Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible worm or other infection.


  • Please log in to reply
7 replies to this topic

#1 klib_rt

klib_rt

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:47 PM

Posted 17 September 2012 - 09:44 PM

Long story short, I finally find out after a little less than a month that my university disabled my ethernet connection because I had a bot or worm of some sort.

"Communications Network Services has received a report from a system admin=
istrator that a computer apparently in your room was probing their
system for vulnerabilities. This is often an indication that the probing=
system has been compromised by one of the many Internet worms,
viruses, or Trojans. This may happen without any overt action on your pa=
rt, allowing your computer to be used by someone else for illicit
activities."

VIRUS NAME: Bot.Palevo.C


That was in the email I finally received that I was supposed to get on August 27 when that happened...

The tech center here said I should use this and that or reformat... so I decided to scan with Microsoft Security Essentials, Malwarebytes' Anti-Malware, and the crappy Symantec Endpoint Protection the school provides for us.

All of my logs come up clean and they're all up to date with their virus definitions.
I'm just worried that if I actually have something and I continue to use the ethernet connection, I might lose my internet for good at my dormitory.

I haven't noticed any abnormalities on my laptop or weird pop-ups of any sort. None of my account infos have been stolen... so I don't think I have anything? Any suggestions?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:47 PM

Posted 17 September 2012 - 10:42 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 klib_rt

