Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-Up and Broswer Redirect Problem


  • Please log in to reply
17 replies to this topic

#1 heather_c

heather_c

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 12:48 PM

Like several others in this forum, I am having a pop up/redirect browser issue. The pop ups are in the lower right hand corner and sometimes look like an iphone. My browser will redirect at random times. This issues happens with all browsers, but I usually use firefox. I am running Windows 7 and have been having this issue for several months. My anti-virus (mcafee) did not protect me and has not been able to detect this.

Based on this thread which is the exact same as my problem (http://www.bleepingcomputer.com/forums/topic454045.html), I am running the following and will post results ASAP. Thank you so much in advance for your help!

*******************************
Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

BC AdBot (Login to Remove)

 


#2 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 12:50 PM

12:37:05.0077 11580 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:37:05.0843 11580 ============================================================
12:37:05.0843 11580 Current date / time: 2012/10/02 12:37:05.0843
12:37:05.0843 11580 SystemInfo:
12:37:05.0843 11580
12:37:05.0843 11580 OS Version: 6.1.7601 ServicePack: 1.0
12:37:05.0843 11580 Product type: Workstation
12:37:05.0843 11580 ComputerName: FAMILY
12:37:05.0844 11580 UserName: Family
12:37:05.0844 11580 Windows directory: C:\Windows
12:37:05.0844 11580 System windows directory: C:\Windows
12:37:05.0844 11580 Running under WOW64
12:37:05.0844 11580 Processor architecture: Intel x64
12:37:05.0844 11580 Number of processors: 4
12:37:05.0844 11580 Page size: 0x1000
12:37:05.0844 11580 Boot type: Normal boot
12:37:05.0844 11580 ============================================================
12:37:08.0866 11580 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:37:08.0879 11580 ============================================================
12:37:08.0879 11580 \Device\Harddisk0\DR0:
12:37:08.0879 11580 MBR partitions:
12:37:08.0879 11580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
12:37:08.0879 11580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
12:37:08.0879 11580 ============================================================
12:37:08.0953 11580 C: <-> \Device\Harddisk0\DR0\Partition2
12:37:08.0987 11580 ============================================================
12:37:08.0987 11580 Initialize success
12:37:08.0987 11580 ============================================================
12:37:29.0897 4508 ============================================================
12:37:29.0897 4508 Scan started
12:37:29.0897 4508 Mode: Manual; TDLFS;
12:37:29.0897 4508 ============================================================
12:37:31.0152 4508 ================ Scan system memory ========================
12:37:31.0152 4508 System memory - ok
12:37:31.0153 4508 ================ Scan services =============================
12:37:31.0352 4508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:37:31.0451 4508 1394ohci - ok
12:37:31.0525 4508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:37:31.0533 4508 ACPI - ok
12:37:31.0578 4508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:37:31.0664 4508 AcpiPmi - ok
12:37:31.0816 4508 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
12:37:31.0820 4508 AdobeActiveFileMonitor9.0 - ok
12:37:31.0984 4508 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:37:31.0988 4508 AdobeFlashPlayerUpdateSvc - ok
12:37:32.0043 4508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:37:32.0064 4508 adp94xx - ok
12:37:32.0110 4508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:37:32.0127 4508 adpahci - ok
12:37:32.0154 4508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:37:32.0165 4508 adpu320 - ok
12:37:32.0206 4508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:37:32.0208 4508 AeLookupSvc - ok
12:37:32.0264 4508 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
12:37:32.0370 4508 AESTFilters - ok
12:37:32.0444 4508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:37:32.0454 4508 AFD - ok
12:37:32.0535 4508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:37:32.0544 4508 agp440 - ok
12:37:32.0577 4508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:37:32.0584 4508 ALG - ok
12:37:32.0620 4508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:37:32.0628 4508 aliide - ok
12:37:32.0643 4508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:37:32.0646 4508 amdide - ok
12:37:32.0670 4508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:37:32.0676 4508 AmdK8 - ok
12:37:32.0697 4508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:37:32.0703 4508 AmdPPM - ok
