Malwarebytes "has successfully blocked access to a potentially malicious website"

[ntfeldman]

Another poster had a similar problem to mine back in February but I am hesitant to follow the instructions you lead her through without direct assistance because of warnings given about the tools used to help resolve her issue.

The problem I am having is about every 4-6 minutes, I get a pop-up box on my screen that stays for about 15-25 seconds (and then fades off) that indicates Malwarebytes Anti-malware has successfully blocked a potentially malicious website 195.191.56.247.

Type: outgoing

Port 50343 and Process: iexplore.exe

Of course I would like to remove the nuisance of this pop-up but more than that, I would like whatever is guiding my computer to reach out to this site to be removed permanently.

I have no idea what I clicked on or downloaded to attract this problem but I have also been having problems with IE 9 shutting down quite a bit and requiring a re-start. Greatly appreciate any help you can give to get me cleaned up.

Thanks.

[Larusso]

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

• First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  
• Perform everything in the correct order. Sometimes one step requires the previous one.
  
• If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  
• Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  
• Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  
• Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  
• My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  
• I am currently visiting an evening school and working nightshift only which might be evening for you. In this time I am mostly online with my mobile devices and won't be able to reply.

This IP belongs to a Server in the Ukraine. So let me dig a little bit deeper.

Download DDS and save it to your desktop from here.

Double click DDS to run the tool and press Start

Don't change any stettings without instruction

• When done, DDS will save two (2) logs to your desktop:
  1. DDS.txt
  2. Attach.txt

  [*].Please post them in your next reply

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

• Execute TDSSKiller.exe by doubleclicking on it.
• Press Start Scan
  
• If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  
• Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
  

Please post the contents of that log in your next reply.

[ntfeldman]

Hi Daniel. Thank you very much for your help.

As instructed I ran DDS utility and copies of the logs are below.

I had to break up my reply because I got an error message indicating my post is too long so the log from the TDSSKiller run is in the next post.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 12/12/2011 8:28:27 PM

System Uptime: 4/8/2013 6:32:29 AM (5 hours ago)

.

Motherboard: Dell Inc. | | 030X84

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU 1 | 2201/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 684 GiB total, 603.885 GiB free.

D: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}

Description: High Definition Audio Controller

Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_04CA1028&REV_A1\4&8951BBD&0&0108

Manufacturer: Microsoft

Name: High Definition Audio Controller

PNP Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_04CA1028&REV_A1\4&8951BBD&0&0108

Service: HDAudBus

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description:

Device ID: ROOT\IMAGE\0000

Manufacturer: Creative Technology Ltd.

Name:

PNP Device ID: ROOT\IMAGE\0000

Service:

.

==== System Restore Points ===================

.

RP307: 3/20/2013 3:00:16 AM - Windows Update

RP308: 3/21/2013 3:01:14 AM - Windows Update

RP309: 3/22/2013 3:00:57 AM - Windows Update

RP310: 3/24/2013 3:27:03 PM - Windows Update

RP311: 3/25/2013 1:08:03 PM - Windows Update

RP312: 3/26/2013 5:55:47 PM - Windows Update

RP313: 3/28/2013 12:05:55 PM - Windows Update

RP314: 3/29/2013 3:01:07 AM - Windows Update

RP315: 4/3/2013 5:14:24 PM - Windows Update

RP316: 4/4/2013 3:00:28 AM - Windows Update

RP317: 4/6/2013 5:20:59 PM - Windows Update

RP318: 4/7/2013 3:01:23 AM - Windows Update

RP319: 4/8/2013 3:01:05 AM - Windows Update

.

==== Installed Programs ======================

.

Accidental Damage Services Agreement

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Community Help

Adobe Content Viewer

Adobe Creative Suite 5.5 Master Collection

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.02)

Adobe Story

Adobe Widget Browser

Advanced Audio FX Engine

Alexa Toolbar

Apple Application Support

Apple Software Update

Bamboo

Bamboo Dock

Banctec Service Agreement

Bing Bar

Bing Bar Platform

Bing Rewards Client Installer

Blio

Centershift STORE

Complete Care Business Service Agreement

Consumer In-Home Service Agreement

Contact Capture 4.1

Cozi

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Driver Download Manager

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell Support Center

Dell Touchpad

Dell VideoStage

Dell Webcam Central

DirectX 9 Runtime

Dropbox

eBay

Google Chrome

Google Drive

Google Update Helper

GoToAssist Corporate

IDT Audio

Intel PROSet Wireless

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® PROSet/Wireless WiFi Software

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Monitor 2.0

Intel® WiDi

Intel® Wireless Display

Java Auto Updater

Java 6 Update 27

Java 6 Update 27 (64-bit)

Java 7 Update 5

JavaFX 2.1.1

Junk Mail filter update

Junos Pulse Core Components

Junos Pulse Drivers Add-On

Junos Pulse Tunnel Manager Add-On

Junos Pulse UAC/NC Components

Malwarebytes Anti-Malware version 1.70.0.1100

McAfee Security Scan Plus

McAfee SecurityCenter

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Default Manager

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Backward compatibility

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (REA9)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Microsoft_VC90_MFCLOC_x86

Microsoft_VC90_MFCLOC_x86_x64

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA 3D Vision Driver 268.30

NVIDIA Control Panel 268.30

NVIDIA Graphics Driver 268.30

NVIDIA HD Audio Driver 1.2.22.1

NVIDIA Install Application

NVIDIA Optimus 1.0.21

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

PDF Settings CS5

PhotoShowExpress

PlayMemories Home

PlayReady PC Runtime x86

Premium Service Agreement

PxMergeModule

QualxServ Service Agreement

Quickset64

QuickTime

RBVirtualFolder64Inst

REA 9

REA Report Engine

Realtek Ethernet Controller Driver

Realtek USB 2.0 Card Reader

Renesas Electronics USB 3.0 Host Controller Driver

Roxio Activation Module

Roxio BackOnTrack

Roxio Burn

Roxio Creator Starter

Roxio Express Labeler 3

Roxio File Backup

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Shared C Run-time for x64

Shutterfly Express Uploader

Sonic CinePlayer Decoder Pack

TrustedID

TrustedID IDMonitor Identity Protection

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

VC8 CRT

Wacom Tablet

WebTablet FB Plugin 32 bit

WebTablet FB Plugin 64 bit

WebTablet IE Plugin

WebTablet Netscape Plugin

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinZip Self-Extractor

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

4/8/2013 3:03:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera.

4/7/2013 4:01:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

4/7/2013 4:00:00 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

4/7/2013 3:59:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

4/7/2013 3:45:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}

4/7/2013 3:45:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

4/7/2013 3:01:08 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

4/7/2013 2:20:30 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

4/7/2013 2:20:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

4/7/2013 2:20:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

4/7/2013 2:20:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/7/2013 2:20:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

4/7/2013 2:20:03 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21

4/7/2013 2:19:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6

4/7/2013 12:20:18 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcmscsvc service.

4/7/2013 12:20:03 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

4/7/2013 12:19:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.

4/7/2013 12:17:49 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.

4/7/2013 12:16:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNASvc service.

4/5/2013 12:54:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IAStorDataMgrSvc service.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.5.1

Run by Sinclair at 11:00:12 on 2013-04-08

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8099.6285 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe

C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\windows\system32\nvvsvc.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\System32\svchost.exe -k NetworkService

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\mfevtps.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\windows\system32\wbem\unsecapp.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files (x86)\Broadlook Technologies\Contact Capture\ContactCapture.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Users\Sinclair\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe

C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe

C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files\mcafee.com\agent\mcagent.exe

C:\windows\splwow64.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\windows\system32\wuauclt.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.com/

mWinlogon: Userinit = userinit.exe

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120625031203.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB: Alexa Toolbar: {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Alexa Toolbar\AlexaToolbar.10.0.dll

uRun: [AdobeBridge] <no file>

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [JunosPulse] C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe -tray

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

StartupFolder: C:\Users\Sinclair\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sinclair\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab

DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: NameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{0A6A8909-B3ED-45AC-8FAE-FF08BC36B35F} : NameServer = 192.168.1.221,192.168.1.220

TCP: Interfaces\{956A537C-3397-4A2B-AE0C-FA16918A2A4D} : DHCPNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{956A537C-3397-4A2B-AE0C-FA16918A2A4D}\147574D275966496 : DHCPNameServer = 65.106.1.196 209.244.0.3

TCP: Interfaces\{956A537C-3397-4A2B-AE0C-FA16918A2A4D}\255637964656E636560294E6E623 : DHCPNameServer = 50.57.99.138 50.57.100.29 209.253.113.10

TCP: Interfaces\{DCDF212D-7A68-41A7-930F-710035801956} : NameServer = 192.168.1.221,192.168.1.220

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120625031203.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [NVHotkey] rundll32.exe C:\windows\System32\nvHotkey.dll,Start

x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray

x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://secure.vds.com/dana-cached/sc/JuniperSetupClient64.cab

x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2011-3-13 771536]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2011-3-13 340216]

R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-11-4 25960]

R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-11-4 55856]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-4 89600]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-4 13336]

