Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Google Redirect w/ Firefox


  • Please log in to reply
7 replies to this topic

#1 veritasargent

veritasargent

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Maine
  • Local time:04:59 AM

Posted 09 September 2012 - 07:57 AM

Yes, another computer inept person got hit by the Google redirect thing. So very annoying. I've had it before, and it just came back again... I only go to the same few websites.

Anyway... both McAfee and Malwarebytes have had no effect.

Suggestions? I'm guessing probably TDSSkiller.

Thanks!
To see a world in a grain of sand... -William Blake

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:59 AM

Posted 09 September 2012 - 08:02 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 veritasargent

veritasargent
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Maine
  • Local time:04:59 AM

Posted 16 September 2012 - 02:06 PM

Thanks! Looks like ESET definitely found a couple of things. Should I delete them from quarantine, or leave them as is? If delete... will deleting OpenCandy mess with programs like Daemon Tools which use it?

*************************************************************************************************
TDSSKiller Log:

10:42:10.0980 7244 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:42:12.0992 7244 ============================================================
10:42:12.0992 7244 Current date / time: 2012/09/16 10:42:12.0992
10:42:12.0992 7244 SystemInfo:
10:42:12.0992 7244
10:42:12.0992 7244 OS Version: 6.1.7601 ServicePack: 1.0
10:42:12.0992 7244 Product type: Workstation
10:42:12.0992 7244 ComputerName: STARGAZER2
10:42:12.0992 7244 UserName: Erin
10:42:12.0992 7244 Windows directory: C:\Windows
10:42:12.0992 7244 System windows directory: C:\Windows
10:42:12.0992 7244 Running under WOW64
10:42:12.0992 7244 Processor architecture: Intel x64
10:42:12.0992 7244 Number of processors: 4
10:42:12.0992 7244 Page size: 0x1000
10:42:12.0992 7244 Boot type: Normal boot
10:42:12.0992 7244 ============================================================
10:42:13.0663 7244 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:42:13.0679 7244 ============================================================
10:42:13.0679 7244 \Device\Harddisk0\DR0:
10:42:13.0679 7244 MBR partitions:
10:42:13.0679 7244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
10:42:13.0679 7244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
10:42:13.0679 7244 ============================================================
10:42:13.0710 7244 C: <-> \Device\Harddisk0\DR0\Partition2
10:42:13.0710 7244 ============================================================
10:42:13.0710 7244 Initialize success
10:42:13.0710 7244 ============================================================
10:42:28.0655 9940 ============================================================
10:42:28.0655 9940 Scan started
10:42:28.0655 9940 Mode: Manual; TDLFS;
10:42:28.0655 9940 ============================================================
10:42:28.0842 9940 ================ Scan system memory ========================
10:42:28.0842 9940 System memory - ok
10:42:28.0842 9940 ================ Scan services =============================
10:42:28.0936 9940 0226571347661713mcinstcleanup - ok
10:42:29.0029 9940 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:42:29.0092 9940 1394ohci - ok
10:42:29.0123 9940 [ 7A505465BBB1EB8B5AD4D76E8749383B ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
10:42:29.0170 9940 Acceler - ok
10:42:29.0216 9940 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:42:29.0263 9940 ACPI - ok
10:42:29.0279 9940 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:42:29.0326 9940 AcpiPmi - ok
10:42:29.0419 9940 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:42:29.0497 9940 AdobeARMservice - ok
10:42:29.0606 9940 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:42:29.0684 9940 AdobeFlashPlayerUpdateSvc - ok
10:42:29.0731 9940 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:42:29.0747 9940 adp94xx - ok
10:42:29.0778 9940 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:42:29.0794 9940 adpahci - ok
10:42:29.0809 9940 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:42:29.0809 9940 adpu320 - ok
10:42:29.0840 9940 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:42:29.0840 9940 AeLookupSvc - ok
10:42:29.0903 9940 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:42:29.0981 9940 AERTFilters - ok
10:42:30.0028 9940 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:42:30.0043 9940 AFD - ok
10:42:30.0059 9940 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:42:30.0074 9940 agp440 - ok
10:42:30.0090 9940 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:42:30.0090 9940 ALG - ok
10:42:30.0137 9940 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:42:30.0137 9940 aliide - ok
10:42:30.0152 9940 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:42:30.0152 9940 amdide - ok
10:42:30.0199 9940 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:42:30.0199 9940 AmdK8 - ok
10:42:30.0215 9940 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:42:30.0215 9940 AmdPPM - ok
10:42:30.0246 9940 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:42:30.0308 9940 amdsata - ok
10:42:30.0324 9940 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:42:30.0324 9940 amdsbs - ok
10:42:30.0340 9940 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:42:30.0386 9940 amdxata - ok
10:42:30.0433 9940 [ 2C4A05FCEF72EF614DCD11D0872498C9 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
10:42:30.0496 9940 AnyDVD - ok
10:42:30.0542 9940 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:42:30.0605 9940 AppID - ok
10:42:30.0620 9940 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:42:30.0620 9940 AppIDSvc - ok
10:42:30.0667 9940 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:42:30.0667 9940 Appinfo - ok
10:42:30.0714 9940 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:42:30.0714 9940 arc - ok
10:42:30.0730 9940 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:42:30.0730 9940 arcsas - ok
10:42:30.0761 9940 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:42:30.0761 9940 AsyncMac - ok
10:42:30.0808 9940 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:42:30.0808 9940 atapi - ok
10:42:30.0854 9940 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:42:30.0901 9940 AudioEndpointBuilder - ok
10:42:30.0901 9940 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:42:30.0932 9940 AudioSrv - ok
10:42:30.0995 9940 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:42:30.0995 9940 AxInstSV - ok
10:42:31.0026 9940 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:42:31.0042 9940 b06bdrv - ok
10:42:31.0088 9940 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:42:31.0088 9940 b57nd60a - ok
10:42:31.0135 9940 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:42:31.0135 9940 BDESVC - ok
10:42:31.0151 9940 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:42:31.0151 9940 Beep - ok
10:42:31.0213 9940 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:42:31.0229 9940 BFE - ok
10:42:31.0244 9940 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
10:42:31.0291 9940 BITS - ok
10:42:31.0322 9940 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:42:31.0338 9940 blbdrive - ok
10:42:31.0354 9940 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:42:31.0432 9940 bowser - ok
10:42:31.0463 9940 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:42:31.0478 9940 BrFiltLo - ok
10:42:31.0478 9940 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:42:31.0494 9940 BrFiltUp - ok
10:42:31.0541 9940 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:42:31.0588 9940 Browser - ok
10:42:31.0603 9940 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:42:31.0619 9940 Brserid - ok
10:42:31.0634 9940 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:42:31.0634 9940 BrSerWdm - ok
10:42:31.0650 9940 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:42:31.0650 9940 BrUsbMdm - ok
10:42:31.0666 9940 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:42:31.0666 9940 BrUsbSer - ok
10:42:31.0681 9940 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:42:31.0681 9940 BTHMODEM - ok
10:42:31.0712 9940 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:42:31.0728 9940 bthserv - ok
10:42:31.0744 9940 catchme - ok
10:42:31.0775 9940 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:42:31.0775 9940 cdfs - ok
10:42:31.0822 9940 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:42:31.0884 9940 cdrom - ok
10:42:31.0915 9940 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:42:31.0915 9940 CertPropSvc - ok
10:42:31.0962 9940 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
10:42:32.0040 9940 cfwids - ok
10:42:32.0056 9940 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:42:32.0071 9940 circlass - ok
10:42:32.0087 9940 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:42:32.0102 9940 CLFS - ok
10:42:32.0180 9940 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:42:32.0180 9940 clr_optimization_v2.0.50727_32 - ok
10:42:32.0212 9940 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:42:32.0227 9940 clr_optimization_v2.0.50727_64 - ok
10:42:32.0290 9940 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:42:32.0383 9940 clr_optimization_v4.0.30319_32 - ok
10:42:32.0414 9940 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:42:32.0414 9940 clr_optimization_v4.0.30319_64 - ok
10:42:32.0446 9940 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:42:32.0446 9940 CmBatt - ok
10:42:32.0461 9940 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:42:32.0477 9940 cmdide - ok
10:42:32.0508 9940 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:42:32.0555 9940 CNG - ok
10:42:32.0586 9940 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:42:32.0586 9940 Compbatt - ok
10:42:32.0602 9940 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:42:32.0664 9940 CompositeBus - ok
10:42:32.0680 9940 COMSysApp - ok
10:42:32.0711 9940 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:42:32.0711 9940 crcdisk - ok
10:42:32.0758 9940 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:42:32.0773 9940 CryptSvc - ok
10:42:32.0804 9940 [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:42:32.0851 9940 CtClsFlt - ok
