Jump to content
TheStranger

Help! Having problems with browser hijack/redirect

Recommended Posts

Hello - first, thanks in advance for any help you can provide. Tonight both my firefox and IE browsers started redirecting me from google searches through something called "click get answers fast.com". I downloaded malwarebytes and it found several items, removed them, and rebooted, but the problem is still there. I have attached the relevant files to this post. This is a relatively new laptop and I have McAfee on it, and have never had problems like this before. All the sites I accessed today before this popped up were trusted sites, so I have no idea how this happened.

Thanks so much again!

Attach.txt

DDS.txt

Share this post


Link to post
Share on other sites

Hello TheStranger and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log

Share this post


Link to post
Share on other sites

Thanks so much for responding. Sorry it took all day to follow your instructions. I was at work and don't have access to my home computer there.

I have attached the files. The scans didn't really turn anything up that I could see, but maybe when you read them you will see something that my untrained eye doesn't. From what I can tell, the problem does not exist in internet explorer, but it definitely still does in firefox. When I do a google news search for any particular topic, after I click on a 2 or 3 legitimate links, it redirects me through that "click get answers fast.com" site. Anything else I need to be doing? Thanks!

mbam-log-2012-07-30 (22-00-43).txt

TDSSKiller.2.7.48.0_30.07.2012_20.06.48_log.txt

Share this post


Link to post
Share on other sites

Also, one more piece of info: when I open either IE or Firefox, they default to about:blank. Pretty sure Google used to be the homepage for both.

Share this post


Link to post
Share on other sites

Please take a look at my instructions again:

Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Copy&Paste the entire report in your next reply.
In your next reply, post the following log files:

Share this post


Link to post
Share on other sites

OK, sorry I misunderstood. Here's the logs copied and pasted, first Kapersky then Malwarebytes. I attached as well in case that helps. Again, thanks so much!

19:38:42.0102 6768 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

19:38:42.0508 6768 ============================================================

19:38:42.0508 6768 Current date / time: 2012/07/31 19:38:42.0508

19:38:42.0508 6768 SystemInfo:

19:38:42.0508 6768

19:38:42.0508 6768 OS Version: 6.1.7601 ServicePack: 1.0

19:38:42.0508 6768 Product type: Workstation

19:38:42.0508 6768 ComputerName: PAUL-PC

19:38:42.0508 6768 UserName: Paul

19:38:42.0508 6768 Windows directory: C:\Windows

19:38:42.0508 6768 System windows directory: C:\Windows

19:38:42.0508 6768 Running under WOW64

19:38:42.0508 6768 Processor architecture: Intel x64

19:38:42.0508 6768 Number of processors: 4

19:38:42.0508 6768 Page size: 0x1000

19:38:42.0508 6768 Boot type: Normal boot

19:38:42.0508 6768 ============================================================

19:38:43.0241 6768 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:38:43.0241 6768 ============================================================

19:38:43.0241 6768 \Device\Harddisk0\DR0:

19:38:43.0241 6768 MBR partitions:

19:38:43.0241 6768 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000

19:38:43.0241 6768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0

19:38:43.0241 6768 ============================================================

19:38:43.0288 6768 C: <-> \Device\Harddisk0\DR0\Partition1

19:38:43.0288 6768 ============================================================

19:38:43.0288 6768 Initialize success

19:38:43.0288 6768 ============================================================

19:38:49.0418 7084 ============================================================

19:38:49.0418 7084 Scan started

19:38:49.0418 7084 Mode: Manual; SigCheck; TDLFS;

19:38:49.0418 7084 ============================================================

19:38:50.0448 7084 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

19:38:50.0557 7084 1394ohci - ok

19:38:50.0620 7084 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys

19:38:50.0666 7084 Acceler - ok

19:38:50.0807 7084 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

19:38:50.0807 7084 ACPI - ok

19:38:50.0838 7084 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

19:38:51.0025 7084 AcpiPmi - ok

19:38:51.0275 7084 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:38:51.0306 7084 AdobeFlashPlayerUpdateSvc - ok

19:38:51.0368 7084 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

19:38:51.0400 7084 adp94xx - ok

19:38:51.0431 7084 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

19:38:51.0446 7084 adpahci - ok

19:38:51.0462 7084 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

19:38:51.0493 7084 adpu320 - ok

19:38:51.0524 7084 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

19:38:51.0618 7084 AeLookupSvc - ok

19:38:51.0680 7084 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

19:38:51.0696 7084 AERTFilters - ok

19:38:51.0774 7084 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

19:38:51.0821 7084 AFD - ok

19:38:51.0868 7084 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

19:38:51.0883 7084 agp440 - ok

19:38:51.0914 7084 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

19:38:51.0961 7084 ALG - ok

19:38:51.0977 7084 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

19:38:51.0992 7084 aliide - ok

19:38:51.0992 7084 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

19:38:52.0008 7084 amdide - ok

19:38:52.0039 7084 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

19:38:52.0070 7084 AmdK8 - ok

19:38:52.0070 7084 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

19:38:52.0102 7084 AmdPPM - ok

19:38:52.0148 7084 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

19:38:52.0164 7084 amdsata - ok

19:38:52.0211 7084 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

19:38:52.0226 7084 amdsbs - ok

19:38:52.0242 7084 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

19:38:52.0258 7084 amdxata - ok

19:38:52.0289 7084 AMPPAL (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\AMPPAL.sys

19:38:52.0336 7084 AMPPAL - ok

19:38:52.0336 7084 AMPPALP (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\amppal.sys

19:38:52.0351 7084 AMPPALP - ok

19:38:52.0523 7084 AMPPALR3 (2cc0cbf2707be4d5b6ce6b87d9da2f97) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

19:38:52.0554 7084 AMPPALR3 - ok

19:38:52.0585 7084 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

19:38:52.0710 7084 AppID - ok

19:38:52.0726 7084 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

19:38:52.0772 7084 AppIDSvc - ok

19:38:52.0804 7084 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

19:38:52.0850 7084 Appinfo - ok

19:38:52.0975 7084 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:38:52.0991 7084 Apple Mobile Device - ok

19:38:53.0038 7084 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

19:38:53.0038 7084 arc - ok

19:38:53.0053 7084 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

19:38:53.0069 7084 arcsas - ok

19:38:53.0162 7084 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

19:38:53.0194 7084 aspnet_state - ok

19:38:53.0225 7084 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

19:38:53.0272 7084 AsyncMac - ok

19:38:53.0303 7084 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

19:38:53.0318 7084 atapi - ok

19:38:53.0412 7084 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:38:53.0459 7084 AudioEndpointBuilder - ok