R2 JuniperAccessService;Juniper Unified Network Service;C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2012-7-10 158832]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-1 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-1 682344]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-11-4 241456]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-11-4 218760]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2011-11-4 182752]

R2 MSSQL$REA9;SQL Server (REA9);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-11-27 479840]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-11-4 1692480]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]

R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-2-22 6583160]

R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2012-7-13 8712096]

R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-2-22 528760]

R2 TouchServiceWacom;Wacom Professional Touch Service;C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [2012-7-13 567712]

R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-4 2655768]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-8-8 299008]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]

R3 btmaudio;Intel Bluetooth Audio Service;C:\windows\System32\drivers\btmaud.sys [2011-5-19 51712]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-5-19 53248]

R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-7-19 282624]

R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2011-3-13 70112]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2011-11-4 176096]

R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-7-19 59904]

R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-6-21 25496]

R3 JNPRNA;Juniper Network Agent Miniport;C:\windows\System32\drivers\jnprna6.sys [2012-9-27 518992]

R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;C:\windows\System32\drivers\jnprvamgr.sys [2012-6-27 45352]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-5-28 24176]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2011-3-13 309840]

R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2011-3-13 515968]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-11-4 406632]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-8-8 299008]

S3 hidkmdf;KMDF Driver;C:\windows\System32\drivers\hidkmdf.sys [2012-7-13 13688]

S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2012-10-22 196440]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-6-21 34200]

S3 jnprva;Juniper Networks Virtual Adapter Service;C:\windows\System32\drivers\jnprva.sys [2012-6-27 26480]

S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-11-4 224704]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]

S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\drivers\mferkdet.sys [2011-3-13 106552]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-11-4 250984]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 WacHidRouter;Wacom Hid Router;C:\windows\System32\drivers\wachidrouter.sys [2012-7-13 66424]

S3 wacmoumonitor;Wacom Mode Helper;C:\windows\System32\drivers\wacmoumonitor.sys [2012-2-22 13312]

S3 wacomrouterfilter;Wacom Router Filter Driver;C:\windows\System32\drivers\wacomrouterfilter.sys [2012-7-13 15736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-22 1255736]

S4 jnprTdi_723_23179;Juniper Networks TDI Filter Driver (jnprTdi_723_23179);C:\windows\System32\drivers\jnprTdi_723_23179.sys [2012-9-27 101240]

S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2013-04-07 11:40:26 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABAF933E-0D5A-4F69-8C3B-D88F5E9170F2}\offreg.dll

2013-04-06 21:21:51 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABAF933E-0D5A-4F69-8C3B-D88F5E9170F2}\mpengine.dll

2013-04-04 03:13:47 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-03-27 02:56:42 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys

2013-03-18 22:24:44 -------- d-----w- C:\Users\Sinclair\AppData\Roaming\Broadlook Technologies

2013-03-18 22:24:38 227176 ----a-w- C:\windows\SysWow64\axcws32.dll

2013-03-18 22:24:38 223744 ----a-w- C:\windows\SysWow64\ODA323x.dll

2013-03-18 22:24:38 1886056 ----a-w- C:\windows\SysWow64\adsloc32.dll

2013-03-18 22:24:38 1615720 ----a-w- C:\windows\SysWow64\ace32.dll

2013-03-18 22:24:36 28424 ----a-w- C:\windows\SysWow64\bltKeyHook32.dll

2013-03-18 22:24:35 -------- d-----w- C:\ProgramData\Broadlook Technologies

2013-03-18 22:24:35 -------- d-----w- C:\Program Files (x86)\Common Files\Broadlook Technologies

2013-03-18 22:24:35 -------- d-----w- C:\Program Files (x86)\Broadlook Technologies

2013-03-18 20:53:37 204800 ----a-w- C:\ProgramData\rirwgl.dat

2013-03-10 20:21:54 73432 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-10 20:21:54 693976 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-03-09 18:59:14 -------- d-----w- C:\Hotel

2013-03-09 17:46:04 -------- d-----w- C:\Lenders

.

==================== Find3M ====================

.

2013-03-12 05:10:56 282744 ------w- C:\windows\System32\MpSigStub.exe

2013-02-19 18:59:06 70112 ----a-w- C:\windows\System32\drivers\cfwids.sys

2013-02-19 18:56:26 340216 ----a-w- C:\windows\System32\drivers\mfewfpk.sys

2013-02-19 18:56:14 182752 ----a-w- C:\windows\System32\mfevtps.exe

2013-02-19 18:55:26 10728 ----a-w- C:\windows\System32\drivers\mfeclnk.sys

2013-02-19 18:55:14 106552 ----a-w- C:\windows\System32\drivers\mferkdet.sys

2013-02-19 18:54:32 771536 ----a-w- C:\windows\System32\drivers\mfehidk.sys

2013-02-19 18:53:42 515968 ----a-w- C:\windows\System32\drivers\mfefirek.sys

2013-02-19 18:53:02 309840 ----a-w- C:\windows\System32\drivers\mfeavfk.sys

2013-02-19 18:52:44 179280 ----a-w- C:\windows\System32\drivers\mfeapfk.sys

2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll

2013-02-02 06:57:02 2312704 ----a-w- C:\windows\System32\jscript9.dll

2013-02-02 06:47:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2013-02-02 06:47:19 1392128 ----a-w- C:\windows\System32\wininet.dll

2013-02-02 06:42:18 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2013-02-02 06:41:51 599040 ----a-w- C:\windows\System32\vbscript.dll

2013-02-02 06:38:01 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2013-02-02 03:38:35 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-02-02 03:30:32 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2013-02-02 03:30:21 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2013-02-02 03:26:47 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2013-02-02 03:26:21 420864 ----a-w- C:\windows\SysWow64\vbscript.dll

2013-02-02 03:23:28 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-01-13 21:17:03 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 21:17:02 2560 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 21:16:42 10752 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 21:12:46 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 21:11:21 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 21:11:08 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 21:11:07 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:35:31 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 20:35:31 2560 ---ha-w- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 20:35:18 10752 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 20:32:07 3584 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 20:31:48 4096 ---ha-w- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 20:31:41 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 20:31:40 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:31:00 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll

2013-01-13 20:22:22 1988096 ----a-w- C:\windows\SysWow64\d3d10warp.dll

2013-01-13 20:20:31 293376 ----a-w- C:\windows\SysWow64\dxgi.dll

2013-01-13 20:09:00 249856 ----a-w- C:\windows\SysWow64\d3d10_1core.dll

2013-01-13 20:08:43 220160 ----a-w- C:\windows\SysWow64\d3d10core.dll

2013-01-13 20:08:35 1504768 ----a-w- C:\windows\SysWow64\d3d11.dll

2013-01-13 19:59:04 1643520 ----a-w- C:\windows\System32\DWrite.dll

2013-01-13 19:58:28 1175552 ----a-w- C:\windows\System32\FntCache.dll

2013-01-13 19:54:01 604160 ----a-w- C:\windows\SysWow64\d3d10level9.dll

2013-01-13 19:53:58 207872 ----a-w- C:\windows\SysWow64\WindowsCodecsExt.dll

2013-01-13 19:53:14 187392 ----a-w- C:\windows\SysWow64\UIAnimation.dll

2013-01-13 19:51:30 2565120 ----a-w- C:\windows\System32\d3d10warp.dll

2013-01-13 19:49:17 363008 ----a-w- C:\windows\System32\dxgi.dll

2013-01-13 19:48:47 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll

2013-01-13 19:46:25 1080832 ----a-w- C:\windows\SysWow64\d3d10.dll

2013-01-13 19:43:21 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll

2013-01-13 19:38:39 333312 ----a-w- C:\windows\System32\d3d10_1core.dll

2013-01-13 19:38:32 1887232 ----a-w- C:\windows\System32\d3d11.dll

2013-01-13 19:38:21 296960 ----a-w- C:\windows\System32\d3d10core.dll

2013-01-13 19:37:57 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll

2013-01-13 19:25:04 245248 ----a-w- C:\windows\System32\WindowsCodecsExt.dll

2013-01-13 19:24:33 648192 ----a-w- C:\windows\System32\d3d10level9.dll

2013-01-13 19:24:30 221184 ----a-w- C:\windows\System32\UIAnimation.dll

2013-01-13 19:20:42 194560 ----a-w- C:\windows\System32\d3d10_1.dll

2013-01-13 19:20:04 1238528 ----a-w- C:\windows\System32\d3d10.dll

2013-01-13 19:15:40 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll

2013-01-13 19:10:36 3928064 ----a-w- C:\windows\System32\d2d1.dll

2013-01-13 19:02:06 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll

2013-01-13 18:34:58 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll

2013-01-13 18:32:43 465920 ----a-w- C:\windows\System32\WMPhoto.dll

2013-01-13 18:09:52 522752 ----a-w- C:\windows\System32\XpsGdiConverter.dll

2013-01-13 17:26:42 1158144 ----a-w- C:\windows\SysWow64\XpsPrint.dll

2013-01-13 17:05:09 1682432 ----a-w- C:\windows\System32\XpsPrint.dll

.

============= FINISH: 11:00:54.92 ===============

The log for TDSSKiller are in the next post.