10:42:32.0945 9940 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:42:32.0960 9940 cvhsvc - ok
10:42:33.0007 9940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:42:33.0007 9940 DcomLaunch - ok
10:42:33.0054 9940 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:42:33.0054 9940 defragsvc - ok
10:42:33.0085 9940 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:42:33.0085 9940 DfsC - ok
10:42:33.0116 9940 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:42:33.0132 9940 Dhcp - ok
10:42:33.0148 9940 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:42:33.0148 9940 discache - ok
10:42:33.0179 9940 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:42:33.0179 9940 Disk - ok
10:42:33.0210 9940 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:42:33.0257 9940 Dnscache - ok
10:42:33.0288 9940 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:42:33.0319 9940 dot3svc - ok
10:42:33.0366 9940 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:42:33.0382 9940 Dot4 - ok
10:42:33.0413 9940 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:42:33.0460 9940 Dot4Print - ok
10:42:33.0475 9940 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:42:33.0475 9940 dot4usb - ok
10:42:33.0491 9940 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:42:33.0491 9940 DPS - ok
10:42:33.0522 9940 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:42:33.0538 9940 drmkaud - ok
10:42:33.0569 9940 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:42:33.0631 9940 dtsoftbus01 - ok
10:42:33.0662 9940 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:42:33.0725 9940 DXGKrnl - ok
10:42:33.0756 9940 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:42:33.0756 9940 EapHost - ok
10:42:33.0850 9940 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:42:33.0896 9940 ebdrv - ok
10:42:33.0928 9940 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:42:33.0928 9940 EFS - ok
10:42:33.0990 9940 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:42:34.0052 9940 ehRecvr - ok
10:42:34.0084 9940 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:42:34.0084 9940 ehSched - ok
10:42:34.0146 9940 [ 8D18A680BDAB2ACA00506FE6F8AEF81A ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
10:42:34.0208 9940 ElbyCDFL - ok
10:42:34.0224 9940 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:42:34.0271 9940 ElbyCDIO - ok
10:42:34.0302 9940 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:42:34.0318 9940 elxstor - ok
10:42:34.0333 9940 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:42:34.0349 9940 ErrDev - ok
10:42:34.0380 9940 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:42:34.0396 9940 EventSystem - ok
10:42:34.0458 9940 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:42:34.0536 9940 EvtEng - ok
10:42:34.0552 9940 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:42:34.0552 9940 exfat - ok
10:42:34.0567 9940 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:42:34.0567 9940 fastfat - ok
10:42:34.0614 9940 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:42:34.0661 9940 Fax - ok
10:42:34.0692 9940 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:42:34.0692 9940 fdc - ok
10:42:34.0739 9940 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:42:34.0739 9940 fdPHost - ok
10:42:34.0754 9940 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:42:34.0754 9940 FDResPub - ok
10:42:34.0770 9940 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:42:34.0770 9940 FileInfo - ok
10:42:34.0786 9940 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:42:34.0786 9940 Filetrace - ok
10:42:34.0786 9940 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:42:34.0801 9940 flpydisk - ok
10:42:34.0832 9940 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:42:34.0832 9940 FltMgr - ok
10:42:34.0879 9940 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:42:34.0895 9940 FontCache - ok
10:42:34.0957 9940 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:42:35.0020 9940 FontCache3.0.0.0 - ok
10:42:35.0035 9940 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:42:35.0051 9940 FsDepends - ok
10:42:35.0082 9940 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:42:35.0144 9940 Fs_Rec - ok
10:42:35.0176 9940 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:42:35.0176 9940 fvevol - ok
10:42:35.0207 9940 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:42:35.0207 9940 gagp30kx - ok
10:42:35.0269 9940 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:42:35.0285 9940 gpsvc - ok
10:42:35.0316 9940 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:42:35.0378 9940 hamachi - ok
10:42:35.0410 9940 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:42:35.0410 9940 hcw85cir - ok
10:42:35.0441 9940 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:42:35.0519 9940 HDAudBus - ok
10:42:35.0550 9940 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:42:35.0581 9940 HECIx64 - ok
10:42:35.0581 9940 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:42:35.0581 9940 HidBatt - ok
10:42:35.0597 9940 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:42:35.0597 9940 HidBth - ok
10:42:35.0612 9940 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:42:35.0628 9940 HidIr - ok
10:42:35.0659 9940 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
10:42:35.0659 9940 hidserv - ok
10:42:35.0690 9940 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:42:35.0753 9940 HidUsb - ok
10:42:35.0800 9940 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:42:35.0800 9940 hkmsvc - ok
10:42:35.0831 9940 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:42:35.0831 9940 HomeGroupListener - ok
10:42:35.0846 9940 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:42:35.0909 9940 HomeGroupProvider - ok
10:42:36.0034 9940 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:42:36.0034 9940 hpqcxs08 - ok
10:42:36.0049 9940 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:42:36.0096 9940 hpqddsvc - ok
10:42:36.0143 9940 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:42:36.0190 9940 HpSAMD - ok
10:42:36.0221 9940 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:42:36.0314 9940 HTTP - ok
10:42:36.0346 9940 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:42:36.0346 9940 hwpolicy - ok
10:42:36.0361 9940 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:42:36.0377 9940 i8042prt - ok
10:42:36.0424 9940 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:42:36.0424 9940 iaStor - ok
10:42:36.0470 9940 IAStorDataMgrSvc - ok
10:42:36.0502 9940 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:42:36.0564 9940 iaStorV - ok
10:42:36.0611 9940 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:42:36.0673 9940 idsvc - ok
10:42:36.0892 9940 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:42:37.0079 9940 igfx - ok
10:42:37.0126 9940 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:42:37.0141 9940 iirsp - ok
10:42:37.0172 9940 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:42:37.0188 9940 IKEEXT - ok
10:42:37.0219 9940 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:42:37.0282 9940 Impcd - ok
10:42:37.0375 9940 [ F61D360072B67F5667765A2534B672D6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:42:37.0438 9940 IntcAzAudAddService - ok
10:42:37.0453 9940 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:42:37.0516 9940 IntcDAud - ok
10:42:37.0531 9940 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:42:37.0547 9940 intelide - ok
10:42:37.0578 9940 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:42:37.0594 9940 intelppm - ok
10:42:37.0625 9940 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:42:37.0640 9940 IPBusEnum - ok
10:42:37.0656 9940 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:42:37.0718 9940 IpFilterDriver - ok
10:42:37.0734 9940 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:42:37.0734 9940 iphlpsvc - ok
10:42:37.0765 9940 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:42:37.0812 9940 IPMIDRV - ok
10:42:37.0828 9940 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:42:37.0828 9940 IPNAT - ok
10:42:37.0874 9940 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:42:37.0874 9940 IRENUM - ok
10:42:37.0890 9940 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:42:37.0906 9940 isapnp - ok
10:42:37.0937 9940 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:42:37.0999 9940 iScsiPrt - ok
10:42:38.0046 9940 [ 43F319DE026E04B9CF9219A14BF24FE8 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
10:42:38.0108 9940 JMCR - ok
10:42:38.0140 9940 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:42:38.0140 9940 kbdclass - ok
10:42:38.0155 9940 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:42:38.0202 9940 kbdhid - ok
10:42:38.0218 9940 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:42:38.0218 9940 KeyIso - ok
10:42:38.0249 9940 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:42:38.0296 9940 KSecDD - ok
10:42:38.0311 9940 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:42:38.0342 9940 KSecPkg - ok
10:42:38.0374 9940 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:42:38.0374 9940 ksthunk - ok
10:42:38.0405 9940 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:42:38.0420 9940 KtmRm - ok
10:42:38.0452 9940 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:42:38.0467 9940 LanmanServer - ok
10:42:38.0483 9940 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:42:38.0498 9940 LanmanWorkstation - ok
10:42:38.0545 9940 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:42:38.0545 9940 lltdio - ok
10:42:38.0592 9940 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:42:38.0608 9940 lltdsvc - ok
10:42:38.0623 9940 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:42:38.0639 9940 lmhosts - ok
10:42:38.0686 9940 [ 23D990150D56B670A62B21B9ABDD45EE ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:42:38.0779 9940 LMS - ok
10:42:38.0826 9940 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:42:38.0826 9940 LSI_FC - ok
10:42:38.0857 9940 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:42:38.0857 9940 LSI_SAS - ok
10:42:38.0873 9940 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:42:38.0873 9940 LSI_SAS2 - ok
10:42:38.0904 9940 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:42:38.0920 9940 LSI_SCSI - ok
10:42:38.0935 9940 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:42:38.0935 9940 luafv - ok
