:46 -------- d-----w- C:\ProgramData\Battle.net

.

==================== Find3M ====================

.

2012-06-11 01:39:47 75 --sh--r- C:\windows\CT4CET.bin

2012-05-18 02:06:48 2311680 ----a-w- C:\windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-05-15 01:32:33 3146752 ----a-w- C:\windows\System32\win32k.sys

2012-05-05 22:33:59 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-05 22:33:59 419488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-05-05 22:33:44 8744608 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe

2012-05-04 11:06:22 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\windows\System32\profsvc.dll

2012-05-01 04:28:59 175736 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS

2012-04-28 03:55:21 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys

2012-04-24 05:37:37 184320 ----a-w- C:\windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll

2012-04-07 12:31:40 3216384 ----a-w- C:\windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\windows\SysWow64\msi.dll

2012-03-30 11:35:47 1918320 ----a-w- C:\windows\System32\drivers\tcpip.sys

.

============= FINISH: 19:08:28.57 ===============

And here is the Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 4/28/2012 4:57:44 PM

System Uptime: 6/15/2012 6:59:24 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 034W60

Processor: Intel® Core i5-2450M CPU @ 2.50GHz | CPU 1 | 2501/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 684 GiB total, 597.111 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP16: 6/10/2012 8:38:08 PM - Installed Live! Cam Avatar Creator

RP17: 6/12/2012 5:24:08 PM - Windows Update

RP18: 6/15/2012 12:45:34 AM - Norton_Power_Eraser_20120615004529309

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Download Assistant

Adobe ExtendScript Toolkit 2

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Linguistics CS3

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Reader X MUI

Adobe Setup

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS3

Advanced Audio FX Engine

Apple Application Support

Apple Software Update

Audacity 2.0

Bejeweled 2 Deluxe

Best Buy Connect

Bing Bar

Blackhawk Striker 2

Blio

Bounce Symphony

Build-a-lot 2

Cake Mania

Chuzzle Deluxe

Cozi

D3DX10

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Digital Delivery

Dell Getting Started Guide

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell VideoStage

Dell Webcam Central

Diablo III

Diner Dash 2 Restaurant Rescue

DirectX 9 Runtime

Dora's World Adventure

eBay

Escape Whisper Valley

Facebook Video Calling 1.2.0.159

Farm Frenzy

FATE

Final Drive Fury

Final Drive Nitro

Game Booster 3

Half-Life 2: Episode Two

High-Definition Video Playback

IDT Audio

Intel PROSet Wireless

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® WiDi

Java Auto Updater

Java 7 Update 1

Jewel Quest

Jewel Quest Solitaire 2

Junk Mail filter update

Killing Floor

LAME v3.99.3 (for Windows)

League of Legends

Live! Cam Avatar Creator

Luxor

Malwarebytes Anti-Malware version 1.61.0.1400

Mesh Runtime

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Namco All-Stars PAC-MAN

Nero 10 Movie ThemePack Basic

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

Norton AntiVirus

NVIDIA PhysX

Pando Media Booster

PDF Settings

Penguins!

PhotoShowExpress

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

PunkBuster Services

Realtek Ethernet Controller Driver

Realtek USB 2.0 Card Reader

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Samantha Swift

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Skype Click to Call

Skype™ 5.9

Sonic CinePlayer Decoder Pack

Steam

SyncUP

Team Fortress 2

TI USB 3.0 Host Controller Driver

TI USB3 Host Driver

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update Installer for WildTangent Games App

Virtual Villagers 4 - The Tree of Life

Wedding Dash - Ready, Aim, Love!

WildTangent Games

WildTangent Games App (Dell Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Zinio Reader 4

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

6/15/2012 7:02:26 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).

6/12/2012 5:21:17 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DAD-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A97BEF68-9B5D-4E74-A5B8-CFF657046945}. The master browser is stopping or an election is being forced.

.

==== End Of File ===========================

I recently had uTorrent but deleted it when malware attacked me.

Link to post
Share on other sites

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 3

Download aswMBR.exe ( 1.8mB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • aswMBR log

Link to post
Share on other sites

Alright. I got all 3 of my logs.

TDSS: (None of them had the "cure" option)

17:55:15.0190 0788 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31

17:55:15.0671 0788 ============================================================

17:55:15.0671 0788 Current date / time: 2012/06/16 17:55:15.0671

17:55:15.0671 0788 SystemInfo:

17:55:15.0671 0788

17:55:15.0671 0788 OS Version: 6.1.7601 ServicePack: 1.0

17:55:15.0671 0788 Product type: Workstation

17:55:15.0671 0788 ComputerName: SJ

17:55:15.0672 0788 UserName: Shawn

17:55:15.0672 0788 Windows directory: C:\windows

17:55:15.0672 0788 System windows directory: C:\windows

17:55:15.0672 0788 Running under WOW64

17:55:15.0672 0788 Processor architecture: Intel x64

17:55:15.0672 0788 Number of processors: 4

17:55:15.0672 0788 Page size: 0x1000

17:55:15.0672 0788 Boot type: Normal boot

17:55:15.0672 0788 ============================================================

17:55:16.0425 0788 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:55:16.0443 0788 ============================================================

17:55:16.0443 0788 \Device\Harddisk0\DR0:

17:55:16.0444 0788 MBR partitions:

17:55:16.0444 0788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

17:55:16.0444 0788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x557C76F0

17:55:16.0444 0788 ============================================================

17:55:16.0461 0788 C: <-> \Device\Harddisk0\DR0\Partition1

17:55:16.0461 0788 ============================================================

17:55:16.0461 0788 Initialize success

17:55:16.0461 0788 ============================================================

17:55:56.0482 4924 ============================================================

17:55:56.0482 4924 Scan started

17:55:56.0482 4924 Mode: Manual; SigCheck; TDLFS;

17:55:56.0482 4924 ============================================================

17:55:58.0349 4924 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys

17:55:58.0520 4924 1394ohci - ok

17:55:58.0594 4924 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys

17:55:58.0638 4924 ACPI - ok

17:55:58.0676 4924 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys

17:55:58.0769 4924 AcpiPmi - ok

17:55:59.0084 4924 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:55:59.0156 4924 AdobeFlashPlayerUpdateSvc - ok

17:55:59.0212 4924 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys

17:55:59.0267 4924 adp94xx - ok

17:55:59.0316 4924 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys

17:55:59.0361 4924 adpahci - ok

17:55:59.0383 4924 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys

17:55:59.0395 4924 adpu320 - ok

17:55:59.0482 4924 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

17:55:59.0648 4924 AeLookupSvc - ok

17:55:59.0954 4924 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe

17:56:00.0028 4924 AESTFilters - ok

17:56:00.0095 4924 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys

17:56:00.0168 4924 AFD - ok

17:56:00.0199 4924 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys

17:56:00.0235 4924 agp440 - ok

17:56:00.0260 4924 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

17:56:00.0297 4924 ALG - ok

17:56:00.0309 4924 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys

17:56:00.0318 4924 aliide - ok

17:56:00.0323 4924 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys

17:56:00.0332 4924 amdide - ok

17:56:00.0350 4924 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys

17:56:00.0384 4924 AmdK8 - ok

17:56:00.0395 4924 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys

17:56:00.0418 4924 AmdPPM - ok

17:56:00.0431 4924 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys

17:56:00.0441 4924 amdsata - ok

17:56:00.0460 4924 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys

17:56:00.0473 4924 amdsbs - ok

17:56:00.0478 4924 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys

17:56:00.0500 4924 amdxata - ok

17:56:00.0537 4924 AMPPAL (3bc90482a834f998c3b7a9c934a20342) C:\windows\system32\DRIVERS\AMPPAL.sys

17:56:00.0601 4924 AMPPAL - ok

17:56:00.0616 4924 AMPPALP (3bc90482a834f998c3b7a9c934a20342) C:\windows\system32\DRIVERS\amppal.sys

17:56:00.0636 4924 AMPPALP - ok

17:56:00.0775 4924 AMPPALR3 (a47d7febd9381d34ddb4ff38b15a67fe) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

