Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I can't remove pop ups from ad.extendmedia.com


  • Please log in to reply
12 replies to this topic

#1 bblawrence331#

bblawrence331#

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 15 March 2013 - 10:38 AM

I keep getting pop ups in all my browsers from ad.extendmedia.com.  I've ran malbytes-ware and essentials and it says I'm clean, but I still keep getting these pop up ads. 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 15 March 2013 - 01:27 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 March 2013 - 10:05 AM

14:54:46.0016 3640  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:54:46.0640 3640  ============================================================
14:54:46.0640 3640  Current date / time: 2013/03/15 14:54:46.0640
14:54:46.0640 3640  SystemInfo:
14:54:46.0640 3640  
14:54:46.0640 3640  OS Version: 6.1.7601 ServicePack: 1.0
14:54:46.0640 3640  Product type: Workstation
14:54:46.0640 3640  ComputerName: DELL8100-PC
14:54:46.0640 3640  UserName: Brooks
14:54:46.0640 3640  Windows directory: C:\Windows
14:54:46.0640 3640  System windows directory: C:\Windows
14:54:46.0640 3640  Running under WOW64
14:54:46.0640 3640  Processor architecture: Intel x64
14:54:46.0640 3640  Number of processors: 4
14:54:46.0640 3640  Page size: 0x1000
14:54:46.0640 3640  Boot type: Normal boot
14:54:46.0640 3640  ============================================================
14:54:46.0921 3640  BG loaded
14:54:47.0654 3640  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:54:47.0701 3640  ============================================================
14:54:47.0701 3640  \Device\Harddisk0\DR0:
14:54:47.0701 3640  MBR partitions:
14:54:47.0701 3640  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000
14:54:47.0701 3640  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000
14:54:47.0701 3640  ============================================================
14:54:47.0732 3640  C: <-> \Device\Harddisk0\DR0\Partition2
14:54:47.0732 3640  ============================================================
14:54:47.0732 3640  Initialize success
14:54:47.0732 3640  ============================================================
14:57:21.0896 2984  ============================================================
14:57:21.0896 2984  Scan started
14:57:21.0896 2984  Mode: Manual;
14:57:21.0896 2984  ============================================================
14:57:22.0489 2984  ================ Scan system memory ========================
14:57:22.0489 2984  System memory - ok
14:57:22.0489 2984  ================ Scan services =============================
14:57:22.0645 2984  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:57:22.0661 2984  1394ohci - ok
14:57:22.0707 2984  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:57:22.0707 2984  ACPI - ok
14:57:22.0723 2984  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:57:22.0723 2984  AcpiPmi - ok
14:57:22.0817 2984  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:57:22.0817 2984  AdobeARMservice - ok
14:57:22.0926 2984  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:57:22.0926 2984  AdobeFlashPlayerUpdateSvc - ok
14:57:22.0973 2984  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:57:22.0988 2984  adp94xx - ok
14:57:23.0004 2984  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:57:23.0004 2984  adpahci - ok
14:57:23.0035 2984  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:57:23.0035 2984  adpu320 - ok
14:57:23.0082 2984  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:57:23.0082 2984  AeLookupSvc - ok
14:57:23.0129 2984  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:57:23.0144 2984  AFD - ok
14:57:23.0175 2984  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:57:23.0175 2984  agp440 - ok
14:57:23.0207 2984  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:57:23.0207 2984  ALG - ok
14:57:23.0238 2984  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:57:23.0238 2984  aliide - ok
14:57:23.0269 2984  [ F0E61CF2C0FDA5B011CD1CB2E2353C9A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:57:23.0269 2984  AMD External Events Utility - ok
14:57:23.0285 2984  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:57:23.0300 2984  amdide - ok
14:57:23.0316 2984  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:57:23.0316 2984  AmdK8 - ok
14:57:23.0425 2984  [ CF3DB4D8B2CE0B282AB39C9D846ECA74 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:57:23.0456 2984  amdkmdag - ok
14:57:23.0472 2984  [ 7D07DB26F6D3A16A6C8D34CE6C09FD01 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:57:23.0472 2984  amdkmdap - ok
14:57:23.0487 2984  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:57:23.0487 2984  AmdPPM - ok
14:57:23.0519 2984  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:57:23.0534 2984  amdsata - ok
14:57:23.0581 2984  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:57:23.0581 2984  amdsbs - ok
14:57:23.0597 2984  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:57:23.0597 2984  amdxata - ok
14:57:23.0659 2984  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:57:23.0659 2984  AppID - ok
14:57:23.0675 2984  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:57:23.0690 2984  AppIDSvc - ok
14:57:23.0706 2984  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:57:23.0721 2984  Appinfo - ok
14:57:23.0784 2984  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:57:23.0784 2984  Apple Mobile Device - ok
14:57:23.0862 2984  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:57:23.0862 2984  arc - ok
14:57:23.0893 2984  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:57:23.0909 2984  arcsas - ok
14:57:23.0971 2984  aspnet_state - ok
14:57:23.0987 2984  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:23.0987 2984  AsyncMac - ok
14:57:24.0018 2984  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:57:24.0018 2984  atapi - ok
14:57:24.0065 2984  [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
14:57:24.0065 2984  AtiHdmiService - ok
14:57:24.0111 2984  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:57:24.0111 2984  AudioEndpointBuilder - ok
14:57:24.0127 2984  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:57:24.0143 2984  AudioSrv - ok
14:57:24.0174 2984  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:57:24.0174 2984  AxInstSV - ok
14:57:24.0205 2984  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:57:24.0221 2984  b06bdrv - ok
14:57:24.0236 2984  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:24.0236 2984  b57nd60a - ok
14:57:24.0283 2984  [ E49110A58A32E9450356686A95DD7763 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
14:57:24.0299 2984  BCMH43XX - ok
14:57:24.0314 2984  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:57:24.0314 2984  BDESVC - ok
14:57:24.0330 2984  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:57:24.0330 2984  Beep - ok
14:57:24.0392 2984  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:57:24.0392 2984  BFE - ok
14:57:24.0439 2984  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:57:24.0455 2984  BITS - ok
14:57:24.0470 2984  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:24.0470 2984  blbdrive - ok
14:57:24.0548 2984  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:57:24.0564 2984  Bonjour Service - ok
14:57:24.0595 2984  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:57:24.0595 2984  bowser - ok
14:57:24.0642 2984  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:57:24.0642 2984  BrFiltLo - ok
14:57:24.0657 2984  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:57:24.0657 2984  BrFiltUp - ok
14:57:24.0735 2984  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:57:24.0735 2984  Browser - ok
14:57:24.0860 2984  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:57:24.0876 2984  Brserid - ok
14:57:24.0891 2984  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:24.0907 2984  BrSerWdm - ok
14:57:24.0954 2984  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:24.0969 2984  BrUsbMdm - ok
14:57:25.0016 2984  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:25.0016 2984  BrUsbSer - ok
14:57:25.0032 2984  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:57:25.0032 2984  BTHMODEM - ok
14:57:25.0079 2984  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:57:25.0079 2984  bthserv - ok
14:57:25.0110 2984  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:57:25.0125 2984  cdfs - ok
14:57:25.0219 2984  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:57:25.0219 2984  cdrom - ok
14:57:25.0281 2984  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:57:25.0297 2984  CertPropSvc - ok
14:57:25.0328 2984  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:57:25.0344 2984  circlass - ok
14:57:25.0453 2984  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:57:25.0469 2984  CLFS - ok
14:57:25.0515 2984  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:25.0547 2984  clr_optimization_v2.0.50727_32 - ok
14:57:25.0656 2984  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:25.0671 2984  clr_optimization_v2.0.50727_64 - ok
14:57:25.0843 2984  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:25.0937 2984  clr_optimization_v4.0.30319_32 - ok
14:57:25.0983 2984  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:25.0999 2984  clr_optimization_v4.0.30319_64 - ok
14:57:26.0046 2984  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:57:26.0046 2984  CmBatt - ok
14:57:26.0077 2984  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:57:26.0077 2984  cmdide - ok
14:57:26.0155 2984  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:57:26.0186 2984  CNG - ok
14:57:26.0233 2984  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:57:26.0249 2984  Compbatt - ok
14:57:26.0295 2984  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:57:26.0295 2984  CompositeBus - ok
14:57:26.0327 2984  COMSysApp - ok
14:57:26.0358 2984  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:57:26.0358 2984  crcdisk - ok
14:57:26.0405 2984  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:57:26.0405 2984  CryptSvc - ok
14:57:26.0529 2984  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:57:26.0529 2984  cvhsvc - ok
14:57:26.0576 2984  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:57:26.0576 2984  DcomLaunch - ok
14:57:26.0607 2984  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:57:26.0623 2984  defragsvc - ok
14:57:26.0654 2984  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:57:26.0654 2984  DfsC - ok
14:57:26.0701 2984  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:57:26.0717 2984  Dhcp - ok
14:57:26.0748 2984  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:57:26.0748 2984  discache - ok
14:57:26.0795 2984  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:57:26.0795 2984  Disk - ok
14:57:26.0826 2984  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:57:26.0841 2984  Dnscache - ok
14:57:26.0873 2984  DockLoginService - ok
14:57:26.0904 2984  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:57:26.0904 2984  dot3svc - ok
14:57:26.0935 2984  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:57:26.0935 2984  DPS - ok
14:57:26.0966 2984  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:57:26.0966 2984  drmkaud - ok
14:57:27.0013 2984  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:57:27.0029 2984  DXGKrnl - ok
14:57:27.0060 2984  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:57:27.0060 2984  EapHost - ok
14:57:27.0122 2984  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:57:27.0138 2984  ebdrv - ok
14:57:27.0169 2984  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:57:27.0169 2984  EFS - ok
14:57:27.0216 2984  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:57:27.0231 2984  ehRecvr - ok
14:57:27.0263 2984  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:57:27.0263 2984  ehSched - ok
14:57:27.0278 2984  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:57:27.0294 2984  elxstor - ok
14:57:27.0325 2984  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:57:27.0325 2984  ErrDev - ok
14:57:27.0356 2984  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:57:27.0372 2984  EventSystem - ok
14:57:27.0388 2984  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:57:27.0388 2984  exfat - ok