10:42:39.0029 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:42:39.0029 9940 McAfee SiteAdvisor Service - ok
10:42:39.0107 9940 [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
10:42:39.0185 9940 McAWFwk - ok
10:42:39.0200 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:42:39.0200 9940 McMPFSvc - ok
10:42:39.0200 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:42:39.0200 9940 mcmscsvc - ok
10:42:39.0216 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:42:39.0216 9940 McNaiAnn - ok
10:42:39.0232 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:42:39.0232 9940 McNASvc - ok
10:42:39.0278 9940 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
10:42:39.0278 9940 McODS - ok
10:42:39.0310 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:42:39.0310 9940 McOobeSv - ok
10:42:39.0310 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:42:39.0325 9940 McProxy - ok
10:42:39.0372 9940 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
10:42:39.0372 9940 McShield - ok
10:42:39.0403 9940 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:42:39.0450 9940 Mcx2Svc - ok
10:42:39.0481 9940 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:42:39.0481 9940 megasas - ok
10:42:39.0497 9940 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:42:39.0512 9940 MegaSR - ok
10:42:39.0559 9940 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
10:42:39.0559 9940 mfeapfk - ok
10:42:39.0590 9940 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
10:42:39.0637 9940 mfeavfk - ok
10:42:39.0668 9940 mfeavfk01 - ok
10:42:39.0684 9940 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:42:39.0731 9940 mfefire - ok
10:42:39.0778 9940 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
10:42:39.0840 9940 mfefirek - ok
10:42:39.0887 9940 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
10:42:39.0949 9940 mfehidk - ok
10:42:39.0965 9940 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
10:42:39.0996 9940 mfenlfk - ok
10:42:40.0012 9940 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
10:42:40.0012 9940 mferkdet - ok
10:42:40.0043 9940 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
10:42:40.0105 9940 mfevtp - ok
10:42:40.0121 9940 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
10:42:40.0168 9940 mfewfpk - ok
10:42:40.0199 9940 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:42:40.0199 9940 MMCSS - ok
10:42:40.0230 9940 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:42:40.0230 9940 Modem - ok
10:42:40.0246 9940 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:42:40.0261 9940 monitor - ok
10:42:40.0277 9940 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:42:40.0292 9940 mouclass - ok
10:42:40.0324 9940 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:42:40.0324 9940 mouhid - ok
10:42:40.0355 9940 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:42:40.0417 9940 mountmgr - ok
10:42:40.0495 9940 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:42:40.0558 9940 MozillaMaintenance - ok
10:42:40.0589 9940 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:42:40.0636 9940 mpio - ok
10:42:40.0667 9940 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:42:40.0667 9940 mpsdrv - ok
10:42:40.0714 9940 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:42:40.0776 9940 MpsSvc - ok
10:42:40.0792 9940 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:42:40.0838 9940 MRxDAV - ok
10:42:40.0854 9940 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:42:40.0901 9940 mrxsmb - ok
10:42:40.0916 9940 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:42:40.0916 9940 mrxsmb10 - ok
10:42:40.0932 9940 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:42:40.0979 9940 mrxsmb20 - ok
10:42:40.0994 9940 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:42:41.0057 9940 msahci - ok
10:42:41.0072 9940 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:42:41.0135 9940 msdsm - ok
10:42:41.0150 9940 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:42:41.0166 9940 MSDTC - ok
10:42:41.0197 9940 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:42:41.0197 9940 Msfs - ok
10:42:41.0228 9940 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:42:41.0228 9940 mshidkmdf - ok
10:42:41.0260 9940 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:42:41.0260 9940 msisadrv - ok
10:42:41.0291 9940 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:42:41.0306 9940 MSiSCSI - ok
10:42:41.0306 9940 msiserver - ok
10:42:41.0322 9940 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:42:41.0338 9940 MSK80Service - ok
10:42:41.0353 9940 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:42:41.0369 9940 MSKSSRV - ok
10:42:41.0384 9940 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:42:41.0384 9940 MSPCLOCK - ok
10:42:41.0400 9940 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:42:41.0400 9940 MSPQM - ok
10:42:41.0431 9940 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:42:41.0431 9940 MsRPC - ok
10:42:41.0462 9940 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:42:41.0478 9940 mssmbios - ok
10:42:41.0494 9940 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:42:41.0494 9940 MSTEE - ok
10:42:41.0494 9940 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:42:41.0509 9940 MTConfig - ok
10:42:41.0525 9940 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:42:41.0525 9940 Mup - ok
10:42:41.0572 9940 [ A9BC2302FBDF52C8AF4E2FC966288D21 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:42:41.0634 9940 MyWiFiDHCPDNS - ok
10:42:41.0650 9940 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:42:41.0665 9940 napagent - ok
10:42:41.0696 9940 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:42:41.0712 9940 NativeWifiP - ok
10:42:41.0759 9940 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:42:41.0774 9940 NDIS - ok
10:42:41.0790 9940 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:42:41.0790 9940 NdisCap - ok
10:42:41.0821 9940 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:42:41.0837 9940 NdisTapi - ok
10:42:41.0852 9940 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:42:41.0915 9940 Ndisuio - ok
10:42:41.0946 9940 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:42:42.0008 9940 NdisWan - ok
10:42:42.0024 9940 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:42:42.0055 9940 NDProxy - ok
10:42:42.0118 9940 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:42:42.0149 9940 Net Driver HPZ12 - ok
10:42:42.0196 9940 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:42:42.0196 9940 NetBIOS - ok
10:42:42.0227 9940 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:42:42.0227 9940 NetBT - ok
10:42:42.0242 9940 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:42:42.0242 9940 Netlogon - ok
10:42:42.0274 9940 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:42:42.0289 9940 Netman - ok
10:42:42.0305 9940 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:42:42.0320 9940 netprofm - ok
10:42:42.0336 9940 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:42:42.0352 9940 NetTcpPortSharing - ok
10:42:42.0508 9940 [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
10:42:42.0632 9940 NETw5s64 - ok
10:42:42.0679 9940 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:42:42.0679 9940 nfrd960 - ok
10:42:42.0726 9940 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:42:42.0726 9940 NlaSvc - ok
10:42:42.0866 9940 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
10:42:42.0929 9940 NOBU - ok
10:42:42.0944 9940 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:42:42.0944 9940 Npfs - ok
10:42:42.0976 9940 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:42:42.0976 9940 nsi - ok
10:42:42.0991 9940 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:42:42.0991 9940 nsiproxy - ok
10:42:43.0054 9940 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:42:43.0116 9940 Ntfs - ok
10:42:43.0132 9940 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:42:43.0132 9940 Null - ok
10:42:43.0163 9940 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:42:43.0241 9940 nusb3hub - ok
10:42:43.0256 9940 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:42:43.0303 9940 nusb3xhc - ok
10:42:43.0506 9940 [ 536D174CB5CD021906E6035F40993493 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:42:43.0756 9940 nvlddmkm - ok
10:42:43.0771 9940 [ 1CA55B50DBF7559ECC4F0F036EDC29EC ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
10:42:43.0818 9940 nvpciflt - ok
10:42:43.0849 9940 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:42:43.0912 9940 nvraid - ok
10:42:43.0927 9940 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:42:43.0974 9940 nvstor - ok
10:42:44.0021 9940 [ 2C800281A92D5AB221B54DF2D8B1A27D ] nvsvc C:\Windows\system32\nvvsvc.exe
10:42:44.0083 9940 nvsvc - ok
10:42:44.0161 9940 [ 938CAF13EA28D7CF4A30826274944B23 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:42:44.0208 9940 nvUpdatusService - ok
10:42:44.0239 9940 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:42:44.0255 9940 nv_agp - ok
10:42:44.0270 9940 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:42:44.0270 9940 ohci1394 - ok
10:42:44.0317 9940 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:42:44.0317 9940 ose - ok
10:42:44.0442 9940 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:42:44.0489 9940 osppsvc - ok
10:42:44.0520 9940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:42:44.0520 9940 p2pimsvc - ok
10:42:44.0551 9940 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:42:44.0567 9940 p2psvc - ok
10:42:44.0598 9940 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:42:44.0614 9940 Parport - ok
10:42:44.0660 9940 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:42:44.0660 9940 partmgr - ok
10:42:44.0676 9940 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:42:44.0692 9940 PcaSvc - ok
10:42:44.0707 9940 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:42:44.0723 9940 pci - ok
10:42:44.0738 9940 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:42:44.0754 9940 pciide - ok
10:42:44.0770 9940 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:42:44.0785 9940 pcmcia - ok
10:42:44.0801 9940 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:42:44.0816 9940 pcw - ok
10:42:44.0848 9940 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:42:44.0863 9940 PEAUTH - ok
10:42:44.0941 9940 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:42:44.0941 9940 PerfHost - ok