17:56:00.0851 4924 AMPPALR3 - ok

17:56:01.0314 4924 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys

17:56:01.0355 4924 ApfiltrService - ok

17:56:01.0403 4924 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys

17:56:01.0579 4924 AppID - ok

17:56:01.0611 4924 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

17:56:01.0688 4924 AppIDSvc - ok

17:56:01.0712 4924 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll

17:56:01.0747 4924 Appinfo - ok

17:56:01.0843 4924 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:56:01.0886 4924 Apple Mobile Device - ok

17:56:01.0908 4924 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys

17:56:01.0954 4924 arc - ok

17:56:01.0976 4924 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys

17:56:02.0020 4924 arcsas - ok

17:56:02.0130 4924 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

17:56:02.0187 4924 aspnet_state - ok

17:56:02.0212 4924 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

17:56:02.0269 4924 AsyncMac - ok

17:56:02.0299 4924 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys

17:56:02.0342 4924 atapi - ok

17:56:02.0421 4924 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

17:56:02.0495 4924 AudioEndpointBuilder - ok

17:56:02.0502 4924 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

17:56:02.0541 4924 AudioSrv - ok

17:56:02.0574 4924 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll

17:56:02.0675 4924 AxInstSV - ok

17:56:02.0734 4924 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys

17:56:02.0805 4924 b06bdrv - ok

17:56:02.0859 4924 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

17:56:02.0923 4924 b57nd60a - ok

17:56:03.0020 4924 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

17:56:03.0054 4924 BBSvc - ok

17:56:03.0095 4924 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

17:56:03.0107 4924 BBUpdate - ok

17:56:03.0126 4924 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

17:56:03.0185 4924 BDESVC - ok

17:56:03.0199 4924 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

17:56:03.0277 4924 Beep - ok

17:56:03.0369 4924 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll

17:56:03.0430 4924 BFE - ok

17:56:04.0547 4924 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx64.sys

17:56:04.0567 4924 BHDrvx64 - ok

17:56:06.0174 4924 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll

17:56:06.0279 4924 BITS - ok

17:56:06.0334 4924 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

17:56:06.0382 4924 blbdrive - ok

17:56:06.0785 4924 Bluetooth Device Monitor (5ff7b9916a10e8e69e7c0d16f0b4787a) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

17:56:06.0838 4924 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning

17:56:06.0839 4924 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)

17:56:08.0047 4924 Bluetooth Media Service (e43d73caf1023976efba1d0f0e69e271) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

17:56:08.0156 4924 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning

17:56:08.0156 4924 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)

17:56:08.0329 4924 Bluetooth OBEX Service (20427929646784a482df34ef8c4fed23) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

17:56:08.0382 4924 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning

17:56:08.0382 4924 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)

17:56:08.0463 4924 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

17:56:08.0489 4924 Bonjour Service - ok

17:56:08.0607 4924 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys

17:56:08.0659 4924 bowser - ok

17:56:08.0856 4924 bpenum (56e4345f392f17d66683225e214840cb) C:\windows\system32\DRIVERS\bpenum.sys

17:56:08.0929 4924 bpenum - ok

17:56:08.0980 4924 bpmp (d50b07c4d7afec4ca6ac8fcb72583c5b) C:\windows\system32\DRIVERS\bpmp.sys

17:56:09.0045 4924 bpmp - ok

17:56:09.0083 4924 bpusb (a85ba55e4fe9cb2f342f281aaf7de810) C:\windows\system32\Drivers\bpusb.sys

17:56:09.0127 4924 bpusb - ok

17:56:09.0156 4924 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys

17:56:09.0216 4924 BrFiltLo - ok

17:56:09.0219 4924 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys

17:56:09.0246 4924 BrFiltUp - ok

17:56:09.0294 4924 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll

17:56:09.0373 4924 Browser - ok

17:56:09.0407 4924 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

17:56:09.0488 4924 Brserid - ok

17:56:09.0494 4924 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

17:56:09.0517 4924 BrSerWdm - ok

17:56:09.0528 4924 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

17:56:09.0600 4924 BrUsbMdm - ok

17:56:09.0606 4924 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

17:56:09.0624 4924 BrUsbSer - ok

17:56:09.0635 4924 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys

17:56:09.0695 4924 BthEnum - ok

17:56:09.0725 4924 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys

17:56:09.0771 4924 BTHMODEM - ok

17:56:09.0799 4924 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys

17:56:09.0840 4924 BthPan - ok

17:56:09.0903 4924 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\system32\Drivers\BTHport.sys

17:56:09.0960 4924 BTHPORT - ok

17:56:10.0001 4924 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

17:56:10.0045 4924 bthserv - ok

17:56:10.0234 4924 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

17:56:10.0244 4924 BTHSSecurityMgr - ok

17:56:10.0269 4924 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\system32\Drivers\BTHUSB.sys

17:56:10.0287 4924 BTHUSB - ok

17:56:10.0298 4924 btmaudio (274e47bd9c1367bdbfa9df10c2e6c544) C:\windows\system32\drivers\btmaud.sys

17:56:10.0357 4924 btmaudio - ok

17:56:10.0391 4924 btmaux (75eab5aaf6e9f83739249ce60b4b9c39) C:\windows\system32\DRIVERS\btmaux.sys

17:56:10.0440 4924 btmaux - ok

17:56:10.0547 4924 btmhsf (0b1cc2221dc5990e4557a78ce9afad4f) C:\windows\system32\DRIVERS\btmhsf.sys

17:56:10.0615 4924 btmhsf - ok

17:56:10.0663 4924 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys

17:56:10.0687 4924 ccSet_NAV - ok

17:56:10.0728 4924 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

17:56:10.0817 4924 cdfs - ok

17:56:10.0858 4924 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys

17:56:10.0900 4924 cdrom - ok

17:56:10.0934 4924 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

17:56:11.0023 4924 CertPropSvc - ok

17:56:11.0047 4924 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys

17:56:11.0069 4924 circlass - ok

17:56:11.0099 4924 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

17:56:11.0139 4924 CLFS - ok

17:56:11.0234 4924 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:56:11.0286 4924 clr_optimization_v2.0.50727_32 - ok

17:56:11.0358 4924 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:56:11.0404 4924 clr_optimization_v2.0.50727_64 - ok

17:56:11.0484 4924 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:56:11.0520 4924 clr_optimization_v4.0.30319_32 - ok

17:56:11.0552 4924 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:56:11.0584 4924 clr_optimization_v4.0.30319_64 - ok

17:56:11.0616 4924 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

17:56:11.0658 4924 CmBatt - ok

17:56:11.0665 4924 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys

17:56:11.0680 4924 cmdide - ok

17:56:11.0752 4924 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys

17:56:11.0823 4924 CNG - ok

17:56:11.0839 4924 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys

17:56:11.0847 4924 Compbatt - ok

17:56:11.0868 4924 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys

17:56:11.0909 4924 CompositeBus - ok

17:56:11.0922 4924 COMSysApp - ok

17:56:11.0933 4924 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys

17:56:11.0942 4924 crcdisk - ok

17:56:11.0990 4924 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll

17:56:12.0033 4924 CryptSvc - ok

17:56:12.0095 4924 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\windows\system32\DRIVERS\CtClsFlt.sys

17:56:12.0179 4924 CtClsFlt - ok

17:56:12.0574 4924 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

17:56:12.0615 4924 cvhsvc - ok

17:56:12.0651 4924 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\windows\system32\DRIVERS\dc3d.sys

17:56:12.0732 4924 dc3d - ok

17:56:13.0189 4924 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

17:56:13.0281 4924 DcomLaunch - ok

17:56:13.0343 4924 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

17:56:13.0449 4924 defragsvc - ok

17:56:13.0518 4924 DellDigitalDelivery (2050309bab03dfcee455dbf913bf91b1) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

17:56:13.0544 4924 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning

17:56:13.0545 4924 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)