19:38:53.0459 7084 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:38:53.0490 7084 AudioSrv - ok

19:38:53.0537 7084 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

19:38:53.0599 7084 AxInstSV - ok

19:38:53.0677 7084 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

19:38:53.0724 7084 b06bdrv - ok

19:38:53.0786 7084 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

19:38:53.0818 7084 b57nd60a - ok

19:38:53.0864 7084 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

19:38:53.0911 7084 BDESVC - ok

19:38:53.0911 7084 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

19:38:53.0958 7084 Beep - ok

19:38:54.0192 7084 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

19:38:54.0254 7084 BFE - ok

19:38:54.0426 7084 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

19:38:54.0520 7084 BITS - ok

19:38:54.0566 7084 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

19:38:54.0598 7084 blbdrive - ok

19:38:54.0691 7084 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

19:38:54.0707 7084 Bonjour Service - ok

19:38:54.0754 7084 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

19:38:54.0785 7084 bowser - ok

19:38:54.0816 7084 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

19:38:54.0847 7084 BrFiltLo - ok

19:38:54.0847 7084 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

19:38:54.0863 7084 BrFiltUp - ok

19:38:54.0941 7084 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

19:38:54.0988 7084 Browser - ok

19:38:55.0034 7084 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

19:38:55.0066 7084 Brserid - ok

19:38:55.0066 7084 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

19:38:55.0097 7084 BrSerWdm - ok

19:38:55.0097 7084 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:38:55.0128 7084 BrUsbMdm - ok

19:38:55.0144 7084 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

19:38:55.0175 7084 BrUsbSer - ok

19:38:55.0190 7084 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

19:38:55.0222 7084 BTHMODEM - ok

19:38:55.0253 7084 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

19:38:55.0315 7084 bthserv - ok

19:38:55.0378 7084 BTHSSecurityMgr (d6ceec2f878149e4db9fe93fa5d8fe60) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

19:38:55.0393 7084 BTHSSecurityMgr - ok

19:38:55.0424 7084 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

19:38:55.0471 7084 cdfs - ok

19:38:55.0502 7084 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

19:38:55.0549 7084 cdrom - ok

19:38:55.0580 7084 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:38:55.0627 7084 CertPropSvc - ok

19:38:55.0658 7084 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys

19:38:55.0674 7084 cfwids - ok

19:38:55.0705 7084 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

19:38:55.0721 7084 circlass - ok

19:38:55.0799 7084 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

19:38:55.0814 7084 CLFS - ok

19:38:55.0892 7084 CLKMSVC10_9EC60124 (bb86f147b2a7152e4b4d71a2f0a87d41) c:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe

19:38:56.0953 7084 CLKMSVC10_9EC60124 - ok

19:38:57.0109 7084 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:38:57.0140 7084 clr_optimization_v2.0.50727_32 - ok

19:38:57.0234 7084 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:38:57.0250 7084 clr_optimization_v2.0.50727_64 - ok

19:38:57.0406 7084 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:38:57.0499 7084 clr_optimization_v4.0.30319_32 - ok

19:38:57.0608 7084 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:38:57.0702 7084 clr_optimization_v4.0.30319_64 - ok

19:38:58.0108 7084 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

19:38:58.0170 7084 CmBatt - ok

19:38:58.0186 7084 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

19:38:58.0201 7084 cmdide - ok

19:38:58.0248 7084 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

19:38:58.0295 7084 CNG - ok

19:38:58.0326 7084 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

19:38:58.0342 7084 Compbatt - ok

19:38:58.0342 7084 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

19:38:58.0373 7084 CompositeBus - ok

19:38:58.0388 7084 COMSysApp - ok

19:38:58.0404 7084 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

19:38:58.0420 7084 crcdisk - ok

19:38:58.0466 7084 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

19:38:58.0513 7084 CryptSvc - ok

19:38:58.0591 7084 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys

19:38:58.0638 7084 CtClsFlt - ok

19:38:58.0747 7084 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:38:58.0794 7084 DcomLaunch - ok

19:38:58.0919 7084 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

19:38:58.0966 7084 defragsvc - ok

19:38:58.0997 7084 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

19:38:59.0044 7084 DfsC - ok

19:38:59.0137 7084 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

19:38:59.0184 7084 Dhcp - ok

19:38:59.0215 7084 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

19:38:59.0262 7084 discache - ok

19:38:59.0293 7084 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

19:38:59.0309 7084 Disk - ok

19:38:59.0356 7084 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

19:38:59.0418 7084 Dnscache - ok

19:38:59.0449 7084 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

19:38:59.0496 7084 dot3svc - ok

19:38:59.0543 7084 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

19:38:59.0605 7084 DPS - ok

19:38:59.0636 7084 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

19:38:59.0652 7084 drmkaud - ok

19:38:59.0746 7084 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

19:38:59.0777 7084 DXGKrnl - ok

19:38:59.0808 7084 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

19:38:59.0886 7084 EapHost - ok

19:39:00.0541 7084 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

19:39:00.0604 7084 ebdrv - ok

19:39:00.0760 7084 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

19:39:00.0822 7084 EFS - ok

19:39:00.0931 7084 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

19:39:01.0025 7084 ehRecvr - ok

19:39:01.0040 7084 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

19:39:01.0056 7084 ehSched - ok

19:39:01.0150 7084 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

19:39:01.0165 7084 elxstor - ok

19:39:01.0165 7084 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

19:39:01.0196 7084 ErrDev - ok

19:39:01.0243 7084 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

19:39:01.0290 7084 EventSystem - ok

19:39:01.0430 7084 EvtEng (532b8ff8e07f3772b086620377654f95) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

19:39:01.0477 7084 EvtEng - ok

19:39:01.0571 7084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

19:39:01.0618 7084 exfat - ok

19:39:01.0633 7084 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

19:39:01.0680 7084 fastfat - ok

19:39:01.0742 7084 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

19:39:01.0789 7084 Fax - ok

19:39:01.0805 7084 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

19:39:01.0836 7084 fdc - ok

19:39:01.0867 7084 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

19:39:01.0898 7084 fdPHost - ok

19:39:01.0898 7084 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

19:39:01.0961 7084 FDResPub - ok

19:39:01.0976 7084 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

19:39:01.0992 7084 FileInfo - ok

19:39:02.0008 7084 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

19:39:02.0054 7084 Filetrace - ok

19:39:02.0132 7084 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

19:39:02.0164 7084 FlipShare Service - ok

19:39:02.0226 7084 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe

19:39:02.0257 7084 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning

19:39:02.0257 7084 FlipShareServer - detected UnsignedFile.Multi.Generic (1)