10:42:45.0004 9940 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:42:45.0019 9940 pla - ok
10:42:45.0050 9940 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:42:45.0050 9940 PlugPlay - ok
10:42:45.0097 9940 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:42:45.0144 9940 Pml Driver HPZ12 - ok
10:42:45.0175 9940 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:42:45.0175 9940 PNRPAutoReg - ok
10:42:45.0191 9940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:42:45.0191 9940 PNRPsvc - ok
10:42:45.0222 9940 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:42:45.0253 9940 PolicyAgent - ok
10:42:45.0253 9940 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:42:45.0269 9940 Power - ok
10:42:45.0300 9940 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:42:45.0300 9940 PptpMiniport - ok
10:42:45.0331 9940 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:42:45.0331 9940 Processor - ok
10:42:45.0394 9940 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:42:45.0440 9940 ProfSvc - ok
10:42:45.0456 9940 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:42:45.0456 9940 ProtectedStorage - ok
10:42:45.0487 9940 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:42:45.0565 9940 Psched - ok
10:42:45.0612 9940 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
10:42:45.0674 9940 PSI - ok
10:42:45.0690 9940 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:42:45.0721 9940 PxHlpa64 - ok
10:42:45.0752 9940 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
10:42:45.0815 9940 qicflt - ok
10:42:45.0846 9940 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:42:45.0893 9940 ql2300 - ok
10:42:45.0908 9940 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:42:45.0924 9940 ql40xx - ok
10:42:45.0955 9940 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:42:45.0955 9940 QWAVE - ok
10:42:45.0971 9940 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:42:45.0971 9940 QWAVEdrv - ok
10:42:45.0986 9940 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:42:46.0002 9940 RasAcd - ok
10:42:46.0033 9940 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:42:46.0033 9940 RasAgileVpn - ok
10:42:46.0049 9940 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:42:46.0049 9940 RasAuto - ok
10:42:46.0080 9940 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:42:46.0080 9940 Rasl2tp - ok
10:42:46.0111 9940 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:42:46.0158 9940 RasMan - ok
10:42:46.0174 9940 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:42:46.0174 9940 RasPppoe - ok
10:42:46.0205 9940 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:42:46.0205 9940 RasSstp - ok
10:42:46.0220 9940 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:42:46.0283 9940 rdbss - ok
10:42:46.0298 9940 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:42:46.0314 9940 rdpbus - ok
10:42:46.0330 9940 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:42:46.0330 9940 RDPCDD - ok
10:42:46.0361 9940 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:42:46.0361 9940 RDPENCDD - ok
10:42:46.0376 9940 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:42:46.0376 9940 RDPREFMP - ok
10:42:46.0423 9940 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:42:46.0454 9940 RDPWD - ok
10:42:46.0501 9940 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:42:46.0548 9940 rdyboost - ok
10:42:46.0610 9940 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:42:46.0673 9940 RegSrvc - ok
10:42:46.0688 9940 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:42:46.0688 9940 RemoteAccess - ok
10:42:46.0735 9940 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:42:46.0735 9940 RemoteRegistry - ok
10:42:46.0829 9940 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
10:42:46.0907 9940 RoxMediaDB12OEM - ok
10:42:46.0938 9940 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
10:42:47.0000 9940 RoxWatch12 - ok
10:42:47.0032 9940 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:42:47.0032 9940 RpcEptMapper - ok
10:42:47.0047 9940 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:42:47.0047 9940 RpcLocator - ok
10:42:47.0094 9940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:42:47.0094 9940 RpcSs - ok
10:42:47.0141 9940 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:42:47.0141 9940 rspndr - ok
10:42:47.0188 9940 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:42:47.0250 9940 RTL8167 - ok
10:42:47.0266 9940 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:42:47.0266 9940 SamSs - ok
10:42:47.0297 9940 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:42:47.0344 9940 sbp2port - ok
10:42:47.0390 9940 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:42:47.0390 9940 SCardSvr - ok
10:42:47.0422 9940 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:42:47.0422 9940 scfilter - ok
10:42:47.0453 9940 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:42:47.0484 9940 Schedule - ok
10:42:47.0500 9940 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:42:47.0500 9940 SCPolicySvc - ok
10:42:47.0546 9940 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:42:47.0624 9940 sdbus - ok
10:42:47.0656 9940 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:42:47.0671 9940 SDRSVC - ok
10:42:47.0687 9940 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:42:47.0702 9940 secdrv - ok
10:42:47.0718 9940 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:42:47.0734 9940 seclogon - ok
10:42:47.0796 9940 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:42:47.0874 9940 Secunia PSI Agent - ok
10:42:47.0890 9940 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
10:42:47.0890 9940 SENS - ok
10:42:47.0921 9940 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:42:47.0921 9940 SensrSvc - ok
10:42:47.0952 9940 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:42:47.0952 9940 Serenum - ok
10:42:47.0983 9940 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:42:47.0983 9940 Serial - ok
10:42:48.0014 9940 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:42:48.0030 9940 sermouse - ok
10:42:48.0061 9940 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:42:48.0092 9940 SessionEnv - ok
10:42:48.0124 9940 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:42:48.0124 9940 sffdisk - ok
10:42:48.0139 9940 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:42:48.0155 9940 sffp_mmc - ok
10:42:48.0155 9940 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:42:48.0202 9940 sffp_sd - ok
10:42:48.0202 9940 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:42:48.0202 9940 sfloppy - ok
10:42:48.0248 9940 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:42:48.0311 9940 Sftfs - ok
10:42:48.0373 9940 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:42:48.0451 9940 sftlist - ok
10:42:48.0451 9940 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:42:48.0498 9940 Sftplay - ok
10:42:48.0529 9940 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:42:48.0576 9940 Sftredir - ok
10:42:48.0701 9940 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:42:48.0810 9940 SftService - ok
10:42:48.0810 9940 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:42:48.0841 9940 Sftvol - ok
10:42:48.0857 9940 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:42:48.0904 9940 sftvsa - ok
10:42:48.0935 9940 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:42:48.0935 9940 SharedAccess - ok
10:42:48.0966 9940 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:42:48.0966 9940 ShellHWDetection - ok
10:42:49.0013 9940 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:42:49.0028 9940 SiSRaid2 - ok
10:42:49.0028 9940 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:42:49.0044 9940 SiSRaid4 - ok
10:42:49.0091 9940 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:42:53.0490 9940 SkypeUpdate - ok
10:42:53.0552 9940 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:42:53.0568 9940 Smb - ok
10:42:53.0615 9940 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:42:53.0615 9940 SNMPTRAP - ok
10:42:53.0630 9940 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:42:53.0630 9940 spldr - ok
10:42:53.0677 9940 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:42:53.0740 9940 Spooler - ok
10:42:53.0818 9940 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:42:53.0864 9940 sppsvc - ok
10:42:53.0880 9940 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:42:53.0880 9940 sppuinotify - ok
10:42:53.0911 9940 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:42:53.0974 9940 srv - ok
10:42:53.0989 9940 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:42:54.0036 9940 srv2 - ok
10:42:54.0052 9940 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:42:54.0083 9940 srvnet - ok
10:42:54.0130 9940 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:42:54.0130 9940 SSDPSRV - ok
10:42:54.0145 9940 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:42:54.0145 9940 SstpSvc - ok
10:42:54.0176 9940 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
10:42:54.0223 9940 stdcfltn - ok
10:42:54.0270 9940 [ 66F60D8A26B665EC9D8D2F07ADDEF22D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:42:54.0348 9940 Stereo Service - ok
10:42:54.0379 9940 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:42:54.0395 9940 stexstor - ok
10:42:54.0426 9940 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:42:54.0442 9940 stisvc - ok
10:42:54.0488 9940 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:42:54.0551 9940 stllssvr - ok
10:42:54.0582 9940 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:42:54.0582 9940 swenum - ok
10:42:54.0613 9940 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:42:54.0629 9940 swprv - ok
10:42:54.0676 9940 [ 36F506C894E1EA59C65FAF6398BDF49A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:42:54.0722 9940 SynTP - ok
10:42:54.0769 9940 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:42:54.0800 9940 SysMain - ok
10:42:54.0816 9940 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:42:54.0816 9940 TabletInputService - ok
10:42:54.0847 9940 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:42:54.0894 9940 TapiSrv - ok
10:42:54.0910 9940 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:42:54.0925 9940 TBS - ok
10:42:54.0988 9940 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:42:55.0019 9940 Tcpip - ok
10:42:55.0066 9940 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:42:55.0066 9940 TCPIP6 - ok