klib_rt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:47 PM

Posted 18 September 2012 - 12:20 PM

TDSSkiller scan log


00:33:44.0755 6768 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
00:33:57.0448 6768 ============================================================
00:33:57.0448 6768 Current date / time: 2012/09/18 00:33:57.0448
00:33:57.0448 6768 SystemInfo:
00:33:57.0448 6768
00:33:57.0448 6768 OS Version: 6.1.7601 ServicePack: 1.0
00:33:57.0448 6768 Product type: Workstation
00:33:57.0448 6768 ComputerName: CALEBLEE-HP
00:33:57.0448 6768 UserName: Caleb Lee
00:33:57.0448 6768 Windows directory: C:\Windows
00:33:57.0448 6768 System windows directory: C:\Windows
00:33:57.0448 6768 Running under WOW64
00:33:57.0448 6768 Processor architecture: Intel x64
00:33:57.0448 6768 Number of processors: 8
00:33:57.0448 6768 Page size: 0x1000
00:33:57.0448 6768 Boot type: Normal boot
00:33:57.0448 6768 ============================================================
00:33:58.0408 6768 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:33:58.0413 6768 ============================================================
00:33:58.0413 6768 \Device\Harddisk0\DR0:
00:33:58.0413 6768 MBR partitions:
00:33:58.0413 6768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
00:33:58.0413 6768 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55308000
00:33:58.0413 6768 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5536C000, BlocksNum 0x21A6800
00:33:58.0413 6768 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
00:33:58.0413 6768 ============================================================
00:33:58.0448 6768 C: <-> \Device\Harddisk0\DR0\Partition2
00:33:58.0491 6768 D: <-> \Device\Harddisk0\DR0\Partition3
00:33:58.0506 6768 E: <-> \Device\Harddisk0\DR0\Partition4
00:33:58.0506 6768 ============================================================
00:33:58.0507 6768 Initialize success
00:33:58.0507 6768 ============================================================
00:34:09.0662 11396 ============================================================
00:34:09.0662 11396 Scan started
00:34:09.0662 11396 Mode: Manual; TDLFS;
00:34:09.0662 11396 ============================================================
00:34:09.0826 11396 ================ Scan system memory ========================
00:34:09.0826 11396 System memory - ok
00:34:09.0826 11396 ================ Scan services =============================
00:34:10.0049 11396 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:34:10.0070 11396 1394ohci - ok
00:34:10.0127 11396 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
00:34:10.0129 11396 Accelerometer - ok
00:34:10.0159 11396 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:34:10.0187 11396 ACPI - ok
00:34:10.0251 11396 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:34:10.0252 11396 AcpiPmi - ok
00:34:10.0416 11396 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:34:10.0418 11396 AdobeARMservice - ok
00:34:10.0608 11396 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:34:10.0612 11396 AdobeFlashPlayerUpdateSvc - ok
00:34:10.0670 11396 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:34:10.0725 11396 adp94xx - ok
00:34:10.0743 11396 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:34:10.0748 11396 adpahci - ok
00:34:10.0769 11396 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:34:10.0773 11396 adpu320 - ok
00:34:10.0804 11396 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:34:10.0805 11396 AeLookupSvc - ok
00:34:10.0848 11396 [ 2C4676E1B569BBE9D4D50A2B90F10064 ] AESTAud C:\Windows\system32\drivers\AESTAu64.sys
00:34:10.0851 11396 AESTAud - ok
00:34:10.0956 11396 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
00:34:10.0957 11396 AESTFilters - ok
00:34:11.0009 11396 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:34:11.0015 11396 AFD - ok
00:34:11.0081 11396 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:34:11.0097 11396 agp440 - ok
00:34:11.0137 11396 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:34:11.0161 11396 ALG - ok
00:34:11.0202 11396 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:34:11.0221 11396 aliide - ok
00:34:11.0272 11396 [ 951F9713EBB69866EA24E4E53D270A02 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:34:11.0274 11396 AMD External Events Utility - ok
00:34:11.0320 11396 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:34:11.0322 11396 amdide - ok
00:34:11.0361 11396 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:34:11.0384 11396 AmdK8 - ok
00:34:11.0612 11396 [ C4A36B9AFB5C993C0A750589BBEAC845 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:34:11.0790 11396 amdkmdag - ok
00:34:11.0873 11396 [ EE789EA97D06BEC75FCD5E69BB69A93B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:34:11.0885 11396 amdkmdap - ok
00:34:11.0928 11396 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:34:11.0930 11396 AmdPPM - ok
00:34:11.0986 11396 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:34:12.0022 11396 amdsata - ok
00:34:12.0053 11396 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:34:12.0056 11396 amdsbs - ok
00:34:12.0092 11396 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:34:12.0094 11396 amdxata - ok
00:34:12.0152 11396 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
00:34:12.0156 11396 AMPPAL - ok
00:34:12.0161 11396 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
00:34:12.0163 11396 AMPPALP - ok
00:34:12.0258 11396 [ 576134E43169810B560F0BB6FDEE13F5 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
00:34:12.0268 11396 AMPPALR3 - ok
00:34:12.0348 11396 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:34:12.0365 11396 AppID - ok
00:34:12.0397 11396 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:34:12.0415 11396 AppIDSvc - ok
00:34:12.0455 11396 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:34:12.0456 11396 Appinfo - ok
00:34:12.0542 11396 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:34:12.0543 11396 Apple Mobile Device - ok
00:34:12.0577 11396 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:34:12.0579 11396 arc - ok
00:34:12.0582 11396 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:34:12.0584 11396 arcsas - ok
00:34:12.0773 11396 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:34:12.0825 11396 aspnet_state - ok
00:34:12.0869 11396 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:34:12.0871 11396 AsyncMac - ok
00:34:12.0917 11396 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:34:12.0932 11396 atapi - ok
00:34:12.0996 11396 [ 8C8F0FEC9BAF9BD2CF64235995E395FD ] atashost C:\Windows\SysWOW64\atashost.exe
00:34:12.0998 11396 atashost - ok
00:34:13.0061 11396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:34:13.0069 11396 AudioEndpointBuilder - ok
00:34:13.0078 11396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:34:13.0082 11396 AudioSrv - ok
00:34:13.0173 11396 [ D93F879E196AA6938B522CD8359EE9B4 ] AX88178 C:\Windows\system32\DRIVERS\ax88178.sys
00:34:13.0183 11396 AX88178 - ok
00:34:13.0266 11396 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:34:13.0269 11396 AxInstSV - ok
00:34:13.0311 11396 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:34:13.0338 11396 b06bdrv - ok
00:34:13.0369 11396 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:34:13.0373 11396 b57nd60a - ok
00:34:13.0414 11396 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:34:13.0450 11396 BDESVC - ok
00:34:13.0490 11396 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:34:13.0492 11396 Beep - ok
00:34:13.0564 11396 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:34:13.0570 11396 BFE - ok
00:34:13.0793 11396 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20120823.013\BHDrvx64.sys
00:34:13.0836 11396 BHDrvx64 - ok
00:34:13.0885 11396 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:34:13.0914 11396 BITS - ok
00:34:13.0930 11396 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:34:13.0954 11396 blbdrive - ok
00:34:14.0041 11396 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:34:14.0046 11396 Bonjour Service - ok
00:34:14.0077 11396 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:34:14.0096 11396 bowser - ok
00:34:14.0136 11396 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:34:14.0138 11396 BrFiltLo - ok
00:34:14.0142 11396 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:34:14.0182 11396 BrFiltUp - ok
00:34:14.0227 11396 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:34:14.0229 11396 Browser - ok
00:34:14.0261 11396 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:34:14.0286 11396 Brserid - ok
00:34:14.0289 11396 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:34:14.0291 11396 BrSerWdm - ok
00:34:14.0307 11396 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:34:14.0309 11396 BrUsbMdm - ok
00:34:14.0331 11396 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:34:14.0333 11396 BrUsbSer - ok
00:34:14.0336 11396 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:34:14.0338 11396 BTHMODEM - ok
00:34:14.0370 11396 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:34:14.0373 11396 bthserv - ok
00:34:14.0404 11396 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
00:34:14.0406 11396 BTHSSecurityMgr - ok
00:34:14.0435 11396 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:34:14.0437 11396 cdfs - ok
00:34:14.0517 11396 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
00:34:14.0539 11396 cdrom - ok
00:34:14.0593 11396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:34:14.0594 11396 CertPropSvc - ok
00:34:14.0621 11396 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:34:14.0643 11396 circlass - ok
00:34:14.0690 11396 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:34:14.0711 11396 CLFS - ok
00:34:14.0781 11396 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
00:34:14.0805 11396 CLKMSVC10_38F51D56 - ok
00:34:14.0861 11396 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:34:14.0882 11396 clr_optimization_v2.0.50727_32 - ok
00:34:14.0935 11396 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:34:14.0965 11396 clr_optimization_v2.0.50727_64 - ok
00:34:15.0069 11396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:34:15.0100 11396 clr_optimization_v4.0.30319_32 - ok
00:34:15.0139 11396 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:34:15.0153 11396 clr_optimization_v4.0.30319_64 - ok
00:34:15.0223 11396 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
00:34:15.0252 11396 clwvd - ok
00:34:15.0288 11396 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:34:15.0290 11396 CmBatt - ok
00:34:15.0329 11396 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:34:15.0331 11396 cmdide - ok
00:34:15.0405 11396 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:34:15.0424 11396 CNG - ok
00:34:15.0481 11396 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:34:15.0508 11396 Compbatt - ok
00:34:15.0581 11396 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:34:15.0596 11396 CompositeBus - ok
00:34:15.0616 11396 COMSysApp - ok
00:34:15.0656 11396 CpqDfw - ok
00:34:15.0712 11396 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
00:34:15.0744 11396 cpuz135 - ok
00:34:15.0782 11396 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:34:15.0802 11396 crcdisk - ok
00:34:15.0866 11396 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:34:15.0869 11396 CryptSvc - ok
00:34:15.0913 11396 [ 5BC67F1EFB6B1D039B151CF7353EC742 ] DAdderFltr C:\Windows\system32\drivers\dadder.sys
00:34:15.0928 11396 DAdderFltr - ok
00:34:15.0972 11396 [ 003626F7CA17C204F16CD5047AF0703A ] danewFltr C:\Windows\system32\drivers\danew.sys
00:34:15.0995 11396 danewFltr - ok
00:34:16.0079 11396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:34:16.0085 11396 DcomLaunch - ok
00:34:16.0127 11396 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:34:16.0144 11396 defragsvc - ok
00:34:16.0179 11396 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:34:16.0199 11396 DfsC - ok
00:34:16.0266 11396 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:34:16.0270 11396 Dhcp - ok
00:34:16.0309 11396 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:34:16.0331 11396 discache - ok
00:34:16.0378 11396 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:34:16.0380 11396 Disk - ok
00:34:16.0426 11396 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:34:16.0429 11396 Dnscache - ok
00:34:16.0479 11396 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:34:16.0483 11396 dot3svc - ok
00:34:16.0526 11396 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:34:16.0529 11396 DPS - ok
00:34:16.0565 11396 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:34:16.0588 11396 drmkaud - ok
00:34:16.0624 11396 dump_wmimmc - ok
00:34:16.0666 11396 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:34:16.0676 11396 DXGKrnl - ok
00:34:16.0713 11396 EagleX64 - ok
00:34:16.0746 11396 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:34:16.0748 11396 EapHost - ok
00:34:16.0834 11396 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:34:16.0908 11396 ebdrv - ok
00:34:17.0003 11396 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:34:17.0029 11396 eeCtrl - ok
00:34:17.0065 11396 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:34:17.0067 11396 EFS - ok
00:34:17.0135 11396 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:34:17.0175 11396 ehRecvr - ok
00:34:17.0200 11396 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:34:17.0215 11396 ehSched - ok
00:34:17.0262 11396 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:34:17.0292 11396 elxstor - ok
00:34:17.0380 11396 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:34:17.0407 11396 EraserUtilRebootDrv - ok
00:34:17.0439 11396 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:34:17.0456 11396 ErrDev - ok
00:34:17.0593 11396 [ 3A4C143CF035D324B55993070ECA9A31 ] ESEADriver2 C:\Users\CALEBL~1\AppData\Local\Temp\ESEADriver2.sys
00:34:17.0607 11396 ESEADriver2 - ok
00:34:17.0657 11396 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:34:17.0662 11396 EventSystem - ok
00:34:17.0770 11396 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:34:17.0784 11396 EvtEng - ok
00:34:17.0815 11396 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:34:17.0818 11396 exfat - ok
00:34:17.0835 11396 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:34:17.0838 11396 fastfat - ok
00:34:17.0896 11396 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:34:17.0903 11396 Fax - ok
00:34:17.0936 11396 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:34:17.0969 11396 fdc - ok
00:34:18.0003 11396 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:34:18.0004 11396 fdPHost - ok
00:34:18.0018 11396 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:34:18.0019 11396 FDResPub - ok
00:34:18.0027 11396 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:34:18.0029 11396 FileInfo - ok
00:34:18.0060 11396 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:34:18.0079 11396 Filetrace - ok
00:34:18.0108 11396 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:34:18.0127 11396 flpydisk - ok
00:34:18.0161 11396 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:34:18.0178 11396 FltMgr - ok
00:34:18.0226 11396 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:34:18.0237 11396 FontCache - ok
00:34:18.0304 11396 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:34:18.0305 11396 FontCache3.0.0.0 - ok
00:34:18.0384 11396 [ CDC54DB949D1E2BBF86B0C7AB86B912E ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
00:34:18.0387 11396 FPLService - ok
00:34:18.0409 11396 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:34:18.0411 11396 FsDepends - ok
00:34:18.0465 11396 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:34:18.0489 11396 Fs_Rec - ok
00:34:18.0561 11396 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:34:18.0585 11396 fvevol - ok
00:34:18.0631 11396 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:34:18.0644 11396 gagp30kx - ok
00:34:18.0700 11396 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:34:18.0720 11396 GEARAspiWDM - ok
00:34:18.0800 11396 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:34:18.0808 11396 gpsvc - ok
00:34:18.0940 11396 [ 4635935FC972C582632BF45C26BFCB0E ] HawkesUpdater C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe
00:34:18.0940 11396 HawkesUpdater - ok
00:34:18.0963 11396 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:34:18.0964 11396 hcw85cir - ok
00:34:19.0014 11396 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:34:19.0018 11396 HdAudAddService - ok
00:34:19.0040 11396 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:34:19.0042 11396 HDAudBus - ok
00:34:19.0051 11396 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:34:19.0068 11396 HidBatt - ok
00:34:19.0087 11396 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:34:19.0090 11396 HidBth - ok
00:34:19.0115 11396 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:34:19.0129 11396 HidIr - ok
00:34:19.0151 11396 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:34:19.0153 11396 hidserv - ok
00:34:19.0208 11396 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:34:19.0221 11396 HidUsb - ok
00:34:19.0298 11396 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:34:19.0300 11396 hkmsvc - ok
00:34:19.0369 11396 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:34:19.0386 11396 HomeGroupListener - ok
00:34:19.0431 11396 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:34:19.0434 11396 HomeGroupProvider - ok
00:34:19.0537 11396 [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
00:34:19.0539 11396 HP Support Assistant Service - ok
00:34:19.0603 11396 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
00:34:19.0605 11396 HP Wireless Assistant Service - ok
00:34:19.0704 11396 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
00:34:19.0706 11396 HPDrvMntSvc.exe - ok
00:34:19.0744 11396 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
00:34:19.0747 11396 hpdskflt - ok
00:34:19.0795 11396 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
00:34:19.0804 11396 hpqwmiex - ok
00:34:19.0876 11396 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:34:19.0893 11396 HpSAMD - ok
00:34:19.0925 11396 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
00:34:19.0926 11396 hpsrv - ok
00:34:20.0005 11396 [ 491CE9B6321FB74E4B37AF2C47F98434 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
00:34:20.0006 11396 HPWMISVC - ok
00:34:20.0050 11396 [ CF44B25AE808765D7308F412AD492DDB ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
00:34:20.0066 11396 HTCAND64 - ok