19:39:02.0351 7084 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

19:39:02.0366 7084 flpydisk - ok

19:39:02.0398 7084 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

19:39:02.0413 7084 FltMgr - ok

19:39:02.0476 7084 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

19:39:02.0522 7084 FontCache - ok

19:39:02.0600 7084 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:39:02.0616 7084 FontCache3.0.0.0 - ok

19:39:02.0663 7084 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

19:39:02.0678 7084 FsDepends - ok

19:39:02.0694 7084 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

19:39:02.0710 7084 Fs_Rec - ok

19:39:02.0741 7084 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

19:39:02.0772 7084 fvevol - ok

19:39:02.0803 7084 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

19:39:02.0819 7084 gagp30kx - ok

19:39:02.0850 7084 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:39:02.0866 7084 GEARAspiWDM - ok

19:39:02.0912 7084 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

19:39:02.0959 7084 gpsvc - ok

19:39:02.0990 7084 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

19:39:03.0022 7084 hcw85cir - ok

19:39:03.0053 7084 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:39:03.0068 7084 HDAudBus - ok

19:39:03.0068 7084 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

19:39:03.0100 7084 HidBatt - ok

19:39:03.0131 7084 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

19:39:03.0162 7084 HidBth - ok

19:39:03.0162 7084 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

19:39:03.0178 7084 HidIr - ok

19:39:03.0209 7084 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

19:39:03.0240 7084 hidserv - ok

19:39:03.0271 7084 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

19:39:03.0287 7084 HidUsb - ok

19:39:03.0318 7084 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

19:39:03.0365 7084 hkmsvc - ok

19:39:03.0396 7084 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

19:39:03.0443 7084 HomeGroupListener - ok

19:39:03.0474 7084 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

19:39:03.0536 7084 HomeGroupProvider - ok

19:39:03.0552 7084 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

19:39:03.0568 7084 HpSAMD - ok

19:39:03.0661 7084 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

19:39:03.0739 7084 HTTP - ok

19:39:03.0739 7084 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

19:39:03.0755 7084 hwpolicy - ok

19:39:03.0802 7084 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

19:39:03.0848 7084 i8042prt - ok

19:39:03.0911 7084 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys

19:39:03.0958 7084 iaStor - ok

19:39:04.0004 7084 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

19:39:04.0036 7084 iaStorV - ok

19:39:04.0176 7084 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:39:04.0207 7084 idsvc - ok

19:39:05.0190 7084 igfx (0bd58366c86ef9ddc4f61afed0cada99) C:\Windows\system32\DRIVERS\igdkmd64.sys

19:39:05.0471 7084 igfx - ok

19:39:05.0596 7084 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

19:39:05.0611 7084 iirsp - ok

19:39:05.0674 7084 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

19:39:05.0720 7084 IKEEXT - ok

19:39:05.0783 7084 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys

19:39:05.0861 7084 Impcd - ok

19:39:05.0908 7084 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys

19:39:05.0954 7084 intaud_WaveExtensible - ok

19:39:06.0220 7084 IntcAzAudAddService (8fed6428fde53d7f4c105095f22524be) C:\Windows\system32\drivers\RTKVHD64.sys

19:39:06.0266 7084 IntcAzAudAddService - ok

19:39:06.0422 7084 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

19:39:06.0500 7084 IntcDAud - ok

19:39:06.0532 7084 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

19:39:06.0563 7084 intelide - ok

19:39:06.0594 7084 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

19:39:06.0625 7084 intelppm - ok

19:39:06.0656 7084 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

19:39:06.0734 7084 IPBusEnum - ok

19:39:06.0750 7084 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:39:06.0781 7084 IpFilterDriver - ok

19:39:06.0844 7084 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

19:39:06.0922 7084 iphlpsvc - ok

19:39:06.0937 7084 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

19:39:06.0953 7084 IPMIDRV - ok

19:39:07.0000 7084 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

19:39:07.0062 7084 IPNAT - ok

19:39:07.0187 7084 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

19:39:07.0218 7084 iPod Service - ok

19:39:07.0218 7084 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

19:39:07.0234 7084 IRENUM - ok

19:39:07.0234 7084 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

19:39:07.0249 7084 isapnp - ok

19:39:07.0296 7084 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

19:39:07.0327 7084 iScsiPrt - ok

19:39:07.0358 7084 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys

19:39:07.0390 7084 iwdbus - ok

19:39:07.0405 7084 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

19:39:07.0421 7084 kbdclass - ok

19:39:07.0452 7084 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

19:39:07.0499 7084 kbdhid - ok

19:39:07.0514 7084 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:39:07.0530 7084 KeyIso - ok

19:39:07.0577 7084 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

19:39:07.0608 7084 KSecDD - ok

19:39:07.0639 7084 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

19:39:07.0655 7084 KSecPkg - ok

19:39:07.0670 7084 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

19:39:07.0733 7084 ksthunk - ok

19:39:07.0780 7084 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

19:39:07.0842 7084 KtmRm - ok

19:39:07.0889 7084 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

19:39:07.0982 7084 LanmanServer - ok

19:39:08.0014 7084 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

19:39:08.0076 7084 LanmanWorkstation - ok

19:39:08.0107 7084 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

19:39:08.0185 7084 lltdio - ok

19:39:08.0232 7084 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

19:39:08.0310 7084 lltdsvc - ok

19:39:08.0326 7084 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

19:39:08.0357 7084 lmhosts - ok

19:39:08.0450 7084 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

19:39:08.0482 7084 LMS - ok

19:39:08.0528 7084 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

19:39:08.0544 7084 LSI_FC - ok

19:39:08.0560 7084 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

19:39:08.0591 7084 LSI_SAS - ok

19:39:08.0606 7084 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

19:39:08.0606 7084 LSI_SAS2 - ok

19:39:08.0622 7084 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

19:39:08.0638 7084 LSI_SCSI - ok

19:39:08.0669 7084 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

19:39:08.0747 7084 luafv - ok

19:39:08.0778 7084 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys

19:39:08.0794 7084 MBAMProtector - ok

19:39:08.0887 7084 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

19:39:08.0903 7084 MBAMService - ok

19:39:08.0996 7084 McAWFwk (9504f1dda1b67fb8d526fd4f8cc882f3) c:\PROGRA~1\mcafee\msc\mcawfwk.exe