10:42:55.0097 9940 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:42:55.0128 9940 tcpipreg - ok
10:42:55.0159 9940 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:42:55.0159 9940 TDPIPE - ok
10:42:55.0190 9940 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:42:55.0190 9940 TDTCP - ok
10:42:55.0222 9940 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:42:55.0284 9940 tdx - ok
10:42:55.0315 9940 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:42:55.0346 9940 TermDD - ok
10:42:55.0362 9940 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:42:55.0378 9940 TermService - ok
10:42:55.0409 9940 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:42:55.0409 9940 Themes - ok
10:42:55.0424 9940 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:42:55.0440 9940 THREADORDER - ok
10:42:55.0456 9940 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:42:55.0456 9940 TrkWks - ok
10:42:55.0518 9940 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:42:55.0518 9940 TrustedInstaller - ok
10:42:55.0549 9940 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:42:55.0549 9940 tssecsrv - ok
10:42:55.0596 9940 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:42:55.0658 9940 TsUsbFlt - ok
10:42:55.0690 9940 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:42:55.0736 9940 tunnel - ok
10:42:55.0783 9940 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
10:42:55.0830 9940 TurboB - ok
10:42:55.0877 9940 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:42:55.0924 9940 TurboBoost - ok
10:42:55.0955 9940 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:42:55.0955 9940 uagp35 - ok
10:42:55.0986 9940 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:42:56.0048 9940 udfs - ok
10:42:56.0080 9940 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:42:56.0080 9940 UI0Detect - ok
10:42:56.0111 9940 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:42:56.0126 9940 uliagpkx - ok
10:42:56.0158 9940 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:42:56.0204 9940 umbus - ok
10:42:56.0220 9940 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:42:56.0220 9940 UmPass - ok
10:42:56.0360 9940 [ CBDEE152D73200EE49031A26310B9D3E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:42:56.0470 9940 UNS - ok
10:42:56.0501 9940 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:42:56.0501 9940 upnphost - ok
10:42:56.0548 9940 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:42:56.0594 9940 usbccgp - ok
10:42:56.0626 9940 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:42:56.0626 9940 usbcir - ok
10:42:56.0657 9940 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:42:56.0704 9940 usbehci - ok
10:42:56.0735 9940 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:42:56.0766 9940 usbhub - ok
10:42:56.0782 9940 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:42:56.0828 9940 usbohci - ok
10:42:56.0860 9940 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:42:56.0860 9940 usbprint - ok
10:42:56.0891 9940 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:42:56.0891 9940 usbscan - ok
10:42:56.0922 9940 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:42:57.0000 9940 USBSTOR - ok
10:42:57.0016 9940 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:42:57.0047 9940 usbuhci - ok
10:42:57.0094 9940 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:42:57.0125 9940 usbvideo - ok
10:42:57.0156 9940 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:42:57.0156 9940 UxSms - ok
10:42:57.0172 9940 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:42:57.0172 9940 VaultSvc - ok
10:42:57.0203 9940 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:42:57.0203 9940 vdrvroot - ok
10:42:57.0234 9940 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:42:57.0250 9940 vds - ok
10:42:57.0281 9940 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:42:57.0281 9940 vga - ok
10:42:57.0296 9940 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:42:57.0312 9940 VgaSave - ok
10:42:57.0328 9940 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:42:57.0390 9940 vhdmp - ok
10:42:57.0421 9940 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:42:57.0437 9940 viaide - ok
10:42:57.0452 9940 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:42:57.0515 9940 volmgr - ok
10:42:57.0546 9940 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:42:57.0546 9940 volmgrx - ok
10:42:57.0593 9940 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:42:57.0593 9940 volsnap - ok
10:42:57.0624 9940 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:42:57.0624 9940 vsmraid - ok
10:42:57.0686 9940 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:42:57.0718 9940 VSS - ok
10:42:57.0733 9940 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:42:57.0733 9940 vwifibus - ok
10:42:57.0733 9940 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:42:57.0749 9940 vwififlt - ok
10:42:57.0780 9940 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:42:57.0780 9940 vwifimp - ok
10:42:57.0811 9940 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:42:57.0811 9940 W32Time - ok
10:42:57.0858 9940 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:42:57.0858 9940 WacomPen - ok
10:42:57.0905 9940 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:42:57.0967 9940 WANARP - ok
10:42:57.0967 9940 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:42:57.0967 9940 Wanarpv6 - ok
10:42:58.0030 9940 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:42:58.0092 9940 WatAdminSvc - ok
10:42:58.0154 9940 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:42:58.0170 9940 wbengine - ok
10:42:58.0201 9940 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:42:58.0201 9940 WbioSrvc - ok
10:42:58.0232 9940 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:42:58.0248 9940 wcncsvc - ok
10:42:58.0264 9940 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:42:58.0264 9940 WcsPlugInService - ok
10:42:58.0295 9940 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:42:58.0295 9940 Wd - ok
10:42:58.0326 9940 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:42:58.0342 9940 Wdf01000 - ok
10:42:58.0373 9940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:42:58.0373 9940 WdiServiceHost - ok
10:42:58.0373 9940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:42:58.0373 9940 WdiSystemHost - ok
10:42:58.0404 9940 [ FE31110E39A0B11ABAE1BA43A2DC94F9 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
10:42:58.0435 9940 wdkmd - ok
10:42:58.0451 9940 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:42:58.0451 9940 WebClient - ok
10:42:58.0482 9940 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:42:58.0482 9940 Wecsvc - ok
10:42:58.0498 9940 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:42:58.0498 9940 wercplsupport - ok
10:42:58.0529 9940 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:42:58.0529 9940 WerSvc - ok
10:42:58.0560 9940 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:42:58.0560 9940 WfpLwf - ok
10:42:58.0607 9940 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:42:58.0654 9940 WimFltr - ok
10:42:58.0685 9940 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:42:58.0685 9940 WIMMount - ok
10:42:58.0716 9940 WinDefend - ok
10:42:58.0716 9940 WinHttpAutoProxySvc - ok
10:42:58.0778 9940 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:42:58.0794 9940 Winmgmt - ok
10:42:58.0856 9940 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:42:58.0888 9940 WinRM - ok
10:42:58.0934 9940 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:42:58.0950 9940 Wlansvc - ok
10:42:58.0997 9940 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:42:58.0997 9940 wlcrasvc - ok
10:42:59.0075 9940 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:42:59.0137 9940 wlidsvc - ok
10:42:59.0153 9940 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:42:59.0153 9940 WmiAcpi - ok
10:42:59.0184 9940 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:42:59.0200 9940 wmiApSrv - ok
10:42:59.0215 9940 WMPNetworkSvc - ok
10:42:59.0246 9940 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:42:59.0262 9940 WPCSvc - ok
10:42:59.0278 9940 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:42:59.0293 9940 WPDBusEnum - ok
10:42:59.0309 9940 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:42:59.0309 9940 ws2ifsl - ok
10:42:59.0324 9940 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
10:42:59.0340 9940 wscsvc - ok
10:42:59.0340 9940 WSearch - ok
10:42:59.0402 9940 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:42:59.0434 9940 wuauserv - ok
10:42:59.0465 9940 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:42:59.0496 9940 WudfPf - ok
10:42:59.0527 9940 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:42:59.0527 9940 WUDFRd - ok
10:42:59.0558 9940 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:42:59.0558 9940 wudfsvc - ok
10:42:59.0590 9940 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:42:59.0605 9940 WwanSvc - ok
10:42:59.0652 9940 ================ Scan global ===============================
10:42:59.0699 9940 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:42:59.0730 9940 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:42:59.0761 9940 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:42:59.0792 9940 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:42:59.0824 9940 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:42:59.0824 9940 [Global] - ok
10:42:59.0824 9940 ================ Scan MBR ==================================
10:42:59.0839 9940 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:43:00.0775 9940 \Device\Harddisk0\DR0 - ok
10:43:00.0775 9940 ================ Scan VBR ==================================
10:43:00.0806 9940 [ 52F15AA795808D160E064CBA8459E4FF ] \Device\Harddisk0\DR0\Partition1
10:43:00.0806 9940 \Device\Harddisk0\DR0\Partition1 - ok
10:43:00.0838 9940 [ 7B19001A423D94A51AE5C86811E49DF0 ] \Device\Harddisk0\DR0\Partition2
10:43:00.0838 9940 \Device\Harddisk0\DR0\Partition2 - ok
10:43:00.0838 9940 ============================================================
10:43:00.0838 9940 Scan finished
10:43:00.0838 9940 ============================================================
10:43:00.0853 3216 Detected object count: 0
10:43:00.0853 3216 Actual detected object count: 0
10:43:36.0312 9852 Deinitialize success