17:56:13.0586 4924 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys

17:56:13.0660 4924 DfsC - ok

17:56:13.0714 4924 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll

17:56:13.0780 4924 Dhcp - ok

17:56:13.0785 4924 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

17:56:13.0827 4924 discache - ok

17:56:13.0855 4924 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys

17:56:13.0894 4924 Disk - ok

17:56:14.0165 4924 DMAgent (e7b489fa5b15d2fec3e52066e015b788) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

17:56:14.0211 4924 DMAgent ( UnsignedFile.Multi.Generic ) - warning

17:56:14.0211 4924 DMAgent - detected UnsignedFile.Multi.Generic (1)

17:56:14.0239 4924 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll

17:56:14.0312 4924 Dnscache - ok

17:56:14.0362 4924 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll

17:56:14.0450 4924 dot3svc - ok

17:56:14.0468 4924 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll

17:56:14.0503 4924 DPS - ok

17:56:14.0531 4924 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

17:56:14.0554 4924 drmkaud - ok

17:56:14.0637 4924 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys

17:56:14.0680 4924 DXGKrnl - ok

17:56:14.0719 4924 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

17:56:14.0781 4924 EapHost - ok

17:56:15.0863 4924 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys

17:56:15.0988 4924 ebdrv - ok

17:56:16.0094 4924 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

17:56:16.0135 4924 eeCtrl - ok

17:56:16.0294 4924 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe

17:56:16.0350 4924 EFS - ok

17:56:17.0067 4924 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe

17:56:17.0168 4924 ehRecvr - ok

17:56:17.0179 4924 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

17:56:17.0235 4924 ehSched - ok

17:56:17.0585 4924 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys

17:56:17.0647 4924 elxstor - ok

17:56:17.0715 4924 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

17:56:17.0752 4924 EraserUtilRebootDrv - ok

17:56:17.0772 4924 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys

17:56:17.0823 4924 ErrDev - ok

17:56:17.0885 4924 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

17:56:17.0955 4924 EventSystem - ok

17:56:18.0882 4924 EvtEng (b20a788579e443f768aab1a24f705d0a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

17:56:18.0964 4924 EvtEng - ok

17:56:19.0780 4924 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

17:56:19.0825 4924 exfat - ok

17:56:19.0989 4924 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

17:56:20.0114 4924 fastfat - ok

17:56:20.0484 4924 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe

17:56:20.0571 4924 Fax - ok

17:56:20.0589 4924 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys

17:56:20.0626 4924 fdc - ok

17:56:20.0666 4924 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

17:56:20.0721 4924 fdPHost - ok

17:56:20.0726 4924 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

17:56:20.0752 4924 FDResPub - ok

17:56:20.0783 4924 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

17:56:20.0825 4924 FileInfo - ok

17:56:20.0830 4924 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

17:56:20.0866 4924 Filetrace - ok

17:56:21.0002 4924 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

17:56:21.0088 4924 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

17:56:21.0088 4924 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

17:56:21.0125 4924 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys

17:56:21.0156 4924 flpydisk - ok

17:56:21.0193 4924 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys

17:56:21.0219 4924 FltMgr - ok

17:56:21.0340 4924 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll

17:56:21.0419 4924 FontCache - ok

17:56:21.0526 4924 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:56:21.0575 4924 FontCache3.0.0.0 - ok

17:56:21.0725 4924 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

17:56:21.0765 4924 FsDepends - ok

17:56:21.0813 4924 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys

17:56:21.0862 4924 Fs_Rec - ok

17:56:21.0909 4924 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys

17:56:21.0939 4924 fvevol - ok

17:56:21.0958 4924 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys

17:56:21.0984 4924 gagp30kx - ok

17:56:22.0136 4924 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

17:56:22.0193 4924 GamesAppService - ok

17:56:22.0219 4924 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

17:56:22.0242 4924 GEARAspiWDM - ok

17:56:22.0809 4924 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll

17:56:22.0887 4924 gpsvc - ok

17:56:22.0908 4924 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

17:56:22.0952 4924 hcw85cir - ok

17:56:22.0989 4924 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys

17:56:23.0074 4924 HdAudAddService - ok

17:56:23.0095 4924 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys

17:56:23.0134 4924 HDAudBus - ok

17:56:23.0138 4924 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys

17:56:23.0153 4924 HidBatt - ok

17:56:23.0173 4924 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys

17:56:23.0226 4924 HidBth - ok

17:56:23.0244 4924 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys

17:56:23.0256 4924 HidIr - ok

17:56:23.0310 4924 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

17:56:23.0385 4924 hidserv - ok

17:56:23.0390 4924 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys

17:56:23.0401 4924 HidUsb - ok

17:56:23.0427 4924 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll

17:56:23.0479 4924 hkmsvc - ok

17:56:23.0737 4924 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll

17:56:23.0828 4924 HomeGroupListener - ok

17:56:23.0881 4924 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll

17:56:23.0928 4924 HomeGroupProvider - ok

17:56:23.0958 4924 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys

17:56:23.0985 4924 HpSAMD - ok

17:56:24.0083 4924 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys

17:56:24.0177 4924 HTTP - ok

17:56:24.0180 4924 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys

17:56:24.0188 4924 hwpolicy - ok

17:56:24.0224 4924 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys

17:56:24.0255 4924 i8042prt - ok

17:56:24.0315 4924 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys

17:56:24.0338 4924 iaStor - ok

17:56:24.0419 4924 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

17:56:24.0440 4924 IAStorDataMgrSvc - ok

17:56:24.0482 4924 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys

17:56:24.0511 4924 iaStorV - ok

17:56:24.0546 4924 iBtFltCoex (8a4ec1c3f10385181b1066120c610ae5) C:\windows\system32\DRIVERS\iBtFltCoex.sys

17:56:24.0580 4924 iBtFltCoex - ok

17:56:25.0264 4924 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:56:25.0332 4924 idsvc - ok

17:56:25.0540 4924 IDSVia64 (4e9e0e5a3b0efeb27491c26be1d97fda) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSvia64.sys

17:56:25.0569 4924 IDSVia64 - ok

17:56:26.0179 4924 igfx (174bcac474de13b2650e444cf124828e) C:\windows\system32\DRIVERS\igdkmd64.sys

17:56:26.0498 4924 igfx - ok

17:56:26.0621 4924 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys

17:56:26.0656 4924 iirsp - ok

17:56:26.0725 4924 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll

17:56:26.0788 4924 IKEEXT - ok

17:56:26.0826 4924 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\windows\system32\drivers\intelaud.sys

17:56:26.0854 4924 intaud_WaveExtensible - ok

17:56:26.0916 4924 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys

17:56:27.0005 4924 IntcDAud - ok

17:56:27.0031 4924 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys

17:56:27.0056 4924 intelide - ok

17:56:27.0091 4924 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

17:56:27.0128 4924 intelppm - ok

17:56:27.0167 4924 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

17:56:27.0207 4924 IPBusEnum - ok

17:56:27.0221 4924 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys

17:56:27.0248 4924 IpFilterDriver - ok

17:56:27.0298 4924 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll

17:56:27.0351 4924 iphlpsvc - ok

17:56:27.0365 4924 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys

17:56:27.0389 4924 IPMIDRV - ok

17:56:27.0409 4924 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

17:56:27.0442 4924 IPNAT - ok

17:56:28.0246 4924 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

17:56:28.0302 4924 iPod Service - ok

17:56:28.0322 4924 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

17:56:28.0347 4924 IRENUM - ok

17:56:28.0372 4924 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys

17:56:28.0380 4924 isapnp - ok

17:56:28.0521 4924 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys

17:56:28.0570 4924 iScsiPrt - ok

17:56:28.0602 4924 iwdbus (716f66336f10885d935b08174dc54242) C:\windows\system32\DRIVERS\iwdbus.sys