19:39:09.0043 7084 McAWFwk - ok

19:39:09.0121 7084 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

19:39:09.0152 7084 McMPFSvc - ok

19:39:09.0168 7084 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

19:39:09.0168 7084 mcmscsvc - ok

19:39:09.0184 7084 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

19:39:09.0184 7084 McNaiAnn - ok

19:39:09.0199 7084 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

19:39:09.0199 7084 McNASvc - ok

19:39:09.0324 7084 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\mcafee\VirusScan\mcods.exe

19:39:09.0355 7084 McODS - ok

19:39:09.0371 7084 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

19:39:09.0371 7084 McOobeSv - ok

19:39:09.0371 7084 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

19:39:09.0386 7084 McProxy - ok

19:39:09.0464 7084 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

19:39:09.0496 7084 McShield - ok

19:39:09.0636 7084 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

19:39:09.0683 7084 Mcx2Svc - ok

19:39:09.0714 7084 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

19:39:09.0761 7084 megasas - ok

19:39:09.0776 7084 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

19:39:09.0808 7084 MegaSR - ok

19:39:09.0839 7084 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

19:39:09.0886 7084 MEIx64 - ok

19:39:09.0932 7084 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys

19:39:09.0932 7084 mfeapfk - ok

19:39:09.0948 7084 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys

19:39:09.0964 7084 mfeavfk - ok

19:39:10.0010 7084 mfeavfk01 - ok

19:39:10.0073 7084 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

19:39:10.0104 7084 mfefire - ok

19:39:10.0151 7084 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys

19:39:10.0213 7084 mfefirek - ok

19:39:10.0291 7084 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys

19:39:10.0354 7084 mfehidk - ok

19:39:10.0369 7084 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys

19:39:10.0385 7084 mfenlfk - ok

19:39:10.0416 7084 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys

19:39:10.0432 7084 mferkdet - ok

19:39:10.0447 7084 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe

19:39:10.0478 7084 mfevtp - ok

19:39:10.0525 7084 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys

19:39:10.0556 7084 mfewfpk - ok

19:39:10.0603 7084 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:39:10.0666 7084 MMCSS - ok

19:39:10.0681 7084 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

19:39:10.0775 7084 Modem - ok

19:39:10.0790 7084 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

19:39:10.0837 7084 monitor - ok

19:39:10.0868 7084 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

19:39:10.0900 7084 mouclass - ok

19:39:10.0915 7084 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys

19:39:10.0931 7084 mouhid - ok

19:39:10.0962 7084 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

19:39:10.0978 7084 mountmgr - ok

19:39:11.0040 7084 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:39:11.0087 7084 MozillaMaintenance - ok

19:39:11.0118 7084 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

19:39:11.0165 7084 mpio - ok

19:39:11.0180 7084 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

19:39:11.0274 7084 mpsdrv - ok

19:39:11.0368 7084 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

19:39:11.0446 7084 MpsSvc - ok

19:39:11.0446 7084 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

19:39:11.0477 7084 MRxDAV - ok

19:39:11.0524 7084 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:39:11.0602 7084 mrxsmb - ok

19:39:11.0648 7084 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:39:11.0695 7084 mrxsmb10 - ok

19:39:11.0711 7084 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:39:11.0726 7084 mrxsmb20 - ok

19:39:11.0758 7084 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

19:39:11.0773 7084 msahci - ok

19:39:11.0804 7084 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

19:39:11.0867 7084 msdsm - ok

19:39:11.0898 7084 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

19:39:11.0960 7084 MSDTC - ok

19:39:11.0976 7084 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

19:39:12.0038 7084 Msfs - ok

19:39:12.0070 7084 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

19:39:12.0101 7084 mshidkmdf - ok

19:39:12.0116 7084 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

19:39:12.0132 7084 msisadrv - ok

19:39:12.0163 7084 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

19:39:12.0241 7084 MSiSCSI - ok

19:39:12.0241 7084 msiserver - ok

19:39:12.0319 7084 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

19:39:12.0366 7084 MSK80Service - ok

19:39:12.0382 7084 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

19:39:12.0413 7084 MSKSSRV - ok

19:39:12.0428 7084 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

19:39:12.0460 7084 MSPCLOCK - ok

19:39:12.0460 7084 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

19:39:12.0506 7084 MSPQM - ok

19:39:12.0553 7084 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

19:39:12.0600 7084 MsRPC - ok

19:39:12.0616 7084 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

19:39:12.0616 7084 mssmbios - ok

19:39:12.0647 7084 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

19:39:12.0725 7084 MSTEE - ok

19:39:12.0725 7084 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

19:39:12.0740 7084 MTConfig - ok

19:39:12.0740 7084 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

19:39:12.0756 7084 Mup - ok

19:39:12.0850 7084 MyWiFiDHCPDNS (265937bc59819df1dab65e27c60f94c0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

19:39:12.0896 7084 MyWiFiDHCPDNS - ok

19:39:12.0959 7084 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

19:39:13.0021 7084 napagent - ok

19:39:13.0084 7084 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

19:39:13.0115 7084 NativeWifiP - ok

19:39:13.0240 7084 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe

19:39:13.0302 7084 NAUpdate - ok

19:39:13.0411 7084 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

19:39:13.0442 7084 NDIS - ok

19:39:13.0474 7084 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

19:39:13.0520 7084 NdisCap - ok

19:39:13.0536 7084 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

19:39:13.0567 7084 NdisTapi - ok

19:39:13.0567 7084 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

19:39:13.0614 7084 Ndisuio - ok

19:39:13.0614 7084 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

19:39:13.0661 7084 NdisWan - ok

19:39:13.0676 7084 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

19:39:13.0708 7084 NDProxy - ok

19:39:13.0708 7084 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

19:39:13.0754 7084 NetBIOS - ok

19:39:13.0770 7084 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

19:39:13.0817 7084 NetBT - ok

19:39:13.0832 7084 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:39:13.0848 7084 Netlogon - ok