14:57:27.0403 2984  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:57:27.0403 2984  fastfat - ok
14:57:27.0450 2984  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:57:27.0466 2984  Fax - ok
14:57:27.0481 2984  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:57:27.0481 2984  fdc - ok
14:57:27.0497 2984  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:57:27.0497 2984  fdPHost - ok
14:57:27.0512 2984  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:57:27.0512 2984  FDResPub - ok
14:57:27.0512 2984  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:57:27.0512 2984  FileInfo - ok
14:57:27.0528 2984  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:57:27.0528 2984  Filetrace - ok
14:57:27.0559 2984  [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:57:27.0575 2984  FLEXnet Licensing Service - ok
14:57:27.0590 2984  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:57:27.0590 2984  flpydisk - ok
14:57:27.0606 2984  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:57:27.0606 2984  FltMgr - ok
14:57:27.0653 2984  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:57:27.0668 2984  FontCache - ok
14:57:27.0700 2984  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:27.0700 2984  FontCache3.0.0.0 - ok
14:57:27.0731 2984  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:57:27.0746 2984  FsDepends - ok
14:57:27.0762 2984  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
14:57:27.0762 2984  fssfltr - ok
14:57:27.0856 2984  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:57:27.0871 2984  fsssvc - ok
14:57:27.0902 2984  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:57:27.0902 2984  Fs_Rec - ok
14:57:27.0934 2984  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:57:27.0934 2984  fvevol - ok
14:57:27.0949 2984  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:57:27.0949 2984  gagp30kx - ok
14:57:27.0996 2984  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:27.0996 2984  GEARAspiWDM - ok
14:57:28.0043 2984  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
14:57:28.0058 2984  GoToAssist - ok
14:57:28.0090 2984  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:57:28.0105 2984  gpsvc - ok
14:57:28.0121 2984  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:57:28.0121 2984  hcw85cir - ok
14:57:28.0168 2984  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:57:28.0168 2984  HDAudBus - ok
14:57:28.0199 2984  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
14:57:28.0199 2984  HECIx64 - ok
14:57:28.0199 2984  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:57:28.0214 2984  HidBatt - ok
14:57:28.0214 2984  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:57:28.0230 2984  HidBth - ok
14:57:28.0230 2984  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:57:28.0230 2984  HidIr - ok
14:57:28.0261 2984  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:57:28.0261 2984  hidserv - ok
14:57:28.0292 2984  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:57:28.0292 2984  HidUsb - ok
14:57:28.0324 2984  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:57:28.0324 2984  hkmsvc - ok
14:57:28.0355 2984  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:57:28.0355 2984  HomeGroupListener - ok
14:57:28.0370 2984  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:57:28.0370 2984  HomeGroupProvider - ok
14:57:28.0386 2984  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:57:28.0386 2984  HpSAMD - ok
14:57:28.0402 2984  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:57:28.0417 2984  HTTP - ok
14:57:28.0433 2984  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:57:28.0433 2984  hwpolicy - ok
14:57:28.0464 2984  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:57:28.0464 2984  i8042prt - ok
14:57:28.0480 2984  [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:57:28.0495 2984  iaStor - ok
14:57:28.0542 2984  [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:57:28.0542 2984  IAStorDataMgrSvc - ok
14:57:28.0604 2984  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:57:28.0604 2984  iaStorV - ok
14:57:28.0667 2984  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:28.0682 2984  idsvc - ok
14:57:28.0714 2984  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:57:28.0714 2984  iirsp - ok
14:57:28.0745 2984  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:57:28.0745 2984  IKEEXT - ok
14:57:28.0776 2984  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
14:57:28.0776 2984  Impcd - ok
14:57:28.0854 2984  [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:57:28.0870 2984  IntcAzAudAddService - ok
14:57:28.0885 2984  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:57:28.0885 2984  IntcDAud - ok
14:57:28.0901 2984  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:57:28.0901 2984  intelide - ok
14:57:28.0932 2984  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:57:28.0932 2984  intelppm - ok
14:57:28.0979 2984  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:57:28.0979 2984  IPBusEnum - ok
14:57:29.0010 2984  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:29.0010 2984  IpFilterDriver - ok
14:57:29.0057 2984  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:57:29.0057 2984  iphlpsvc - ok
14:57:29.0072 2984  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:57:29.0072 2984  IPMIDRV - ok
14:57:29.0088 2984  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:57:29.0104 2984  IPNAT - ok
14:57:29.0135 2984  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:57:29.0135 2984  iPod Service - ok
14:57:29.0166 2984  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:57:29.0166 2984  IRENUM - ok
14:57:29.0182 2984  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:57:29.0182 2984  isapnp - ok
14:57:29.0197 2984  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:57:29.0213 2984  iScsiPrt - ok
14:57:29.0228 2984  [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
14:57:29.0244 2984  k57nd60a - ok
14:57:29.0260 2984  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:29.0260 2984  kbdclass - ok
14:57:29.0291 2984  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:57:29.0306 2984  kbdhid - ok
14:57:29.0322 2984  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:57:29.0322 2984  KeyIso - ok
14:57:29.0353 2984  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:57:29.0353 2984  KSecDD - ok
14:57:29.0384 2984  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:57:29.0384 2984  KSecPkg - ok
14:57:29.0400 2984  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:57:29.0400 2984  ksthunk - ok
14:57:29.0431 2984  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:57:29.0431 2984  KtmRm - ok
14:57:29.0462 2984  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:57:29.0462 2984  LanmanServer - ok
14:57:29.0494 2984  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:57:29.0494 2984  LanmanWorkstation - ok
14:57:29.0525 2984  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:57:29.0525 2984  lltdio - ok
14:57:29.0572 2984  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:57:29.0572 2984  lltdsvc - ok
14:57:29.0587 2984  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:57:29.0587 2984  lmhosts - ok
14:57:29.0618 2984  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:57:29.0618 2984  LSI_FC - ok
14:57:29.0634 2984  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:57:29.0634 2984  LSI_SAS - ok
14:57:29.0634 2984  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:57:29.0650 2984  LSI_SAS2 - ok
14:57:29.0665 2984  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:57:29.0665 2984  LSI_SCSI - ok
14:57:29.0681 2984  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:57:29.0681 2984  luafv - ok
14:57:29.0728 2984  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
14:57:29.0728 2984  McComponentHostService - ok
14:57:29.0774 2984  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:57:29.0774 2984  Mcx2Svc - ok
14:57:29.0774 2984  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:57:29.0774 2984  megasas - ok
14:57:29.0806 2984  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:57:29.0806 2984  MegaSR - ok
14:57:29.0821 2984  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:57:29.0821 2984  MMCSS - ok
14:57:29.0837 2984  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:57:29.0837 2984  Modem - ok
14:57:29.0868 2984  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:57:29.0868 2984  monitor - ok
14:57:29.0868 2984  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:57:29.0868 2984  mouclass - ok
14:57:29.0899 2984  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:57:29.0899 2984  mouhid - ok
14:57:29.0946 2984  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:57:29.0946 2984  mountmgr - ok
14:57:30.0008 2984  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:57:30.0008 2984  MozillaMaintenance - ok
14:57:30.0055 2984  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:57:30.0055 2984  MpFilter - ok
14:57:30.0086 2984  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:57:30.0086 2984  mpio - ok
14:57:30.0102 2984  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:57:30.0102 2984  mpsdrv - ok
14:57:30.0149 2984  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:57:30.0149 2984  MpsSvc - ok
14:57:30.0180 2984  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:57:30.0180 2984  MRxDAV - ok
14:57:30.0211 2984  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:30.0211 2984  mrxsmb - ok
14:57:30.0258 2984  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:30.0258 2984  mrxsmb10 - ok
14:57:30.0289 2984  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:30.0289 2984  mrxsmb20 - ok
14:57:30.0305 2984  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:57:30.0305 2984  msahci - ok
14:57:30.0336 2984  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:57:30.0352 2984  msdsm - ok
14:57:30.0367 2984  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:57:30.0367 2984  MSDTC - ok
14:57:30.0383 2984  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:57:30.0383 2984  Msfs - ok
14:57:30.0398 2984  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:57:30.0414 2984  mshidkmdf - ok
14:57:30.0430 2984  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:57:30.0430 2984  msisadrv - ok
14:57:30.0461 2984  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:57:30.0461 2984  MSiSCSI - ok
14:57:30.0476 2984  msiserver - ok
14:57:30.0492 2984  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:57:30.0492 2984  MSKSSRV - ok
14:57:30.0554 2984  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:57:30.0554 2984  MsMpSvc - ok
14:57:30.0570 2984  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:30.0570 2984  MSPCLOCK - ok
14:57:30.0570 2984  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:57:30.0570 2984  MSPQM - ok
14:57:30.0601 2984  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:57:30.0601 2984  MsRPC - ok
14:57:30.0617 2984  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:57:30.0617 2984  mssmbios - ok
14:57:30.0632 2984  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:57:30.0632 2984  MSTEE - ok
14:57:30.0632 2984  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:57:30.0632 2984  MTConfig - ok
14:57:30.0648 2984  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:57:30.0648 2984  Mup - ok
14:57:30.0679 2984  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:57:30.0695 2984  napagent - ok
14:57:30.0726 2984  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:57:30.0726 2984  NativeWifiP - ok
14:57:30.0773 2984  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:57:30.0773 2984  NDIS - ok
14:57:30.0788 2984  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:30.0788 2984  NdisCap - ok
14:57:30.0820 2984  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:30.0820 2984  NdisTapi - ok
14:57:30.0851 2984  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:30.0851 2984  Ndisuio - ok
14:57:30.0882 2984  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:30.0882 2984  NdisWan - ok
14:57:30.0913 2984  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:57:30.0913 2984  NDProxy - ok
14:57:30.0929 2984  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:57:30.0929 2984  NetBIOS - ok
14:57:30.0944 2984  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:57:30.0944 2984  NetBT - ok