12:37:32.0744 4508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:37:32.0810 4508 amdsata - ok
12:37:32.0827 4508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:37:32.0835 4508 amdsbs - ok
12:37:32.0855 4508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:37:32.0856 4508 amdxata - ok
12:37:32.0920 4508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:37:32.0991 4508 AppID - ok
12:37:33.0021 4508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:37:33.0028 4508 AppIDSvc - ok
12:37:33.0070 4508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:37:33.0072 4508 Appinfo - ok
12:37:33.0178 4508 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:37:33.0180 4508 Apple Mobile Device - ok
12:37:33.0214 4508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:37:33.0218 4508 arc - ok
12:37:33.0238 4508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:37:33.0245 4508 arcsas - ok
12:37:33.0281 4508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:37:33.0286 4508 AsyncMac - ok
12:37:33.0332 4508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:37:33.0333 4508 atapi - ok
12:37:33.0392 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:37:33.0409 4508 AudioEndpointBuilder - ok
12:37:33.0424 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:37:33.0431 4508 AudioSrv - ok
12:37:33.0487 4508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:37:33.0546 4508 AxInstSV - ok
12:37:33.0602 4508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:37:33.0634 4508 b06bdrv - ok
12:37:33.0693 4508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:37:33.0705 4508 b57nd60a - ok
12:37:33.0780 4508 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
12:37:33.0846 4508 BBSvc - ok
12:37:33.0896 4508 [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
12:37:33.0993 4508 BCM42RLY - ok
12:37:34.0103 4508 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:37:34.0306 4508 BCM43XX - ok
12:37:34.0350 4508 [ D224B2E6BB543F1D8F1177D57FEC2950 ] BcmVWL C:\Windows\system32\DRIVERS\bcmvwl64.sys
12:37:34.0439 4508 BcmVWL - ok
12:37:34.0476 4508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:37:34.0481 4508 BDESVC - ok
12:37:34.0518 4508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:37:34.0527 4508 Beep - ok
12:37:34.0598 4508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:37:34.0677 4508 BFE - ok
12:37:34.0725 4508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:37:34.0757 4508 BITS - ok
12:37:34.0785 4508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:37:34.0802 4508 blbdrive - ok
12:37:34.0891 4508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:37:34.0901 4508 Bonjour Service - ok
12:37:34.0954 4508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:37:35.0000 4508 bowser - ok
12:37:35.0061 4508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:37:35.0069 4508 BrFiltLo - ok
12:37:35.0080 4508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:37:35.0088 4508 BrFiltUp - ok
12:37:35.0136 4508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:37:35.0140 4508 Browser - ok
12:37:35.0164 4508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:37:35.0180 4508 Brserid - ok
12:37:35.0198 4508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:37:35.0206 4508 BrSerWdm - ok
12:37:35.0231 4508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:37:35.0235 4508 BrUsbMdm - ok
12:37:35.0249 4508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:37:35.0253 4508 BrUsbSer - ok
12:37:35.0295 4508 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:37:35.0299 4508 BthEnum - ok
12:37:35.0316 4508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:37:35.0321 4508 BTHMODEM - ok
12:37:35.0361 4508 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:37:35.0364 4508 BthPan - ok
12:37:35.0414 4508 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:37:35.0485 4508 BTHPORT - ok
12:37:35.0537 4508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:37:35.0542 4508 bthserv - ok
12:37:35.0562 4508 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:37:35.0648 4508 BTHUSB - ok
12:37:35.0681 4508 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
12:37:35.0742 4508 btusbflt - ok
12:37:35.0776 4508 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:37:35.0840 4508 btwaudio - ok
12:37:35.0850 4508 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
12:37:35.0911 4508 btwavdt - ok
12:37:35.0986 4508 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:37:36.0018 4508 btwdins - ok
12:37:36.0058 4508 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:37:36.0150 4508 btwl2cap - ok
12:37:36.0187 4508 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:37:36.0272 4508 btwrchid - ok
12:37:36.0291 4508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:37:36.0315 4508 cdfs - ok
12:37:36.0380 4508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:37:36.0453 4508 cdrom - ok