00:34:20.0112 11396 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:34:20.0132 11396 HTTP - ok
00:34:20.0196 11396 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:34:20.0197 11396 hwpolicy - ok
00:34:20.0260 11396 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:34:20.0262 11396 i8042prt - ok
00:34:20.0300 11396 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:34:20.0303 11396 iaStor - ok
00:34:20.0384 11396 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:34:20.0385 11396 IAStorDataMgrSvc - ok
00:34:20.0439 11396 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:34:20.0445 11396 iaStorV - ok
00:34:20.0588 11396 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
00:34:20.0610 11396 IconMan_R - ok
00:34:20.0678 11396 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:34:20.0695 11396 idsvc - ok
00:34:20.0907 11396 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20120917.001\IDSvia64.sys
00:34:20.0914 11396 IDSVia64 - ok
00:34:21.0212 11396 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:34:21.0416 11396 igfx - ok
00:34:21.0467 11396 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:34:21.0482 11396 iirsp - ok
00:34:21.0616 11396 [ F82BC30BB2B608AF8B5540CDBAEA93A6 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
00:34:21.0618 11396 IJPLMSVC - ok
00:34:21.0683 11396 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:34:21.0692 11396 IKEEXT - ok
00:34:21.0760 11396 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:34:21.0764 11396 IntcDAud - ok
00:34:21.0820 11396 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:34:21.0836 11396 intelide - ok
00:34:22.0085 11396 [ 795C99DC4F574C97C03D0BB39CF099EE ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
00:34:22.0287 11396 intelkmd - ok
00:34:22.0323 11396 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:34:22.0325 11396 intelppm - ok
00:34:22.0357 11396 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:34:22.0374 11396 IPBusEnum - ok
00:34:22.0418 11396 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:34:22.0436 11396 IpFilterDriver - ok
00:34:22.0485 11396 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:34:22.0492 11396 iphlpsvc - ok
00:34:22.0530 11396 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:34:22.0532 11396 IPMIDRV - ok
00:34:22.0581 11396 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:34:22.0584 11396 IPNAT - ok
00:34:22.0676 11396 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:34:22.0686 11396 iPod Service - ok
00:34:22.0729 11396 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:34:22.0763 11396 IRENUM - ok
00:34:22.0804 11396 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:34:22.0820 11396 isapnp - ok
00:34:22.0853 11396 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:34:22.0857 11396 iScsiPrt - ok
00:34:22.0898 11396 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:34:22.0900 11396 kbdclass - ok
00:34:22.0931 11396 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:34:22.0954 11396 kbdhid - ok
00:34:23.0011 11396 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:34:23.0012 11396 KeyIso - ok
00:34:23.0052 11396 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:34:23.0075 11396 KSecDD - ok
00:34:23.0097 11396 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:34:23.0123 11396 KSecPkg - ok
00:34:23.0156 11396 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:34:23.0178 11396 ksthunk - ok
00:34:23.0209 11396 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:34:23.0249 11396 KtmRm - ok
00:34:23.0319 11396 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:34:23.0323 11396 LanmanServer - ok
00:34:23.0381 11396 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:34:23.0384 11396 LanmanWorkstation - ok
00:34:23.0425 11396 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
00:34:23.0426 11396 LightScribeService - ok
00:34:23.0479 11396 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:34:23.0481 11396 lltdio - ok
00:34:23.0519 11396 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:34:23.0547 11396 lltdsvc - ok
00:34:23.0574 11396 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:34:23.0576 11396 lmhosts - ok
00:34:23.0613 11396 [ C463A25F01C6237295917417C5E9E344 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:34:23.0617 11396 LMS - ok
00:34:23.0642 11396 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:34:23.0644 11396 LSI_FC - ok
00:34:23.0670 11396 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:34:23.0684 11396 LSI_SAS - ok
00:34:23.0705 11396 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:34:23.0707 11396 LSI_SAS2 - ok
00:34:23.0725 11396 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:34:23.0745 11396 LSI_SCSI - ok
00:34:23.0779 11396 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:34:23.0798 11396 luafv - ok
00:34:23.0836 11396 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:34:23.0856 11396 Mcx2Svc - ok
00:34:23.0894 11396 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:34:23.0896 11396 megasas - ok
00:34:23.0932 11396 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:34:23.0958 11396 MegaSR - ok
00:34:24.0003 11396 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:34:24.0022 11396 MEIx64 - ok
00:34:24.0133 11396 Microsoft SharePoint Workspace Audit Service - ok
00:34:24.0157 11396 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:34:24.0160 11396 MMCSS - ok
00:34:24.0181 11396 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:34:24.0183 11396 Modem - ok
00:34:24.0191 11396 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:34:24.0193 11396 monitor - ok
00:34:24.0216 11396 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:34:24.0218 11396 mouclass - ok
00:34:24.0252 11396 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:34:24.0254 11396 mouhid - ok
00:34:24.0415 11396 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:34:24.0440 11396 mountmgr - ok
00:34:24.0538 11396 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:34:24.0600 11396 MozillaMaintenance - ok
00:34:24.0680 11396 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:34:24.0682 11396 MpFilter - ok
00:34:24.0718 11396 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:34:24.0721 11396 mpio - ok
00:34:24.0855 11396 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKsl75b29df8 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8152DD7E-AC71-4B01-85E7-12D0C81F3DE8}\MpKsl75b29df8.sys
00:34:24.0857 11396 MpKsl75b29df8 - ok
00:34:24.0888 11396 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:34:24.0891 11396 mpsdrv - ok
00:34:24.0944 11396 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:34:24.0952 11396 MpsSvc - ok
00:34:24.0988 11396 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:34:25.0007 11396 MRxDAV - ok
00:34:25.0045 11396 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:34:25.0064 11396 mrxsmb - ok
00:34:25.0109 11396 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:34:25.0133 11396 mrxsmb10 - ok
00:34:25.0137 11396 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:34:25.0165 11396 mrxsmb20 - ok
00:34:25.0202 11396 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:34:25.0204 11396 msahci - ok
00:34:25.0218 11396 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:34:25.0220 11396 msdsm - ok
00:34:25.0244 11396 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:34:25.0252 11396 MSDTC - ok
00:34:25.0283 11396 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:34:25.0306 11396 Msfs - ok
00:34:25.0347 11396 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:34:25.0348 11396 mshidkmdf - ok
00:34:25.0392 11396 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:34:25.0393 11396 msisadrv - ok
00:34:25.0429 11396 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:34:25.0458 11396 MSiSCSI - ok
00:34:25.0461 11396 msiserver - ok
00:34:25.0507 11396 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:34:25.0509 11396 MSKSSRV - ok
00:34:25.0571 11396 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:34:25.0572 11396 MsMpSvc - ok
00:34:25.0594 11396 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:34:25.0610 11396 MSPCLOCK - ok
00:34:25.0612 11396 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:34:25.0614 11396 MSPQM - ok
00:34:25.0655 11396 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:34:25.0671 11396 MsRPC - ok
00:34:25.0700 11396 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:34:25.0742 11396 mssmbios - ok
00:34:25.0862 11396 MSSQL$SQLEXPRESS - ok
00:34:25.0965 11396 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
00:34:25.0993 11396 MSSQLServerADHelper100 - ok
00:34:26.0025 11396 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:34:26.0039 11396 MSTEE - ok
00:34:26.0059 11396 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:34:26.0060 11396 MTConfig - ok
00:34:26.0072 11396 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:34:26.0096 11396 Mup - ok
00:34:26.0144 11396 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:34:26.0174 11396 MyWiFiDHCPDNS - ok
00:34:26.0215 11396 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:34:26.0221 11396 napagent - ok
00:34:26.0255 11396 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:34:26.0259 11396 NativeWifiP - ok
00:34:26.0392 11396 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20120917.002\ENG64.SYS
00:34:26.0395 11396 NAVENG - ok
00:34:26.0478 11396 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20120917.002\EX64.SYS
00:34:26.0497 11396 NAVEX15 - ok
00:34:26.0570 11396 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:34:26.0580 11396 NDIS - ok
00:34:26.0610 11396 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:34:26.0612 11396 NdisCap - ok
00:34:26.0642 11396 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:34:26.0644 11396 NdisTapi - ok
00:34:26.0675 11396 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:34:26.0697 11396 Ndisuio - ok
00:34:26.0735 11396 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:34:26.0738 11396 NdisWan - ok
00:34:26.0781 11396 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:34:26.0783 11396 NDProxy - ok
00:34:26.0813 11396 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:34:26.0830 11396 NetBIOS - ok
00:34:26.0866 11396 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:34:26.0870 11396 NetBT - ok
00:34:26.0922 11396 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:34:26.0924 11396 Netlogon - ok
00:34:26.0970 11396 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:34:26.0974 11396 Netman - ok
00:34:27.0072 11396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:34:27.0090 11396 NetMsmqActivator - ok
00:34:27.0114 11396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:34:27.0115 11396 NetPipeActivator - ok
00:34:27.0148 11396 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:34:27.0153 11396 netprofm - ok
00:34:27.0183 11396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:34:27.0184 11396 NetTcpActivator - ok
00:34:27.0188 11396 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:34:27.0189 11396 NetTcpPortSharing - ok
00:34:27.0307 11396 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
00:34:27.0403 11396 netw5v64 - ok
00:34:27.0564 11396 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
00:34:27.0729 11396 NETwNs64 - ok
00:34:27.0785 11396 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:34:27.0800 11396 nfrd960 - ok
00:34:27.0851 11396 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:34:27.0853 11396 NisDrv - ok
00:34:27.0874 11396 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
00:34:27.0900 11396 NisSrv - ok
00:34:27.0961 11396 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:34:27.0966 11396 NlaSvc - ok
00:34:28.0059 11396 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:34:28.0061 11396 Npfs - ok
00:34:28.0081 11396 npggsvc - ok
00:34:28.0084 11396 NPPTNT2 - ok
00:34:28.0123 11396 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:34:28.0124 11396 nsi - ok
00:34:28.0160 11396 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:34:28.0174 11396 nsiproxy - ok
00:34:28.0238 11396 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:34:28.0267 11396 Ntfs - ok
00:34:28.0300 11396 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:34:28.0302 11396 Null - ok
00:34:28.0340 11396 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:34:28.0361 11396 nusb3hub - ok
00:34:28.0392 11396 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:34:28.0414 11396 nusb3xhc - ok
00:34:28.0478 11396 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:34:28.0499 11396 nvraid - ok
00:34:28.0519 11396 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:34:28.0522 11396 nvstor - ok
00:34:28.0585 11396 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:34:28.0588 11396 nv_agp - ok
00:34:28.0633 11396 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:34:28.0635 11396 ohci1394 - ok
00:34:28.0712 11396 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:34:28.0736 11396 ose - ok
00:34:28.0899 11396 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:34:28.0966 11396 osppsvc - ok
00:34:29.0000 11396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:34:29.0022 11396 p2pimsvc - ok
00:34:29.0058 11396 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:34:29.0064 11396 p2psvc - ok
00:34:29.0081 11396 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:34:29.0083 11396 Parport - ok
00:34:29.0123 11396 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:34:29.0146 11396 partmgr - ok
00:34:29.0173 11396 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:34:29.0176 11396 PcaSvc - ok
00:34:29.0191 11396 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:34:29.0193 11396 pci - ok
00:34:29.0249 11396 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:34:29.0251 11396 pciide - ok
00:34:29.0271 11396 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:34:29.0287 11396 pcmcia - ok
00:34:29.0309 11396 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:34:29.0311 11396 pcw - ok
00:34:29.0343 11396 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:34:29.0351 11396 PEAUTH - ok
00:34:29.0479 11396 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:34:29.0481 11396 PerfHost - ok
00:34:29.0556 11396 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:34:29.0599 11396 pla - ok
00:34:29.0666 11396 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:34:29.0672 11396 PlugPlay - ok
00:34:29.0719 11396 PnkBstrA - ok
00:34:29.0766 11396 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:34:29.0768 11396 PNRPAutoReg - ok
00:34:29.0833 11396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:34:29.0836 11396 PNRPsvc - ok
00:34:29.0881 11396 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:34:29.0886 11396 PolicyAgent - ok
00:34:29.0923 11396 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:34:29.0927 11396 Power - ok
00:34:29.0993 11396 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:34:29.0995 11396 PptpMiniport - ok
00:34:30.0020 11396 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:34:30.0035 11396 Processor - ok
00:34:30.0067 11396 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:34:30.0070 11396 ProfSvc - ok
00:34:30.0089 11396 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:34:30.0090 11396 ProtectedStorage - ok
00:34:30.0141 11396 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:34:30.0157 11396 Psched - ok
00:34:30.0254 11396 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:34:30.0299 11396 ql2300 - ok
00:34:30.0320 11396 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:34:30.0323 11396 ql40xx - ok
00:34:30.0355 11396 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:34:30.0380 11396 QWAVE - ok
00:34:30.0413 11396 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:34:30.0415 11396 QWAVEdrv - ok
00:34:30.0426 11396 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:34:30.0441 11396 RasAcd - ok
00:34:30.0490 11396 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:34:30.0514 11396 RasAgileVpn - ok
00:34:30.0545 11396 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:34:30.0570 11396 RasAuto - ok
00:34:30.0604 11396 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:34:30.0626 11396 Rasl2tp - ok
00:34:30.0665 11396 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:34:30.0669 11396 RasMan - ok
00:34:30.0704 11396 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:34:30.0706 11396 RasPppoe - ok
00:34:30.0723 11396 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:34:30.0739 11396 RasSstp - ok
00:34:30.0784 11396 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:34:30.0810 11396 rdbss - ok
00:34:30.0853 11396 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:34:30.0855 11396 rdpbus - ok
00:34:30.0878 11396 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:34:30.0880 11396 RDPCDD - ok
00:34:30.0898 11396 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:34:30.0913 11396 RDPENCDD - ok
00:34:30.0936 11396 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:34:30.0937 11396 RDPREFMP - ok
00:34:30.0977 11396 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:34:31.0007 11396 RDPWD - ok
00:34:31.0300 11396 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:34:31.0330 11396 rdyboost - ok
00:34:31.0514 11396 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:34:31.0523 11396 RegSrvc - ok
00:34:31.0575 11396 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:34:31.0598 11396 RemoteAccess - ok
00:34:31.0659 11396 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:34:31.0670 11396 RemoteRegistry - ok
00:34:31.0696 11396 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:34:31.0698 11396 RpcEptMapper - ok
00:34:31.0738 11396 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:34:31.0744 11396 RpcLocator - ok
00:34:31.0803 11396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:34:31.0807 11396 RpcSs - ok
00:34:31.0891 11396 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\Windows\system32\DRIVERS\RsFx0105.sys
00:34:31.0904 11396 RsFx0105 - ok
00:34:31.0948 11396 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
00:34:31.0980 11396 RSPCIESTOR - ok
00:34:32.0050 11396 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:34:32.0273 11396 rspndr - ok
00:34:32.0645 11396 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:34:32.0672 11396 RTL8167 - ok
00:34:32.0700 11396 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:34:32.0701 11396 SamSs - ok
00:34:32.0749 11396 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:34:32.0752 11396 sbp2port - ok