*************************************************************************************************
Avast log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-16 10:47:50
-----------------------------
10:47:50.387 OS Version: Windows x64 6.1.7601 Service Pack 1
10:47:50.387 Number of processors: 4 586 0x2505
10:47:50.388 ComputerName: STARGAZER2 UserName: Erin
10:47:51.716 Initialize success
10:51:07.159 AVAST engine defs: 12091400
10:52:18.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:52:18.138 Disk 0 Vendor: TOSHIBA_ MC00 Size: 610480MB BusType: 3
10:52:18.156 Disk 0 MBR read successfully
10:52:18.158 Disk 0 MBR scan
10:52:18.162 Disk 0 Windows 7 default MBR code
10:52:18.164 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
10:52:18.175 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
10:52:18.192 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595440 MB offset 30800325
10:52:18.230 Disk 0 scanning C:\Windows\system32\drivers
10:52:31.114 Service scanning
10:52:59.627 Modules scanning
10:52:59.641 Disk 0 trace - called modules:
10:52:59.680 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStor.sys hal.dll
10:52:59.685 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006b6e060]
10:52:59.694 3 CLASSPNP.SYS[fffff88001db943f] -> nt!IofCallDriver -> [0xfffffa80069d2af0]
10:52:59.702 5 stdcfltn.sys[fffff88001cfec52] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800681f050]
10:53:01.092 AVAST engine scan C:\Windows
10:53:08.559 AVAST engine scan C:\Windows\system32
10:56:54.477 AVAST engine scan C:\Windows\system32\drivers
10:57:11.577 AVAST engine scan C:\Users\Erin
10:58:29.155 Disk 0 MBR has been saved successfully to "C:\Users\Erin\Desktop\MBR.dat"
10:58:29.162 The log file has been saved successfully to "C:\Users\Erin\Desktop\aswMBR.txt"