12:37:36.0505 4508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:37:36.0551 4508 CertPropSvc - ok
12:37:36.0596 4508 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
12:37:36.0674 4508 cfwids - ok
12:37:36.0712 4508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:37:36.0718 4508 circlass - ok
12:37:36.0760 4508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:37:36.0768 4508 CLFS - ok
12:37:36.0844 4508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:36.0852 4508 clr_optimization_v2.0.50727_32 - ok
12:37:36.0907 4508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:37:36.0918 4508 clr_optimization_v2.0.50727_64 - ok
12:37:37.0003 4508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:37.0007 4508 clr_optimization_v4.0.30319_32 - ok
12:37:37.0065 4508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:37:37.0069 4508 clr_optimization_v4.0.30319_64 - ok
12:37:37.0107 4508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:37:37.0114 4508 CmBatt - ok
12:37:37.0158 4508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:37:37.0164 4508 cmdide - ok
12:37:37.0205 4508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:37:37.0211 4508 CNG - ok
12:37:37.0241 4508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:37:37.0242 4508 Compbatt - ok
12:37:37.0278 4508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:37:37.0344 4508 CompositeBus - ok
12:37:37.0366 4508 COMSysApp - ok
12:37:37.0379 4508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:37:37.0383 4508 crcdisk - ok
12:37:37.0429 4508 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:37:37.0480 4508 CryptSvc - ok
12:37:37.0547 4508 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:37:37.0627 4508 CtClsFlt - ok
12:37:37.0694 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:37:37.0707 4508 DcomLaunch - ok
12:37:37.0746 4508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:37:37.0752 4508 defragsvc - ok
12:37:37.0785 4508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:37:37.0788 4508 DfsC - ok
12:37:37.0827 4508 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
12:37:37.0923 4508 DgiVecp - ok
12:37:37.0997 4508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:37:38.0002 4508 Dhcp - ok
12:37:38.0070 4508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:37:38.0072 4508 discache - ok
12:37:38.0106 4508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:37:38.0108 4508 Disk - ok
12:37:38.0154 4508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:37:38.0158 4508 Dnscache - ok
12:37:38.0235 4508 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:37:38.0239 4508 DockLoginService - ok
12:37:38.0275 4508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:37:38.0340 4508 dot3svc - ok
12:37:38.0372 4508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:37:38.0374 4508 DPS - ok
12:37:38.0412 4508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:37:38.0422 4508 drmkaud - ok
12:37:38.0498 4508 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:37:38.0597 4508 DXGKrnl - ok
12:37:38.0634 4508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:37:38.0638 4508 EapHost - ok
12:37:38.0746 4508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:37:38.0848 4508 ebdrv - ok
12:37:38.0907 4508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:37:38.0967 4508 EFS - ok
12:37:39.0059 4508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:37:39.0159 4508 ehRecvr - ok
12:37:39.0200 4508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:37:39.0205 4508 ehSched - ok
12:37:39.0265 4508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:37:39.0290 4508 elxstor - ok
12:37:39.0305 4508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:37:39.0311 4508 ErrDev - ok
12:37:39.0353 4508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:37:39.0360 4508 EventSystem - ok
12:37:39.0382 4508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:37:39.0390 4508 exfat - ok
12:37:39.0415 4508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:37:39.0418 4508 fastfat - ok
12:37:39.0478 4508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:37:39.0553 4508 Fax - ok
12:37:39.0573 4508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:37:39.0577 4508 fdc - ok
12:37:39.0603 4508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:37:39.0605 4508 fdPHost - ok
12:37:39.0623 4508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:37:39.0625 4508 FDResPub - ok
12:37:39.0661 4508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:37:39.0663 4508 FileInfo - ok
12:37:39.0671 4508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:37:39.0676 4508 Filetrace - ok
12:37:39.0692 4508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:37:39.0697 4508 flpydisk - ok
12:37:39.0743 4508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:37:39.0749 4508 FltMgr - ok