00:34:32.0794 11396 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:34:32.0835 11396 SCardSvr - ok
00:34:32.0877 11396 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:34:32.0907 11396 scfilter - ok
00:34:32.0969 11396 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:34:32.0981 11396 Schedule - ok
00:34:33.0017 11396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:34:33.0018 11396 SCPolicySvc - ok
00:34:33.0075 11396 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
00:34:33.0077 11396 sdbus - ok
00:34:33.0114 11396 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:34:33.0136 11396 SDRSVC - ok
00:34:33.0179 11396 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:34:33.0195 11396 secdrv - ok
00:34:33.0229 11396 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:34:33.0231 11396 seclogon - ok
00:34:33.0255 11396 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:34:33.0257 11396 SENS - ok
00:34:33.0285 11396 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:34:33.0302 11396 SensrSvc - ok
00:34:33.0463 11396 [ 74885BDFF62E537F268EBF8E8CEC24BB ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
00:34:33.0464 11396 SepMasterService - ok
00:34:33.0507 11396 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:34:33.0509 11396 Serenum - ok
00:34:33.0520 11396 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:34:33.0522 11396 Serial - ok
00:34:33.0566 11396 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:34:33.0567 11396 sermouse - ok
00:34:33.0601 11396 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:34:33.0604 11396 SessionEnv - ok
00:34:33.0647 11396 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:34:33.0663 11396 sffdisk - ok
00:34:33.0677 11396 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:34:33.0678 11396 sffp_mmc - ok
00:34:33.0681 11396 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:34:33.0682 11396 sffp_sd - ok
00:34:33.0714 11396 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:34:33.0733 11396 sfloppy - ok
00:34:33.0783 11396 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:34:33.0801 11396 SharedAccess - ok
00:34:33.0843 11396 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:34:33.0847 11396 ShellHWDetection - ok
00:34:33.0882 11396 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:34:33.0906 11396 SiSRaid2 - ok
00:34:33.0924 11396 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:34:33.0926 11396 SiSRaid4 - ok
00:34:33.0998 11396 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:34:34.0000 11396 SkypeUpdate - ok
00:34:34.0041 11396 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:34:34.0043 11396 Smb - ok
00:34:34.0156 11396 [ B8EF6F1FAFBE89E24E152907605E7A25 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
00:34:34.0199 11396 SmcService - ok
00:34:34.0227 11396 [ 89733DCC3817455FBC3AB4A3C19EE765 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
00:34:34.0265 11396 SNAC - ok
00:34:34.0313 11396 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:34:34.0337 11396 SNMPTRAP - ok
00:34:34.0389 11396 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:34:34.0407 11396 spldr - ok
00:34:34.0447 11396 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:34:34.0454 11396 Spooler - ok
00:34:34.0577 11396 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:34:34.0656 11396 sppsvc - ok
00:34:34.0690 11396 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:34:34.0712 11396 sppuinotify - ok
00:34:34.0871 11396 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
00:34:34.0876 11396 SQLAgent$SQLEXPRESS - ok
00:34:34.0998 11396 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:34:35.0030 11396 SQLBrowser - ok
00:34:35.0095 11396 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:34:35.0098 11396 SQLWriter - ok
00:34:35.0187 11396 [ 48FD53FED3C81726001E438A2201E9FF ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
00:34:35.0195 11396 SRTSP - ok
00:34:35.0229 11396 [ 63199A936D9BDEA578DFB8F5E9A40095 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
00:34:35.0251 11396 SRTSPX - ok
00:34:35.0288 11396 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:34:35.0332 11396 srv - ok
00:34:35.0356 11396 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:34:35.0382 11396 srv2 - ok
00:34:35.0456 11396 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
00:34:35.0478 11396 SrvHsfHDA - ok
00:34:35.0558 11396 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:34:35.0598 11396 SrvHsfV92 - ok
00:34:35.0630 11396 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:34:35.0638 11396 SrvHsfWinac - ok
00:34:35.0663 11396 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:34:35.0666 11396 srvnet - ok
00:34:35.0700 11396 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:34:35.0704 11396 SSDPSRV - ok
00:34:35.0722 11396 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:34:35.0724 11396 SstpSvc - ok
00:34:35.0796 11396 [ 20E27AA5BCC01C2149830C05FE22F675 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
00:34:35.0800 11396 STacSV - ok
00:34:35.0834 11396 Steam Client Service - ok
00:34:35.0861 11396 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:34:35.0863 11396 stexstor - ok
00:34:35.0930 11396 [ BEB37CE4E7456F5EFA52D783D1E06D8C ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
00:34:35.0936 11396 STHDA - ok
00:34:35.0992 11396 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:34:35.0999 11396 stisvc - ok
00:34:36.0037 11396 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:34:36.0039 11396 swenum - ok
00:34:36.0065 11396 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:34:36.0103 11396 swprv - ok
00:34:36.0129 11396 [ C6EE00B4CA36CC1E48A323A75E5881CE ] SyDvCtrl C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\SyDvCtrl64.sys
00:34:36.0146 11396 SyDvCtrl - ok
00:34:36.0175 11396 [ F017987B177F7BBC989318D59309D091 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
00:34:36.0200 11396 SymDS - ok
00:34:36.0252 11396 [ E7F25D768EE0CDF69D8B752398C262BB ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
00:34:36.0287 11396 SymEFA - ok
00:34:36.0362 11396 [ 36B77F5C9E21F88A8C8EC67AD5415819 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
00:34:36.0388 11396 SymEvent - ok
00:34:36.0460 11396 [ 1611FA7A95A48387DF22757FA81B46A9 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
00:34:36.0476 11396 SymIRON - ok
00:34:36.0514 11396 [ D41557715C1C792D1391DB5AA81A00DF ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS
00:34:36.0538 11396 SYMNETS - ok
00:34:36.0615 11396 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:34:36.0621 11396 SynTP - ok
00:34:36.0711 11396 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:34:36.0729 11396 SysMain - ok
00:34:36.0767 11396 [ 3BEAB2DE5688F3635A8ECD7C75562F43 ] SysPlant C:\Windows\system32\Drivers\SysPlant.sys
00:34:36.0800 11396 SysPlant - ok
00:34:36.0830 11396 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:34:36.0832 11396 TabletInputService - ok
00:34:36.0868 11396 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:34:36.0874 11396 TapiSrv - ok
00:34:36.0919 11396 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:34:36.0922 11396 TBS - ok
00:34:37.0009 11396 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:34:37.0047 11396 Tcpip - ok
00:34:37.0091 11396 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:34:37.0100 11396 TCPIP6 - ok
00:34:37.0137 11396 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:34:37.0148 11396 tcpipreg - ok
00:34:37.0175 11396 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:34:37.0197 11396 TDPIPE - ok
00:34:37.0222 11396 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:34:37.0224 11396 TDTCP - ok
00:34:37.0265 11396 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:34:37.0289 11396 tdx - ok
00:34:37.0327 11396 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:34:37.0329 11396 TermDD - ok
00:34:37.0366 11396 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:34:37.0374 11396 TermService - ok
00:34:37.0412 11396 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:34:37.0414 11396 Themes - ok
00:34:37.0458 11396 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:34:37.0459 11396 THREADORDER - ok
00:34:37.0468 11396 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:34:37.0471 11396 TrkWks - ok
00:34:37.0537 11396 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:34:37.0563 11396 TrustedInstaller - ok
00:34:37.0603 11396 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:34:37.0626 11396 tssecsrv - ok
00:34:37.0690 11396 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:34:37.0712 11396 TsUsbFlt - ok
00:34:37.0777 11396 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:34:37.0795 11396 tunnel - ok
00:34:37.0836 11396 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:34:37.0855 11396 uagp35 - ok
00:34:37.0898 11396 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:34:37.0924 11396 udfs - ok
00:34:37.0974 11396 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:34:37.0996 11396 UI0Detect - ok
00:34:38.0036 11396 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:34:38.0038 11396 uliagpkx - ok
00:34:38.0094 11396 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
00:34:38.0096 11396 umbus - ok
00:34:38.0132 11396 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:34:38.0134 11396 UmPass - ok
00:34:38.0239 11396 [ 3A1ECEF8D49FC1A786A6CCD5A86A8878 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:34:38.0262 11396 UNS - ok
00:34:38.0289 11396 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:34:38.0294 11396 upnphost - ok
00:34:38.0335 11396 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:34:38.0352 11396 USBAAPL64 - ok
00:34:38.0429 11396 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:34:38.0431 11396 usbccgp - ok
00:34:38.0485 11396 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:34:38.0488 11396 usbcir - ok
00:34:38.0532 11396 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:34:38.0578 11396 usbehci - ok
00:34:38.0612 11396 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:34:38.0617 11396 usbhub - ok
00:34:38.0651 11396 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:34:38.0669 11396 usbohci - ok
00:34:38.0710 11396 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:34:38.0732 11396 usbprint - ok
00:34:38.0786 11396 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:34:38.0812 11396 usbscan - ok
00:34:38.0857 11396 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:34:38.0859 11396 USBSTOR - ok
00:34:38.0897 11396 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:34:38.0899 11396 usbuhci - ok
00:34:38.0963 11396 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:34:38.0966 11396 usbvideo - ok
00:34:38.0995 11396 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:34:38.0997 11396 UxSms - ok
00:34:39.0051 11396 [ 18436F7006443FB76145B3D35162A810 ] VaneFltr C:\Windows\system32\drivers\Lachesis.sys
00:34:39.0071 11396 VaneFltr - ok
00:34:39.0090 11396 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:34:39.0091 11396 VaultSvc - ok
00:34:39.0138 11396 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:34:39.0140 11396 vdrvroot - ok
00:34:39.0186 11396 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:34:39.0223 11396 vds - ok
00:34:39.0251 11396 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:34:39.0269 11396 vga - ok
00:34:39.0284 11396 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:34:39.0286 11396 VgaSave - ok
00:34:39.0329 11396 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:34:39.0332 11396 vhdmp - ok
00:34:39.0365 11396 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:34:39.0367 11396 viaide - ok
00:34:39.0393 11396 [ 3B59BB6D10CF969DBE4DB93D9EAD7FB4 ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
00:34:39.0407 11396 VKbms - ok
00:34:39.0427 11396 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:34:39.0429 11396 volmgr - ok
00:34:39.0448 11396 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:34:39.0475 11396 volmgrx - ok
00:34:39.0523 11396 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:34:39.0527 11396 volsnap - ok
00:34:39.0552 11396 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:34:39.0555 11396 vsmraid - ok
00:34:39.0625 11396 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:34:39.0662 11396 VSS - ok
00:34:39.0702 11396 vtany - ok
00:34:39.0725 11396 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:34:39.0746 11396 vwifibus - ok
00:34:39.0778 11396 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:34:39.0780 11396 vwififlt - ok
00:34:39.0784 11396 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:34:39.0786 11396 vwifimp - ok
00:34:39.0843 11396 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:34:39.0849 11396 W32Time - ok
00:34:39.0867 11396 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:34:39.0907 11396 WacomPen - ok
00:34:39.0994 11396 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:34:40.0028 11396 WANARP - ok
00:34:40.0033 11396 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:34:40.0034 11396 Wanarpv6 - ok
00:34:40.0137 11396 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:34:40.0180 11396 WatAdminSvc - ok
00:34:40.0237 11396 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:34:40.0255 11396 wbengine - ok
00:34:40.0522 11396 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:34:40.0526 11396 WbioSrvc - ok
00:34:40.0594 11396 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:34:40.0599 11396 wcncsvc - ok
00:34:40.0617 11396 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:34:40.0632 11396 WcsPlugInService - ok
00:34:40.0665 11396 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:34:40.0680 11396 Wd - ok
00:34:40.0731 11396 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
00:34:40.0761 11396 WDC_SAM - ok
00:34:40.0792 11396 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:34:40.0799 11396 Wdf01000 - ok
00:34:40.0816 11396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:34:40.0819 11396 WdiServiceHost - ok
00:34:40.0824 11396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:34:40.0826 11396 WdiSystemHost - ok
00:34:40.0855 11396 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
00:34:40.0869 11396 wdkmd - ok
00:34:40.0916 11396 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:34:40.0940 11396 WebClient - ok
00:34:40.0976 11396 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:34:40.0985 11396 Wecsvc - ok
00:34:40.0999 11396 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:34:41.0002 11396 wercplsupport - ok
00:34:41.0022 11396 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:34:41.0025 11396 WerSvc - ok
00:34:41.0041 11396 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:34:41.0042 11396 WfpLwf - ok
00:34:41.0068 11396 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:34:41.0069 11396 WIMMount - ok
00:34:41.0086 11396 WinDefend - ok
00:34:41.0090 11396 WinHttpAutoProxySvc - ok
00:34:41.0141 11396 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:34:41.0144 11396 Winmgmt - ok
00:34:41.0209 11396 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:34:41.0236 11396 WinRM - ok
00:34:41.0287 11396 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
00:34:41.0289 11396 WinUsb - ok
00:34:41.0318 11396 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:34:41.0328 11396 Wlansvc - ok
00:34:41.0418 11396 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:34:41.0438 11396 wlidsvc - ok
00:34:41.0482 11396 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:34:41.0484 11396 WmiAcpi - ok
00:34:41.0503 11396 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:34:41.0523 11396 wmiApSrv - ok
00:34:41.0552 11396 WMPNetworkSvc - ok
00:34:41.0584 11396 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:34:41.0612 11396 WPCSvc - ok
00:34:41.0647 11396 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:34:41.0662 11396 WPDBusEnum - ok
00:34:41.0699 11396 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:34:41.0719 11396 ws2ifsl - ok
00:34:41.0751 11396 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:34:41.0754 11396 wscsvc - ok
00:34:41.0757 11396 WSearch - ok
00:34:41.0827 11396 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:34:41.0850 11396 wuauserv - ok
00:34:41.0892 11396 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:34:41.0895 11396 WudfPf - ok
00:34:41.0907 11396 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:34:41.0923 11396 WUDFRd - ok
00:34:41.0959 11396 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:34:41.0961 11396 wudfsvc - ok
00:34:41.0987 11396 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:34:42.0010 11396 WwanSvc - ok
00:34:42.0078 11396 [ D4FF90730B69ED04BF7DF1B90E987B08 ] xsherlock C:\Windows\xsherlock.xem
00:34:42.0113 11396 xsherlock - ok
00:34:42.0131 11396 xspirit - ok
00:34:42.0172 11396 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
00:34:42.0177 11396 yukonw7 - ok
00:34:42.0184 11396 ================ Scan global ===============================
00:34:42.0209 11396 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:34:42.0252 11396 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:34:42.0260 11396 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:34:42.0285 11396 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:34:42.0315 11396 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:34:42.0320 11396 [Global] - ok
00:34:42.0320 11396 ================ Scan MBR ==================================
00:34:42.0335 11396 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:34:43.0169 11396 \Device\Harddisk0\DR0 - ok
00:34:43.0169 11396 ================ Scan VBR ==================================
00:34:43.0210 11396 [ 2E405531960C7FF153FD40313C06F989 ] \Device\Harddisk0\DR0\Partition1
00:34:43.0213 11396 \Device\Harddisk0\DR0\Partition1 - ok
00:34:43.0230 11396 [ C24841F13C20F366CC82C70B6B723AC6 ] \Device\Harddisk0\DR0\Partition2
00:34:43.0231 11396 \Device\Harddisk0\DR0\Partition2 - ok
00:34:43.0260 11396 [ 0F8E8B2F855D8CE79A10E3446EF0C4DE ] \Device\Harddisk0\DR0\Partition3
00:34:43.0262 11396 \Device\Harddisk0\DR0\Partition3 - ok
00:34:43.0278 11396 [ EDAE9F6C74A73D3A42232BC0E3BBBA08 ] \Device\Harddisk0\DR0\Partition4
00:34:43.0279 11396 \Device\Harddisk0\DR0\Partition4 - ok
00:34:43.0280 11396 ============================================================
00:34:43.0280 11396 Scan finished
00:34:43.0280 11396 ============================================================
00:34:43.0287 6360 Detected object count: 0
00:34:43.0287 6360 Actual detected object count: 0