14:57:30.0960 2984  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:57:30.0960 2984  Netlogon - ok
14:57:31.0007 2984  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:57:31.0007 2984  Netman - ok
14:57:31.0038 2984  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:57:31.0038 2984  netprofm - ok
14:57:31.0069 2984  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:57:31.0069 2984  NetTcpPortSharing - ok
14:57:31.0085 2984  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:57:31.0100 2984  nfrd960 - ok
14:57:31.0132 2984  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:57:31.0132 2984  NisDrv - ok
14:57:31.0147 2984  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:57:31.0147 2984  NisSrv - ok
14:57:31.0163 2984  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:57:31.0178 2984  NlaSvc - ok
14:57:31.0241 2984  [ C31FA031335EFF434B2D94278E74BCCE ] NPF             C:\Windows\system32\DRIVERS\npf.sys
14:57:31.0241 2984  NPF - ok
14:57:31.0256 2984  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:57:31.0256 2984  Npfs - ok
14:57:31.0288 2984  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:57:31.0288 2984  nsi - ok
14:57:31.0303 2984  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:57:31.0303 2984  nsiproxy - ok
14:57:31.0366 2984  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:57:31.0381 2984  Ntfs - ok
14:57:31.0381 2984  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:57:31.0381 2984  Null - ok
14:57:31.0412 2984  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:57:31.0412 2984  nvraid - ok
14:57:31.0428 2984  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:57:31.0444 2984  nvstor - ok
14:57:31.0459 2984  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:57:31.0459 2984  nv_agp - ok
14:57:31.0475 2984  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:57:31.0475 2984  ohci1394 - ok
14:57:31.0522 2984  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:31.0522 2984  ose - ok
14:57:31.0646 2984  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:57:31.0678 2984  osppsvc - ok
14:57:31.0693 2984  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:57:31.0693 2984  p2pimsvc - ok
14:57:31.0709 2984  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:57:31.0724 2984  p2psvc - ok
14:57:31.0740 2984  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:57:31.0740 2984  Parport - ok
14:57:31.0771 2984  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:57:31.0771 2984  partmgr - ok
14:57:31.0787 2984  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:57:31.0787 2984  PcaSvc - ok
14:57:31.0849 2984  [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
14:57:31.0865 2984  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
14:57:31.0896 2984  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:57:31.0912 2984  pci - ok
14:57:31.0927 2984  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:57:31.0927 2984  pciide - ok
14:57:31.0943 2984  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:31.0943 2984  pcmcia - ok
14:57:31.0958 2984  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:57:31.0958 2984  pcw - ok
14:57:31.0974 2984  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:57:31.0990 2984  PEAUTH - ok
14:57:32.0052 2984  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:57:32.0052 2984  PerfHost - ok
14:57:32.0114 2984  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:57:32.0130 2984  pla - ok
14:57:32.0177 2984  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:57:32.0192 2984  PlugPlay - ok
14:57:32.0208 2984  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:57:32.0208 2984  PNRPAutoReg - ok
14:57:32.0224 2984  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:57:32.0224 2984  PNRPsvc - ok
14:57:32.0224 2984  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:57:32.0239 2984  PolicyAgent - ok
14:57:32.0255 2984  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:57:32.0255 2984  Power - ok
14:57:32.0302 2984  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:57:32.0302 2984  PptpMiniport - ok
14:57:32.0317 2984  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:57:32.0317 2984  Processor - ok
14:57:32.0348 2984  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:57:32.0364 2984  ProfSvc - ok
14:57:32.0364 2984  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:57:32.0380 2984  ProtectedStorage - ok
14:57:32.0411 2984  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:57:32.0411 2984  Psched - ok
14:57:32.0442 2984  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:57:32.0442 2984  PxHlpa64 - ok
14:57:32.0504 2984  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:57:32.0520 2984  ql2300 - ok
14:57:32.0536 2984  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:32.0536 2984  ql40xx - ok
14:57:32.0567 2984  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:57:32.0567 2984  QWAVE - ok
14:57:32.0567 2984  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:57:32.0567 2984  QWAVEdrv - ok
14:57:32.0582 2984  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:57:32.0582 2984  RasAcd - ok
14:57:32.0614 2984  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:32.0614 2984  RasAgileVpn - ok
14:57:32.0629 2984  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:57:32.0645 2984  RasAuto - ok
14:57:32.0660 2984  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:32.0660 2984  Rasl2tp - ok
14:57:32.0707 2984  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:57:32.0723 2984  RasMan - ok
14:57:32.0723 2984  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:32.0723 2984  RasPppoe - ok
14:57:32.0754 2984  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:57:32.0754 2984  RasSstp - ok
14:57:32.0785 2984  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:57:32.0785 2984  rdbss - ok
14:57:32.0801 2984  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:32.0801 2984  rdpbus - ok
14:57:32.0816 2984  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:32.0816 2984  RDPCDD - ok
14:57:32.0832 2984  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:57:32.0832 2984  RDPENCDD - ok
14:57:32.0848 2984  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:57:32.0848 2984  RDPREFMP - ok
14:57:32.0894 2984  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:57:32.0894 2984  RDPWD - ok
14:57:32.0926 2984  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:57:32.0941 2984  rdyboost - ok
14:57:32.0941 2984  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:57:32.0941 2984  RemoteAccess - ok
14:57:32.0957 2984  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:57:32.0972 2984  RemoteRegistry - ok
14:57:33.0050 2984  [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10    c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
14:57:33.0082 2984  RoxMediaDB10 - ok
14:57:33.0082 2984  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:57:33.0082 2984  RpcEptMapper - ok
14:57:33.0097 2984  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:57:33.0097 2984  RpcLocator - ok
14:57:33.0128 2984  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:57:33.0128 2984  RpcSs - ok
14:57:33.0144 2984  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:57:33.0144 2984  rspndr - ok
14:57:33.0144 2984  RxFilter - ok
14:57:33.0144 2984  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:57:33.0160 2984  SamSs - ok
14:57:33.0191 2984  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:57:33.0191 2984  sbp2port - ok
14:57:33.0206 2984  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:57:33.0206 2984  SCardSvr - ok
14:57:33.0238 2984  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:57:33.0238 2984  scfilter - ok
14:57:33.0300 2984  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:57:33.0300 2984  Schedule - ok
14:57:33.0347 2984  [ 6011CDF54BB6F4C69F38FACCDAD73D7E ] SCMNdisP        C:\Windows\system32\DRIVERS\scmndisp.sys
14:57:33.0409 2984  SCMNdisP - ok
14:57:33.0425 2984  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:57:33.0425 2984  SCPolicySvc - ok
14:57:33.0456 2984  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:57:33.0472 2984  SDRSVC - ok
14:57:33.0518 2984  [ 16A252022535B680046F6E34E136D378 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:57:33.0534 2984  SeaPort - ok
14:57:33.0565 2984  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:57:33.0565 2984  secdrv - ok
14:57:33.0581 2984  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:57:33.0581 2984  seclogon - ok
14:57:33.0596 2984  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:57:33.0596 2984  SENS - ok
14:57:33.0612 2984  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:57:33.0612 2984  SensrSvc - ok
14:57:33.0628 2984  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:57:33.0628 2984  Serenum - ok
14:57:33.0643 2984  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:57:33.0643 2984  Serial - ok
14:57:33.0690 2984  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:57:33.0690 2984  sermouse - ok
14:57:33.0737 2984  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:57:33.0737 2984  SessionEnv - ok
14:57:33.0737 2984  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:57:33.0752 2984  sffdisk - ok
14:57:33.0752 2984  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:57:33.0752 2984  sffp_mmc - ok
14:57:33.0768 2984  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:57:33.0768 2984  sffp_sd - ok
14:57:33.0799 2984  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:33.0799 2984  sfloppy - ok
14:57:33.0830 2984  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
14:57:33.0846 2984  Sftfs - ok
14:57:33.0908 2984  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:57:33.0908 2984  sftlist - ok
14:57:33.0955 2984  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:57:33.0955 2984  Sftplay - ok
14:57:33.0955 2984  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:57:33.0955 2984  Sftredir - ok
14:57:33.0971 2984  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
14:57:33.0971 2984  Sftvol - ok
14:57:33.0986 2984  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:57:33.0986 2984  sftvsa - ok
14:57:34.0018 2984  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:57:34.0018 2984  SharedAccess - ok
14:57:34.0064 2984  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:57:34.0064 2984  ShellHWDetection - ok
14:57:34.0096 2984  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:34.0096 2984  SiSRaid2 - ok
14:57:34.0111 2984  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:34.0111 2984  SiSRaid4 - ok
14:57:34.0158 2984  [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:57:34.0158 2984  SkypeUpdate - ok
14:57:34.0174 2984  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:57:34.0174 2984  Smb - ok
14:57:34.0205 2984  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:57:34.0205 2984  SNMPTRAP - ok
14:57:34.0220 2984  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:57:34.0220 2984  spldr - ok
14:57:34.0252 2984  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:57:34.0267 2984  Spooler - ok
14:57:34.0345 2984  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:57:34.0376 2984  sppsvc - ok
14:57:34.0376 2984  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:57:34.0392 2984  sppuinotify - ok
14:57:34.0423 2984  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:57:34.0423 2984  srv - ok
14:57:34.0423 2984  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:57:34.0423 2984  srv2 - ok
14:57:34.0454 2984  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:57:34.0454 2984  srvnet - ok
14:57:34.0486 2984  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:57:34.0486 2984  SSDPSRV - ok
14:57:34.0501 2984  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:57:34.0501 2984  SstpSvc - ok
14:57:34.0548 2984  Steam Client Service - ok
14:57:34.0564 2984  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:57:34.0564 2984  stexstor - ok
14:57:34.0595 2984  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:57:34.0610 2984  stisvc - ok
14:57:34.0657 2984  [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:57:34.0735 2984  stllssvr - ok
14:57:34.0766 2984  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:57:34.0766 2984  swenum - ok