19:39:13.0910 7084 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

19:39:13.0973 7084 Netman - ok

19:39:14.0051 7084 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:39:14.0129 7084 NetMsmqActivator - ok

19:39:14.0129 7084 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:39:14.0144 7084 NetPipeActivator - ok

19:39:14.0191 7084 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

19:39:14.0254 7084 netprofm - ok

19:39:14.0269 7084 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:39:14.0269 7084 NetTcpActivator - ok

19:39:14.0285 7084 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:39:14.0285 7084 NetTcpPortSharing - ok

19:39:15.0049 7084 NETwNs64 (774c9eccef83ab8a3d1466f19809c95f) C:\Windows\system32\DRIVERS\NETwNs64.sys

19:39:15.0221 7084 NETwNs64 - ok

19:39:15.0346 7084 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

19:39:15.0392 7084 nfrd960 - ok

19:39:15.0455 7084 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

19:39:15.0533 7084 NlaSvc - ok

19:39:15.0845 7084 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

19:39:15.0907 7084 NOBU - ok

19:39:16.0048 7084 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

19:39:16.0094 7084 Npfs - ok

19:39:16.0126 7084 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

19:39:16.0172 7084 nsi - ok

19:39:16.0188 7084 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

19:39:16.0219 7084 nsiproxy - ok

19:39:16.0360 7084 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

19:39:16.0406 7084 Ntfs - ok

19:39:16.0516 7084 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

19:39:16.0578 7084 Null - ok

19:39:16.0609 7084 nusb3hub (d584abb6a308933a5f72b46c9e5a783f) C:\Windows\system32\DRIVERS\nusb3hub.sys

19:39:16.0656 7084 nusb3hub - ok

19:39:16.0687 7084 nusb3xhc (345b9c04e2036da4346e3249a5bdfd06) C:\Windows\system32\DRIVERS\nusb3xhc.sys

19:39:16.0750 7084 nusb3xhc - ok

19:39:16.0812 7084 nvkflt (d980b1551dd0c8bdc3b07d617b4d42a6) C:\Windows\system32\DRIVERS\nvkflt.sys

19:39:16.0874 7084 nvkflt - ok

19:39:17.0935 7084 nvlddmkm (386fb2e1ef51495629089231957b7d9a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:39:18.0076 7084 nvlddmkm - ok

19:39:18.0200 7084 nvpciflt (e0cabfd2564cb064eaa5789cd6960c4a) C:\Windows\system32\DRIVERS\nvpciflt.sys

19:39:18.0232 7084 nvpciflt - ok

19:39:18.0263 7084 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

19:39:18.0278 7084 nvraid - ok

19:39:18.0310 7084 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

19:39:18.0325 7084 nvstor - ok

19:39:18.0372 7084 NvStUSB (4dc87cda61d7b185e79618581f46b85a) C:\Windows\system32\drivers\nvstusb.sys

19:39:18.0388 7084 NvStUSB - ok

19:39:18.0559 7084 nvsvc (3947ad5d03e6abcce037801162fdb90d) C:\Windows\system32\nvvsvc.exe

19:39:18.0590 7084 nvsvc - ok

19:39:18.0871 7084 nvUpdatusService (c5b3bb5dc9c62700c4a72c2a89ca1d58) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

19:39:18.0918 7084 nvUpdatusService - ok

19:39:19.0074 7084 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

19:39:19.0121 7084 nv_agp - ok

19:39:19.0137 7084 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

19:39:19.0168 7084 ohci1394 - ok

19:39:19.0246 7084 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:39:19.0293 7084 ose - ok

19:39:19.0651 7084 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

19:39:19.0745 7084 osppsvc - ok

19:39:19.0885 7084 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:39:19.0932 7084 p2pimsvc - ok

19:39:19.0995 7084 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

19:39:20.0010 7084 p2psvc - ok

19:39:20.0073 7084 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

19:39:20.0119 7084 Parport - ok

19:39:20.0166 7084 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

19:39:20.0182 7084 partmgr - ok

19:39:20.0229 7084 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

19:39:20.0291 7084 PcaSvc - ok

19:39:20.0322 7084 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

19:39:20.0385 7084 pci - ok

19:39:20.0400 7084 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

19:39:20.0400 7084 pciide - ok

19:39:20.0447 7084 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

19:39:20.0464 7084 pcmcia - ok

19:39:20.0479 7084 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

19:39:20.0495 7084 pcw - ok

19:39:20.0510 7084 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

19:39:20.0573 7084 PEAUTH - ok

19:39:20.0635 7084 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

19:39:20.0698 7084 PerfHost - ok

19:39:21.0930 7084 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

19:39:22.0086 7084 pla - ok

19:39:22.0258 7084 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

19:39:22.0320 7084 PlugPlay - ok

19:39:22.0351 7084 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

19:39:22.0367 7084 PNRPAutoReg - ok

19:39:22.0429 7084 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:39:22.0445 7084 PNRPsvc - ok

19:39:22.0507 7084 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

19:39:22.0554 7084 PolicyAgent - ok

19:39:22.0585 7084 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll

19:39:22.0648 7084 Power - ok

19:39:22.0694 7084 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

19:39:22.0741 7084 PptpMiniport - ok

19:39:22.0772 7084 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

19:39:22.0835 7084 Processor - ok

19:39:22.0866 7084 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

19:39:22.0928 7084 ProfSvc - ok

19:39:22.0960 7084 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:39:23.0006 7084 ProtectedStorage - ok

19:39:23.0038 7084 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

19:39:23.0100 7084 Psched - ok

19:39:23.0131 7084 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

19:39:23.0131 7084 PxHlpa64 - ok

19:39:23.0162 7084 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys

19:39:23.0178 7084 qicflt - ok

19:39:23.0350 7084 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

19:39:23.0396 7084 ql2300 - ok

19:39:23.0521 7084 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

19:39:23.0552 7084 ql40xx - ok

19:39:23.0584 7084 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

19:39:23.0615 7084 QWAVE - ok

19:39:23.0630 7084 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

19:39:23.0677 7084 QWAVEdrv - ok

19:39:23.0693 7084 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

19:39:23.0740 7084 RasAcd - ok

19:39:23.0771 7084 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:39:23.0818 7084 RasAgileVpn - ok

19:39:23.0849 7084 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

19:39:23.0927 7084 RasAuto - ok

19:39:23.0942 7084 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:39:23.0974 7084 Rasl2tp - ok