: )

[ntfeldman]

TDDSKiller Log:

Then I ran TDSSKiller and here is that log:

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

11:12:25.0081 2836 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

11:12:25.0814 2836 ============================================================

11:12:25.0814 2836 Current date / time: 2013/04/08 11:12:25.0814

11:12:25.0814 2836 SystemInfo:

11:12:25.0814 2836

11:12:25.0814 2836 OS Version: 6.1.7601 ServicePack: 1.0

11:12:25.0814 2836 Product type: Workstation

11:12:25.0814 2836 ComputerName: INSPIRON-N5110

11:12:25.0814 2836 UserName: Sinclair

11:12:25.0814 2836 Windows directory: C:\windows

11:12:25.0814 2836 System windows directory: C:\windows

11:12:25.0814 2836 Running under WOW64

11:12:25.0814 2836 Processor architecture: Intel x64

11:12:25.0814 2836 Number of processors: 8

11:12:25.0814 2836 Page size: 0x1000

11:12:25.0814 2836 Boot type: Normal boot

11:12:25.0814 2836 ============================================================

11:12:26.0469 2836 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:12:26.0469 2836 ============================================================

11:12:26.0469 2836 \Device\Harddisk0\DR0:

11:12:26.0469 2836 MBR partitions:

11:12:26.0469 2836 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

11:12:26.0469 2836 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x557C76F0

11:12:26.0469 2836 ============================================================

11:12:26.0516 2836 C: <-> \Device\Harddisk0\DR0\Partition2

11:12:26.0516 2836 ============================================================

11:12:26.0516 2836 Initialize success

11:12:26.0516 2836 ============================================================

11:12:42.0849 10612 ============================================================

11:12:42.0849 10612 Scan started

11:12:42.0849 10612 Mode: Manual;

11:12:42.0849 10612 ============================================================

11:12:44.0550 10612 ================ Scan system memory ========================

11:12:44.0550 10612 System memory - ok

11:12:44.0550 10612 ================ Scan services =============================

11:12:44.0877 10612 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

11:12:44.0893 10612 1394ohci - ok

11:12:44.0924 10612 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys

11:12:44.0940 10612 ACPI - ok

11:12:44.0987 10612 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

11:12:44.0987 10612 AcpiPmi - ok

11:12:45.0158 10612 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

11:12:45.0158 10612 AdobeARMservice - ok

11:12:45.0361 10612 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

11:12:45.0361 10612 AdobeFlashPlayerUpdateSvc - ok

11:12:45.0486 10612 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

11:12:45.0486 10612 adp94xx - ok

11:12:45.0579 10612 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys

11:12:45.0579 10612 adpahci - ok

11:12:45.0611 10612 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys

11:12:45.0611 10612 adpu320 - ok

11:12:45.0642 10612 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

11:12:45.0642 10612 AeLookupSvc - ok

11:12:45.0751 10612 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe

11:12:45.0813 10612 AESTFilters - ok

11:12:45.0891 10612 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys

11:12:45.0891 10612 AFD - ok

11:12:45.0939 10612 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys

11:12:45.0939 10612 agp440 - ok

11:12:45.0986 10612 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe

11:12:46.0002 10612 ALG - ok

11:12:46.0017 10612 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys

11:12:46.0017 10612 aliide - ok

11:12:46.0017 10612 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys

11:12:46.0017 10612 amdide - ok

11:12:46.0033 10612 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys

11:12:46.0033 10612 AmdK8 - ok

11:12:46.0033 10612 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys

11:12:46.0033 10612 AmdPPM - ok

11:12:46.0048 10612 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys

11:12:46.0048 10612 amdsata - ok

11:12:46.0080 10612 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys

11:12:46.0080 10612 amdsbs - ok

11:12:46.0080 10612 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys

11:12:46.0080 10612 amdxata - ok

11:12:46.0126 10612 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\windows\system32\DRIVERS\AMPPAL.sys

11:12:46.0126 10612 AMPPAL - ok

11:12:46.0142 10612 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys

11:12:46.0142 10612 AMPPALP - ok

11:12:46.0236 10612 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

11:12:46.0236 10612 AMPPALR3 - ok

11:12:46.0298 10612 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys

11:12:46.0314 10612 ApfiltrService - ok

11:12:46.0345 10612 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys

11:12:46.0345 10612 AppID - ok

11:12:46.0376 10612 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll

11:12:46.0392 10612 AppIDSvc - ok

11:12:46.0423 10612 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll

11:12:46.0470 10612 Appinfo - ok

11:12:46.0501 10612 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys

11:12:46.0501 10612 arc - ok

11:12:46.0501 10612 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys

11:12:46.0501 10612 arcsas - ok

11:12:46.0610 10612 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

11:12:46.0704 10612 aspnet_state - ok

11:12:46.0735 10612 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

11:12:46.0735 10612 AsyncMac - ok

11:12:46.0766 10612 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys

11:12:46.0766 10612 atapi - ok

11:12:46.0828 10612 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

11:12:46.0891 10612 AudioEndpointBuilder - ok

11:12:46.0906 10612 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll

11:12:46.0906 10612 AudioSrv - ok

11:12:46.0938 10612 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll

11:12:46.0984 10612 AxInstSV - ok

11:12:47.0016 10612 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

11:12:47.0031 10612 b06bdrv - ok

11:12:47.0094 10612 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys

11:12:47.0094 10612 b57nd60a - ok

11:12:47.0140 10612 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll

11:12:47.0156 10612 BDESVC - ok

11:12:47.0187 10612 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys

11:12:47.0187 10612 Beep - ok

11:12:47.0250 10612 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll

11:12:47.0312 10612 BFE - ok

11:12:47.0390 10612 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll

11:12:47.0452 10612 BITS - ok

11:12:47.0484 10612 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

11:12:47.0484 10612 blbdrive - ok

11:12:47.0577 10612 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

11:12:47.0593 10612 Bluetooth Device Monitor - ok

11:12:47.0640 10612 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

11:12:47.0655 10612 Bluetooth Media Service - ok

11:12:47.0686 10612 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

11:12:47.0702 10612 Bluetooth OBEX Service - ok

11:12:47.0733 10612 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys

11:12:47.0733 10612 bowser - ok

11:12:47.0764 10612 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys

11:12:47.0764 10612 BrFiltLo - ok

11:12:47.0780 10612 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys

11:12:47.0780 10612 BrFiltUp - ok

11:12:47.0842 10612 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll

11:12:47.0889 10612 Browser - ok

11:12:47.0905 10612 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys

11:12:47.0905 10612 Brserid - ok

11:12:47.0905 10612 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

11:12:47.0905 10612 BrSerWdm - ok

11:12:47.0905 10612 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

11:12:47.0905 10612 BrUsbMdm - ok

11:12:47.0905 10612 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

11:12:47.0905 10612 BrUsbSer - ok

11:12:47.0967 10612 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys

11:12:47.0967 10612 BthEnum - ok

11:12:47.0983 10612 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

11:12:47.0983 10612 BTHMODEM - ok

11:12:48.0014 10612 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys

11:12:48.0014 10612 BthPan - ok

11:12:48.0076 10612 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys

11:12:48.0092 10612 BTHPORT - ok

11:12:48.0123 10612 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll

11:12:48.0123 10612 bthserv - ok

11:12:48.0154 10612 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

11:12:48.0154 10612 BTHSSecurityMgr - ok

11:12:48.0186 10612 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys

11:12:48.0186 10612 BTHUSB - ok

11:12:48.0232 10612 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\windows\system32\drivers\btmaud.sys

11:12:48.0232 10612 btmaudio - ok

11:12:48.0248 10612 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\windows\system32\DRIVERS\btmaux.sys

11:12:48.0248 10612 btmaux - ok

11:12:48.0279 10612 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys

11:12:48.0279 10612 btmhsf - ok

11:12:48.0310 10612 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

11:12:48.0310 10612 cdfs - ok

11:12:48.0357 10612 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

11:12:48.0373 10612 cdrom - ok

11:12:48.0420 10612 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll

11:12:48.0466 10612 CertPropSvc - ok

11:12:48.0513 10612 [ D2B3252AD4EB499C935A56467997AA3C ] cfwids C:\windows\system32\drivers\cfwids.sys

11:12:48.0513 10612 cfwids - ok

11:12:48.0544 10612 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys

11:12:48.0544 10612 circlass - ok

11:12:48.0576 10612 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys

11:12:48.0576 10612 CLFS - ok

11:12:48.0654 10612 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:12:48.0669 10612 clr_optimization_v2.0.50727_32 - ok

11:12:48.0700 10612 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:12:48.0716 10612 clr_optimization_v2.0.50727_64 - ok

11:12:48.0778 10612 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:12:48.0778 10612 clr_optimization_v4.0.30319_32 - ok

11:12:48.0810 10612 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:12:48.0810 10612 clr_optimization_v4.0.30319_64 - ok