17:56:28.0626 4924 iwdbus - ok

17:56:28.0637 4924 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

17:56:28.0656 4924 kbdclass - ok

17:56:28.0669 4924 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys

17:56:28.0699 4924 kbdhid - ok

17:56:28.0747 4924 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

17:56:28.0756 4924 KeyIso - ok

17:56:28.0822 4924 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys

17:56:28.0866 4924 KSecDD - ok

17:56:29.0017 4924 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys

17:56:29.0063 4924 KSecPkg - ok

17:56:29.0090 4924 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

17:56:29.0149 4924 ksthunk - ok

17:56:29.0205 4924 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

17:56:29.0295 4924 KtmRm - ok

17:56:29.0357 4924 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll

17:56:29.0407 4924 LanmanServer - ok

17:56:29.0443 4924 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll

17:56:29.0486 4924 LanmanWorkstation - ok

17:56:29.0511 4924 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

17:56:29.0566 4924 lltdio - ok

17:56:29.0810 4924 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

17:56:29.0903 4924 lltdsvc - ok

17:56:29.0937 4924 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

17:56:29.0990 4924 lmhosts - ok

17:56:30.0416 4924 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

17:56:30.0433 4924 LMS - ok

17:56:30.0469 4924 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys

17:56:30.0508 4924 LSI_FC - ok

17:56:30.0551 4924 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys

17:56:30.0575 4924 LSI_SAS - ok

17:56:30.0581 4924 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys

17:56:30.0618 4924 LSI_SAS2 - ok

17:56:30.0627 4924 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys

17:56:30.0638 4924 LSI_SCSI - ok

17:56:30.0655 4924 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

17:56:30.0697 4924 luafv - ok

17:56:30.0742 4924 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll

17:56:30.0756 4924 Mcx2Svc - ok

17:56:30.0764 4924 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys

17:56:30.0775 4924 megasas - ok

17:56:30.0810 4924 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys

17:56:30.0829 4924 MegaSR - ok

17:56:30.0870 4924 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys

17:56:30.0906 4924 MEIx64 - ok

17:56:30.0929 4924 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

17:56:30.0980 4924 MMCSS - ok

17:56:30.0992 4924 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

17:56:31.0028 4924 Modem - ok

17:56:31.0040 4924 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

17:56:31.0083 4924 monitor - ok

17:56:31.0106 4924 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

17:56:31.0114 4924 mouclass - ok

17:56:31.0126 4924 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

17:56:31.0145 4924 mouhid - ok

17:56:31.0160 4924 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys

17:56:31.0179 4924 mountmgr - ok

17:56:31.0246 4924 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:56:31.0296 4924 MozillaMaintenance - ok

17:56:31.0331 4924 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys

17:56:31.0344 4924 mpio - ok

17:56:31.0351 4924 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

17:56:31.0390 4924 mpsdrv - ok

17:56:31.0807 4924 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll

17:56:31.0866 4924 MpsSvc - ok

17:56:31.0890 4924 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys

17:56:31.0911 4924 MRxDAV - ok

17:56:31.0936 4924 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys

17:56:32.0004 4924 mrxsmb - ok

17:56:32.0140 4924 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys

17:56:32.0180 4924 mrxsmb10 - ok

17:56:32.0243 4924 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys

17:56:32.0294 4924 mrxsmb20 - ok

17:56:32.0323 4924 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys

17:56:32.0362 4924 msahci - ok

17:56:32.0515 4924 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys

17:56:32.0577 4924 msdsm - ok

17:56:32.0612 4924 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

17:56:32.0652 4924 MSDTC - ok

17:56:32.0682 4924 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

17:56:32.0744 4924 Msfs - ok

17:56:32.0747 4924 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

17:56:32.0793 4924 mshidkmdf - ok

17:56:32.0796 4924 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys

17:56:32.0805 4924 msisadrv - ok

17:56:32.0852 4924 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

17:56:32.0927 4924 MSiSCSI - ok

17:56:32.0929 4924 msiserver - ok

17:56:32.0950 4924 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

17:56:32.0979 4924 MSKSSRV - ok

17:56:32.0992 4924 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

17:56:33.0049 4924 MSPCLOCK - ok

17:56:33.0052 4924 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

17:56:33.0085 4924 MSPQM - ok

17:56:33.0340 4924 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys

17:56:33.0396 4924 MsRPC - ok

17:56:33.0421 4924 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys

17:56:33.0439 4924 mssmbios - ok

17:56:33.0455 4924 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

17:56:33.0482 4924 MSTEE - ok

17:56:33.0485 4924 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys

17:56:33.0505 4924 MTConfig - ok

17:56:33.0521 4924 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

17:56:33.0530 4924 Mup - ok

17:56:33.0840 4924 MyWiFiDHCPDNS (f217d7718fd7577af331e89910b2d21e) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

17:56:33.0898 4924 MyWiFiDHCPDNS - ok

17:56:33.0957 4924 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll

17:56:34.0035 4924 napagent - ok

17:56:34.0085 4924 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

17:56:34.0152 4924 NativeWifiP - ok

17:56:34.0676 4924 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe

17:56:34.0718 4924 NAUpdate - ok

17:56:34.0794 4924 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe

17:56:34.0821 4924 NAV - ok

17:56:35.0046 4924 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120615.022\ENG64.SYS

17:56:35.0053 4924 NAVENG - ok

17:56:37.0182 4924 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120615.022\EX64.SYS

17:56:37.0224 4924 NAVEX15 - ok

17:56:39.0063 4924 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys

17:56:39.0129 4924 NDIS - ok

17:56:39.0155 4924 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

17:56:39.0226 4924 NdisCap - ok

17:56:39.0250 4924 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

17:56:39.0314 4924 NdisTapi - ok

17:56:39.0347 4924 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys

17:56:39.0431 4924 Ndisuio - ok

17:56:39.0635 4924 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys

17:56:39.0707 4924 NdisWan - ok

17:56:39.0739 4924 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys

17:56:39.0797 4924 NDProxy - ok

17:56:39.0814 4924 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

17:56:39.0847 4924 NetBIOS - ok

17:56:39.0871 4924 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys

17:56:39.0920 4924 NetBT - ok

17:56:39.0994 4924 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

17:56:40.0024 4924 Netlogon - ok

17:56:40.0109 4924 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

17:56:40.0156 4924 Netman - ok

17:56:40.0616 4924 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:56:40.0656 4924 NetMsmqActivator - ok

17:56:40.0670 4924 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:56:40.0687 4924 NetPipeActivator - ok

17:56:41.0168 4924 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

17:56:41.0264 4924 netprofm - ok

17:56:41.0267 4924 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:56:41.0274 4924 NetTcpActivator - ok

17:56:41.0277 4924 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:56:41.0285 4924 NetTcpPortSharing - ok

17:56:47.0693 4924 NETwNs64 (9fd1be1881446d954ff77244ae58fbcb) C:\windows\system32\DRIVERS\NETwNs64.sys

17:56:47.0946 4924 NETwNs64 - ok

17:56:48.0144 4924 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys

17:56:48.0193 4924 nfrd960 - ok

17:56:48.0259 4924 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll

17:56:48.0305 4924 NlaSvc - ok

17:56:51.0121 4924 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

17:56:51.0234 4924 NOBU - ok

17:56:51.0781 4924 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

17:56:51.0858 4924 Npfs - ok

17:56:51.0886 4924 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

17:56:51.0920 4924 nsi - ok

17:56:51.0924 4924 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

17:56:51.0950 4924 nsiproxy - ok

17:56:52.0445 4924 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys

17:56:52.0510 4924 Ntfs - ok

17:56:52.0690 4924 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

17:56:52.0731 4924 Null - ok

17:56:52.0758 4924 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys

17:56:52.0770 4924 nvraid - ok

17:56:52.0801 4924 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys

17:56:52.0841 4924 nvstor - ok

17:56:52.0853 4924 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys

17:56:52.0867 4924 nv_agp - ok

17:56:52.0876 4924 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys

17:56:52.0929 4924 ohci1394 - ok

17:56:53.0141 4924 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:56:53.0166 4924 ose - ok