19:39:24.0020 7084 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

19:39:24.0083 7084 RasMan - ok

19:39:24.0114 7084 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

19:39:24.0176 7084 RasPppoe - ok

19:39:24.0176 7084 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

19:39:24.0223 7084 RasSstp - ok

19:39:24.0239 7084 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

19:39:24.0286 7084 rdbss - ok

19:39:24.0301 7084 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

19:39:24.0317 7084 rdpbus - ok

19:39:24.0348 7084 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:39:24.0410 7084 RDPCDD - ok

19:39:24.0426 7084 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

19:39:24.0488 7084 RDPENCDD - ok

19:39:24.0504 7084 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

19:39:24.0535 7084 RDPREFMP - ok

19:39:24.0582 7084 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

19:39:24.0676 7084 RDPWD - ok

19:39:24.0722 7084 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

19:39:24.0754 7084 rdyboost - ok

19:39:24.0910 7084 RegSrvc (7196be857e29007470ff9b689c7f29a7) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

19:39:24.0956 7084 RegSrvc - ok

19:39:24.0972 7084 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

19:39:25.0050 7084 RemoteAccess - ok

19:39:25.0097 7084 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

19:39:25.0128 7084 RemoteRegistry - ok

19:39:25.0300 7084 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

19:39:25.0346 7084 RoxMediaDB12OEM - ok

19:39:25.0393 7084 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

19:39:25.0440 7084 RoxWatch12 - ok

19:39:25.0549 7084 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

19:39:25.0627 7084 RpcEptMapper - ok

19:39:25.0627 7084 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

19:39:25.0643 7084 RpcLocator - ok

19:39:25.0705 7084 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:39:25.0752 7084 RpcSs - ok

19:39:25.0814 7084 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

19:39:25.0846 7084 rspndr - ok

19:39:25.0939 7084 RTL8167 (9140db0911de035fed0a9a77a2d156ea) C:\Windows\system32\DRIVERS\Rt64win7.sys

19:39:25.0986 7084 RTL8167 - ok

19:39:26.0002 7084 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:39:26.0017 7084 SamSs - ok

19:39:26.0048 7084 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

19:39:26.0095 7084 sbp2port - ok

19:39:26.0126 7084 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

19:39:26.0189 7084 SCardSvr - ok

19:39:26.0189 7084 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

19:39:26.0236 7084 scfilter - ok

19:39:26.0360 7084 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

19:39:26.0423 7084 Schedule - ok

19:39:26.0438 7084 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:39:26.0485 7084 SCPolicySvc - ok

19:39:26.0532 7084 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

19:39:26.0579 7084 SDRSVC - ok

19:39:26.0641 7084 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

19:39:26.0750 7084 secdrv - ok

19:39:26.0782 7084 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

19:39:26.0844 7084 seclogon - ok

19:39:26.0875 7084 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

19:39:26.0922 7084 SENS - ok

19:39:26.0938 7084 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

19:39:26.0984 7084 SensrSvc - ok

19:39:27.0031 7084 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

19:39:27.0078 7084 Serenum - ok

19:39:27.0078 7084 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

19:39:27.0109 7084 Serial - ok

19:39:27.0125 7084 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

19:39:27.0187 7084 sermouse - ok

19:39:27.0234 7084 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

19:39:27.0296 7084 SessionEnv - ok

19:39:27.0312 7084 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

19:39:27.0328 7084 sffdisk - ok

19:39:27.0343 7084 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

19:39:27.0374 7084 sffp_mmc - ok

19:39:27.0374 7084 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

19:39:27.0406 7084 sffp_sd - ok

19:39:27.0406 7084 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

19:39:27.0421 7084 sfloppy - ok

19:39:27.0640 7084 SftService (29ddea72c5bdf61d62f4d438dc0e497c) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

19:39:27.0686 7084 SftService - ok

19:39:27.0811 7084 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

19:39:27.0858 7084 SharedAccess - ok

19:39:27.0905 7084 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

19:39:27.0967 7084 ShellHWDetection - ok

19:39:28.0030 7084 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

19:39:28.0045 7084 SiSRaid2 - ok

19:39:28.0045 7084 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

19:39:28.0061 7084 SiSRaid4 - ok

19:39:28.0076 7084 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

19:39:28.0123 7084 Smb - ok

19:39:28.0170 7084 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

19:39:28.0186 7084 SNMPTRAP - ok

19:39:28.0217 7084 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

19:39:28.0217 7084 spldr - ok

19:39:28.0279 7084 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

19:39:28.0342 7084 Spooler - ok

19:39:28.0669 7084 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

19:39:28.0763 7084 sppsvc - ok

19:39:28.0872 7084 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

19:39:28.0934 7084 sppuinotify - ok

19:39:28.0981 7084 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

19:39:29.0028 7084 srv - ok

19:39:29.0075 7084 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

19:39:29.0137 7084 srv2 - ok

19:39:29.0168 7084 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

19:39:29.0215 7084 srvnet - ok

19:39:29.0262 7084 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

19:39:29.0309 7084 SSDPSRV - ok

19:39:29.0309 7084 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

19:39:29.0340 7084 SstpSvc - ok

19:39:29.0371 7084 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys

19:39:29.0387 7084 stdcfltn - ok

19:39:29.0496 7084 Stereo Service (b69e79470474a8bef06be2130d0210a8) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

19:39:29.0543 7084 Stereo Service - ok

19:39:29.0558 7084 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

19:39:29.0574 7084 stexstor - ok

19:39:29.0652 7084 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

19:39:29.0699 7084 stisvc - ok

19:39:29.0761 7084 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

19:39:29.0792 7084 stllssvr - ok

19:39:29.0824 7084 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

19:39:29.0870 7084 swenum - ok

19:39:29.0933 7084 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

19:39:30.0026 7084 swprv - ok

19:39:30.0182 7084 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys

19:39:30.0198 7084 SynTP - ok

19:39:30.0463 7084 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

19:39:30.0526 7084 SysMain - ok

19:39:30.0650 7084 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

19:39:30.0713 7084 TabletInputService - ok

19:39:30.0744 7084 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

19:39:30.0775 7084 TapiSrv - ok

19:39:30.0791 7084 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

19:39:30.0822 7084 TBS - ok

19:39:31.0040 7084 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

19:39:31.0087 7084 Tcpip - ok

19:39:31.0368 7084 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

19:39:31.0399 7084 TCPIP6 - ok

19:39:31.0477 7084 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

19:39:31.0555 7084 tcpipreg - ok

19:39:31.0571 7084 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

19:39:31.0602 7084 TDPIPE - ok

19:39:31.0618 7084 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

19:39:31.0664 7084 TDTCP - ok

19:39:31.0696 7084 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

19:39:31.0742 7084 tdx - ok

19:39:31.0758 7084 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

19:39:31.0774 7084 TermDD - ok

19:39:31.0852 7084 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

19:39:31.0914 7084 TermService - ok

19:39:31.0930 7084 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

19:39:31.0961 7084 Themes - ok

19:39:31.0976 7084 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:39:32.0008 7084 THREADORDER - ok