12:37:39.0814 4508 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:37:39.0896 4508 FontCache - ok
12:37:39.0959 4508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:37:40.0045 4508 FontCache3.0.0.0 - ok
12:37:40.0076 4508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:37:40.0084 4508 FsDepends - ok
12:37:40.0125 4508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:37:40.0213 4508 Fs_Rec - ok
12:37:40.0274 4508 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:37:40.0279 4508 fvevol - ok
12:37:40.0316 4508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:37:40.0328 4508 gagp30kx - ok
12:37:40.0432 4508 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:37:40.0436 4508 GamesAppService - ok
12:37:40.0469 4508 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:37:40.0567 4508 GEARAspiWDM - ok
12:37:40.0614 4508 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:37:40.0616 4508 GoToAssist - ok
12:37:40.0679 4508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:37:40.0700 4508 gpsvc - ok
12:37:40.0736 4508 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:37:40.0816 4508 gusvc - ok
12:37:40.0840 4508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:37:40.0844 4508 hcw85cir - ok
12:37:40.0911 4508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:37:40.0988 4508 HdAudAddService - ok
12:37:41.0022 4508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:37:41.0084 4508 HDAudBus - ok
12:37:41.0125 4508 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:37:41.0185 4508 HECIx64 - ok
12:37:41.0216 4508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:37:41.0223 4508 HidBatt - ok
12:37:41.0257 4508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:37:41.0262 4508 HidBth - ok
12:37:41.0294 4508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:37:41.0301 4508 HidIr - ok
12:37:41.0328 4508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:37:41.0335 4508 hidserv - ok
12:37:41.0388 4508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:37:41.0449 4508 HidUsb - ok
12:37:41.0503 4508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:37:41.0582 4508 hkmsvc - ok
12:37:41.0639 4508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:37:41.0685 4508 HomeGroupListener - ok
12:37:41.0725 4508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:37:41.0813 4508 HomeGroupProvider - ok
12:37:41.0860 4508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:37:41.0929 4508 HpSAMD - ok
12:37:41.0996 4508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:37:42.0012 4508 HTTP - ok
12:37:42.0069 4508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:37:42.0072 4508 hwpolicy - ok
12:37:42.0136 4508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:37:42.0149 4508 i8042prt - ok
12:37:42.0193 4508 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:37:42.0196 4508 iaStor - ok
12:37:42.0273 4508 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:37:42.0275 4508 IAStorDataMgrSvc - ok
12:37:42.0324 4508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:37:42.0390 4508 iaStorV - ok
12:37:42.0462 4508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:37:42.0592 4508 idsvc - ok
12:37:42.0862 4508 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:37:43.0167 4508 igfx - ok
12:37:43.0207 4508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:37:43.0213 4508 iirsp - ok
12:37:43.0265 4508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:37:43.0361 4508 IKEEXT - ok
12:37:43.0411 4508 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
12:37:43.0498 4508 Impcd - ok
12:37:43.0538 4508 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:37:43.0629 4508 IntcDAud - ok
12:37:43.0654 4508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:37:43.0657 4508 intelide - ok
12:37:43.0681 4508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:37:43.0713 4508 intelppm - ok
12:37:43.0747 4508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:37:43.0759 4508 IPBusEnum - ok
12:37:43.0796 4508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:37:43.0852 4508 IpFilterDriver - ok
12:37:43.0897 4508 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:37:43.0909 4508 iphlpsvc - ok
12:37:43.0948 4508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:37:44.0014 4508 IPMIDRV - ok
12:37:44.0071 4508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:37:44.0083 4508 IPNAT - ok
12:37:44.0176 4508 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:37:44.0211 4508 iPod Service - ok
12:37:44.0248 4508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:37:44.0252 4508 IRENUM - ok
12:37:44.0288 4508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:37:44.0295 4508 isapnp - ok
12:37:44.0337 4508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:37:44.0431 4508 iScsiPrt - ok