aswMBR scan log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-18 00:34:54
-----------------------------
00:34:54.940 OS Version: Windows x64 6.1.7601 Service Pack 1
00:34:54.940 Number of processors: 8 586 0x2A07
00:34:54.941 ComputerName: CALEBLEE-HP UserName: Caleb Lee
00:34:58.908 Initialize success
00:35:28.256 AVAST engine defs: 12091400
00:38:04.141 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:38:04.144 Disk 0 Vendor: TOSHIBA_ GN00 Size: 715404MB BusType: 3
00:38:04.157 Disk 0 MBR read successfully
00:38:04.160 Disk 0 MBR scan
00:38:04.205 Disk 0 Windows 7 default MBR code
00:38:04.209 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
00:38:04.240 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 697872 MB offset 409600
00:38:04.293 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17229 MB offset 1429651456
00:38:04.333 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 102 MB offset 1464936448
00:38:04.472 Disk 0 scanning C:\Windows\system32\drivers
00:38:20.763 Service scanning
00:38:46.044 Service MpKsl75b29df8 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8152DD7E-AC71-4B01-85E7-12D0C81F3DE8}\MpKsl75b29df8.sys **LOCKED** 32
00:39:25.441 Modules scanning
00:39:25.444 Disk 0 trace - called modules:
00:39:25.488 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
00:39:25.490 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006b6c790]
00:39:25.490 3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> [0xfffffa8006a6b960]
00:39:25.490 5 hpdskflt.sys[fffff88001bf0189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006934050]
00:39:29.703 AVAST engine scan C:\Windows
00:39:39.661 AVAST engine scan C:\Windows\system32
00:50:23.977 AVAST engine scan C:\Windows\system32\drivers
00:51:26.353 AVAST engine scan C:\Users\Caleb Lee
01:26:21.924 AVAST engine scan C:\ProgramData
02:00:11.677 Scan finished successfully
02:07:21.360 Disk 0 MBR has been saved successfully to "C:\Users\Caleb Lee\Desktop\MBR.dat"
02:07:21.396 The log file has been saved successfully to "C:\Users\Caleb Lee\Desktop\aswMBR.txt"