19:39:32.0039 7084 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

19:39:32.0070 7084 TrkWks - ok

19:39:32.0117 7084 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

19:39:32.0148 7084 TrustedInstaller - ok

19:39:32.0164 7084 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:39:32.0195 7084 tssecsrv - ok

19:39:32.0195 7084 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

19:39:32.0226 7084 TsUsbFlt - ok

19:39:32.0242 7084 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

19:39:32.0273 7084 TsUsbGD - ok

19:39:32.0288 7084 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

19:39:32.0366 7084 tunnel - ok

19:39:32.0398 7084 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys

19:39:32.0413 7084 TurboB - ok

19:39:32.0476 7084 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

19:39:32.0538 7084 TurboBoost - ok

19:39:32.0569 7084 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

19:39:32.0569 7084 uagp35 - ok

19:39:32.0600 7084 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

19:39:32.0663 7084 udfs - ok

19:39:32.0694 7084 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

19:39:32.0710 7084 UI0Detect - ok

19:39:32.0741 7084 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

19:39:32.0772 7084 uliagpkx - ok

19:39:32.0788 7084 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

19:39:32.0819 7084 umbus - ok

19:39:32.0819 7084 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

19:39:32.0850 7084 UmPass - ok

19:39:33.0146 7084 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

19:39:33.0209 7084 UNS - ok

19:39:33.0349 7084 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

19:39:33.0412 7084 upnphost - ok

19:39:33.0443 7084 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys

19:39:33.0490 7084 usbccgp - ok

19:39:33.0521 7084 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

19:39:33.0568 7084 usbcir - ok

19:39:33.0568 7084 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

19:39:33.0599 7084 usbehci - ok

19:39:33.0661 7084 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

19:39:33.0724 7084 usbhub - ok

19:39:33.0739 7084 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

19:39:33.0786 7084 usbohci - ok

19:39:33.0802 7084 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

19:39:33.0848 7084 usbprint - ok

19:39:33.0864 7084 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:39:33.0926 7084 USBSTOR - ok

19:39:33.0958 7084 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

19:39:33.0989 7084 usbuhci - ok

19:39:34.0036 7084 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

19:39:34.0082 7084 usbvideo - ok

19:39:34.0098 7084 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

19:39:34.0160 7084 UxSms - ok

19:39:34.0176 7084 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:39:34.0176 7084 VaultSvc - ok

19:39:34.0207 7084 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

19:39:34.0223 7084 vdrvroot - ok

19:39:34.0285 7084 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

19:39:34.0379 7084 vds - ok

19:39:34.0426 7084 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

19:39:34.0457 7084 vga - ok

19:39:34.0472 7084 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

19:39:34.0504 7084 VgaSave - ok

19:39:34.0519 7084 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

19:39:34.0550 7084 vhdmp - ok

19:39:34.0550 7084 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

19:39:34.0566 7084 viaide - ok

19:39:34.0566 7084 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

19:39:34.0582 7084 volmgr - ok

19:39:34.0613 7084 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

19:39:34.0628 7084 volmgrx - ok

19:39:34.0660 7084 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

19:39:34.0675 7084 volsnap - ok

19:39:34.0706 7084 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

19:39:34.0738 7084 vsmraid - ok

19:39:34.0909 7084 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

19:39:34.0987 7084 VSS - ok

19:39:35.0096 7084 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

19:39:35.0159 7084 vwifibus - ok

19:39:35.0174 7084 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

19:39:35.0221 7084 vwififlt - ok

19:39:35.0252 7084 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

19:39:35.0284 7084 vwifimp - ok

19:39:35.0346 7084 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

19:39:35.0393 7084 W32Time - ok

19:39:35.0393 7084 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

19:39:35.0440 7084 WacomPen - ok

19:39:35.0471 7084 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:39:35.0533 7084 WANARP - ok

19:39:35.0533 7084 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:39:35.0564 7084 Wanarpv6 - ok

19:39:35.0720 7084 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

19:39:35.0767 7084 WatAdminSvc - ok

19:39:35.0923 7084 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

19:39:35.0986 7084 wbengine - ok

19:39:36.0110 7084 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

19:39:36.0142 7084 WbioSrvc - ok

19:39:36.0173 7084 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

19:39:36.0235 7084 wcncsvc - ok

19:39:36.0235 7084 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

19:39:36.0251 7084 WcsPlugInService - ok

19:39:36.0298 7084 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

19:39:36.0344 7084 Wd - ok

19:39:36.0391 7084 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

19:39:36.0407 7084 Wdf01000 - ok

19:39:36.0422 7084 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:39:36.0516 7084 WdiServiceHost - ok

19:39:36.0516 7084 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:39:36.0532 7084 WdiSystemHost - ok

19:39:36.0578 7084 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

19:39:36.0641 7084 WebClient - ok

19:39:36.0672 7084 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

19:39:36.0734 7084 Wecsvc - ok

19:39:36.0750 7084 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

19:39:36.0781 7084 wercplsupport - ok

19:39:36.0828 7084 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

19:39:36.0875 7084 WerSvc - ok

19:39:36.0937 7084 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

19:39:37.0000 7084 WfpLwf - ok

19:39:37.0046 7084 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

19:39:37.0109 7084 WimFltr - ok

19:39:37.0124 7084 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

19:39:37.0156 7084 WIMMount - ok

19:39:37.0171 7084 WinDefend - ok

19:39:37.0171 7084 WinHttpAutoProxySvc - ok

19:39:37.0249 7084 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

19:39:37.0312 7084 Winmgmt - ok

19:39:37.0468 7084 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

19:39:37.0514 7084 WinRM - ok

19:39:37.0655 7084 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

19:39:37.0702 7084 WinUsb - ok

19:39:37.0811 7084 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

19:39:37.0858 7084 Wlansvc - ok

19:39:37.0920 7084 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

19:39:37.0951 7084 wlcrasvc - ok

19:39:38.0185 7084 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:39:38.0232 7084 wlidsvc - ok