14:57:34.0782 2984  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:57:34.0798 2984  swprv - ok
14:57:34.0844 2984  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:57:34.0860 2984  SysMain - ok
14:57:34.0907 2984  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:57:34.0907 2984  TabletInputService - ok
14:57:34.0922 2984  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:57:34.0922 2984  TapiSrv - ok
14:57:34.0954 2984  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:57:34.0954 2984  TBS - ok
14:57:35.0016 2984  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:57:35.0047 2984  Tcpip - ok
14:57:35.0063 2984  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:57:35.0078 2984  TCPIP6 - ok
14:57:35.0110 2984  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:57:35.0110 2984  tcpipreg - ok
14:57:35.0125 2984  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:57:35.0141 2984  TDPIPE - ok
14:57:35.0156 2984  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:57:35.0172 2984  TDTCP - ok
14:57:35.0203 2984  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:57:35.0203 2984  tdx - ok
14:57:35.0219 2984  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:57:35.0219 2984  TermDD - ok
14:57:35.0250 2984  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:57:35.0266 2984  TermService - ok
14:57:35.0281 2984  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:57:35.0281 2984  Themes - ok
14:57:35.0297 2984  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:57:35.0312 2984  THREADORDER - ok
14:57:35.0312 2984  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:57:35.0328 2984  TrkWks - ok
14:57:35.0375 2984  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:57:35.0375 2984  TrustedInstaller - ok
14:57:35.0422 2984  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:35.0422 2984  tssecsrv - ok
14:57:35.0453 2984  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:57:35.0453 2984  TsUsbFlt - ok
14:57:35.0500 2984  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:57:35.0500 2984  tunnel - ok
14:57:35.0515 2984  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:57:35.0515 2984  uagp35 - ok
14:57:35.0531 2984  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:57:35.0531 2984  udfs - ok
14:57:35.0562 2984  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:57:35.0562 2984  UI0Detect - ok
14:57:35.0593 2984  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:57:35.0593 2984  uliagpkx - ok
14:57:35.0609 2984  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:57:35.0609 2984  umbus - ok
14:57:35.0656 2984  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:57:35.0656 2984  UmPass - ok
14:57:35.0671 2984  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:57:35.0671 2984  upnphost - ok
14:57:35.0718 2984  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:57:35.0718 2984  USBAAPL64 - ok
14:57:35.0765 2984  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:57:35.0765 2984  usbaudio - ok
14:57:35.0780 2984  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:35.0780 2984  usbccgp - ok
14:57:35.0812 2984  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:57:35.0812 2984  usbcir - ok
14:57:35.0827 2984  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:57:35.0827 2984  usbehci - ok
14:57:35.0843 2984  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:57:35.0843 2984  usbhub - ok
14:57:35.0858 2984  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:57:35.0874 2984  usbohci - ok
14:57:35.0874 2984  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:57:35.0874 2984  usbprint - ok
14:57:35.0905 2984  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:57:35.0905 2984  usbscan - ok
14:57:35.0921 2984  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:35.0936 2984  USBSTOR - ok
14:57:35.0936 2984  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:57:35.0936 2984  usbuhci - ok
14:57:35.0968 2984  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:57:35.0968 2984  UxSms - ok
14:57:35.0968 2984  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:57:35.0968 2984  VaultSvc - ok
14:57:35.0983 2984  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:57:35.0983 2984  vdrvroot - ok
14:57:36.0014 2984  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:57:36.0014 2984  vds - ok
14:57:36.0046 2984  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:36.0061 2984  vga - ok
14:57:36.0061 2984  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:57:36.0077 2984  VgaSave - ok
14:57:36.0077 2984  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:57:36.0092 2984  vhdmp - ok
14:57:36.0108 2984  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:57:36.0124 2984  viaide - ok
14:57:36.0124 2984  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:57:36.0139 2984  volmgr - ok
14:57:36.0170 2984  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:57:36.0170 2984  volmgrx - ok
14:57:36.0186 2984  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:57:36.0186 2984  volsnap - ok
14:57:36.0217 2984  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:36.0217 2984  vsmraid - ok
14:57:36.0280 2984  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:57:36.0295 2984  VSS - ok
14:57:36.0295 2984  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:57:36.0295 2984  vwifibus - ok
14:57:36.0311 2984  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:57:36.0311 2984  vwififlt - ok
14:57:36.0326 2984  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:57:36.0326 2984  W32Time - ok
14:57:36.0342 2984  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:57:36.0342 2984  WacomPen - ok
14:57:36.0358 2984  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:57:36.0358 2984  WANARP - ok
14:57:36.0358 2984  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:57:36.0358 2984  Wanarpv6 - ok
14:57:36.0420 2984  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:36.0436 2984  WatAdminSvc - ok
14:57:36.0467 2984  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:57:36.0498 2984  wbengine - ok
14:57:36.0529 2984  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:57:36.0529 2984  WbioSrvc - ok
14:57:36.0560 2984  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:57:36.0576 2984  wcncsvc - ok
14:57:36.0576 2984  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:57:36.0592 2984  WcsPlugInService - ok
14:57:36.0607 2984  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:57:36.0623 2984  Wd - ok
14:57:36.0654 2984  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
14:57:36.0670 2984  WDC_SAM - ok
14:57:36.0701 2984  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:57:36.0701 2984  Wdf01000 - ok
14:57:36.0716 2984  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:57:36.0716 2984  WdiServiceHost - ok
14:57:36.0716 2984  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:57:36.0716 2984  WdiSystemHost - ok
14:57:36.0763 2984  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:57:36.0763 2984  WebClient - ok
14:57:36.0779 2984  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:57:36.0779 2984  Wecsvc - ok
14:57:36.0794 2984  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:57:36.0794 2984  wercplsupport - ok
14:57:36.0826 2984  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:57:36.0826 2984  WerSvc - ok
14:57:36.0841 2984  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:36.0841 2984  WfpLwf - ok
14:57:36.0872 2984  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
14:57:36.0872 2984  WimFltr - ok
14:57:36.0888 2984  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:57:36.0888 2984  WIMMount - ok
14:57:36.0904 2984  WinDefend - ok
14:57:36.0904 2984  WinHttpAutoProxySvc - ok
14:57:36.0950 2984  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:57:36.0950 2984  Winmgmt - ok
14:57:36.0997 2984  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:57:37.0028 2984  WinRM - ok
14:57:37.0060 2984  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:57:37.0060 2984  WinUsb - ok
14:57:37.0106 2984  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:57:37.0106 2984  Wlansvc - ok
14:57:37.0184 2984  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:57:37.0184 2984  wlcrasvc - ok
14:57:37.0262 2984  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:37.0278 2984  wlidsvc - ok
14:57:37.0309 2984  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:57:37.0309 2984  WmiAcpi - ok
14:57:37.0340 2984  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:57:37.0340 2984  wmiApSrv - ok
14:57:37.0356 2984  WMPNetworkSvc - ok
14:57:37.0372 2984  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:57:37.0372 2984  WPCSvc - ok
14:57:37.0418 2984  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:57:37.0418 2984  WPDBusEnum - ok
14:57:37.0418 2984  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:57:37.0418 2984  ws2ifsl - ok
14:57:37.0434 2984  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:57:37.0434 2984  wscsvc - ok
14:57:37.0450 2984  WSearch - ok
14:57:37.0496 2984  [ 2A7DB6A6F2C2E7CB40311D5B9340060D ] WSWNDA3100      C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
14:57:37.0559 2984  WSWNDA3100 - ok
14:57:37.0621 2984  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:57:37.0621 2984  wuauserv - ok
14:57:37.0652 2984  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:57:37.0652 2984  WudfPf - ok
14:57:37.0684 2984  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:37.0684 2984  WUDFRd - ok
14:57:37.0715 2984  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:57:37.0715 2984  wudfsvc - ok
14:57:37.0730 2984  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:57:37.0746 2984  WwanSvc - ok
14:57:37.0762 2984  ================ Scan global ===============================
14:57:37.0777 2984  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:57:37.0808 2984  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:57:37.0824 2984  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:57:37.0840 2984  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:57:37.0871 2984  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:57:37.0886 2984  [Global] - ok
14:57:37.0886 2984  ================ Scan MBR ==================================
14:57:37.0886 2984  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
14:57:38.0042 2984  \Device\Harddisk0\DR0 - ok
14:57:38.0042 2984  ================ Scan VBR ==================================
14:57:38.0042 2984  [ 3F7AFDF573AD74E2F1DDC32C86D47356 ] \Device\Harddisk0\DR0\Partition1
14:57:38.0058 2984  \Device\Harddisk0\DR0\Partition1 - ok
14:57:38.0074 2984  [ 78FCE14A80E80D24AD4D5441AC0BBC5C ] \Device\Harddisk0\DR0\Partition2
14:57:38.0074 2984  \Device\Harddisk0\DR0\Partition2 - ok
14:57:38.0074 2984  ================ Scan active images ========================
14:57:38.0074 2984  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
14:57:38.0074 2984  C:\Windows\System32\drivers\crashdmp.sys - ok
14:57:38.0074 2984  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
14:57:38.0074 2984  C:\Windows\System32\drivers\dumpfve.sys - ok
14:57:38.0074 2984  [ 631FA8935163B01FC0C02966CB3ADB92 ] C:\Windows\System32\drivers\iaStor.sys
14:57:38.0074 2984  C:\Windows\System32\drivers\iaStor.sys - ok
14:57:38.0074 2984  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
14:57:38.0074 2984  C:\Windows\System32\drivers\cdrom.sys - ok
14:57:38.0074 2984  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
14:57:38.0074 2984  C:\Windows\System32\drivers\null.sys - ok
14:57:38.0089 2984  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
14:57:38.0089 2984  C:\Windows\System32\drivers\beep.sys - ok
14:57:38.0089 2984  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
14:57:38.0089 2984  C:\Windows\System32\drivers\vga.sys - ok
14:57:38.0089 2984  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
14:57:38.0089 2984  C:\Windows\System32\drivers\videoprt.sys - ok
14:57:38.0089 2984  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
14:57:38.0089 2984  C:\Windows\System32\drivers\watchdog.sys - ok
14:57:38.0089 2984  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
14:57:38.0089 2984  C:\Windows\System32\drivers\RDPCDD.sys - ok
14:57:38.0089 2984  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System3