17:56:55.0353 4924 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

17:56:55.0497 4924 osppsvc - ok

17:56:55.0618 4924 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

17:56:55.0698 4924 p2pimsvc - ok

17:56:55.0743 4924 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

17:56:55.0784 4924 p2psvc - ok

17:56:55.0833 4924 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys

17:56:55.0875 4924 Parport - ok

17:56:55.0912 4924 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys

17:56:55.0951 4924 partmgr - ok

17:56:55.0989 4924 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

17:56:56.0046 4924 PcaSvc - ok

17:56:56.0079 4924 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys

17:56:56.0107 4924 pci - ok

17:56:56.0111 4924 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys

17:56:56.0135 4924 pciide - ok

17:56:56.0157 4924 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys

17:56:56.0170 4924 pcmcia - ok

17:56:56.0176 4924 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

17:56:56.0187 4924 pcw - ok

17:56:56.0251 4924 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

17:56:56.0348 4924 PEAUTH - ok

17:56:56.0422 4924 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

17:56:56.0463 4924 PerfHost - ok

17:56:56.0560 4924 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll

17:56:56.0663 4924 pla - ok

17:56:56.0711 4924 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll

17:56:56.0766 4924 PlugPlay - ok

17:56:56.0802 4924 PnkBstrA - ok

17:56:56.0824 4924 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

17:56:56.0882 4924 PNRPAutoReg - ok

17:56:56.0933 4924 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

17:56:56.0952 4924 PNRPsvc - ok

17:56:57.0196 4924 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll

17:56:57.0261 4924 PolicyAgent - ok

17:56:57.0281 4924 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\windows\system32\umpo.dll

17:56:57.0326 4924 Power - ok

17:56:57.0394 4924 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys

17:56:57.0492 4924 PptpMiniport - ok

17:56:57.0554 4924 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys

17:56:57.0609 4924 Processor - ok

17:56:57.0641 4924 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll

17:56:57.0702 4924 ProfSvc - ok

17:56:57.0759 4924 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

17:56:57.0786 4924 ProtectedStorage - ok

17:56:57.0813 4924 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys

17:56:57.0862 4924 Psched - ok

17:56:57.0883 4924 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys

17:56:57.0929 4924 PxHlpa64 - ok

17:56:58.0015 4924 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys

17:56:58.0076 4924 ql2300 - ok

17:56:58.0364 4924 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys

17:56:58.0414 4924 ql40xx - ok

17:56:58.0437 4924 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

17:56:58.0457 4924 QWAVE - ok

17:56:58.0464 4924 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

17:56:58.0484 4924 QWAVEdrv - ok

17:56:58.0488 4924 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

17:56:58.0525 4924 RasAcd - ok

17:56:58.0549 4924 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

17:56:58.0577 4924 RasAgileVpn - ok

17:56:58.0604 4924 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

17:56:58.0663 4924 RasAuto - ok

17:56:58.0682 4924 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys

17:56:58.0717 4924 Rasl2tp - ok

17:56:58.0756 4924 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll

17:56:58.0839 4924 RasMan - ok

17:56:58.0852 4924 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

17:56:58.0899 4924 RasPppoe - ok

17:56:58.0921 4924 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

17:56:58.0972 4924 RasSstp - ok

17:56:59.0002 4924 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys

17:56:59.0063 4924 rdbss - ok

17:56:59.0068 4924 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys

17:56:59.0082 4924 rdpbus - ok

17:56:59.0096 4924 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

17:56:59.0133 4924 RDPCDD - ok

17:56:59.0138 4924 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

17:56:59.0174 4924 RDPENCDD - ok

17:56:59.0178 4924 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

17:56:59.0204 4924 RDPREFMP - ok

17:56:59.0249 4924 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys

17:56:59.0316 4924 RDPWD - ok

17:56:59.0351 4924 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys

17:56:59.0364 4924 rdyboost - ok

17:56:59.0845 4924 RegSrvc (b9a0810d16ea7935b10a5499aba61dc3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

17:56:59.0916 4924 RegSrvc - ok

17:57:00.0018 4924 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

17:57:00.0082 4924 RemoteAccess - ok

17:57:00.0121 4924 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

17:57:00.0191 4924 RemoteRegistry - ok

17:57:00.0249 4924 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys

17:57:00.0307 4924 RFCOMM - ok

17:57:01.0485 4924 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

17:57:01.0540 4924 RoxMediaDB12OEM - ok

17:57:01.0585 4924 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

17:57:01.0595 4924 RoxWatch12 - ok

17:57:01.0724 4924 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

17:57:01.0789 4924 RpcEptMapper - ok

17:57:01.0814 4924 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

17:57:01.0854 4924 RpcLocator - ok

17:57:01.0909 4924 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

17:57:01.0951 4924 RpcSs - ok

17:57:02.0003 4924 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

17:57:02.0057 4924 rspndr - ok

17:57:02.0105 4924 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys

17:57:02.0146 4924 RSUSBSTOR - ok

17:57:02.0229 4924 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys

17:57:02.0273 4924 RTL8167 - ok

17:57:02.0303 4924 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

17:57:02.0312 4924 SamSs - ok

17:57:02.0397 4924 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys

17:57:02.0441 4924 sbp2port - ok

17:57:02.0481 4924 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

17:57:02.0541 4924 SCardSvr - ok

17:57:02.0546 4924 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys

17:57:02.0578 4924 scfilter - ok

17:57:02.0646 4924 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll

17:57:02.0703 4924 Schedule - ok

17:57:02.0719 4924 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

17:57:02.0746 4924 SCPolicySvc - ok

17:57:02.0879 4924 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll

17:57:02.0968 4924 SDRSVC - ok

17:57:03.0011 4924 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

17:57:03.0106 4924 secdrv - ok

17:57:03.0146 4924 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll

17:57:03.0201 4924 seclogon - ok

17:57:03.0227 4924 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

17:57:03.0261 4924 SENS - ok

17:57:03.0281 4924 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

17:57:03.0321 4924 SensrSvc - ok

17:57:03.0341 4924 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys

17:57:03.0386 4924 Serenum - ok

17:57:03.0402 4924 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys

17:57:03.0418 4924 Serial - ok

17:57:03.0438 4924 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys

17:57:03.0453 4924 sermouse - ok

17:57:03.0491 4924 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll

17:57:03.0556 4924 SessionEnv - ok

17:57:03.0559 4924 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys

17:57:03.0580 4924 sffdisk - ok

17:57:03.0583 4924 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys

17:57:03.0597 4924 sffp_mmc - ok

17:57:03.0600 4924 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys

17:57:03.0627 4924 sffp_sd - ok

17:57:03.0631 4924 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys

17:57:03.0653 4924 sfloppy - ok

17:57:04.0172 4924 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys

17:57:04.0236 4924 Sftfs - ok

17:57:04.0331 4924 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

17:57:04.0353 4924 sftlist - ok

17:57:04.0393 4924 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys

17:57:04.0419 4924 Sftplay - ok

17:57:04.0435 4924 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys

17:57:04.0441 4924 Sftredir - ok

17:57:04.0774 4924 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

17:57:04.0828 4924 SftService - ok

17:57:04.0859 4924 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys

17:57:04.0869 4924 Sftvol - ok

17:57:04.0916 4924 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

17:57:04.0927 4924 sftvsa - ok

17:57:04.0959 4924 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

17:57:05.0014 4924 SharedAccess - ok

17:57:05.0055 4924 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll

17:57:05.0113 4924 ShellHWDetection - ok

17:57:05.0131 4924 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys

17:57:05.0158 4924 SiSRaid2 - ok

17:57:05.0171 4924 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys

17:57:05.0194 4924 SiSRaid4 - ok

17:57:07.0213 4924 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

17:57:07.0323 4924 Skype C2C Service - ok

17:57:07.0412 4924 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe

17:57:07.0439 4924 SkypeUpdate - ok

17:57:07.0630 4924 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

17:57:07.0698 4924 Smb - ok

17:57:07.0728 4924 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

17:57:07.0773 4924 SNMPTRAP - ok

17:57:07.0779 4924 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

17:57:07.0795 4924 spldr - ok

17:57:07.0848 4924 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe

17:57:07.0916 4924 Spooler - ok

17:57:09.0788 4924 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe

17:57:09.0887 4924 sppsvc - ok

17:57:09.0952 4924 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

17:57:09.0980 4924 sppuinotify - ok

17:57:10.0139 4924 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\windows\System32\Drivers\NAVx64\1307010.005\SRTSP64.SYS