12:37:44.0467 4508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:37:44.0473 4508 kbdclass - ok
12:37:44.0530 4508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:37:44.0601 4508 kbdhid - ok
12:37:44.0618 4508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:37:44.0620 4508 KeyIso - ok
12:37:44.0650 4508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:37:44.0652 4508 KSecDD - ok
12:37:44.0685 4508 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:37:44.0752 4508 KSecPkg - ok
12:37:44.0795 4508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:37:44.0802 4508 ksthunk - ok
12:37:44.0847 4508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:37:44.0866 4508 KtmRm - ok
12:37:44.0958 4508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:37:44.0966 4508 LanmanServer - ok
12:37:45.0011 4508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:37:45.0015 4508 LanmanWorkstation - ok
12:37:45.0051 4508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:37:45.0058 4508 lltdio - ok
12:37:45.0107 4508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:37:45.0121 4508 lltdsvc - ok
12:37:45.0159 4508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:37:45.0161 4508 lmhosts - ok
12:37:45.0221 4508 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:37:45.0226 4508 LMS - ok
12:37:45.0264 4508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:37:45.0273 4508 LSI_FC - ok
12:37:45.0282 4508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:37:45.0289 4508 LSI_SAS - ok
12:37:45.0308 4508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:37:45.0312 4508 LSI_SAS2 - ok
12:37:45.0334 4508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:37:45.0339 4508 LSI_SCSI - ok
12:37:45.0354 4508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:37:45.0356 4508 luafv - ok
12:37:45.0468 4508 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:37:45.0473 4508 McAfee SiteAdvisor Service - ok
12:37:45.0530 4508 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
12:37:45.0604 4508 McComponentHostService - ok
12:37:45.0634 4508 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:37:45.0635 4508 McMPFSvc - ok
12:37:45.0673 4508 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:37:45.0674 4508 mcmscsvc - ok
12:37:45.0686 4508 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:37:45.0690 4508 McNaiAnn - ok
12:37:45.0733 4508 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:37:45.0734 4508 McNASvc - ok
12:37:45.0806 4508 [ DD01BF24DD6BF70A90549F9A7BB2D1EB ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
12:37:45.0816 4508 McODS - ok
12:37:45.0855 4508 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
12:37:45.0857 4508 McProxy - ok
12:37:45.0939 4508 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:37:45.0943 4508 McShield - ok
12:37:45.0997 4508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:37:46.0078 4508 Mcx2Svc - ok
12:37:46.0111 4508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:37:46.0117 4508 megasas - ok
12:37:46.0130 4508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:37:46.0146 4508 MegaSR - ok
12:37:46.0193 4508 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
12:37:46.0197 4508 mfeapfk - ok
12:37:46.0269 4508 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:37:46.0383 4508 mfeavfk - ok
12:37:46.0441 4508 mfeavfk01 - ok
12:37:46.0477 4508 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:37:46.0482 4508 mfefire - ok
12:37:46.0546 4508 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
12:37:46.0615 4508 mfefirek - ok
12:37:46.0652 4508 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:37:46.0659 4508 mfehidk - ok
12:37:46.0687 4508 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
12:37:46.0770 4508 mfenlfk - ok
12:37:46.0809 4508 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
12:37:46.0895 4508 mferkdet - ok
12:37:46.0940 4508 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
12:37:47.0028 4508 mfevtp - ok
12:37:47.0057 4508 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
12:37:47.0063 4508 mfewfpk - ok
12:37:47.0091 4508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:37:47.0093 4508 MMCSS - ok
12:37:47.0113 4508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:37:47.0117 4508 Modem - ok
12:37:47.0142 4508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:37:47.0144 4508 monitor - ok
12:37:47.0188 4508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:37:47.0195 4508 mouclass - ok
12:37:47.0227 4508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:37:47.0237 4508 mouhid - ok
12:37:47.0274 4508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:37:47.0277 4508 mountmgr - ok
12:37:47.0377 4508 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:37:47.0380 4508 MozillaMaintenance - ok
12:37:47.0401 4508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:37:47.0471 4508 mpio - ok