11:12:48.0856 10612 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

11:12:48.0856 10612 CmBatt - ok

11:12:48.0888 10612 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys

11:12:48.0888 10612 cmdide - ok

11:12:48.0950 10612 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys

11:12:48.0966 10612 CNG - ok

11:12:48.0981 10612 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys

11:12:48.0981 10612 Compbatt - ok

11:12:48.0997 10612 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

11:12:49.0012 10612 CompositeBus - ok

11:12:49.0028 10612 COMSysApp - ok

11:12:49.0044 10612 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

11:12:49.0044 10612 crcdisk - ok

11:12:49.0090 10612 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll

11:12:49.0137 10612 CryptSvc - ok

11:12:49.0200 10612 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys

11:12:49.0200 10612 CtClsFlt - ok

11:12:49.0246 10612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll

11:12:49.0262 10612 DcomLaunch - ok

11:12:49.0293 10612 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll

11:12:49.0293 10612 defragsvc - ok

11:12:49.0356 10612 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys

11:12:49.0356 10612 DfsC - ok

11:12:49.0387 10612 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll

11:12:49.0449 10612 Dhcp - ok

11:12:49.0480 10612 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys

11:12:49.0480 10612 discache - ok

11:12:49.0496 10612 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys

11:12:49.0496 10612 Disk - ok

11:12:49.0512 10612 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll

11:12:49.0605 10612 Dnscache - ok

11:12:49.0605 10612 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll

11:12:49.0636 10612 dot3svc - ok

11:12:49.0636 10612 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll

11:12:49.0636 10612 DPS - ok

11:12:49.0683 10612 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

11:12:49.0683 10612 drmkaud - ok

11:12:49.0730 10612 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

11:12:49.0746 10612 DXGKrnl - ok

11:12:49.0746 10612 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll

11:12:49.0761 10612 EapHost - ok

11:12:49.0839 10612 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys

11:12:49.0917 10612 ebdrv - ok

11:12:49.0948 10612 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe

11:12:49.0964 10612 EFS - ok

11:12:50.0042 10612 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe

11:12:50.0120 10612 ehRecvr - ok

11:12:50.0120 10612 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe

11:12:50.0136 10612 ehSched - ok

11:12:50.0167 10612 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys

11:12:50.0182 10612 elxstor - ok

11:12:50.0198 10612 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys

11:12:50.0198 10612 ErrDev - ok

11:12:50.0229 10612 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll

11:12:50.0245 10612 EventSystem - ok

11:12:50.0323 10612 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

11:12:50.0354 10612 EvtEng - ok

11:12:50.0370 10612 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys

11:12:50.0370 10612 exfat - ok

11:12:50.0385 10612 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys

11:12:50.0385 10612 fastfat - ok

11:12:50.0448 10612 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe

11:12:50.0526 10612 Fax - ok

11:12:50.0541 10612 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys

11:12:50.0541 10612 fdc - ok

11:12:50.0557 10612 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll

11:12:50.0557 10612 fdPHost - ok

11:12:50.0572 10612 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll

11:12:50.0572 10612 FDResPub - ok

11:12:50.0572 10612 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

11:12:50.0572 10612 FileInfo - ok

11:12:50.0588 10612 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys

11:12:50.0588 10612 Filetrace - ok

11:12:50.0604 10612 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys

11:12:50.0604 10612 flpydisk - ok

11:12:50.0619 10612 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

11:12:50.0619 10612 FltMgr - ok

11:12:50.0682 10612 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll

11:12:50.0760 10612 FontCache - ok

11:12:50.0791 10612 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:12:50.0869 10612 FontCache3.0.0.0 - ok

11:12:50.0884 10612 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys

11:12:50.0884 10612 FsDepends - ok

11:12:50.0900 10612 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

11:12:50.0962 10612 Fs_Rec - ok

11:12:50.0994 10612 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

11:12:50.0994 10612 fvevol - ok

11:12:51.0009 10612 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

11:12:51.0009 10612 gagp30kx - ok

11:12:51.0087 10612 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe

11:12:51.0087 10612 GoToAssist - ok

11:12:51.0150 10612 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll

11:12:51.0228 10612 gpsvc - ok

11:12:51.0306 10612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:12:51.0306 10612 gupdate - ok

11:12:51.0306 10612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:12:51.0321 10612 gupdatem - ok

11:12:51.0337 10612 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

11:12:51.0337 10612 hcw85cir - ok

11:12:51.0384 10612 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

11:12:51.0399 10612 HdAudAddService - ok

11:12:51.0415 10612 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

11:12:51.0415 10612 HDAudBus - ok

11:12:51.0430 10612 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys

11:12:51.0430 10612 HidBatt - ok

11:12:51.0430 10612 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys

11:12:51.0446 10612 HidBth - ok

11:12:51.0446 10612 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys

11:12:51.0446 10612 HidIr - ok

11:12:51.0477 10612 [ F50215611562EECC1BC83F22DB1EA358 ] hidkmdf C:\windows\system32\DRIVERS\hidkmdf.sys

11:12:51.0477 10612 hidkmdf - ok

11:12:51.0493 10612 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll

11:12:51.0508 10612 hidserv - ok

11:12:51.0555 10612 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

11:12:51.0555 10612 HidUsb - ok

11:12:51.0618 10612 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\windows\system32\drivers\HipShieldK.sys

11:12:51.0618 10612 HipShieldK - ok

11:12:51.0649 10612 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll

11:12:51.0696 10612 hkmsvc - ok

11:12:51.0711 10612 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll

11:12:51.0742 10612 HomeGroupListener - ok

11:12:51.0774 10612 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll

11:12:51.0789 10612 HomeGroupProvider - ok

11:12:51.0820 10612 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

11:12:51.0820 10612 HpSAMD - ok

11:12:51.0836 10612 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys

11:12:51.0852 10612 HTTP - ok

11:12:51.0867 10612 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

11:12:51.0867 10612 hwpolicy - ok

11:12:51.0898 10612 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

11:12:51.0898 10612 i8042prt - ok

11:12:51.0961 10612 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

11:12:51.0976 10612 iaStor - ok

11:12:52.0023 10612 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

11:12:52.0086 10612 IAStorDataMgrSvc - ok

11:12:52.0117 10612 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

11:12:52.0117 10612 iaStorV - ok

11:12:52.0148 10612 [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex C:\windows\system32\DRIVERS\iBtFltCoex.sys

11:12:52.0148 10612 iBtFltCoex - ok

11:12:52.0210 10612 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:12:52.0304 10612 idsvc - ok

11:12:52.0538 10612 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

11:12:52.0741 10612 igfx - ok

11:12:52.0772 10612 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys

11:12:52.0772 10612 iirsp - ok

11:12:52.0834 10612 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll

11:12:52.0866 10612 IKEEXT - ok

11:12:52.0928 10612 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys

11:12:52.0928 10612 intaud_WaveExtensible - ok

11:12:52.0928 10612 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys

11:12:52.0928 10612 intelide - ok

11:12:52.0959 10612 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

11:12:52.0959 10612 intelppm - ok

11:12:52.0975 10612 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll

11:12:52.0975 10612 IPBusEnum - ok

11:12:52.0990 10612 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

11:12:52.0990 10612 IpFilterDriver - ok

11:12:53.0037 10612 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll

11:12:53.0037 10612 iphlpsvc - ok

11:12:53.0037 10612 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

11:12:53.0037 10612 IPMIDRV - ok

11:12:53.0053 10612 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys

11:12:53.0053 10612 IPNAT - ok

11:12:53.0068 10612 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys

11:12:53.0084 10612 IRENUM - ok

11:12:53.0084 10612 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys

11:12:53.0084 10612 isapnp - ok

11:12:53.0115 10612 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

11:12:53.0115 10612 iScsiPrt - ok

11:12:53.0146 10612 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys

11:12:53.0146 10612 iwdbus - ok

11:12:53.0209 10612 [ BD73E417E1A9E345E6F001E618F6FD46 ] JNPRNA C:\windows\system32\DRIVERS\jnprna6.sys

11:12:53.0224 10612 JNPRNA - ok

11:12:53.0240 10612 [ 3FC64E27C79F278C0D67AF0F820899FE ] jnprTdi_723_23179 C:\windows\system32\Drivers\jnprTdi_723_23179.sys

11:12:53.0240 10612 jnprTdi_723_23179 - ok

11:12:53.0271 10612 [ A4CC4B7020E060ADAC7F92EFFB50DEB3 ] jnprva C:\windows\system32\DRIVERS\jnprva.sys

11:12:53.0334 10612 jnprva - ok

11:12:53.0349 10612 [ 43389A5F75966CB4715253F1B3EAD392 ] JnprVaMgr C:\windows\system32\DRIVERS\jnprvamgr.sys

11:12:53.0349 10612 JnprVaMgr - ok

11:12:53.0443 10612 [ A647C829C4A52B3046CCF30836ECDF50 ] JuniperAccessService C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe

11:12:53.0505 10612 JuniperAccessService - ok

11:12:53.0521 10612 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

11:12:53.0521 10612 kbdclass - ok

11:12:53.0536 10612 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

11:12:53.0536 10612 kbdhid - ok

11:12:53.0583 10612 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe

11:12:53.0583 10612 KeyIso - ok

11:12:53.0646 10612 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

11:12:53.0661 10612 KSecDD - ok

11:12:53.0692 10612 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

11:12:53.0708 10612 KSecPkg - ok

11:12:53.0724 10612 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

11:12:53.0724 10612 ksthunk - ok

11:12:53.0770 10612 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll

11:12:53.0802 10612 KtmRm - ok

11:12:53.0833 10612 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll

11:12:53.0880 10612 LanmanServer - ok

11:12:53.0911 10612 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll

11:12:53.0926 10612 LanmanWorkstation - ok

11:12:53.0973 10612 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

11:12:53.0973 10612 lltdio - ok

11:12:54.0004 10612 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll

11:12:54.0020 10612 lltdsvc - ok

11:12:54.0067 10612 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll

11:12:54.0082 10612 lmhosts - ok

11:12:54.0238 10612 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

11:12:54.0332 10612 LMS - ok

11:12:54.0363 10612 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

11:12:54.0363 10612 LSI_FC - ok

11:12:54.0379 10612 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

11:12:54.0379 10612 LSI_SAS - ok

11:12:54.0394 10612 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

11:12:54.0394 10612 LSI_SAS2 - ok

11:12:54.0410 10612 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

11:12:54.0410 10612 LSI_SCSI - ok

11:12:54.0441 10612 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys

11:12:54.0441 10612 luafv - ok

11:12:54.0504 10612 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys

11:12:54.0504 10612 MBAMProtector - ok

11:12:54.0582 10612 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

11:12:54.0582 10612 MBAMScheduler - ok

11:12:54.0644 10612 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

11:12:54.0660 10612 MBAMService - ok

11:12:54.0738 10612 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe

11:12:54.0753 10612 McAWFwk - ok

11:12:54.0831 10612 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

11:12:54.0847 10612 McComponentHostService - ok

11:12:54.0940 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:12:55.0003 10612 McMPFSvc - ok

11:12:55.0018 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

11:12:55.0018 10612 mcmscsvc - ok

11:12:55.0034 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

11:12:55.0034 10612 McNaiAnn - ok

11:12:55.0050 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

11:12:55.0065 10612 McNASvc - ok

11:12:55.0128 10612 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe

11:12:55.0143 10612 McODS - ok

11:12:55.0159 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

11:12:55.0159 10612 McOobeSv - ok

11:12:55.0159 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

11:12:55.0159 10612 McProxy - ok

11:12:55.0221 10612 [ 21F81090A00932C5E96700EDF2977582 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

11:12:55.0284 10612 McShield - ok

11:12:55.0315 10612 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

11:12:55.0330 10612 Mcx2Svc - ok

11:12:55.0362 10612 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys

11:12:55.0362 10612 megasas - ok

11:12:55.0393 10612 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

11:12:55.0393 10612 MegaSR - ok

11:12:55.0440 10612 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys

11:12:55.0440 10612 MEIx64 - ok

11:12:55.0486 10612 [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys

11:12:55.0502 10612 mfeapfk - ok

11:12:55.0549 10612 [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys

11:12:55.0549 10612 mfeavfk - ok

11:12:55.0596 10612 mfeavfk01 - ok

11:12:55.0642 10612 [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

11:12:55.0689 10612 mfefire - ok

11:12:55.0720 10612 [ CECC9841D036EE008091825272D91331 ] mfefirek C:\windows\system32\drivers\mfefirek.sys

11:12:55.0736 10612 mfefirek - ok

11:12:55.0798 10612 [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk C:\windows\system32\drivers\mfehidk.sys

11:12:55.0830 10612 mfehidk - ok

11:12:55.0861 10612 [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet C:\windows\system32\drivers\mferkdet.sys

11:12:55.0861 10612 mferkdet - ok

11:12:55.0892 10612 [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp C:\Windows\system32\mfevtps.exe

11:12:55.0954 10612 mfevtp - ok

11:12:55.0970 10612 [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys

11:12:55.0986 10612 mfewfpk - ok

11:12:56.0017 10612 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll

11:12:56.0017 10612 MMCSS - ok

11:12:56.0032 10612 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys

11:12:56.0032 10612 Modem - ok

11:12:56.0079 10612 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys

11:12:56.0079 10612 monitor - ok

11:12:56.0110 10612 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

11:12:56.0110 10612 mouclass - ok

11:12:56.0142 10612 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

11:12:56.0142 10612 mouhid - ok

11:12:56.0157 10612 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys

11:12:56.0173 10612 mountmgr - ok

11:12:56.0188 10612 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys

11:12:56.0188 10612 mpio - ok

11:12:56.0220 10612 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

11:12:56.0220 10612 mpsdrv - ok

11:12:56.0266 10612 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll

11:12:56.0344 10612 MpsSvc - ok

11:12:56.0344 10612 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

11:12:56.0344 10612 MRxDAV - ok

11:12:56.0376 10612 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

11:12:56.0391 10612 mrxsmb - ok

11:12:56.0422 10612 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

11:12:56.0422 10612 mrxsmb10 - ok

11:12:56.0438 10612 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

11:12:56.0438 10612 mrxsmb20 - ok

11:12:56.0469 10612 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys

11:12:56.0469 10612 msahci - ok

11:12:56.0500 10612 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys

11:12:56.0500 10612 msdsm - ok

11:12:56.0516 10612 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe

11:12:56.0532 10612 MSDTC - ok

11:12:56.0563 10612 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys

11:12:56.0563 10612 Msfs - ok

11:12:56.0578 10612 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

11:12:56.0578 10612 mshidkmdf - ok

11:12:56.0594 10612 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys

11:12:56.0594 10612 msisadrv - ok

11:12:56.0641 10612 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll

11:12:56.0656 10612 MSiSCSI - ok

11:12:56.0672 10612 msiserver - ok

11:12:56.0703 10612 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:12:56.0703 10612 MSK80Service - ok

11:12:56.0734 10612 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

11:12:56.0734 10612 MSKSSRV - ok

11:12:56.0750 10612 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

11:12:56.0750 10612 MSPCLOCK - ok

11:12:56.0766 10612 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

11:12:56.0766 10612 MSPQM - ok

11:12:56.0781 10612 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys

11:12:56.0797 10612 MsRPC - ok

11:12:56.0812 10612 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

11:12:56.0812 10612 mssmbios - ok

11:12:56.0922 10612 MSSQL$REA9 - ok

11:12:57.0000 10612 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe

11:12:57.0046 10612 MSSQLServerADHelper - ok

11:12:57.0062 10612 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

11:12:57.0062 10612 MSTEE - ok

11:12:57.0062 10612 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys

11:12:57.0062 10612 MTConfig - ok

11:12:57.0078 10612 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys

11:12:57.0078 10612 Mup - ok

11:12:57.0109 10612 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

11:12:57.0124 10612 MyWiFiDHCPDNS - ok

11:12:57.0187 10612 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll

11:12:57.0202 10612 napagent - ok

11:12:57.0218 10612 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

11:12:57.0218 10612 NativeWifiP - ok

11:12:57.0280 10612 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys

11:12:57.0312 10612 NDIS - ok

11:12:57.0343 10612 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

11:12:57.0343 10612 NdisCap - ok

11:12:57.0374 10612 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

11:12:57.0374 10612 NdisTapi - ok

11:12:57.0390 10612 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

11:12:57.0390 10612 Ndisuio - ok

11:12:57.0405 10612 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

11:12:57.0405 10612 NdisWan - ok

11:12:57.0421 10612 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

11:12:57.0421 10612 NDProxy - ok

11:12:57.0421 10612 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

11:12:57.0421 10612 NetBIOS - ok

11:12:57.0436 10612 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

11:12:57.0436 10612 NetBT - ok

11:12:57.0483 10612 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe

11:12:57.0483 10612 Netlogon - ok

11:12:57.0530 10612 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll

11:12:57.0546 10612 Netman - ok

11:12:57.0592 10612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:12:57.0592 10612 NetMsmqActivator - ok

11:12:57.0608 10612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:12:57.0608 10612 NetPipeActivator - ok

11:12:57.0624 10612 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll

11:12:57.0639 10612 netprofm - ok

11:12:57.0639 10612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:12:57.0639 10612 NetTcpActivator - ok

11:12:57.0639 10612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

11:12:57.0639 10612 NetTcpPortSharing - ok

11:12:57.0842 10612 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys

11:12:58.0014 10612 NETwNs64 - ok

11:12:58.0045 10612 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

11:12:58.0045 10612 nfrd960 - ok

11:12:58.0060 10612 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll

11:12:58.0076 10612 NlaSvc - ok

11:12:58.0216 10612 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

11:12:58.0248 10612 NOBU - ok

11:12:58.0279 10612 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys

11:12:58.0279 10612 Npfs - ok

11:12:58.0294 10612 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll

11:12:58.0310 10612 nsi - ok

11:12:58.0326 10612 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

11:12:58.0326 10612 nsiproxy - ok

11:12:58.0404 10612 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

11:12:58.0435 10612 Ntfs - ok

11:12:58.0450 10612 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys

11:12:58.0450 10612 Null - ok

11:12:58.0482 10612 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys

11:12:58.0482 10612 nusb3hub - ok

11:12:58.0513 10612 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys

11:12:58.0513 10612 nusb3xhc - ok

11:12:58.0560 10612 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys

11:12:58.0560 10612 NVHDA - ok

11:12:58.0856 10612 [ 573B0941A37AEBEE96085D56A103F57B ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys

11:12:59.0090 10612 nvlddmkm - ok

11:12:59.0106 10612 [ 43AF7EBEAC2AB623468E32CADDCB61A4 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys

11:12:59.0106 10612 nvpciflt - ok

11:12:59.0137 10612 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys

11:12:59.0152 10612 nvraid - ok

11:12:59.0184 10612 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys

11:12:59.0184 10612 nvstor - ok

11:12:59.0230 10612 [ C500760572C6059918FB0C960967695B ] NVSvc C:\windows\system32\nvvsvc.exe

11:12:59.0262 10612 NVSvc - ok

11:12:59.0371 10612 [ F28169A7ADF7B41809CF92D369E744F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

11:12:59.0449 10612 nvUpdatusService - ok

11:12:59.0480 10612 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

11:12:59.0480 10612 nv_agp - ok

11:12:59.0496 10612 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

11:12:59.0496 10612 ohci1394 - ok

11:12:59.0558 10612 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:12:59.0558 10612 ose - ok

11:12:59.0714 10612 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

11:12:59.0761 10612 osppsvc - ok

11:12:59.0823 10612 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll

11:12:59.0823 10612 p2pimsvc - ok

11:12:59.0886 10612 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll

11:12:59.0917 10612 p2psvc - ok

11:12:59.0948 10612 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys

11:12:59.0948 10612 Parport - ok

11:12:59.0995 10612 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys

11:12:59.0995 10612 partmgr - ok

11:13:00.0010 10612 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll

11:13:00.0010 10612 PcaSvc - ok

11:13:00.0026 10612 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys

11:13:00.0026 10612 pci - ok

11:13:00.0026 10612 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys

11:13:00.0026 10612 pciide - ok

11:13:00.0042 10612 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys

11:13:00.0042 10612 pcmcia - ok

11:13:00.0057 10612 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys

11:13:00.0057 10612 pcw - ok

11:13:00.0073 10612 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys

11:13:00.0073 10612 PEAUTH - ok

11:13:00.0182 10612 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe

11:13:00.0198 10612 PerfHost - ok

11:13:00.0260 10612 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll

11:13:00.0322 10612 pla - ok

11:13:00.0385 10612 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll

11:13:00.0400 10612 PlugPlay - ok

11:13:00.0478 10612 [ CBCEC2C45E7D672EC6E46CBFF23BDF8E ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

11:13:00.0556 10612 PMBDeviceInfoProvider - ok

11:13:00.0572 10612 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

11:13:00.0572 10612 PNRPAutoReg - ok

11:13:00.0603 10612 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll

11:13:00.0603 10612 PNRPsvc - ok

11:13:00.0650 10612 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

11:13:00.0712 10612 PolicyAgent - ok

11:13:00.0728 10612 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll

11:13:00.0728 10612 Power - ok

11:13:00.0775 10612 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

11:13:00.0775 10612 PptpMiniport - ok

11:13:00.0790 10612 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys

11:13:00.0790 10612 Processor - ok

11:13:00.0837 10612 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll

11:13:00.0900 10612 ProfSvc - ok

11:13:00.0900 10612 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe

11:13:00.0900 10612 ProtectedStorage - ok

11:13:00.0915 10612 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys

11:13:00.0915 10612 Psched - ok

11:13:00.0946 10612 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys

11:13:00.0946 10612 PxHlpa64 - ok

11:13:01.0024 10612 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys

11:13:01.0071 10612 ql2300 - ok

11:13:01.0087 10612 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys

11:13:01.0102 10612 ql40xx - ok

11:13:01.0118 10612 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll

11:13:01.0149 10612 QWAVE - ok

11:13:01.0149 10612 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

11:13:01.0149 10612 QWAVEdrv - ok

11:13:01.0165 10612 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

11:13:01.0165 10612 RasAcd - ok

11:13:01.0196 10612 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

11:13:01.0196 10612 RasAgileVpn - ok

11:13:01.0212 10612 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll

11:13:01.0227 10612 RasAuto - ok

11:13:01.0227 10612 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

11:13:01.0227 10612 Rasl2tp - ok

11:13:01.0258 10612 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll

11:13:01.0290 10612 RasMan - ok

11:13:01.0305 10612 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

11:13:01.0305 10612 RasPppoe - ok

11:13:01.0321 10612 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

11:13:01.0321 10612 RasSstp - ok

11:13:01.0336 10612 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

11:13:01.0352 10612 rdbss - ok

11:13:01.0368 10612 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys

11:13:01.0368 10612 rdpbus - ok

11:13:01.0383 10612 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

11:13:01.0399 10612 RDPCDD - ok

11:13:01.0430 10612 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

11:13:01.0430 10612 RDPENCDD - ok

11:13:01.0492 10612 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

11:13:01.0492 10612 RDPREFMP - ok

11:13:01.0524 10612 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys

11:13:01.0524 10612 RDPWD - ok

11:13:01.0555 10612 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

11:13:01.0570 10612 rdyboost - ok

11:13:01.0633 10612 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

11:13:01.0648 10612 RegSrvc - ok

11:13:01.0680 10612 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll

11:13:01.0680 10612 RemoteAccess - ok

11:13:01.0742 10612 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll

11:13:01.0758 10612 RemoteRegistry - ok

11:13:01.0804 10612 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys

11:13:01.0804 10612 RFCOMM - ok

11:13:01.0914 10612 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

11:13:02.0070 10612 RoxMediaDB12OEM - ok

11:13:02.0101 10612 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

11:13:02.0148 10612 RoxWatch12 - ok

11:13:02.0210 10612 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

11:13:02.0226 10612 RpcEptMapper - ok

11:13:02.0272 10612 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe

11:13:02.0288 10612 RpcLocator - ok

11:13:02.0319 10612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll

11:13:02.0335 10612 RpcSs - ok

11:13:02.0366 10612 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

11:13:02.0366 10612 rspndr - ok

11:13:02.0413 10612 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys

11:13:02.0413 10612 RSUSBSTOR - ok

11:13:02.0444 10612 [ 2777226EE8BF50B059D7A7C90177E99C ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys

11:13:02.0444 10612 RTL8167 - ok

11:13:02.0460 10612 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe

11:13:02.0460 10612 SamSs - ok

11:13:02.0475 10612 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys

11:13:02.0475 10612 sbp2port - ok

11:13:02.0506 10612 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll

11:13:02.0522 10612 SCardSvr - ok

11:13:02.0522 10612 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

11:13:02.0522 10612 scfilter - ok

11:13:02.0569 10612 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll

11:13:02.0631 10612 Schedule - ok

11:13:02.0662 10612 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll

11:13:02.0662 10612 SCPolicySvc - ok

11:13:02.0678 10612 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll

11:13:02.0725 10612 SDRSVC - ok

11:13:02.0772 10612 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

11:13:02.0834 10612 SeaPort - ok

11:13:02.0881 10612 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

11:13:02.0881 10612 secdrv - ok

11:13:02.0896 10612 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll

11:13:02.0959 10612 seclogon - ok

11:13:02.0974 10612 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll

11:13:02.0974 10612 SENS - ok

11:13:03.0006 10612 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll

11:13:03.0006 10612 SensrSvc - ok

11:13:03.0021 10612 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys

11:13:03.0037 10612 Serenum - ok

11:13:03.0052 10612 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys

11:13:03.0052 10612 Serial - ok

11:13:03.0068 10612 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys

11:13:03.0068 10612 sermouse - ok

11:13:03.0084 10612 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll

11:13:03.0130 10612 SessionEnv - ok

11:13:03.0146 10612 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys

11:13:03.0146 10612 sffdisk - ok

11:13:03.0146 10612 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

11:13:03.0146 10612 sffp_mmc - ok

11:13:03.0162 10612 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

11:13:03.0162 10612 sffp_sd - ok

11:13:03.0162 10612 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

11:13:03.0162 10612 sfloppy - ok

11:13:03.0240 10612 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

11:13:03.0302 10612 SftService - ok

11:13:03.0396 10612 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll

11:13:03.0411 10612 SharedAccess - ok

11:13:03.0458 10612 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll

11:13:03.0520 10612 ShellHWDetection - ok

11:13:03.0552 10612 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

11:13:03.0552 10612 SiSRaid2 - ok

11:13:03.0567 10612 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

11:13:03.0567 10612 SiSRaid4 - ok

11:13:03.0583 10612 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys

11:13:03.0583 10612 Smb - ok

11:13:03.0598 10612 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe

11:13:03.0598 10612 SNMPTRAP - ok

11:13:03.0614 10612 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys

11:13:03.0614 10612 spldr - ok

11:13:03.0661 10612 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe

11:13:03.0692 10612 Spooler - ok

11:13:03.0786 10612 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe

11:13:04.0004 10612 sppsvc - ok

11:13:04.0020 10612 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll

11:13:04.0035 10612 sppuinotify - ok

11:13:04.0129 10612 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

11:13:04.0191 10612 SQLBrowser - ok

11:13:04.0254 10612 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

11:13:04.0254 10612 SQLWriter - ok

11:13:04.0285 10612 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys

11:13:04.0300 10612 srv - ok

11:13:04.0332 10612 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

11:13:04.0332 10612 srv2 - ok

11:13:04.0332 10612 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

11:13:04.0347 10612 srvnet - ok

11:13:04.0378 10612 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

11:13:04.0394 10612 SSDPSRV - ok

11:13:04.0425 10612 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll

11:13:04.0425 10612 SstpSvc - ok

11:13:04.0503 10612 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

11:13:04.0581 10612 STacSV - ok

11:13:04.0659 10612 [ 0683504BBB3FFC0A73D9D217B63DD0E0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