17:57:10.0166 4924 SRTSP - ok

17:57:10.0180 4924 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\windows\system32\drivers\NAVx64\1307010.005\SRTSPX64.SYS

17:57:10.0188 4924 SRTSPX - ok

17:57:10.0379 4924 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys

17:57:10.0455 4924 srv - ok

17:57:10.0509 4924 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys

17:57:10.0555 4924 srv2 - ok

17:57:10.0588 4924 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys

17:57:10.0616 4924 srvnet - ok

17:57:10.0649 4924 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

17:57:10.0724 4924 SSDPSRV - ok

17:57:10.0743 4924 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

17:57:10.0816 4924 SstpSvc - ok

17:57:11.0234 4924 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe

17:57:11.0277 4924 STacSV - ok

17:57:11.0320 4924 Steam Client Service - ok

17:57:11.0346 4924 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys

17:57:11.0374 4924 stexstor - ok

17:57:11.0444 4924 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys

17:57:11.0497 4924 STHDA - ok

17:57:11.0569 4924 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll

17:57:11.0621 4924 stisvc - ok

17:57:11.0706 4924 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

17:57:11.0756 4924 stllssvr - ok

17:57:11.0780 4924 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys

17:57:11.0788 4924 swenum - ok

17:57:11.0991 4924 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

17:57:12.0079 4924 swprv - ok

17:57:12.0175 4924 SymDS (8b2430762099598da40686f754632efd) C:\windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS

17:57:12.0198 4924 SymDS - ok

17:57:12.0738 4924 SymEFA (f90c7a190399165d3ab2245048d34786) C:\windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS

17:57:12.0782 4924 SymEFA - ok

17:57:12.0826 4924 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\windows\system32\Drivers\SYMEVENT64x86.SYS

17:57:12.0862 4924 SymEvent - ok

17:57:12.0911 4924 SymIM (b681d1b0f9596684225dcc9b94c6bacf) C:\windows\system32\DRIVERS\SymIMv.sys

17:57:12.0943 4924 SymIM - ok

17:57:13.0165 4924 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS

17:57:13.0194 4924 SymIRON - ok

17:57:13.0455 4924 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\windows\System32\Drivers\NAVx64\1307010.005\SYMNETS.SYS

17:57:13.0479 4924 SymNetS - ok

17:57:14.0430 4924 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll

17:57:14.0514 4924 SysMain - ok

17:57:15.0445 4924 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll

17:57:15.0517 4924 TabletInputService - ok

17:57:15.0547 4924 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll

17:57:15.0636 4924 TapiSrv - ok

17:57:15.0665 4924 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

17:57:15.0735 4924 TBS - ok

17:57:16.0811 4924 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys

17:57:16.0931 4924 Tcpip - ok

17:57:19.0633 4924 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys

17:57:19.0699 4924 TCPIP6 - ok

17:57:19.0786 4924 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys

17:57:19.0839 4924 tcpipreg - ok

17:57:19.0844 4924 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

17:57:19.0883 4924 TDPIPE - ok

17:57:19.0906 4924 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys

17:57:19.0931 4924 TDTCP - ok

17:57:19.0941 4924 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys

17:57:19.0970 4924 tdx - ok

17:57:19.0992 4924 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys

17:57:20.0002 4924 TermDD - ok

17:57:20.0041 4924 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll

17:57:20.0090 4924 TermService - ok

17:57:20.0100 4924 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

17:57:20.0114 4924 Themes - ok

17:57:20.0133 4924 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

17:57:20.0158 4924 THREADORDER - ok

17:57:20.0196 4924 tihub3 (68fe3d89829e27d4fd5eea7bd2c41985) C:\windows\system32\DRIVERS\tihub3.sys

17:57:20.0225 4924 tihub3 - ok

17:57:20.0278 4924 tixhci (0102c9633ce1f18a6ac021f28b734db5) C:\windows\system32\DRIVERS\tixhci.sys

17:57:20.0294 4924 tixhci - ok

17:57:20.0402 4924 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

17:57:20.0482 4924 TrkWks - ok

17:57:20.0790 4924 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe

17:57:20.0889 4924 TrustedInstaller - ok

17:57:20.0933 4924 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys

17:57:21.0017 4924 tssecsrv - ok

17:57:21.0051 4924 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys

17:57:21.0084 4924 TsUsbFlt - ok

17:57:21.0095 4924 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys

17:57:21.0119 4924 TsUsbGD - ok

17:57:21.0143 4924 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys

17:57:21.0197 4924 tunnel - ok

17:57:21.0234 4924 TurboB (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys

17:57:21.0268 4924 TurboB - ok

17:57:21.0456 4924 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

17:57:21.0513 4924 TurboBoost - ok

17:57:21.0543 4924 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys

17:57:21.0584 4924 uagp35 - ok

17:57:21.0636 4924 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys

17:57:21.0708 4924 udfs - ok

17:57:21.0733 4924 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

17:57:21.0744 4924 UI0Detect - ok

17:57:21.0763 4924 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys

17:57:21.0786 4924 uliagpkx - ok

17:57:21.0795 4924 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys

17:57:21.0835 4924 umbus - ok

17:57:21.0844 4924 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys

17:57:21.0863 4924 UmPass - ok

17:57:23.0738 4924 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

17:57:23.0822 4924 UNS - ok

17:57:24.0805 4924 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

17:57:24.0885 4924 upnphost - ok

17:57:24.0956 4924 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys

17:57:25.0040 4924 USBAAPL64 - ok

17:57:25.0103 4924 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys

17:57:25.0175 4924 usbccgp - ok

17:57:25.0194 4924 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys

17:57:25.0207 4924 usbcir - ok

17:57:25.0215 4924 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys

17:57:25.0260 4924 usbehci - ok

17:57:25.0320 4924 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys

17:57:25.0400 4924 usbhub - ok

17:57:25.0424 4924 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys

17:57:25.0475 4924 usbohci - ok

17:57:25.0487 4924 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys

17:57:25.0515 4924 usbprint - ok

17:57:25.0549 4924 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys

17:57:25.0596 4924 usbscan - ok

17:57:25.0606 4924 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS

17:57:25.0669 4924 USBSTOR - ok

17:57:25.0689 4924 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys

17:57:25.0708 4924 usbuhci - ok

17:57:25.0734 4924 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys

17:57:25.0758 4924 usbvideo - ok

17:57:25.0787 4924 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

17:57:25.0818 4924 UxSms - ok

17:57:25.0868 4924 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

17:57:25.0896 4924 VaultSvc - ok

17:57:25.0938 4924 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys

17:57:25.0960 4924 vdrvroot - ok

17:57:26.0033 4924 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe

17:57:26.0133 4924 vds - ok

17:57:26.0171 4924 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

17:57:26.0222 4924 vga - ok

17:57:26.0254 4924 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

17:57:26.0327 4924 VgaSave - ok

17:57:26.0347 4924 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys

17:57:26.0359 4924 vhdmp - ok

17:57:26.0363 4924 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys

17:57:26.0372 4924 viaide - ok

17:57:26.0391 4924 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys

17:57:26.0401 4924 volmgr - ok

17:57:26.0425 4924 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys

17:57:26.0441 4924 volmgrx - ok

17:57:26.0486 4924 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys

17:57:26.0514 4924 volsnap - ok

17:57:26.0529 4924 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys

17:57:26.0543 4924 vsmraid - ok

17:57:26.0735 4924 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe

17:57:26.0823 4924 VSS - ok

17:57:27.0675 4924 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

17:57:27.0740 4924 vwifibus - ok

17:57:27.0774 4924 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

17:57:27.0800 4924 vwififlt - ok

17:57:27.0808 4924 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys

17:57:27.0826 4924 vwifimp - ok

17:57:27.0856 4924 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

17:57:27.0889 4924 W32Time - ok

17:57:27.0895 4924 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys

17:57:27.0926 4924 WacomPen - ok

17:57:27.0954 4924 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

17:57:27.0994 4924 WANARP - ok

17:57:28.0004 4924 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

17:57:28.0029 4924 Wanarpv6 - ok

17:57:29.0931 4924 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

17:57:30.0024 4924 WatAdminSvc - ok

17:57:32.0339 4924 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe

17:57:32.0418 4924 wbengine - ok

17:57:32.0704 4924 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

17:57:32.0766 4924 WbioSrvc - ok

17:57:33.0098 4924 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll

17:57:33.0175 4924 wcncsvc - ok

17:57:33.0199 4924 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

17:57:33.0248 4924 WcsPlugInService - ok

17:57:33.0287 4924 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys

17:57:33.0307 4924 Wd - ok

17:57:33.0647 4924 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

17:57:33.0701 4924 Wdf01000 - ok

17:57:33.0728 4924 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

17:57:33.0815 4924 WdiServiceHost - ok

17:57:33.0816 4924 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

17:57:33.0831 4924 WdiSystemHost - ok

17:57:33.0862 4924 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll

17:57:33.0935 4924 WebClient - ok

17:57:33.0975 4924 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

17:57:34.0021 4924 Wecsvc - ok

17:57:34.0045 4924 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

17:57:34.0112 4924 wercplsupport - ok

17:57:34.0141 4924 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

17:57:34.0211 4924 WerSvc - ok

17:57:34.0248 4924 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

17:57:34.0296 4924 WfpLwf - ok

17:57:35.0476 4924 WiMAXAppSrv (245ea6a2cfae7b183ee9a14a4673b1f1) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

17:57:35.0527 4924 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - warning

17:57:35.0527 4924 WiMAXAppSrv - detected UnsignedFile.Multi.Generic (1)

17:57:35.0569 4924 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys

17:57:35.0616 4924 WimFltr - ok

17:57:35.0631 4924 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

17:57:35.0640 4924 WIMMount - ok

17:57:35.0662 4924 WinDefend - ok

17:57:35.0683 4924 WinHttpAutoProxySvc - ok

17:57:35.0756 4924 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

17:57:35.0813 4924 Winmgmt - ok

17:57:35.0861 4924 WinRing0_1_2_0 (0c0195c48b6b8582fa6f6373032118da) C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys

17:57:35.0925 4924 WinRing0_1_2_0 - ok

17:57:37.0743 4924 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll

17:57:37.0841 4924 WinRM - ok

17:57:38.0088 4924 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys

17:57:38.0158 4924 WinUsb - ok

17:57:39.0260 4924 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

17:57:39.0337 4924 Wlansvc - ok

17:57:39.0393 4924 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

17:57:39.0427 4924 wlcrasvc - ok

17:57:41.0430 4924 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:57:41.0518 4924 wlidsvc - ok

17:57:42.0710 4924 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys

17:57:42.0758 4924 WmiAcpi - ok

17:57:43.0266 4924 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

17:57:43.0378 4924 wmiApSrv - ok

17:57:43.0416 4924 WMPNetworkSvc - ok

17:57:43.0473 4924 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

17:57:43.0521 4924 WPCSvc - ok

17:57:43.0664 4924 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll

17:57:43.0715 4924 WPDBusEnum - ok

17:57:43.0736 4924 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

17:57:43.0806 4924 ws2ifsl - ok

17:57:43.0974 4924 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll

17:57:44.0057 4924 wscsvc - ok

17:57:44.0061 4924 WSearch - ok

17:57:45.0502 4924 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll

17:57:45.0605 4924 wuauserv - ok

17:57:46.0076 4924 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys

17:57:46.0154 4924 WudfPf - ok

17:57:46.0198 4924 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys

17:57:46.0249 4924 WUDFRd - ok

17:57:46.0274 4924 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll

17:57:46.0300 4924 wudfsvc - ok

17:57:46.0527 4924 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

17:57:46.0596 4924 WwanSvc - ok

17:57:46.0622 4924 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

17:57:50.0526 4924 \Device\Harddisk0\DR0 - ok

17:57:50.0559 4924 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0

17:57:50.0565 4924 \Device\Harddisk0\DR0\Partition0 - ok

17:57:50.0579 4924 Boot (0x1200) (02d3c531ac736f85f2d45f0e1fd3f66f) \Device\Harddisk0\DR0\Partition1

17:57:50.0587 4924 \Device\Harddisk0\DR0\Partition1 - ok

17:57:50.0588 4924 ============================================================

17:57:50.0588 4924 Scan finished

17:57:50.0588 4924 ============================================================

17:57:50.0610 5612 Detected object count: 7

17:57:50.0610 5612 Actual detected object count: 7

17:58:24.0421 5612 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0421 5612 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:58:24.0424 5612 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0424 5612 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:58:24.0425 5612 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0425 5612 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:58:24.0426 5612 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0426 5612 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:58:24.0427 5612 DMAgent ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0428 5612 DMAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:58:24.0429 5612 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0429 5612 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:58:24.0430 5612 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - skipped by user

17:58:24.0430 5612 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

MBAM:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.16.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Shawn :: SJ [administrator]

6/16/2012 6:02:38 PM

mbam-log-2012-06-16 (18-02-38).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 226223

Time elapsed: 2 minute(s), 36 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

AswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-06-16 18:06:47

-----------------------------

18:06:47.233 OS Version: Windows x64 6.1.7601 Service Pack 1

18:06:47.233 Number of processors: 4 586 0x2A07

18:06:47.234 ComputerName: SJ UserName:

18:06:49.115 Initialize success

18:10:41.607 AVAST engine defs: 12061601

18:11:07.457 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

18:11:07.461 Disk 0 Vendor: ST975042 0002 Size: 715404MB BusType: 3

18:11:07.483 Disk 0 MBR read successfully

18:11:07.488 Disk 0 MBR scan

18:11:07.499 Disk 0 Windows 7 default MBR code

18:11:07.508 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048

18:11:07.526 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848

18:11:07.545 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 700302 MB offset 30926848

18:11:07.582 Disk 0 scanning C:\windows\system32\drivers

18:11:14.279 Service scanning

18:11:36.307 Modules scanning

18:11:36.325 Disk 0 trace - called modules:

18:11:36.346 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll

18:11:36.684 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007862060]

18:11:36.695 3 CLASSPNP.SYS[fffff88001dc043f] -> nt!IofCallDriver -> [0xfffffa8005902660]

18:11:36.709 5 ACPI.sys[fffff88000f987a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800590a050]

18:11:43.100 AVAST engine scan C:\windows

18:11:45.686 AVAST engine scan C:\windows\system32

18:13:44.756 AVAST engine scan C:\windows\system32\drivers

18:14:12.407 AVAST engine scan C:\Users\Shawn

18:18:42.075 AVAST engine scan C:\ProgramData

18:20:21.799 Scan finished successfully

18:22:10.508 Disk 0 MBR has been saved successfully to "C:\Users\Shawn\Documents\step 2\MBR.dat"

18:22:10.513 The log file has been saved successfully to "C:\Users\Shawn\Documents\step 2\aswMBR.txt"

Thank you very much for the pictures, they helped alot. Also the aswMBR file I downloaded was 4.5 mb, is that alright?

Link to post
Share on other sites

Yes, my information is not up-to-date, sorry about that! It's fixed now!

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Link to post
Share on other sites

Alright here is the contents of the .txt file.

ComboFix 12-06-16.02 - Shawn 06/16/2012 21:38:05.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6050.3907 [GMT -5:00]

Running from: c:\users\Shawn\Desktop\ComboFix.exe

AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\PCDr\5907\Downloads\288d198f-eb50-4316-9b17-4269c8487bf7.dll

c:\programdata\PCDr\5907\Downloads\d2475db4-153a-4cdd-a84a-1f6c794325f4.dll

c:\programdata\Roaming

.

.