12:37:47.0501 4508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:37:47.0507 4508 mpsdrv - ok
12:37:47.0560 4508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:37:47.0579 4508 MpsSvc - ok
12:37:47.0623 4508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:37:47.0694 4508 MRxDAV - ok
12:37:47.0728 4508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:37:47.0731 4508 mrxsmb - ok
12:37:47.0772 4508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:37:47.0778 4508 mrxsmb10 - ok
12:37:47.0797 4508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:37:47.0800 4508 mrxsmb20 - ok
12:37:47.0845 4508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:37:47.0847 4508 msahci - ok
12:37:47.0887 4508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:37:47.0989 4508 msdsm - ok
12:37:48.0051 4508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:37:48.0064 4508 MSDTC - ok
12:37:48.0121 4508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:37:48.0122 4508 Msfs - ok
12:37:48.0156 4508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:37:48.0165 4508 mshidkmdf - ok
12:37:48.0203 4508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:37:48.0204 4508 msisadrv - ok
12:37:48.0244 4508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:37:48.0255 4508 MSiSCSI - ok
12:37:48.0262 4508 msiserver - ok
12:37:48.0310 4508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:37:48.0317 4508 MSKSSRV - ok
12:37:48.0325 4508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:37:48.0333 4508 MSPCLOCK - ok
12:37:48.0341 4508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:37:48.0345 4508 MSPQM - ok
12:37:48.0390 4508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:37:48.0398 4508 MsRPC - ok
12:37:48.0444 4508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:37:48.0452 4508 mssmbios - ok
12:37:48.0459 4508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:37:48.0467 4508 MSTEE - ok
12:37:48.0484 4508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:37:48.0489 4508 MTConfig - ok
12:37:48.0510 4508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:37:48.0512 4508 Mup - ok
12:37:48.0565 4508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:37:48.0631 4508 napagent - ok
12:37:48.0658 4508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:37:48.0667 4508 NativeWifiP - ok
12:37:48.0741 4508 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:37:48.0812 4508 NDIS - ok
12:37:48.0827 4508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:37:48.0833 4508 NdisCap - ok
12:37:48.0857 4508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:37:48.0862 4508 NdisTapi - ok
12:37:48.0892 4508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:37:49.0000 4508 Ndisuio - ok
12:37:49.0036 4508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:37:49.0132 4508 NdisWan - ok
12:37:49.0164 4508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:37:49.0235 4508 NDProxy - ok
12:37:49.0272 4508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:37:49.0274 4508 NetBIOS - ok
12:37:49.0309 4508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:37:49.0316 4508 NetBT - ok
12:37:49.0330 4508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:37:49.0333 4508 Netlogon - ok
12:37:49.0378 4508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:37:49.0394 4508 Netman - ok
12:37:49.0408 4508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:37:49.0420 4508 netprofm - ok
12:37:49.0443 4508 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:37:49.0448 4508 NetTcpPortSharing - ok
12:37:49.0494 4508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:37:49.0500 4508 nfrd960 - ok
12:37:49.0541 4508 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:37:49.0592 4508 NlaSvc - ok
12:37:49.0607 4508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:37:49.0609 4508 Npfs - ok
12:37:49.0640 4508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:37:49.0648 4508 nsi - ok
12:37:49.0660 4508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:37:49.0662 4508 nsiproxy - ok
12:37:49.0746 4508 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:37:49.0786 4508 Ntfs - ok
12:37:49.0802 4508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:37:49.0810 4508 Null - ok
12:37:49.0842 4508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:37:49.0927 4508 nvraid - ok
12:37:49.0963 4508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:37:50.0029 4508 nvstor - ok
12:37:50.0062 4508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:37:50.0095 4508 nv_agp - ok
12:37:50.0125 4508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:37:50.0133 4508 ohci1394 - ok
12:37:50.0187 4508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:37:50.0192 4508 ose - ok
12:37:50.0369 4508 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:37:50.0488 4508 osppsvc - ok