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-15 15:21:27
-----------------------------
15:21:27.541    OS Version: Windows x64 6.1.7601 Service Pack 1
15:21:27.541    Number of processors: 4 586 0x2505
15:21:27.541    ComputerName: DELL8100-PC  UserName: Brooks
15:21:28.383    Initialize success
15:32:25.733    AVAST engine defs: 13031500
15:34:06.899    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:34:06.915    Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 8
15:34:06.930    Disk 0 MBR read successfully
15:34:06.930    Disk 0 MBR scan
15:34:06.930    Disk 0 Windows VISTA default MBR code
15:34:06.946    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
15:34:06.962    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        11142 MB offset 81920
15:34:06.977    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       942686 MB offset 22900736
15:34:07.008    Disk 0 scanning C:\Windows\system32\drivers
15:34:14.824    Service scanning
15:34:31.407    Modules scanning
15:34:31.407    Disk 0 trace - called modules:
15:34:31.438    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:34:31.937    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e4d060]
15:34:31.937    3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007ade050]
15:34:32.748    AVAST engine scan C:\Windows
15:34:34.636    AVAST engine scan C:\Windows\system32
15:36:51.745    AVAST engine scan C:\Windows\system32\drivers
15:37:01.245    AVAST engine scan C:\Users\Brooks
15:37:18.327    Disk 0 MBR has been saved successfully to "C:\Users\Brooks\Desktop\MBR.dat"
15:37:18.327    The log file has been saved successfully to "C:\Users\Brooks\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-15 15:21:27
-----------------------------
15:21:27.541    OS Version: Windows x64 6.1.7601 Service Pack 1
15:21:27.541    Number of processors: 4 586 0x2505
15:21:27.541    ComputerName: DELL8100-PC  UserName: Brooks
15:21:28.383    Initialize success
15:32:25.733    AVAST engine defs: 13031500
15:34:06.899    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:34:06.915    Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 8
15:34:06.930    Disk 0 MBR read successfully
15:34:06.930    Disk 0 MBR scan
15:34:06.930    Disk 0 Windows VISTA default MBR code
15:34:06.946    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
15:34:06.962    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        11142 MB offset 81920
15:34:06.977    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       942686 MB offset 22900736
15:34:07.008    Disk 0 scanning C:\Windows\system32\drivers
15:34:14.824    Service scanning
15:34:31.407    Modules scanning
15:34:31.407    Disk 0 trace - called modules:
15:34:31.438    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:34:31.937    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e4d060]
15:34:31.937    3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007ade050]
15:34:32.748    AVAST engine scan C:\Windows
15:34:34.636    AVAST engine scan C:\Windows\system32
15:36:51.745    AVAST engine scan C:\Windows\system32\drivers
15:37:01.245    AVAST engine scan C:\Users\Brooks
15:37:18.327    Disk 0 MBR has been saved successfully to "C:\Users\Brooks\Desktop\MBR.dat"
15:37:18.327    The log file has been saved successfully to "C:\Users\Brooks\Desktop\aswMBR.txt"