11:13:04.0659 10612 Stereo Service - ok

11:13:04.0675 10612 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys

11:13:04.0690 10612 stexstor - ok

11:13:04.0722 10612 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys

11:13:04.0722 10612 STHDA - ok

11:13:04.0753 10612 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll

11:13:04.0784 10612 stisvc - ok

11:13:04.0846 10612 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

11:13:04.0893 10612 stllssvr - ok

11:13:04.0909 10612 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys

11:13:04.0909 10612 swenum - ok

11:13:05.0018 10612 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

11:13:05.0112 10612 SwitchBoard - ok

11:13:05.0174 10612 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll

11:13:05.0174 10612 swprv - ok

11:13:05.0252 10612 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll

11:13:05.0330 10612 SysMain - ok

11:13:05.0361 10612 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll

11:13:05.0408 10612 TabletInputService - ok

11:13:05.0595 10612 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe

11:13:05.0626 10612 TabletServicePen - ok

11:13:05.0845 10612 [ AD3EE30660A27DDBC701E90041D8E62B ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

11:13:06.0001 10612 TabletServiceWacom - ok

11:13:06.0032 10612 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll

11:13:06.0110 10612 TapiSrv - ok

11:13:06.0126 10612 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll

11:13:06.0126 10612 TBS - ok

11:13:06.0204 10612 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys

11:13:06.0266 10612 Tcpip - ok

11:13:06.0313 10612 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

11:13:06.0344 10612 TCPIP6 - ok

11:13:06.0360 10612 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

11:13:06.0375 10612 tcpipreg - ok

11:13:06.0406 10612 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

11:13:06.0406 10612 TDPIPE - ok

11:13:06.0453 10612 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

11:13:06.0453 10612 TDTCP - ok

11:13:06.0484 10612 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys

11:13:06.0484 10612 tdx - ok

11:13:06.0516 10612 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

11:13:06.0516 10612 TermDD - ok

11:13:06.0562 10612 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll

11:13:06.0578 10612 TermService - ok

11:13:06.0578 10612 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll

11:13:06.0594 10612 Themes - ok

11:13:06.0609 10612 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll

11:13:06.0609 10612 THREADORDER - ok

11:13:06.0656 10612 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe

11:13:06.0672 10612 TouchServicePen - ok

11:13:06.0718 10612 [ B39AB8DDEEC289240937BF566505A3D1 ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe

11:13:06.0781 10612 TouchServiceWacom - ok

11:13:06.0796 10612 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll

11:13:06.0812 10612 TrkWks - ok

11:13:06.0859 10612 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

11:13:06.0874 10612 TrustedInstaller - ok

11:13:06.0890 10612 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

11:13:06.0906 10612 tssecsrv - ok

11:13:06.0921 10612 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

11:13:06.0937 10612 TsUsbFlt - ok

11:13:06.0952 10612 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys

11:13:06.0952 10612 TsUsbGD - ok

11:13:06.0999 10612 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

11:13:07.0015 10612 tunnel - ok

11:13:07.0062 10612 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys

11:13:07.0062 10612 TurboB - ok

11:13:07.0093 10612 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe

11:13:07.0093 10612 TurboBoost - ok

11:13:07.0108 10612 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys

11:13:07.0108 10612 uagp35 - ok

11:13:07.0140 10612 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys

11:13:07.0155 10612 udfs - ok

11:13:07.0218 10612 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe

11:13:07.0233 10612 UI0Detect - ok

11:13:07.0249 10612 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

11:13:07.0249 10612 uliagpkx - ok

11:13:07.0280 10612 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys

11:13:07.0280 10612 umbus - ok

11:13:07.0311 10612 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys

11:13:07.0311 10612 UmPass - ok

11:13:07.0452 10612 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

11:13:07.0576 10612 UNS - ok

11:13:07.0608 10612 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll

11:13:07.0608 10612 upnphost - ok

11:13:07.0623 10612 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

11:13:07.0623 10612 usbccgp - ok

11:13:07.0654 10612 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys

11:13:07.0654 10612 usbcir - ok

11:13:07.0686 10612 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

11:13:07.0686 10612 usbehci - ok

11:13:07.0732 10612 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

11:13:07.0732 10612 usbhub - ok

11:13:07.0748 10612 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys

11:13:07.0748 10612 usbohci - ok

11:13:07.0764 10612 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

11:13:07.0764 10612 usbprint - ok

11:13:07.0810 10612 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

11:13:07.0810 10612 usbscan - ok

11:13:07.0826 10612 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

11:13:07.0826 10612 USBSTOR - ok

11:13:07.0842 10612 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys

11:13:07.0842 10612 usbuhci - ok

11:13:07.0873 10612 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys

11:13:07.0873 10612 usbvideo - ok

11:13:07.0904 10612 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll

11:13:07.0920 10612 UxSms - ok

11:13:07.0920 10612 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe

11:13:07.0920 10612 VaultSvc - ok

11:13:07.0951 10612 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

11:13:07.0951 10612 vdrvroot - ok

11:13:07.0966 10612 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe

11:13:08.0013 10612 vds - ok

11:13:08.0029 10612 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys

11:13:08.0029 10612 vga - ok

11:13:08.0044 10612 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys

11:13:08.0044 10612 VgaSave - ok

11:13:08.0122 10612 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys

11:13:08.0122 10612 vhdmp - ok

11:13:08.0138 10612 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys

11:13:08.0138 10612 viaide - ok

11:13:08.0169 10612 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys

11:13:08.0169 10612 volmgr - ok

11:13:08.0216 10612 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys

11:13:08.0232 10612 volmgrx - ok

11:13:08.0310 10612 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys

11:13:08.0325 10612 volsnap - ok

11:13:08.0778 10612 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

11:13:08.0778 10612 vsmraid - ok

11:13:08.0840 10612 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe

11:13:08.0871 10612 VSS - ok

11:13:08.0871 10612 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

11:13:08.0871 10612 vwifibus - ok

11:13:08.0902 10612 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

11:13:08.0902 10612 vwififlt - ok

11:13:08.0934 10612 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

11:13:08.0934 10612 vwifimp - ok

11:13:08.0996 10612 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll

11:13:08.0996 10612 W32Time - ok

11:13:09.0058 10612 [ 68C7FBAADE25F6DE28EC31B0424CC78B ] WacHidRouter C:\windows\system32\DRIVERS\wachidrouter.sys

11:13:09.0058 10612 WacHidRouter - ok

11:13:09.0105 10612 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\windows\system32\DRIVERS\wacmoumonitor.sys

11:13:09.0105 10612 wacmoumonitor - ok

11:13:09.0152 10612 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys

11:13:09.0152 10612 wacommousefilter - ok

11:13:09.0214 10612 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys

11:13:09.0214 10612 WacomPen - ok

11:13:09.0261 10612 [ B59EC4DD1026F059CD95C1627562F3F3 ] wacomrouterfilter C:\windows\system32\DRIVERS\wacomrouterfilter.sys

11:13:09.0261 10612 wacomrouterfilter - ok

11:13:09.0308 10612 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\windows\system32\DRIVERS\wacomvhid.sys