ESET Online Scanner


C:\Program Files (x86)\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Users\Caleb Lee\Downloads\AudioPerformerSetup.exe a variant of Win32/InstallBrain.A application cleaned by deleting - quarantined
C:\Users\Caleb Lee\Downloads\Priest-720p_MP4_AAC_BRRip_2011-CC.exe multiple threats cleaned by deleting - quarantined








Seems like I had some stuff?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:47 PM

Posted 18 September 2012 - 01:05 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#5 klib_rt

klib_rt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:47 PM

Posted 18 September 2012 - 06:35 PM

I only needed to use MBAM once... and there was nothing.

MBAM scan log


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.18.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Caleb Lee :: CALEBLEE-HP [administrator]

9/18/2012 2:24:39 PM
mbam-log-2012-09-18 (14-24-39).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 688108
Time elapsed: 5 hour(s), 8 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


mini toolbox scan log


MiniToolBox by Farbar Version: 23-07-2012
Ran by Caleb Lee (administrator) on 18-09-2012 at 14:14:16
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=10 nud=enabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled metric=20 nud=enabled
set interface interface="Wireless Network Connection 2" forwarding=enabled advertise=enabled metric=20 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : CalebLee-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-76-C6-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-76-C6-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-76-C6-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-BC-BE-D3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:468:c80:a112:60c6:2949:c7f4:dc9a(Preferred)
Temporary IPv6 Address. . . . . . : 2001:468:c80:a112:b90d:93b3:542f:5411(Preferred)
Link-local IPv6 Address . . . . . : fe80::60c6:2949:c7f4:dc9a%10(Preferred)
IPv4 Address. . . . . . . . . . . : 198.82.74.43(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 17, 2012 12:38:06 PM
Lease Expires . . . . . . . . . . : Wednesday, September 19, 2012 10:55:13 AM
Default Gateway . . . . . . . . . : fe80::2d0:1ff:feab:1800%10
198.82.74.1
DHCP Server . . . . . . . . . . . : 198.82.247.98
DNS Servers . . . . . . . . . . . : 198.82.247.66
198.82.247.34
Primary WINS Server . . . . . . . : 198.82.162.242
Secondary WINS Server . . . . . . : 198.82.162.243
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{FD048878-1F88-483C-92BC-401738D8981E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{851F6F01-A140-4137-9224-6F625A03210A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:ca2:2d05:39ad:b5d4(Preferred)
Link-local IPv6 Address . . . . . : fe80::ca2:2d05:39ad:b5d4%14(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{E1DF021C-A0C9-44EA-9F47-D591896420B9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B4EEC5B1-DC51-41C4-80D4-BB9F9596A1CA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: jeru.cns.vt.edu
Address: 198.82.247.66

Name: google.com
Addresses: 2607:f8b0:4004:801::1006
74.125.228.34
74.125.228.35
74.125.228.36
74.125.228.37
74.125.228.38
74.125.228.39
74.125.228.40
74.125.228.41
74.125.228.46
74.125.228.32
74.125.228.33


Pinging google.com [2607:f8b0:4004:801::1006] with 32 bytes of data:
Reply from 2607:f8b0:4004:801::1006: time=66ms
Reply from 2607:f8b0:4004:801::1006: time=64ms

Ping statistics for 2607:f8b0:4004:801::1006:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 66ms, Average = 65ms
Server: jeru.cns.vt.edu
Address: 198.82.247.66

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1148ms TTL=46
Reply from 72.30.38.140: bytes=32 time=1434ms TTL=46

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1148ms, Maximum = 1434ms, Average = 1291ms
Server: jeru.cns.vt.edu
Address: 198.82.247.66

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...8c a9 82 76 c6 07 ......Microsoft Virtual WiFi Miniport Adapter #2
12...8c a9 82 76 c6 07 ......Microsoft Virtual WiFi Miniport Adapter
11...8c a9 82 76 c6 06 ......Intel® WiFi Link 1000 BGN
10...2c 27 d7 bc be d3 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 198.82.74.1 198.82.74.43 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
198.82.74.0 255.255.255.0 On-link 198.82.74.43 266
198.82.74.43 255.255.255.255 On-link 198.82.74.43 266
198.82.74.255 255.255.255.255 On-link 198.82.74.43 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 198.82.74.43 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 198.82.74.43 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 36 ::/0 fe80::2d0:1ff:feab:1800
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:ca2:2d05:39ad:b5d4/128
On-link
10 28 2001:468:c80:a112::/64 On-link
10 276 2001:468:c80:a112:60c6:2949:c7f4:dc9a/128
On-link
10 276 2001:468:c80:a112:b90d:93b3:542f:5411/128
On-link
10 276 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::ca2:2d05:39ad:b5d4/128
On-link
10 276 fe80::60c6:2949:c7f4:dc9a/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/18/2012 05:47:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/18/2012 05:13:42 AM) (Source: Symantec AntiVirus) (User: NT AUTHORITY)NT AUTHORITY
Description: Security Risk Found!Hosts File Change in File: c:\windows\system32\svchost.exe by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:59:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: cmd.exe, version: 6.1.7601.17514, time stamp: 0x4ce78e2b
Faulting module name: USER32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba59
Exception code: 0xc0000005
Fault offset: 0x00019215
Faulting process id: 0x2230
Faulting application start time: 0xcmd.exe0
Faulting application path: cmd.exe1
Faulting module path: cmd.exe2
Report Id: cmd.exe3

Error: (09/17/2012 11:59:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: cmd.exe, version: 6.1.7601.17514, time stamp: 0x4ce78e2b
Faulting module name: USER32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba59
Exception code: 0xc0000005
Fault offset: 0x00019215
Faulting process id: 0x21d4
Faulting application start time: 0xcmd.exe0
Faulting application path: cmd.exe1
Faulting module path: cmd.exe2
Report Id: cmd.exe3

Error: (09/17/2012 11:35:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: FsynSrvStarter.exe, version: 1.0.0.3, time stamp: 0x4ba0c539
Faulting module name: USER32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba59
Exception code: 0xc0000005
Fault offset: 0x0001c1c4
Faulting process id: 0x26f4
Faulting application start time: 0xFsynSrvStarter.exe0
Faulting application path: FsynSrvStarter.exe1
Faulting module path: FsynSrvStarter.exe2
Report Id: FsynSrvStarter.exe3

Error: (09/17/2012 11:35:31 PM) (Source: Symantec AntiVirus) (User: CalebLee-HP)CalebLee-HP
Description: Security Risk Found!Hosts File Change in File: c:\gpotato.eu\dragonica\release\gameguard.des by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:35:31 PM) (Source: Symantec AntiVirus) (User: CalebLee-HP)CalebLee-HP
Description: Security Risk Found!Hosts File Change in File: c:\gpotato.eu\dragonica\release\gameguard.des by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:35:31 PM) (Source: Symantec AntiVirus) (User: CalebLee-HP)CalebLee-HP
Description: Security Risk Found!Hosts File Change in File: c:\gpotato.eu\dragonica\release\gameguard.des by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:25:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLIDSvcM.exe, version: 7.250.4225.0, time stamp: 0x4c99277f
Faulting module name: npggNT64.des_unloaded, version: 0.0.0.0, time stamp: 0x4ee057f3
Exception code: 0xc0000005
Fault offset: 0x00000000458a1ddb
Faulting process id: 0xe14
Faulting application start time: 0xWLIDSvcM.exe0
Faulting application path: WLIDSvcM.exe1
Faulting module path: WLIDSvcM.exe2
Report Id: WLIDSvcM.exe3

Error: (09/17/2012 11:25:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: sqlservr.exe, version: 2007.100.5500.0, time stamp: 0x4e7ba697
Faulting module name: npggNT64.des_unloaded, version: 0.0.0.0, time stamp: 0x4ee057f3
Exception code: 0xc0000005
Fault offset: 0x00000000458a2571
Faulting process id: 0xb9c
Faulting application start time: 0xsqlservr.exe0
Faulting application path: sqlservr.exe1
Faulting module path: sqlservr.exe2
Report Id: sqlservr.exe3


System errors:
=============
Error: (09/17/2012 11:26:04 PM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service terminated unexpectedly. It has done this 1 time(s).

Error: (09/17/2012 03:45:54 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.135.1409.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/17/2012 00:36:58 PM) (Source: AX88178) (User: )
Description: Speed IO complete failed.

Error: (09/17/2012 00:32:03 PM) (Source: ipnathlp) (User: )
Description:

Error: (09/17/2012 00:31:06 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/17/2012 00:25:22 PM) (Source: AX88178) (User: )
Description: Speed IO complete failed.

Error: (09/17/2012 11:26:35 AM) (Source: NetBT) (User: )
Description: The name "CALEBLEE-HP :20" could not be registered on the interface with IP address 172.31.106.174.
The computer with the IP address 198.82.162.243 did not allow the name to be claimed by
this computer.

Error: (09/17/2012 11:26:35 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E1DF021C-A0C9-44EA-9F47-D591896420B9} because another computer on the network has the same name. The server could not start.

Error: (09/17/2012 11:25:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.

Error: (09/16/2012 03:05:39 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:02:36 PM on ?9/?16/?2012 was unexpected.


Microsoft Office Sessions:
=========================
Error: (09/18/2012 05:47:18 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/18/2012 05:13:42 AM) (Source: Symantec AntiVirus)(User: NT AUTHORITY)NT AUTHORITY
Description: Security Risk Found!Hosts File Change in File: c:\windows\system32\svchost.exe by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:59:59 PM) (Source: Application Error)(User: )
Description: cmd.exe6.1.7601.175144ce78e2bUSER32.dll6.1.7601.175144ce7ba59c000000500019215223001cd95521242409dC:\Windows\SysWOW64\cmd.exeC:\Windows\syswow64\USER32.dll5006340e-0145-11e2-864a-2c27d7bcbed3

Error: (09/17/2012 11:59:58 PM) (Source: Application Error)(User: )
Description: cmd.exe6.1.7601.175144ce78e2bUSER32.dll6.1.7601.175144ce7ba59c00000050001921521d401cd95521109e31aC:\Windows\SysWOW64\cmd.exeC:\Windows\syswow64\USER32.dll4f9680ab-0145-11e2-864a-2c27d7bcbed3

Error: (09/17/2012 11:35:44 PM) (Source: Application Error)(User: )
Description: FsynSrvStarter.exe1.0.0.34ba0c539USER32.dll6.1.7601.175144ce7ba59c00000050001c1c426f401cd954eaf1ca069C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exeC:\Windows\syswow64\USER32.dlled10571d-0141-11e2-864a-2c27d7bcbed3