 

ESET

C:\Users\Brooks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LYBCGF5D\uninstall-p[1].htm    HTML/Iframe.B.Gen virus    deleted - quarantined
C:\Users\Brooks\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P29HU9LH\uninstall-p[1].htm    HTML/Iframe.B.Gen virus    deleted - quarantined
C:\Users\Brooks\AppData\Local\Temp\jar_cache3626007317120119898.tmp    a variant of Java/Exploit.CVE-2012-4681.BP trojan    cleaned by deleting - quarantined

C:\$Recycle.Bin\S-1-5-21-1337715167-3519576871-2162565059-1001\$R4CCUMI\message.exe    a variant of Win32/InstallCore.A application    
C:\Users\Brooks\AppData\Local\Temp\ICReinstall_PDFReaderSetup.exe    a variant of Win32/InstallCore.AS application    cleaned by deleting - quarantined
C:\Users\Brooks\AppData\Local\Temp\0E205686-BAB0-7891-ADFC-4C7C0EC29A92\Latest\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Users\Brooks\AppData\Local\Temp\is1373634743\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon.A application    cleaned by deleting - quarantined
C:\Users\Brooks\Downloads\PDFCreatorSetup.exe    a variant of Win32/InstallCore.AZ application    cleaned by deleting - quarantined
 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 16 March 2013 - 10:09 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#5 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 March 2013 - 10:57 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Brooks :: DELL8100-PC [administrator]

3/16/2013 10:19:43 AM
mbam-log-2013-03-16 (10-19-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214847
Time elapsed: 2 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Brooks\AppData\Local\Temp\is1373634743\PricePeepInstaller-IronSource.exe (Adware.Shopper) -> Quarantined and deleted successfully.

(end)
 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Brooks (administrator) on 16-03-2013 at 10:47:10
Running from "C:\Users\Brooks\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost








































































































































































































198.15.104.132 www.google-analytics.com.
198.15.104.132 ad-emea.doubleclick.net.
198.15.104.132 www.statcounter.com.
72.29.93.243 www.google-analytics.com.
72.29.93.243 ad-emea.doubleclick.net.
72.29.93.243 www.statcounter.com.

127.0.0.1       localhost

========================= IP Configuration: ================================

WNDA3100v2 - RangeMax Dual Band Wireless-N USB Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Dell8100-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : WNDA3100v2 - RangeMax Dual Band Wireless-N USB Adapter
   Physical Address. . . . . . . . . : 30-46-9A-32-27-B8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::296a:e58c:e3b8:7f74%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.254.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 16, 2013 10:44:43 AM
   Lease Expires . . . . . . . . . . : Sunday, September 06, 2020 1:45:10 AM
   Default Gateway . . . . . . . . . : 192.168.254.254
   DHCP Server . . . . . . . . . . . : 192.168.254.254
   DHCPv6 IAID . . . . . . . . . . . : 338708122
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-88-1F-E6-84-2B-2B-B2-5C-B1
   DNS Servers . . . . . . . . . . . : 192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.invalid
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 84-2B-2B-B2-5C-B1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.254.11%16(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:cd:330f:9deb:598d(Preferred)
   Link-local IPv6 Address . . . . . : fe80::cd:330f:9deb:598d%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  MyRouter.Home
Address:  192.168.254.254

Name:    google.com.Home
Address:  67.215.65.132


Pinging google.com [74.125.229.199] with 32 bytes of data:
Reply from 74.125.229.199: bytes=32 time=91ms TTL=55
Reply from 74.125.229.199: bytes=32 time=144ms TTL=55

Ping statistics for 74.125.229.199:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 91ms, Maximum = 144ms, Average = 117ms
Server:  MyRouter.Home
Address:  192.168.254.254

Name:    yahoo.com.Home
Address:  67.215.65.132


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=290ms TTL=47
Reply from 206.190.36.45: bytes=32 time=382ms TTL=47

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 290ms, Maximum = 382ms, Average = 336ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...30 46 9a 32 27 b8 ......WNDA3100v2 - RangeMax Dual Band Wireless-N USB Adapter
 10...84 2b 2b b2 5c b1 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254   192.168.254.11     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.254.0    255.255.255.0         On-link    192.168.254.11    286
   192.168.254.11  255.255.255.255         On-link    192.168.254.11    286
  192.168.254.255  255.255.255.255         On-link    192.168.254.11    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.254.11    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.254.11    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:4137:9e76:cd:330f:9deb:598d/128
                                    On-link
 14    286 fe80::/64                On-link
 12    306 fe80::/64                On-link
 16    286 fe80::5efe:192.168.254.11/128
                                    On-link
 12    306 fe80::cd:330f:9deb:598d/128
                                    On-link
 14    286 fe80::296a:e58c:e3b8:7f74/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 14    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/16/2013 09:04:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2013 09:03:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2013 09:03:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2013 00:31:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2013 00:30:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (03/15/2013 04:00:04 PM) (Source: PC-Doctor) (User: )
Description: (7000) Asapi: (16:00:04:3320)(7000) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (03/15/2013 04:00:04 PM) (Source: PC-Doctor) (User: )
Description: (7000) Asapi: (16:00:04:1600)(7000) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (03/15/2013 03:40:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/15/2013 03:40:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/15/2013 03:40:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/16/2013 10:45:08 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/16/2013 10:44:40 AM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (03/16/2013 10:35:00 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/16/2013 10:34:34 AM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (03/15/2013 03:15:43 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/15/2013 03:15:03 PM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (03/15/2013 02:54:32 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/15/2013 02:54:00 PM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (03/15/2013 10:17:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/15/2013 10:17:11 AM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/16/2013 09:04:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brooks\Desktop\esetsmartinstaller_enu.exe

Error: (03/16/2013 09:03:54 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brooks\Desktop\esetsmartinstaller_enu.exe

Error: (03/16/2013 09:03:54 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brooks\Desktop\esetsmartinstaller_enu.exe

Error: (03/16/2013 00:31:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/16/2013 00:30:06 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe1

Error: (03/15/2013 04:00:04 PM) (Source: PC-Doctor)(User: )
Description: (7000) Asapi: (16:00:04:3320)(7000) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (03/15/2013 04:00:04 PM) (Source: PC-Doctor)(User: )
Description: (7000) Asapi: (16:00:04:1600)(7000) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (03/15/2013 03:40:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brooks\Desktop\esetsmartinstaller_enu.exe