11:13:09.0308 10612 wacomvhid - ok

11:13:09.0339 10612 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

11:13:09.0339 10612 WANARP - ok

11:13:09.0355 10612 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

11:13:09.0355 10612 Wanarpv6 - ok

11:13:09.0417 10612 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

11:13:09.0558 10612 WatAdminSvc - ok

11:13:09.0948 10612 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe

11:13:09.0994 10612 wbengine - ok

11:13:10.0057 10612 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

11:13:10.0072 10612 WbioSrvc - ok

11:13:10.0150 10612 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll

11:13:10.0150 10612 wcncsvc - ok

11:13:10.0182 10612 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

11:13:10.0182 10612 WcsPlugInService - ok

11:13:10.0228 10612 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys

11:13:10.0228 10612 Wd - ok

11:13:10.0400 10612 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

11:13:10.0416 10612 Wdf01000 - ok

11:13:10.0431 10612 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll

11:13:10.0431 10612 WdiServiceHost - ok

11:13:10.0447 10612 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll

11:13:10.0447 10612 WdiSystemHost - ok

11:13:10.0509 10612 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll

11:13:10.0556 10612 WebClient - ok

11:13:10.0603 10612 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll

11:13:10.0634 10612 Wecsvc - ok

11:13:10.0665 10612 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll

11:13:10.0681 10612 wercplsupport - ok

11:13:10.0728 10612 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll

11:13:10.0743 10612 WerSvc - ok

11:13:10.0821 10612 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

11:13:10.0821 10612 WfpLwf - ok

11:13:10.0930 10612 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys

11:13:10.0930 10612 WimFltr - ok

11:13:10.0962 10612 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys

11:13:10.0962 10612 WIMMount - ok

11:13:10.0993 10612 WinDefend - ok

11:13:11.0024 10612 WinHttpAutoProxySvc - ok

11:13:11.0211 10612 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

11:13:11.0227 10612 Winmgmt - ok

11:13:11.0757 10612 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll

11:13:12.0007 10612 WinRM - ok

11:13:12.0225 10612 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

11:13:12.0225 10612 WinUsb - ok

11:13:12.0381 10612 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll

11:13:12.0444 10612 Wlansvc - ok

11:13:12.0600 10612 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

11:13:12.0662 10612 wlcrasvc - ok

11:13:13.0036 10612 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:13:13.0068 10612 wlidsvc - ok

11:13:13.0192 10612 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys

11:13:13.0192 10612 WmiAcpi - ok

11:13:13.0302 10612 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

11:13:13.0317 10612 wmiApSrv - ok

11:13:13.0442 10612 WMPNetworkSvc - ok

11:13:13.0504 10612 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll

11:13:13.0551 10612 WPCSvc - ok

11:13:13.0598 10612 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

11:13:13.0645 10612 WPDBusEnum - ok

11:13:13.0723 10612 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

11:13:13.0723 10612 ws2ifsl - ok

11:13:13.0816 10612 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll

11:13:13.0816 10612 wscsvc - ok

11:13:13.0832 10612 WSearch - ok

11:13:14.0269 10612 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll

11:13:14.0284 10612 wuauserv - ok

11:13:14.0316 10612 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys

11:13:14.0316 10612 WudfPf - ok

11:13:14.0425 10612 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

11:13:14.0440 10612 WUDFRd - ok

11:13:14.0518 10612 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll

11:13:14.0596 10612 wudfsvc - ok

11:13:14.0721 10612 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll

11:13:14.0784 10612 WwanSvc - ok

11:13:14.0940 10612 ================ Scan global ===============================

11:13:15.0018 10612 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

11:13:15.0096 10612 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll

11:13:15.0236 10612 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll

11:13:15.0283 10612 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

11:13:15.0408 10612 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

11:13:15.0423 10612 [Global] - ok

11:13:15.0423 10612 ================ Scan MBR ==================================

11:13:15.0439 10612 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

11:13:16.0219 10612 \Device\Harddisk0\DR0 - ok

11:13:16.0219 10612 ================ Scan VBR ==================================

11:13:16.0234 10612 [ 17E6064B18AA88ED8319B3238FE06A25 ] \Device\Harddisk0\DR0\Partition1

11:13:16.0234 10612 \Device\Harddisk0\DR0\Partition1 - ok

11:13:16.0250 10612 [ 02D3C531AC736F85F2D45F0E1FD3F66F ] \Device\Harddisk0\DR0\Partition2

11:13:16.0266 10612 \Device\Harddisk0\DR0\Partition2 - ok

11:13:16.0266 10612 ============================================================

11:13:16.0266 10612 Scan finished

11:13:16.0266 10612 ============================================================

11:13:16.0281 8984 Detected object count: 0

11:13:16.0281 8984 Actual detected object count: 0

Let me know what this tells you and what you suggest.

Again, thank you for your help Daniel.

[Larusso]

Hy there.

At the moment, your logfiles looks clean.

When exactly does MBAM reports the block. As soon as you launch IE or also when you don't started it. I have to ask cause I see the IE as a running process in your DDS logs.

[ntfeldman]

Hmmm. I am always on the internet so I'm not sure if it comes up with I'm not. I'll try to work off line for a short while and see if the box continues to pop up. Should know shortly. Let me see what happens in the next 15 minutes to 1/2 hour if I don't have ie open.

The box pops up from the Malware Bytes icon on the "pin" bar at the bottom right of my screen. See screen shot attached.

Will update shortly.

Screen shot of pop up box.pdf

[ntfeldman]

Hi Daniel,

It seems that the pop-up only happens when I've got IE open. I tried to access the internet using Chrome to see if that would make it happen too but Chrome isn't working ???

Any thoughts?

[Larusso]

I tried to access the internet using Chrome to see if that would make it happen too but Chrome isn't working

Want to offer some more details please ?

Please press the + R Key and Copy/Paste the following single-line command into the Run box.

iexplore -extoff

Please close all kind of running software including IE and hit OK. Let me know if you still get the notification from MBAM.

This command will launch IE but without any AddOns

[ntfeldman]

Hi Daniel,

I've attached a screen shot of what Chrom appears like when I select the icon from my desk top to lauch it. It launches but nothing comes up. And I only know it's program related because IE works fine under the same circumstances...

I'll post the log from your instructions above in my next note.

(The pop-up blocking box is still coming up when IE is open...)

[ntfeldman]

Hi Daniel,

It seems that the pop-up only happens when I've got IE open. I tried to access the internet using Chrome to see if that would make it happen too but Chrome isn't working ???

Screen shot of Chrome launch.pdf

[ntfeldman]

Hi Daniel,

I'm not sure if I've really accomplished what you instructed.

Please press the + R Key and Copy/Paste the following single-line command into the Run box.

iexplore -extoff

Please close all kind of running software including IE and hit OK. Let me know if you still get the notification from MBAM.

This command will launch IE but without any AddOns

I'm not sure I executed the step as you've requested completely. Sorry, I may need more direction.

I clicked on the windows flag while holding down a Cap R (but didn't use a "+" keystroke?) but the search box just filled with RRRRRRRRRRRRRRRRRRRRR. The usual select box that always appears when one clicks on the windows flag appeared... but there wasn't a "run" box, just the usual search box in the bottom left corner. ... I pasted the command in and it did say that it IE was running without AddOns, but it was just a message screen, nothing happened and it didn't go to my homepage (which is Google).

The pop-up box mentioning the blocked IP did not come up during this time but nothing at all happened... After a few minutes I clicked on a website from a list of prior sites visited just to see if IE was in fact working and although they came up less frequently the pop up box was still appearing.

Since I didn't get a run box... I'm not sure I really accomplished what you were trying to direct me to do. Sorry, should I approach it differently?

I did notice the port number on the pop up box has changed, the IP is still the same but the port number on the pop up is now 49413 if that means anything...

[Larusso]

Hy there.

I didn't mean the Windows Button on your Desktop, I mean the key between CTRL and ALT. Puls equals to AND.

So, hold down the Windows Key and press R. This will bring up a tiny commandline in the left corner. Simply copy the command above it this line and hit OK.

[ntfeldman]

Hi Daniel,

Got it, sorry for the confusion.

Actually I've fixed the pop up. It was annoying but your response back indicating you didn't see anything afoul with my first logs gave me some confidence that I'm not infected... and while Malware may think the outbound call is malicious it was originating from my machine... so a little less scary and more on the level of annoying.

And, more than the pop-up box being a nuisance, I was unable to download a pdf on the web that I needed to print. So I had to go looking for a solution to that and make some adjustments to adobe and IE9, which I am confident have compatability issues. I read through a number of Adobe forums and clearly there are issues between Adobe and IE and they probably auto updated on my system so I'm turning that feature off just to stay in a state of stable.

Between the industry elephants of Adobe, Microsoft and Google fighting to control my desktop and doing so by making various functions incompatable with the other programs, I uninstall and reinstalled the older more compatable versions of Reader, left IE at v9 and the pop-up box went away.

Problem solved.

pdf's downloading fine, "malicious IP blocked" pop-up gone, system otherwise running fine...

So close up my request, and thanks for working with me patiently. I am a fan of Malwarebytes - keep up the good work!

[Larusso]

Glad that you solved the issue and thanks for the feedback. That's the way we all learn

2 last things I want you to do.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

• Download the latest version of Java Runtime Environment (JRE) 7 and Save it to your Desktop.
• Scroll down to where it says Java SE 7u17
• Click the Download button under JRE to the right.
• Read the License Agreement then select Accept License Agreement
• Click on the link to download Windows x86 Offline and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-7u17-windows-i586.exe to install the newest version.

• After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are three options in the window to clear the cache - Leave these two Checked
    
    • 
      Trace and Log Files
      Cached Applications and Applets
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.

Please download delfix to your Desktop.

• Close all running programms.
  
• Doubleclick on the delfix.exe
  
• Make sure that all options are checked.
  
• Click Start.
  

This tool will delete most of the tools we have used for the cleanup procedure. If something remaints, simply delete it.

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!