*************************************************************************************************
ESET Results:

C:\Users\Erin\AppData\Local\Temp\DTLite4454-0315.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Erin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5748f65e-49ac8d21 Java/TrojanDownloader.Agent.AG trojan deleted - quarantined
C:\Users\Erin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\79396eb2-7146445e Java/TrojanDownloader.Agent.AG trojan deleted - quarantined
C:\Users\Erin\AppData\Roaming\Mozilla\Firefox\Profiles\vgbfzkyh.default\extensions\avqatsfkdl@avqatsfkdl.org.xpi JS/Redirector.NBX trojan deleted - quarantined
To see a world in a grain of sand... -William Blake

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:59 AM

Posted 16 September 2012 - 02:19 PM

Thanks! Looks like ESET definitely found a couple of things. Should I delete them from quarantine, or leave them as is? If delete... will deleting OpenCandy mess with programs like Daemon Tools which use it?


Delete them from quarantine

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 veritasargent

veritasargent
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Maine
  • Local time:04:59 AM

Posted 18 September 2012 - 05:15 AM

MBAM ran cleanly the first time, even after rebooting.


***********************************************************************************************
MiniToolbox Log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Erin (administrator) on 18-09-2012 at 05:49:31
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Hardware not present)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="ethernet_13" nexthop=5.0.0.1 publish=Yes
add route prefix=0.0.0.0/0 interface="Wireless Network Connection" nexthop=192.168.2.1 metric=1 publish=Yes
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.2.1 metric=1 publish=Yes
set interface interface="ethernet_13" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Wireless Network Connection 2" address=192.168.16.2 mask=255.255.255.0
add address name="Wireless Network Connection" address=192.168.2.150 mask=255.255.255.0
add address name="Local Area Connection" address=192.168.2.151 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : stargazer2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-48-AC-00
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a972:bc91:d979:b9c3%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.150(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 244099458
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-10-49-21-14-FE-B5-98-D2-8F
DNS Servers . . . . . . . . . . . : 192.168.2.1
209.18.47.61
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-FE-B5-98-D2-8F
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0C59E170-96AF-4FC5-B2CD-236C819D6A30}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2A3E9366-2E9E-4499-B73E-B3CEFF0365F6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1007:3d06:bc02:efee(Preferred)
Link-local IPv6 Address . . . . . : fe80::1007:3d06:bc02:efee%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.228.36] with 32 bytes of data:
Reply from 74.125.228.36: bytes=32 time=287ms TTL=52
Reply from 74.125.228.36: bytes=32 time=37ms TTL=52

Ping statistics for 74.125.228.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 287ms, Average = 162ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=528ms TTL=49
Reply from 98.139.183.24: bytes=32 time=450ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 450ms, Maximum = 528ms, Average = 489ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...8c a9 82 48 ac 00 ......Intel® WiFi Link 1000 BGN
10...14 fe b5 98 d2 8f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.150 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.150 281
192.168.2.150 255.255.255.255 On-link 192.168.2.150 281
192.168.2.255 255.255.255.255 On-link 192.168.2.150 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.150 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.150 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
0.0.0.0 0.0.0.0 192.168.2.1 1
0.0.0.0 0.0.0.0 192.168.2.1 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:953c:1007:3d06:bc02:efee/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::1007:3d06:bc02:efee/128
On-link
12 281 fe80::a972:bc91:d979:b9c3/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/18/2012 05:45:36 AM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 77c

Start Time: 01cd9443d0da4ddb

Termination Time: 23

Application Path: C:\Windows\Explorer.EXE

Report Id: 924a459e-0175-11e2-ab13-14feb598d28f

Error: (09/18/2012 00:28:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2012 07:11:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2012 07:10:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2012 07:10:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2012 07:10:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2012 07:08:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/17/2012 07:08:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 11:01:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2012 11:01:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/18/2012 05:44:18 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 05:30:00 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 05:18:02 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 05:05:04 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 04:51:55 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 04:31:41 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 04:19:39 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 04:06:43 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 03:54:43 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.

Error: (09/18/2012 03:42:40 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MINE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0C59E170-96AF-4FC5-B2CD-236C819D6A30}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (09/18/2012 05:45:36 AM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756777c01cd9443d0da4ddb23C:\Windows\Explorer.EXE924a459e-0175-11e2-ab13-14feb598d28f

Error: (09/18/2012 00:28:45 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/17/2012 07:11:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/17/2012 07:10:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe

Error: (09/17/2012 07:10:14 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe

Error: (09/17/2012 07:10:14 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe

Error: (09/17/2012 07:08:21 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe

Error: (09/17/2012 07:08:21 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe

Error: (09/16/2012 11:01:04 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe

Error: (09/16/2012 11:01:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Erin\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
AccelerometerP11 (Version: 2.00.11.15)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
AIM 7
AnyDVD (Version: 6.8.8.0)
BufferChm (Version: 130.0.331.000)
CloneCD
CloneDVD2 (Version: 2.9.3.0)
Consumer In-Home Service Agreement (Version: 2.0.0)
Copy (Version: 130.0.428.000)
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.4.0315)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.3.31.0)
Dell PhotoStage (Version: 1.5.0.19)
Dell Stage (Version: 1.4.173.0)
Dell Support Center (Version: 3.2.6032.55)
Dell VideoStage (Version: 1.1.0.1011)
Dell Webcam Central (Version: 2.00.35)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
Diablo II
Diablo III (Version: 1.0.3.10485)
DirectX 9 Runtime (Version: 1.00.0000)
DJ_AIO_03_F4200_Software_Min (Version: 130.0.365.000)
Download Updater (AOL LLC)
Dup Detector
ESET Online Scanner v3
F4200 (Version: 130.0.365.000)
Foxit Reader 5.0 (Version: 5.0.2.718)
GIMP 2.6.11 (Version: 2.6.11)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2189)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.1000)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Intel® Wireless Display (Version: 1.2.20.0)
Internet Explorer (Version: 8)
IrfanView (remove only) (Version: 4.28)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
JMicron Flash Media Controller Driver (Version: 1.0.52.4)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.3)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Neverwinter Nights 2 (Version: 1.00.0000)
NVIDIA Display Control Panel (Version: 6.14.12.5951)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.5951)
NVIDIA Updatus (Version: 1.0.3)
OpenOffice.org 3.4 (Version: 3.4.9590)
Origin (Version: 8.2.5.2532)
Paint.NET v3.5.10 (Version: 3.60.0)
Pando Media Booster (Version: 2.3.5.6)
Pharaoh
Photobook Designer (Version: Photobook Designer 2.5.8)
PhotoShowExpress (Version: 2.0.063)
picture-shark 1.0
Quickset64 (Version: 10.8.5)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6240)
Roll
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Scan (Version: 13.0.0.0)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Shop for HP Supplies (Version: 13.0)
Skype Toolbars (Version: 5.3.7555)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Status (Version: 130.0.469.000)
Synaptics Pointing Device Driver (Version: 15.1.4.0)
The Sims™ 3 (Version: 1.36.45)
The Sims™ 3 Ambitions (Version: 4.7.4)
The Sims™ 3 Create a World Tool - Beta (Version: 1.11.12)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 Late Night (Version: 6.5.1)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Town Life Stuff (Version: 9.0.73)
The Sims™ 3 World Adventures (Version: 2.0.86)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.2 (Version: 2.0.2)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
Zeus
Zoo Tycoon: Complete Collection

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 5876.3 MB
Available physical RAM: 3911.87 MB
Total Pagefile: 11750.79 MB
Available Pagefile: 9389.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3983.07 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:345.53 GB) NTFS

========================= Users: ========================================

User accounts for \\STARGAZER2

Administrator Erin Guest
Thomas UpdatusUser


**** End of log ****
***********************************************************************************************
FSS Log:

Farbar Service Scanner Version: 06-08-2012
Ran by Erin (administrator) on 18-09-2012 at 05:59:53
Running from "C:\Users\Erin\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-16 15:15] - [2012-08-22 14:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
***********************************************************************************************
AdWareCleaner Log:

# AdwCleaner v2.002 - Logfile created 09/18/2012 at 06:07:00
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Erin - STARGAZER2
# Boot Mode : Normal
# Running from : C:\Users\Erin\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-2134511842-2440332449-2341785934-1000\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Erin\AppData\Roaming\Mozilla\Firefox\Profiles\vgbfzkyh.default\prefs.js

C:\Users\Erin\AppData\Roaming\Mozilla\Firefox\Profiles\vgbfzkyh.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3353 octets] - [18/09/2012 06:07:00]

########## EOF - C:\AdwCleaner[S1].txt - [3413 octets] ##########
To see a world in a grain of sand... -William Blake

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:59 AM

Posted 18 September 2012 - 07:38 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents heredownload

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

Do you still have redirects?

#7 veritasargent

veritasargent
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Maine
  • Local time:04:59 AM

Posted 10 October 2012 - 06:41 AM

rkill log:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/10/2012 07:37:10 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/10/2012 07:37:28 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)
***************************************************************************************************************8
autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe"
+ "FreeFallProtection" "FF_Protection MFC Application" "" "c:\program files (x86)\stmicroelectronics\accelerometerp11\ff_protection.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelWireless" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "NVHotkey" "NVIDIA Hotkey Service, Version 259.51" "NVIDIA Corporation" "c:\windows\system32\nvhotkey.dll"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "CloneCDTray" "CloneCD Tray" "SlySoft, Inc." "c:\program files (x86)\slysoft\clonecd\clonecdtray.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpqSRMon" "HpqSRmon" "Hewlett-Packard" "c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatchtray12oem.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files (x86)\secunia\psi\psi_tray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "Paint.NET" "" "" "File not found: C:\Users\Erin\AppData\Local\PMB Files\Paint.NET\dgzgzku.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files\roxio\roxio burn\rb_contextmenu64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\roxio\oem\roxio burn\rb_contextmenu.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "" "File not found: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120625152117.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120625152117.dll"
+ "Skype Browser Helper" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "0243681349388147mcinstcleanup" "" "" "File not found: C:\Windows\TEMP\024368~1.EXE -cleanup -nolog"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "" "File not found: C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McAWFwk" "McAfee Activation Service" "McAfee, Inc." "c:\program files\mcafee\msc\mcawfwk.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NOBU" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuagent.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RoxMediaDB12OEM" "Roxio RoxMediaDB12OEM Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files (x86)\secunia\psi\psia.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "TurboBoost" "Turbo Boost Monitor Service" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Acceler" "Accelerometer Port I/O" "ST Microelectronics" "c:\windows\system32\drivers\accelern.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AnyDVD" "AnyDVD Filter Driver" "SlySoft, Inc." "c:\windows\system32\drivers\anydvd.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ElbyCDFL" "ElbyCDIO Filter Driver" "SlySoft, Inc." "c:\windows\system32\drivers\elbycdfl.sys"
+ "ElbyCDIO" "ElbyCD Windows x64 I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "JMCR" "JMicron PCIe Flash Media Controller Driver" "JMicron Technology Corporation" "c:\windows\system32\drivers\jmcr.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 259.51 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvpciflt" "NVIDIA Windows Kernel Mode Driver, Version 259.51 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvpciflt.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "qicflt" "Win7 QicFilterDriver-64Bits" "Quanta Computer" "c:\windows\system32\drivers\qicflt.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stdcfltn" "Disk Class Filter Driver for Accelerometer" "ST Microelectronics" "c:\windows\system32\drivers\stdcfltn.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "" "c:\windows\system32\drivers\turbob.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative Correct TimeStamp Filter" "Creative Correct TimeStamp Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctfrfix.ax"
+ "Creative H264 No Quality Control Filter" "Creative No Quality Control Filter" "Creative Technology Ltd." "c:\program files (x86)\dell webcam\dell webcam central\cth264noqc.ax"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "QIC1802 Demux" "QIC1802 Demux" "Quanta Computer Inc." "c:\program files (x86)\dell webcam\dell webcam central\qicdemux.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll"
+ "Sonic MPEG Multiplexer" "MPEG Multiplexer-Plus DS Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\System32\nvinitx.dll" "NVIDIA Compatible NVIDIA shim initialization dll, Version 259.51 " "NVIDIA Corporation" "c:\windows\system32\nvinitx.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\SysWOW64\nvinit.dll" "NVIDIA Compatible NVIDIA shim initialization dll, Version 259.51 " "NVIDIA Corporation" "c:\windows\syswow64\nvinit.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor4" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm4.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"




I think I'm good, thanks!
To see a world in a grain of sand... -William Blake

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:59 AM

Posted 10 October 2012 - 07:51 AM

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Paint.NET" "" "" "File not found: C:\Users\Erin\AppData\Local\PMB Files\Paint.NET\dgzgzku.dll"


Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users