Error: (03/15/2013 03:40:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brooks\Desktop\esetsmartinstaller_enu.exe

Error: (03/15/2013 03:40:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Brooks\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Age of Mythology Gold (Version: 1.0)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.010.0517.1741)
Auto Mouse Mover 1.4 (Version: 1.4)
Bonjour (Version: 3.0.0.10)
Borderlands
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.3.0.1)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.0.1)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Internet Library for ZoomBrowser EX (Version: 1.7.0.1)
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Personal Printing Guide (Version: 1.1.1.3)
Canon PowerShot G12 Camera User Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow DC 8 (Version: 8.3.0.6)
Canon Utilities CameraWindow Launcher (Version: 7.5.0.2)
Canon Utilities Digital Photo Professional 3.9 (Version: 3.9.1.0)
Canon Utilities Movie Uploader for YouTube (Version: 1.1.0.4)
Canon Utilities MyCamera (Version: 7.4.0.2)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.4.0.4)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0517.1742.29870)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0517.1742.29870)
Catalyst Control Center InstallProxy (Version: 2010.0517.1742.29870)
Catalyst Control Center Localization All (Version: 2010.0517.1742.29870)
CCC Help Chinese Standard (Version: 2010.0517.1741.29870)
CCC Help Chinese Traditional (Version: 2010.0517.1741.29870)
CCC Help Czech (Version: 2010.0517.1741.29870)
CCC Help Danish (Version: 2010.0517.1741.29870)
CCC Help Dutch (Version: 2010.0517.1741.29870)
CCC Help English (Version: 2010.0517.1741.29870)
CCC Help Finnish (Version: 2010.0517.1741.29870)
CCC Help French (Version: 2010.0517.1741.29870)
CCC Help German (Version: 2010.0517.1741.29870)
CCC Help Greek (Version: 2010.0517.1741.29870)
CCC Help Hungarian (Version: 2010.0517.1741.29870)
CCC Help Italian (Version: 2010.0517.1741.29870)
CCC Help Japanese (Version: 2010.0517.1741.29870)
CCC Help Korean (Version: 2010.0517.1741.29870)
CCC Help Norwegian (Version: 2010.0517.1741.29870)
CCC Help Polish (Version: 2010.0517.1741.29870)
CCC Help Portuguese (Version: 2010.0517.1741.29870)
CCC Help Russian (Version: 2010.0517.1741.29870)
CCC Help Spanish (Version: 2010.0517.1741.29870)
CCC Help Swedish (Version: 2010.0517.1741.29870)
CCC Help Thai (Version: 2010.0517.1741.29870)
CCC Help Turkish (Version: 2010.0517.1741.29870)
ccc-core-static (Version: 2010.0517.1742.29870)
ccc-utility64 (Version: 2010.0517.1742.29870)
Cisco Connect (Version: 1.4.11266.0)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup (Version: 9.4.47)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.0.5621.01)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
GameFly (Version: 1.0.1608)
GameRanger
GoToAssist 8.0.0.514
Intel® Control Center (Version: 1.2.0.1006)
Intel® Rapid Storage Technology (Version: 9.5.0.1037)
Internet Explorer (Version: 8)
iTunes (Version: 11.0.1.12)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Security Scan Plus (Version: 3.0.318.3)
Medieval 2 - Total War (Version: 1.3)
Medieval II Total War (Version: 1.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MixPad Audio Mixer
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
Mozilla Thunderbird (3.1.6) (Version: 3.1.6 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
Multimedia Card Reader (Version: 1.4.915.1)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.0.0.133)
OpenDNS Updater 2.2.1 (Version: 2.2.1)
OpenOffice.org 3.2 (Version: 3.2.9502)
Pando Media Booster (Version: 2.3.5.4)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
RollerCoaster Tycoon Deluxe (Version: 1.00.000)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.57.2)
Skins (Version: 2010.0517.1742.29870)
Skype Click to Call (Version: 5.7.8524)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
The Elder Scrolls V: Skyrim
The Lord of the Rings Online™ v03.02.04.8007 (Version: 03.02.04.8007)
The Lord of the Rings Online™: Siege of Mirkwood™ v03.03.05.801 (Version: 03.03.05.8017)
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VD64Inst (Version: 1.00.0000)
Ventrilo Client (Version: 3.0.8)
WavePad Sound Editor
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Detect
Zoo Tycoon: Complete Collection

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 8119.08 MB
Available physical RAM: 6654.54 MB
Total Pagefile: 16236.34 MB
Available Pagefile: 14650.22 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.51 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:710.52 GB) NTFS

========================= Users: ========================================

User accounts for \\DELL8100-PC

Administrator            ASPNET                   Brooks                   
Guest                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

23-02-2013 07:32:24 Windows Update
27-02-2013 07:15:19 Windows Update
27-02-2013 09:00:10 Windows Update
03-03-2013 07:21:00 Windows Update
07-03-2013 07:20:50 Windows Update
10-03-2013 09:29:05 Windows Update
13-03-2013 08:00:11 Windows Update
15-03-2013 13:44:50 Installed Java 7 Update 17

**** End of log ****
 

Farbar Service Scanner Version: 03-03-2013
Ran by Brooks (administrator) on 16-03-2013 at 10:48:06
Running from "C:\Users\Brooks\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



#6 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 March 2013 - 11:00 AM

# AdwCleaner v2.114 - Logfile created 03/16/2013 at 10:57:36
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Brooks - DELL8100-PC
# Boot Mode : Normal
# Running from : C:\Users\Brooks\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Brooks\AppData\Roaming\Mozilla\Firefox\Profiles\y4m82b76.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1950 octets] - [16/03/2013 10:43:23]
AdwCleaner[S1].txt - [323 octets] - [16/03/2013 10:43:10]
AdwCleaner[S2].txt - [2052 octets] - [16/03/2013 10:43:36]
AdwCleaner[S3].txt - [854 octets] - [16/03/2013 10:57:36]

########## EOF - C:\AdwCleaner[S3].txt - [913 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Brooks on Sat 03/16/2013 at 10:49:40.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Brooks\AppData\Roaming\mozilla\firefox\profiles\y4m82b76.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/16/2013 at 10:54:04.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 



#7 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 March 2013 - 11:03 AM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/16/2013 11:01:52 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Brooks\Desktop\rkill\rkill-03-16-2013-11-02-00.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost
  198.15.104.132 www.google-analytics.com.
  198.15.104.132 ad-emea.doubleclick.net.
  198.15.104.132 www.statcounter.com.
  72.29.93.243 www.google-analytics.com.
  72.29.93.243 ad-emea.doubleclick.net.
  72.29.93.243 www.statcounter.com.

Program finished at: 03/16/2013 11:02:26 AM
Execution time: 0 hours(s), 0 minute(s), and 33 seconds(s)
 