19:39:38.0341 7084 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

19:39:38.0404 7084 WmiAcpi - ok

19:39:38.0466 7084 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

19:39:38.0497 7084 wmiApSrv - ok

19:39:38.0528 7084 WMPNetworkSvc - ok

19:39:38.0560 7084 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

19:39:38.0591 7084 WPCSvc - ok

19:39:38.0622 7084 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

19:39:38.0638 7084 WPDBusEnum - ok

19:39:38.0653 7084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

19:39:38.0716 7084 ws2ifsl - ok

19:39:38.0747 7084 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

19:39:38.0794 7084 wscsvc - ok

19:39:38.0794 7084 WSearch - ok

19:39:39.0028 7084 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

19:39:39.0074 7084 wuauserv - ok

19:39:39.0199 7084 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

19:39:39.0277 7084 WudfPf - ok

19:39:39.0324 7084 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:39:39.0418 7084 WUDFRd - ok

19:39:39.0433 7084 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

19:39:39.0496 7084 wudfsvc - ok

19:39:39.0527 7084 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

19:39:39.0558 7084 WwanSvc - ok

19:39:39.0574 7084 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

19:39:40.0088 7084 \Device\Harddisk0\DR0 - ok

19:39:40.0120 7084 Boot (0x1200) (2ee5715b69a0fe8332224d1e7a52cbd5) \Device\Harddisk0\DR0\Partition0

19:39:40.0135 7084 \Device\Harddisk0\DR0\Partition0 - ok

19:39:40.0135 7084 Boot (0x1200) (48e2884017fb7d5fe6a657f6eeda218d) \Device\Harddisk0\DR0\Partition1

19:39:40.0151 7084 \Device\Harddisk0\DR0\Partition1 - ok

19:39:40.0151 7084 ============================================================

19:39:40.0151 7084 Scan finished

19:39:40.0151 7084 ============================================================

19:39:40.0166 7076 Detected object count: 1

19:39:40.0166 7076 Actual detected object count: 1

19:39:43.0879 7076 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user

19:39:43.0879 7076 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

Now the malwarebytes log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.07.31.13

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Paul :: PAUL-PC [administrator]

Protection: Enabled

7/31/2012 7:41:46 PM

mbam-log-2012-07-31 (19-41-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 213395

Time elapsed: 4 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

TDSSKiller.2.7.48.0_31.07.2012_19.38.42_log.txt

mbam-log-2012-07-31 (19-41-46).txt

Share this post


Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Share this post


Link to post
Share on other sites

Hi Maniac - thanks again for your help. Here is the combofix log:

---

ComboFix 12-07-31.03 - Paul 08/02/2012 21:47:30.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6038.4099 [GMT -4:00]

Running from: c:\users\Paul\Downloads\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\PCDr\5907\Downloads\116e5d12-0d05-4993-954c-85b013aaf3cb.dll

c:\programdata\PCDr\5907\Downloads\140239b3-d59a-46fa-b856-17682a46cb44.dll

c:\programdata\PCDr\5907\Downloads\246b20c1-8ea9-4148-a34e-d03c8a1d5a76.dll

c:\programdata\PCDr\5907\Downloads\27e5bc9a-105f-4d7f-8352-e6ef1c8933dd.dll

c:\programdata\PCDr\5907\Downloads\a2192d8a-3d73-4ff7-be9b-02134f41db63.dll

c:\programdata\PCDr\5907\Downloads\f0fc9c9c-10ba-435b-8365-dadb523644ff.dll

c:\programdata\Roaming

.

.

((((((((((((((((((((((((( Files Created from 2012-07-03 to 2012-08-03 )))))))))))))))))))))))))))))))

.

.

2012-08-03 01:42 . 2012-08-03 01:42 -------- d-----w- c:\program files (x86)\7-zip

2012-07-30 04:21 . 2012-07-30 04:21 -------- d-----w- c:\users\Paul\AppData\Roaming\Malwarebytes

2012-07-30 04:21 . 2012-07-30 04:21 -------- d-----w- c:\programdata\Malwarebytes

2012-07-30 04:21 . 2012-07-30 04:21 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-07-30 04:21 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-12 00:35 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-07-12 00:31 . 2012-06-02 12:12 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-07-11 01:14 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-27 02:50 . 2012-07-02 02:22 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-27 02:50 . 2012-03-29 18:59 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-12 00:32 . 2012-04-07 18:43 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-06-02 22:19 . 2012-06-08 23:06 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-08 23:06 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-08 23:06 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-08 23:06 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-08 23:06 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-08 23:06 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-08 23:06 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-08 23:05 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-08 23:05 36864 ----a-w- c:\windows\system32\wuapp.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]

"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 75048]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]

"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-11-03 957440]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/03/29 14:54;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-08-11 248304]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]

R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200]

R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-03-08 224704]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-29 113120]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]

R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys [2011-10-16 291648]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-07 1255736]

R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 28992]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]

S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-11-04 249152]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]

S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-05-06 1085440]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 2253120]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]

S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-05-17 25496]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 8615936]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-14 95744]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-14 212992]

S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

*Deregistered* - CLKMDRV10_9EC60124

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-02 02:50]

.

2012-07-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

2012-08-03 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-05 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-05 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-05 416024]

"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]

"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-11-01 1935120]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 75.75.76.76 75.75.75.75

FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\5ujkjadz.default\

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe

c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-08-02 21:58:41 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-03 01:58

.

Pre-Run: 611,984,183,296 bytes free

Post-Run: 612,389,658,624 bytes free

.

- - End Of File - - BF7F9759055F0751FB1FC7DF6A5442D0

Share this post


Link to post
Share on other sites

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

Share this post


Link to post
Share on other sites

Hi Maniac - I ran ESET and this is the only thing that came up for the log. It said no threats detected.

Also, it seems like the problem is only in firefox now. Should I just un-install firefox? Thanks again!

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

esets_scanner_update returned -1 esets_gle=53251

esets_scanner_update returned -1 esets_gle=53251

Share this post


Link to post
Share on other sites

Maniac - thanks for all your help. Uninstalling firefox and re-installing it seems to have fixed the problem. I will check back if the problem continues, but for now I think we are all clear. Thanks!

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.