Error: (09/17/2012 11:35:31 PM) (Source: Symantec AntiVirus)(User: CalebLee-HP)CalebLee-HP
Description: Security Risk Found!Hosts File Change in File: c:\gpotato.eu\dragonica\release\gameguard.des by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:35:31 PM) (Source: Symantec AntiVirus)(User: CalebLee-HP)CalebLee-HP
Description: Security Risk Found!Hosts File Change in File: c:\gpotato.eu\dragonica\release\gameguard.des by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:35:31 PM) (Source: Symantec AntiVirus)(User: CalebLee-HP)CalebLee-HP
Description: Security Risk Found!Hosts File Change in File: c:\gpotato.eu\dragonica\release\gameguard.des by: SONAR scan. Action: . Action Description: Access Denied

Error: (09/17/2012 11:25:40 PM) (Source: Application Error)(User: )
Description: WLIDSvcM.exe7.250.4225.04c99277fnpggNT64.des_unloaded0.0.0.04ee057f3c000000500000000458a1ddbe1401cd943e8966bf6eC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exenpggNT64.des84eea6ce-0140-11e2-864a-2c27d7bcbed3

Error: (09/17/2012 11:25:37 PM) (Source: Application Error)(User: )
Description: sqlservr.exe2007.100.5500.04e7ba697npggNT64.des_unloaded0.0.0.04ee057f3c000000500000000458a2571b9c01cd943e7c114a25c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exenpggNT64.des83578618-0140-11e2-864a-2c27d7bcbed3


=========================== Installed Programs ============================

한컴 타자연습 (Version: 1.00.0000)
킫orrent (Version: 3.1.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (x64) (Version: 11.2.202.228)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.808.0)
Atlantica (Version: 31606)
Audiosurf
Bandisoft MPEG-1 Decoder
Bonjour (Version: 3.0.0.10)
Business Statistics (Fall 2012 Student) (Version: 0.9.0)
calibre (Version: 0.8.67)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.1
Canon MX410 series MP Drivers
Canon MX410 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.1230.1709.30713)
Catalyst Control Center InstallProxy (Version: 2010.1230.1709.30713)
Catalyst Control Center Localization All (Version: 2010.1230.1709.30713)
Catalyst Control Center Profiles Mobile (Version: 2010.1230.1709.30713)
ccc-core-static (Version: 2010.1230.1709.30713)
ccc-utility64 (Version: 2010.1230.1709.30713)
CCC Help Chinese Standard (Version: 2010.1230.1708.30713)
CCC Help Chinese Traditional (Version: 2010.1230.1708.30713)
CCC Help Czech (Version: 2010.1230.1708.30713)
CCC Help Danish (Version: 2010.1230.1708.30713)
CCC Help Dutch (Version: 2010.1230.1708.30713)
CCC Help English (Version: 2010.1230.1708.30713)
CCC Help Finnish (Version: 2010.1230.1708.30713)
CCC Help French (Version: 2010.1230.1708.30713)
CCC Help German (Version: 2010.1230.1708.30713)
CCC Help Greek (Version: 2010.1230.1708.30713)
CCC Help Hungarian (Version: 2010.1230.1708.30713)
CCC Help Italian (Version: 2010.1230.1708.30713)
CCC Help Japanese (Version: 2010.1230.1708.30713)
CCC Help Korean (Version: 2010.1230.1708.30713)
CCC Help Norwegian (Version: 2010.1230.1708.30713)
CCC Help Polish (Version: 2010.1230.1708.30713)
CCC Help Portuguese (Version: 2010.1230.1708.30713)
CCC Help Russian (Version: 2010.1230.1708.30713)
CCC Help Spanish (Version: 2010.1230.1708.30713)
CCC Help Swedish (Version: 2010.1230.1708.30713)
CCC Help Thai (Version: 2010.1230.1708.30713)
CCleaner (Version: 3.22)
Cisco WebEx Meetings
Conquer Online 2.0
Counter-Strike: Source
CPUID HWMonitor 1.17
Crystal Reports for Visual Studio (Version: 12.51.0.240)
CyberLink PowerDVD (Version: 10.0.3.3222)
CyberLink YouCam (Version: 3.5.1.4305)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dekaron
Diablo III (Version: 1.0.4.11327)
DivX Web Player (Version: 1.5.0)
Dota 2
Dotfuscator Software Services - Community Edition (Version: 5.0.2300.0)
Dragon Saga (Version: 0.2.1)
Dragonica version TEST (Version: TEST)
DragonNest
Dropbox (Version: 1.4.7)
EPSON Printer Software
ESN Sonar (Version: 0.70.0)
ESN Sonar (Version: 0.70.4)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
foobar2000 v1.1.11 (Version: 1.1.11)
GOM Player (Version: 2.1.40.5106)
GOMTV Streamer (Version: 1.0.0.26)
Google Chrome (Version: 21.0.1180.89)
Hawkes Update Service Manager (Version: 1.0.6)
Heroes of Newerth (Version: 2.0.26)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.9.1)
HP On Screen Display (Version: 1.2.2)
HP Quick Launch (Version: 2.5.2)
HP SimplePass 2011 (Version: 5.0.1.448)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 6.0.5.4)
HP Wireless Assistant (Version: 4.0.10.0)
HTC Driver Installer (Version: 2.0.7.016)
HTC Sync (Version: 2.0.31)
ICCup Launcher (Version: 1.6)
IDT Audio (Version: 1.0.6345.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
iTunes (Version: 10.6.1.7)
Java 7 Update 6 (Version: 7.0.60)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 (64-bit) (Version: 7.0.0)
Java™ SE Development Kit 7 (64-bit) (Version: 1.7.0.0)
Korean Fonts Support For Adobe Reader X (Version: 10.0.0)
League of Legends (Version: 1.3)
LightScribe System Software (Version: 1.18.20.1)
Lyrics Plugin for Winamp (Version: 0.4)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MelOn Player4 (Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.3.5500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
Mumble 1.2.3 (Version: 1.2.3)
Nexon Game Manager
Notepad++ (Version: 6.0)
NVIDIA PhysX (Version: 9.10.0129)
osu! (Version: 0.0.0.0)
PunkBuster Services (Version: 0.991)
PX Profile Update (Version: 1.00.1.)
Python 2.7.2 (64-bit) (Version: 2.7.2150)
QuickTime (Version: 7.71.80.42)
RaidCall (Version: 7.0.2-1.0.1512.31)
Razer DeathAdder™ Mouse (Version: 3.03)
Razer Lachesis (Version: 1.10.0000)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Recovery Manager (Version: 1.0.22)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0)
Skype 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.4.124.ga3559d86)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
StarCraft
StarCraft II (Version: 1.5.2.22875)
Statistics (Fall 2012 Student) (Version: 9.7.1)
Steam (Version: 1.0.0.0)
SuddenAttack
Symantec Endpoint Protection (Version: 12.1.1000.157)
Synaptics TouchPad Driver (Version: 15.3.29.0)
Team Fortress 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Validity WBF DDK (Version: 4.3.205.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.8)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 1.1.9 (Version: 1.1.9)
VT-SEPVersion checks for latest updates of Symantec Endpoint Protection
VTnet 2011 (Version: 1.00.000)
VTnet 2012 (Version: 1.00.000)
Web Deployment Tool (Version: 1.1.0618)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
World of Warcraft (Version: 5.0.5.16057)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 6091.86 MB
Available physical RAM: 2662.64 MB
Total Pagefile: 12181.91 MB
Available Pagefile: 8217.16 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.85 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:681.52 GB) (Free:342.4 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:16.83 GB) (Free:2.11 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\CALEBLEE-HP

Administrator Caleb Lee Guest


**** End of log ****


FSS scan log

Farbar Service Scanner Version: 06-08-2012
Ran by Caleb Lee (administrator) on 18-09-2012 at 14:14:37
Running from "C:\Users\Caleb Lee\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-09-11 18:49] - [2012-08-22 14:12] - 1913200 ____A (Microsoft Corporation) F782CAD3CEDBB3F9FFE3BF2775D92DDC

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


adware cleaner scan log


# AdwCleaner v2.002 - Logfile created 09/18/2012 at 14:15:32
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Caleb Lee - CALEBLEE-HP
# Boot Mode : Normal
# Running from : C:\Users\Caleb Lee\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Users\Caleb Lee\AppData\Local\APN
Folder Deleted : C:\Users\Caleb Lee\AppData\Local\Conduit
Folder Deleted : C:\Users\Caleb Lee\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Caleb Lee\AppData\LocalLow\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3015572
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.ask.com/?l=dis&o=16135 --> hxxp://www.google.com

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Caleb Lee\AppData\Roaming\Mozilla\Firefox\Profiles\ix9naaur.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Caleb Lee\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2838 octets] - [18/09/2012 14:15:32]

########## EOF - C:\AdwCleaner[S1].txt - [2898 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:47 PM

Posted 18 September 2012 - 06:38 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

Any current issues?

#7 klib_rt

klib_rt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:47 PM

Posted 18 September 2012 - 06:54 PM

RKILL scan log


Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/18/2012 07:49:46 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Caleb Lee\Desktop\rkill\rkill-09-18-2012-07-49-52.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/18/2012 07:50:10 PM
Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)