((((((((((((((((((((((((( Files Created from 2012-05-17 to 2012-06-17 )))))))))))))))))))))))))))))))

.

.

2012-06-15 06:10 . 2012-06-15 06:10 -------- d-----w- c:\users\Shawn\AppData\Roaming\Malwarebytes

2012-06-15 06:10 . 2012-06-15 06:10 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-15 06:10 . 2012-06-15 06:10 -------- d-----w- c:\programdata\Malwarebytes

2012-06-15 06:10 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-15 06:05 . 2012-03-29 06:28 43640 ----a-r- c:\windows\system32\drivers\SymIMV.sys

2012-06-14 01:32 . 2012-06-15 05:56 -------- d-----w- c:\users\Shawn\AppData\Local\NPE

2012-06-12 19:25 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-12 19:25 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-06-12 19:25 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-06-12 03:17 . 2012-06-12 03:18 -------- d-----w- c:\users\Friend\AppData\Local\Nero

2012-06-12 03:17 . 2012-06-12 03:17 -------- d-----w- c:\users\Friend\AppData\Roaming\Nero

2012-06-11 01:37 . 2012-06-11 01:37 -------- d-----w- c:\users\Shawn\AppData\Roaming\InstallShield

2012-06-04 02:33 . 2012-06-04 02:34 -------- d-----w- c:\users\Shawn\AppData\Local\Facebook

2012-05-30 18:59 . 2012-05-30 18:59 4966600 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2012-05-30 02:50 . 2012-05-30 02:50 -------- d-----w- c:\users\Friend\AppData\Local\Mozilla

2012-05-30 02:49 . 2012-05-30 02:49 -------- d-----w- c:\users\Friend\AppData\Roaming\Apple Computer

2012-05-28 03:03 . 2012-05-28 03:03 -------- d-----w- c:\users\Shawn\AppData\Roaming\LolClient2

2012-05-27 22:47 . 2008-07-31 15:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll

2012-05-27 22:47 . 2008-07-31 15:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll

2012-05-27 22:47 . 2008-07-12 13:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll

2012-05-27 22:47 . 2008-07-12 13:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll

2012-05-27 22:47 . 2008-07-12 13:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll

2012-05-27 22:44 . 2012-05-27 22:44 -------- d-----w- C:\Riot Games

2012-05-27 22:11 . 2012-05-27 22:37 -------- d-----w- c:\program files (x86)\LeagueOfLegends

2012-05-27 22:10 . 2012-06-17 02:22 -------- d-----w- c:\users\Shawn\AppData\Local\PMB Files

2012-05-27 22:10 . 2012-06-17 02:22 -------- d-----w- c:\programdata\PMB Files

2012-05-27 22:10 . 2012-05-27 22:10 -------- d-----w- c:\program files (x86)\Pando Networks

2012-05-25 15:03 . 2012-05-25 15:04 -------- d-----w- c:\program files\Dell Support Center

2012-05-25 15:00 . 2012-05-25 15:02 -------- d-----w- c:\users\Shawn\AppData\Roaming\PCDr

2012-05-25 15:00 . 2012-06-03 01:36 -------- d-----w- c:\programdata\PCDr

2012-05-21 03:26 . 2012-05-21 03:26 -------- d-----w- c:\users\Shawn\AppData\Local\Diagnostics

2012-05-20 23:09 . 2012-05-20 23:29 -------- d-----w- c:\programdata\VirtualizedApplications

2012-05-20 22:02 . 2012-05-20 22:02 -------- d-----w- c:\users\Shawn\AppData\Roaming\Publish Providers

2012-05-20 21:58 . 2012-05-24 06:35 -------- d-----w- c:\users\Shawn\AppData\Local\Sony

2012-05-20 21:58 . 2012-05-20 21:58 -------- d-----w- c:\programdata\Sony

2012-05-20 21:58 . 2012-05-20 22:02 -------- d-----w- c:\users\Shawn\AppData\Roaming\Sony

2012-05-20 21:27 . 2012-05-20 21:39 -------- d-----w- C:\Adobe After Effects CS6

2012-05-20 21:22 . 2012-05-20 21:22 -------- d-----w- c:\users\Shawn\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-05-20 21:22 . 2012-05-20 21:22 -------- d-----w- c:\program files (x86)\Adobe Download Assistant

2012-05-20 18:53 . 2012-05-20 18:53 -------- d-----r- C:\MSOCache

2012-05-20 18:48 . 2012-05-20 18:48 -------- d-----w- c:\users\Shawn\AppData\Local\SoftGrid Client

2012-05-20 18:48 . 2012-06-15 05:39 -------- d-----w- c:\users\Shawn\AppData\Roaming\SoftGrid Client

2012-05-20 18:48 . 2012-05-21 02:22 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client

2012-05-20 18:47 . 2012-05-20 18:48 -------- d-----w- c:\users\Shawn\AppData\Roaming\TP

2012-05-20 18:45 . 2012-05-20 21:04 -------- d-----w- c:\users\Shawn\AppData\Local\Windows Live

2012-05-19 01:09 . 2012-05-19 01:09 -------- d-----w- c:\programdata\FLEXnet

2012-05-19 01:05 . 2012-05-19 01:05 -------- d-----w- c:\windows\SysWow64\spool

2012-05-19 01:04 . 2012-05-19 01:04 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared

2012-05-18 05:16 . 2012-05-18 23:54 -------- d-----w- c:\windows\system32\drivers\NAVx64\1307010.005

2012-05-18 05:02 . 2012-05-19 05:01 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2012-05-18 05:02 . 2012-05-18 05:02 -------- d-----w- c:\users\Shawn\AppData\Local\PunkBuster

2012-05-18 04:59 . 2012-05-19 05:01 283416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-05-18 04:59 . 2012-05-19 00:19 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2012-05-18 04:59 . 2012-05-19 00:19 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-05-18 04:58 . 2012-05-18 04:58 -------- d-----w- c:\program files (x86)\NVIDIA Corporation

2012-05-18 04:58 . 2012-05-18 04:58 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard

2012-05-18 03:16 . 2012-05-18 03:16 -------- d-----w- c:\programdata\NVIDIA

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-05 22:33 . 2012-05-01 19:53 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-05-05 22:33 . 2012-02-25 01:02 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-05 22:33 . 2012-05-01 20:34 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-05-01 04:28 . 2012-04-30 02:20 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2012-04-28 21:58 . 2010-06-24 17:33 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-03-30 11:35 . 2012-05-10 00:56 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-04-28 1242448]

"Facebook Update"="c:\users\Shawn\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-06-04 137536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]

"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-12-31 66872]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]

"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-10-26 162816]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]

R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 1335360]

R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-04-13 1160824]

S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys [x]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSvia64.sys [2012-06-14 488568]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1307010.005\SYMNETS.SYS [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-15 1166848]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 921664]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 995392]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2011-06-14 498688]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe [2012-03-27 138232]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2011-06-14 986112]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [x]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [x]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:\windows\system32\Drivers\bpusb.sys [x]

S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x]

S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]

S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912]

S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys [x]

S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 22:34]

.

2012-06-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2884631911-459496496-268750908-1001Core.job

- c:\users\Shawn\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-04 02:33]

.

2012-06-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2884631911-459496496-268750908-1001UA.job

- c:\users\Shawn\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-04 02:33]

.

2012-06-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-05-22 07:16]

.

2012-06-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-05-22 07:16]

.

2012-06-16 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-05-22 07:16]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-24 3668336]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]

"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]

"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\users\Shawn\AppData\Roaming\Mozilla\Firefox\Profiles\unpjdcff.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]

"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.7.1.5\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-06-16 21:48:34 - machine was rebooted

ComboFix-quarantined-files.txt 2012-06-17 02:48

.

Pre-Run: 640,537,432,064 bytes free

Post-Run: 640,898,412,544 bytes free

.

- - End Of File - - DC2611700F9BF2A81EB0134CD7342A9B

Link to post
Share on other sites

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Is this the log? It seems pretty short. It also seemed to delete a trojan that had redirector in it's name, maybe that solved my problem? :)

ESET log:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.