#8 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 March 2013 - 11:07 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "MSC"    "Microsoft Security Client User Interface"    "Microsoft Corporation"    "c:\program files\microsoft security client\msseces.exe"
+ "RtHDVCpl"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "RunDLLEntry_EptMon"    ""    "Creative Technology Ltd."    "c:\windows\system32\eptmon64.dll"
+ "RunDLLEntry_THXCfg"    ""    "Creative Technology Ltd."    "c:\windows\system32\thxcfg64.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "IAStorIcon"    "IAStorIcon"    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"
+ "ShwiconXP9106"    "IconUtility ShwiconXP Application"    "Alcor Micro Corp."    "c:\program files (x86)\multimedia card reader(9106)\shwiconxp9106.exe"
+ "StartCCC"    "Catalyst® Control Center Launcher"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "THX Audio Control Panel"    "THXAudio"    "Creative Technology Ltd"    "c:\program files (x86)\creative\thx trustudio pc\thxaudiocp\thxaudio.exe"
+ "UpdReg"    "Creative UpdReg"    "Creative Technology Ltd."    "c:\windows\updreg.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "McAfee Security Scan Plus.lnk"    "McAfee Security Scanner Scheduler"    "McAfee, Inc."    "c:\program files (x86)\mcafee security scan\3.0.318\ssscheduler.exe"
+ "NETGEAR WNDA3100v2 Smart Wizard.lnk"    "Netgear"    ""    "c:\program files (x86)\netgear\wnda3100v2\wnda3100v2.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "OpenDNS Updater"    ""    ""    "c:\program files (x86)\opendns updater\opendnsupdater.exe"
+ "Steam"    "Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04)"    "Valve Corporation"    "c:\program files (x86)\steam\steam.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"
+ "RXDCExtSvr"    "Roxio Disc Copier Shell Extension (AMD64)"    "Sonic Solutions"    "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "ACE"    "AMD Desktop Control Panel"    "Advanced Micro Devices, Inc."    "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "OpenOffice.org"    "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "OpenOffice.org"    "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr"    "Roxio Disc Copier Shell Extension (AMD64)"    "Sonic Solutions"    "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "MSS+ Identifier"    "Quick Browser Identifier for MSS+ Tool"    "McAfee, Inc."    "c:\program files (x86)\mcafee security scan\3.0.318\mcafeemss_ie.dll"
+ "Search Helper"    "Search Helper for Internet Explorer"    "Microsoft Corporation"    "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Skype Browser Helper"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper"    "Windows Live Messenger Companion Core"    "Microsoft Corporation"    "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)"    "Windows Live Messenger Companion Core"    "Microsoft Corporation"    "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Skype Click to Call"    "Skype Click to Call for Internet Explorer"    "Skype Technologies S.A."    "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler"    ""    ""    ""
+ "\Apple\AppleSoftwareUpdate"    "Apple Software Update"    "Apple Inc."    "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher"    ""    ""    "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask"    "PC-Doctor for Windows Profiler"    "PC-Doctor, Inc."    "c:\program files\dell support center\uaclauncher.exe"
+ "\SystemToolsDailyTest"    "Dell Support Center"    "PC-Doctor, Inc."    "c:\program files\dell support center\pcdrcui.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility"    "AMD External Events Service Module"    "AMD"    "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "aspnet_state"    "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start."    ""    "File not found: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc"    "Client Virtualization Handler Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "DockLoginService"    "Dock Login Service"    ""    "File not found: C:\Program Files\Dell\DellDock\DockLogin.exe"
+ "FLEXnet Licensing Service"    "This service performs licensing functions on behalf of FLEXnet enabled products."    "Acresso Software Inc."    "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc"    "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work."    "Microsoft Corporation"    "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "GoToAssist"    "Citrix GoToAssist provides remote help to this PC."    "Citrix Online, a division of Citrix Systems, Inc."    "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "IAStorDataMgrSvc"    "Provides storage event notification and manages communication between the storage driver and user space applications."    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "McComponentHostService"    "McAfee Security Scan Component Host Service"    "McAfee, Inc."    "c:\program files (x86)\mcafee security scan\3.0.318\mcchsvc.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc"    "Helps protect users from malware and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv"    "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"    "Microsoft Corporation"    "c:\program files\microsoft security client\nissrv.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxMediaDB10"    "Roxio RoxMediaDB10 Service"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SeaPort"    "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly."    "Microsoft Corporation"    "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "sftlist"    "Streams and manages applications."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa"    "Monitors global service events and launches virtual services."    "Microsoft Corporation"    "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"
+ "stllssvr"    "SureThing Labelflash Disc Printer Service Module"    "MicroVision Development, Inc."    "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "WSWNDA3100"    "Wifi Service"    ""    "c:\program files (x86)\netgear\wnda3100v2\wifisvc.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"    "ATI Radeon Kernel Mode Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"    "AMD multi-vendor Miniport Driver"    "Advanced Micro Devices, Inc."    "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService"    "ATI High Definition Audio Function Driver"    "ATI Technologies, Inc."    "c:\windows\system32\drivers\atihdmi.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCMH43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwlhigh664.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64"    "Intel® Management Engine Interface"    "Intel Corporation"    "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd"    "Intel® Turbo Boost Technology Driver"    "Intel Corporation"    "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud"    "Intel® Display Audio Driver"    "Intel® Corporation"    "c:\windows\system32\drivers\intcdaud.sys"
+ "k57nd60a"    "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "NPF"    "npf.sys (NT5/6 AMD64) Kernel Driver"    "CACE Technologies, Inc."    "c:\windows\system32\drivers\npf.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{1E208CE0-FB7451FF-06020101}_0"    "Kernel Driver"    "PC-Doctor, Inc."    "c:\program files\dell support center\pcdsrvc_x64.pkms"
+ "PxHlpa64"    "Px Engine Device Driver for 64-bit Windows"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "RxFilter"    "RxFilter mini-filter driver"    ""    "File not found: system32\DRIVERS\RxFilter.sys"
+ "SCMNdisP"    "General NDIS Protocol Driver"    "Windows ® Codename Longhorn DDK provider"    "c:\windows\system32\drivers\scmndisp.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM"    "Manages WD external storage products."    "Western Digital Technologies"    "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "ATI Ticker"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Canon DES Resizer SaveMode"    "CanonDESResizer"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon H.264 Encoder 1.5.0"    "Canon H264 Encoder Filter"    "CANON INC."    "c:\program files (x86)\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter"    "Canon Image Rotation Filter "    "Canon Inc."    "c:\program files (x86)\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder"    "Canon MDP Motion-JPEG Decoder Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder"    "Canon Motion-JPEG Decoder Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder"    "Motion-JPEG Encoder Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Mov File Parser Filter2"    "Canon H.264 Mov Filter"    "Canon Inc."    "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Resizer"    "CanonResizer"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter"    "Canon Text Source Filter"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest"    "CanonWavDest"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter"    "CanonActualDataLengthSetter"    "Canon Inc."    "c:\program files (x86)\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "LVMWriter"    "LVMWriter"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\lvmwriter.ax"
+ "Media Analyser"    "analyse Filter (Sample)"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax"
+ "MMACE Deinterlace"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"    ""    ""    "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "PSI Parser"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "psWav Dest"    "Canon Utilities Support Library"    "Canon Inc."    "c:\program files (x86)\canon\camerawindow\mycamera\pswavdes.ax"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter"    "Roxio Audio Source Filter"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter"    "Roxio Audio Stream Reader Filter"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter"    "Roxio Audio Stream Writer Filter"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator"    "CPURegulator.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter"    "LPCMSync Filter"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)"    "LVMAsync"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter"    "MPEG File Analyzer Dynamic Link Library"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer"    "Roxio MPEG Stream Splitter"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder"    "ROXIO MPEG Audio Encoder"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder"    "ROXIO MPEG1 Codec"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer"    "ROXIO MPEG MUXER"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer"    "ROXIO MPEG Demuxer"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer"    "ROXIO MPEG MUXER"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer"    "MGICGFilter.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source"    "MGICGFilter.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer"    "ROXIO Raw Writer"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter"    "Repack Filter"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0"    "Null-In-Place (Sample)"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source"    "ListFrameSource"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0"    "DVR support filter"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0"    "Roxio Audio Filters"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter"    "VOBFormatter"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader"    "VOBLoader"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer"    "MVWcDSutil"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3"    "SonicHDAudio"    "Sonic Solutions"    "c:\program files (x86)\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3"    "CinemasterVideo"    "Sonic Solutions"    "c:\program files (x86)\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer"    "Sonic HD Demuxer"    ""    "c:\program files (x86)\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav"    "SonicHDNav"    ""    "c:\program files (x86)\common files\sonic shared\sonichdnav.dll"
+ "Sonic MPEG-2 Video Decoder"    "MPEG-2 Video Decoder"    "Sonic Solutions Inc."    "c:\program files (x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax"
+ "SubPicture Encoder"    "ROXIO SubPicture Encoder"    "Sonic Solutions"    "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0"    "VideoCompositing Module"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0"    "VideoCompositing Module"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource"    "VideoCompositing Module"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0"    "VideoCompositing Module"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "GoToAssist"    ""    ""    "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "PCL hpz3llhn"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpz3llhn.dll"
 



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 16 March 2013 - 11:08 AM

.


Edited by narenxp, 16 March 2013 - 11:25 AM.


#10 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 16 March 2013 - 11:22 AM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Brooks (administrator) on 16-03-2013 at 11:22:28
Running from "C:\Users\Brooks\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

#       ::1             localhost


**** End of log ****
 



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 16 March 2013 - 11:26 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 



#12 bblawrence331#

bblawrence331#
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 19 March 2013 - 10:20 PM

Totally cured my problem!!!!!!!!!!!  You guys are amazing.



#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:00 AM

Posted 19 March 2013 - 10:25 PM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users