Autoruns scan log


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AESTFltr" "" "" "File not found: C:\Windows\system32\AESTFltr.exe /NoDlg"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "HPWirelessAssistant" "" "" "c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "BDRegion" "brs" "cyberlink" "c:\program files (x86)\cyberlink\shared files\brs.exe"
+ "CanonSolutionMenuEx" "Canon Solution Menu EX" "CANON INC." "c:\program files (x86)\canon\solution menu ex\cnsemain.exe"
+ "DeathAdder" "razerhid MFC Application" "" "c:\program files (x86)\razer\deathadder\razerhid.exe"
+ "HncUpdate" "Hancom Update Checker" "Hancom Inc(HNC)." "c:\program files (x86)\hnc\hncutils\hncchecker.exe"
+ "HP Quick Launch" "HP Message Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
+ "HPOSD" "HP On Screen Display" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Lachesis" "razerhid MFC Application" "" "c:\program files (x86)\razer\lachesis\razerhid.exe"
+ "Mobile Connectivity Suite" "Application Launcher" "Teleca Sweden AB" "c:\program files (x86)\htc\htc sync\application launcher\application launcher.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "RaidCall" "Raidcall" "RAIDCALL.COM" "c:\program files (x86)\raidcall\raidcall.exe"
+ "RemoteControl10" "PowerDVD RC Service" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe"
+ "StartCCC" "Catalyst Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Caleb Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "" "" "File not found: C:\Users\Caleb Lee\AppData\Local\Akamai\netsession_win.exe"
+ "EPSON Stylus Photo RX595 Series" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\x64\3\e_iaticla.exe"
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\caleb lee\appdata\local\facebook\update\facebookupdate.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\caleb lee\appdata\local\google\update\googleupdate.exe"
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe"
+ "NCsoft Launcher" "" "" "File not found: C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe /Minimized"
+ "Spotify" "Spotify" "Spotify Ltd" "c:\users\caleb lee\appdata\roaming\spotify\spotify.exe"
+ "Spotify Web Helper" "" "" "c:\users\caleb lee\appdata\roaming\spotify\data\spotifywebhelper.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "LDVPMenu" "Symantec Endpoint Protection" "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin64\vpshell2.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LDVPMenu" "Symantec Endpoint Protection" "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin64\vpshell2.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\caleb lee\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\x64\iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Symantec Intrusion Prevention" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin\ips\ipsbho.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe Flash Player Update Service 11.2 r202" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1367623908-242853321-3071964740-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\caleb lee\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1367623908-242853321-3071964740-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\caleb lee\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1367623908-242853321-3071964740-1000Core" "Google Installer" "Google Inc." "c:\users\caleb lee\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1367623908-242853321-3071964740-1000UA" "Google Installer" "Google Inc." "c:\users\caleb lee\appdata\local\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpsfmessenger\hpsfmsgr.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" "HPTuneUp" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hptuneup.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check" "HP Support Assistant Updater" "Hewlett-Packard" "c:\programdata\hewlett-packard\hp support framework\resources\updater\hpsfupdater.exe"
+ "\Hewlett-Packard\HP Support Assistant\WarrantyChecker" "HPWarrantyChecker" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\MirageAgent" "YouCam Mirage" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycmmirage.exe"
+ "\sepversion" "" "" "c:\vt-sepversion\sepversion.vbs"
+ "\{4B182A60-65E9-4F47-A8AC-9DAFF9FC72DE}" "StarCraft" "Blizzard Entertainment" "c:\program files (x86)\starcraft\starcraft.exe"
+ "\{5FACB0A9-4C6D-480A-B2F1-0F7E2F7CE838}" "Google Chrome" "Google Inc." "c:\users\caleb lee\appdata\local\google\chrome\application\chrome.exe"
+ "\{840DE40C-54A0-4B20-B64A-DA5D4A5FE97B}" "StarCraft" "Blizzard Entertainment" "c:\program files (x86)\starcraft\starcraft.exe"
+ "\{A6C1CDF3-B5B9-402F-8A92-4B46C21828EC}" "StarCraft" "Blizzard Entertainment" "c:\program files (x86)\starcraft\starcraft.exe"
+ "\{CB3DEBB4-6C26-4FC3-AEB2-C95012EAAA9C}" "StarCraft" "Blizzard Entertainment" "c:\program files (x86)\starcraft\starcraft.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMPPALR3" "Intel Centrino Wireless Bluetooth 3.0 + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "atashost" "WebEx Support Center." "Cisco WebEx LLC" "c:\windows\syswow64\atashost.exe"
+ "Bonjour Service" "하드웨어 장비와 소프트웨어 서비스가 네트워크 상에서 스스로 자동 설정되고, 네트워크 상에 있음을 공지합니다." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "CLKMSVC10_38F51D56" "CyberLink KM Service" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\kmsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FPLService" "Provides convenient and secure fingerprint authentication and identity management." "HP" "c:\program files (x86)\hp simplepass 2011\truesuiteservice.exe"
+ "HawkesUpdater" "Checks for and installs updates for installed Hawkes Learning Systems software titles" "" "c:\program files (x86)\hawkes learning systems\hawkes update service manager\srvany.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HP Wireless Assistant Service" "This service monitors the wireless devices in this computer and allows the HP Wireless Assistant application to turn devices on and off." "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "HP Software Framework WMI Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "HPWMISVC" "HP Quick Launch WMI Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files (x86)\canon\ijplm\ijplmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "" "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "npggsvc" "nProtect GameGuard Service" "INCA Internet Co., Ltd." "c:\windows\syswow64\gamemon.des"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "RegSrvc" "Provides registry access to all Intel PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SepMasterService" "Provides malware and threat protection for Symantec Endpoint Protection" "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin\ccsvchst.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SmcService" "Provides communication with the Symantec Endpoint Protection Manager. It also provides network threat protection and application and device control for the client." "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin64\smc.exe"
+ "SNAC" "Checks that the computer complies with the defined security policy and communicates with the Symantec Enforcers to allow your computer to access the corporate network." "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin64\snac64.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv64.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "xsherlock" "XIGNCODE3 Game Start Service" "Wellbia.com Co., Ltd." "c:\windows\xsherlock.xem"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AESTAud" "Andrea Audio Driver (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\drivers\aestau64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel Centrino Wireless Bluetooth 3.0 + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel Centrino Wireless Bluetooth 3.0 + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AX88178" "ASIX AX88178 Network Driver" "ASIX Electronics Corp." "c:\windows\system32\drivers\ax88178.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\bashdefs\20120823.013\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CpqDfw" "" "" "File not found: system32\drivers\CpqDfw.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x64.sys"
+ "DAdderFltr" "Razer Habu USB Optical Mouse Driver" "Razer (Asia-Pacific) Pte Ltd" "c:\windows\system32\drivers\dadder.sys"
+ "danewFltr" "Razer DeathAdder USB Optical Mouse Driver" "Razer (Asia-Pacific) Pte Ltd" "c:\windows\system32\drivers\danew.sys"
+ "dump_wmimmc" "" "" "File not found: C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "ESEADriver2" "" "" "c:\users\caleb lee\appdata\local\temp\eseadriver2.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HTCAND64" "ADB Interface" "HTC, Corporation" "c:\windows\system32\drivers\androidusb.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\ipsdefs\20120917.001\idsvia64.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "intelkmd" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdpmd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "MpKsl75b29df8" "" "" "File not found: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8152DD7E-AC71-4B01-85E7-12D0C81F3DE8}\MpKsl75b29df8.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\virusdefs\20120918.001\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\virusdefs\20120918.001\ex64.sys"
+ "netw5v64" "Intel Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "NETwNs64" "Intel Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NPPTNT2" "" "" "File not found: C:\Windows\system32\npptNT2.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x64\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x64\srtspx64.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SyDvCtrl" "syDvCtrl Device Control Driver" "Symantec Corporation" "c:\program files (x86)\symantec\symantec endpoint protection\12.1.1000.157.105\bin64\sydvctrl64.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x64\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x64\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x64\ironx64.sys"
+ "SYMNETS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x64\symnets.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "SysPlant" "Symantec CMC Firewall SysPlant" "Symantec Corporation" "c:\windows\system32\drivers\sysplant.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "VaneFltr" "Lachesis USB Optical Mouse Driver" "Razer (Asia-Pacific) Pte Ltd" "c:\windows\system32\drivers\lachesis.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "VKbms" "HID mini driver for USB Fx2 Device" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\vkbms.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "vtany" "" "" "File not found: C:\Windows\vtany.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
+ "xspirit" "" "" "File not found: C:\Windows\xspirit.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\syswow64\bdmpega.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.mpeg" "" "" "c:\windows\syswow64\bdmpegv.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "CyberLink Audio Decoder (PDVD10)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD10)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudfx.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD10)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudiocd.ax"
+ "CyberLink AVCHD Navigator" "CLBDROMNav" "cyberlink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clavchdnav.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD10)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd10\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD10)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter(PDVD10)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD10)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD10)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter(PDVD10)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD10)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder(PDVD10)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter(PDVD10)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder(PDVD10)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD10)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD10)" "CyberLink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink Video/SP Decoder (PDVD10)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clvsd.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "GomTV Streamer Network Filter" "GomTV Streamer Nework Source Filter" "Gretech Corp." "c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamernf.ax"
+ "Gretech AAC Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech ASF Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech AsfEx Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech Audio Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gaf.ax"
+ "Gretech AVI Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech FLV Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MKV Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MP3 Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MP4 Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter2" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech Network(AVI) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(FLV) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(GOM) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(MP4) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(OGG) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech Network(SHOUTcast) Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gnf.ax"
+ "Gretech OGG Source Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech OGG Source Filter2" "" "" "c:\program files (x86)\gretech\gomplayer\gsfu.ax"
+ "Gretech Video Filter" "" "" "c:\program files (x86)\gretech\gomplayer\gvf.ax"
+ "Intel Media SDK AAC Encoder" "Intel Media SDK AAC Encoder" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_aac_enc_ds.dll"
+ "Intel Media SDK MPEG-2 Muxer" "Intel Media SDK MPEG-2 Muxer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_mp2_mux_ds.dll"
+ "Intel Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel Network Filter" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\intelnet.dll"
+ "Intel췞iDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "Melon Audio Effect Filter" "P3AudioEffect Filter" " © PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonaf2.ax"
+ "Melon PCube MP4 Splitter" "Melon PCube MP4 Splitter" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonmp42.ax"
+ "Melon Pcube MPEG Splitter" "P3MPGSplitter Filter" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonmpg2.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Native FLAC SourceFilter" "" "" "c:\program files (x86)\melon player4\system32\dsfnativeflacsource.dll"
+ "P3Audio" "P3Audio Filter" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonadec2.ax"
+ "P3CDDASourcer Filter" "P3CDDASourcer Filter" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3meloncdda2.ax"
+ "P3OggSplitter" "p3mfov" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonogg2.ax"
+ "P3Sourcer" "P3Melonf1" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonasrc2.ax"
+ "P3WMTSplitter" "P3WMTSplitter Filter" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melonwmt2.ax"
+ "Pcube Async Source" "Pcube Async Filter" "© PeeringPortal" "c:\program files (x86)\melon player4\system32\p3melondcf2.ax"
+ "RadLight APE DirectShow Filter" "RLAPEDec" "RadLight" "c:\program files (x86)\melon player4\system32\rlapedec.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ FAX Language Monitor MX410 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalal.dll"
+ "Canon BJ Language Monitor MX410 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmal.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
+ "Epson Inbox Language Monitor01" "Epson Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm01.dll"
+ "EPSON Stylus Photo RX595 Series 64MonitorBA" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmcla.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "SnacNp" "Symantec SNAC Network Provider" "Symantec Corporation" "c:\windows\system32\snacnp.dll"




I haven't noticed any problems... just doing this just in case because my university told me I had something...

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:47 PM

Posted 18 September 2012 - 07:16 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users