12:37:50.0537 4508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:37:50.0541 4508 p2pimsvc - ok
12:37:50.0569 4508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:37:50.0581 4508 p2psvc - ok
12:37:50.0612 4508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:37:50.0617 4508 Parport - ok
12:37:50.0655 4508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:37:50.0657 4508 partmgr - ok
12:37:50.0690 4508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:37:50.0705 4508 PcaSvc - ok
12:37:50.0722 4508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:37:50.0725 4508 pci - ok
12:37:50.0767 4508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:37:50.0775 4508 pciide - ok
12:37:50.0815 4508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:37:50.0826 4508 pcmcia - ok
12:37:50.0844 4508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:37:50.0846 4508 pcw - ok
12:37:50.0878 4508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:37:50.0896 4508 PEAUTH - ok
12:37:51.0010 4508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:37:51.0015 4508 PerfHost - ok
12:37:51.0105 4508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:37:51.0228 4508 pla - ok
12:37:51.0288 4508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:37:51.0342 4508 PlugPlay - ok
12:37:51.0376 4508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:37:51.0387 4508 PNRPAutoReg - ok
12:37:51.0405 4508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:37:51.0411 4508 PNRPsvc - ok
12:37:51.0459 4508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:37:51.0516 4508 PolicyAgent - ok
12:37:51.0545 4508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:37:51.0549 4508 Power - ok
12:37:51.0604 4508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:37:51.0607 4508 PptpMiniport - ok
12:37:51.0636 4508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:37:51.0641 4508 Processor - ok
12:37:51.0682 4508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:37:51.0732 4508 ProfSvc - ok
12:37:51.0749 4508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:37:51.0751 4508 ProtectedStorage - ok
12:37:51.0815 4508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:37:51.0818 4508 Psched - ok
12:37:51.0852 4508 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:37:51.0854 4508 PxHlpa64 - ok
12:37:51.0935 4508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:37:51.0999 4508 ql2300 - ok
12:37:52.0027 4508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:37:52.0031 4508 ql40xx - ok
12:37:52.0064 4508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:37:52.0075 4508 QWAVE - ok
12:37:52.0096 4508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:37:52.0104 4508 QWAVEdrv - ok
12:37:52.0116 4508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:37:52.0122 4508 RasAcd - ok
12:37:52.0137 4508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:37:52.0138 4508 RasAgileVpn - ok
12:37:52.0158 4508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:37:52.0166 4508 RasAuto - ok
12:37:52.0212 4508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:37:52.0215 4508 Rasl2tp - ok
12:37:52.0282 4508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:37:52.0334 4508 RasMan - ok
12:37:52.0365 4508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:37:52.0367 4508 RasPppoe - ok
12:37:52.0388 4508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:37:52.0391 4508 RasSstp - ok
12:37:52.0435 4508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:37:52.0441 4508 rdbss - ok
12:37:52.0457 4508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:37:52.0463 4508 rdpbus - ok
12:37:52.0491 4508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:37:52.0493 4508 RDPCDD - ok
12:37:52.0512 4508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:37:52.0513 4508 RDPENCDD - ok
12:37:52.0520 4508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:37:52.0522 4508 RDPREFMP - ok
12:37:52.0559 4508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:37:52.0657 4508 RDPWD - ok
12:37:52.0707 4508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:37:52.0712 4508 rdyboost - ok
12:37:52.0756 4508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:37:52.0766 4508 RemoteAccess - ok
12:37:52.0814 4508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:37:52.0821 4508 RemoteRegistry - ok
12:37:52.0873 4508 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:37:52.0884 4508 RFCOMM - ok
12:37:52.0905 4508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:37:52.0918 4508 RpcEptMapper - ok
12:37:52.0936 4508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:37:52.0942 4508 RpcLocator - ok
12:37:52.0988 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:37:52.0993 4508 RpcSs - ok
12:37:53.0026 4508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:37:53.0029 4508 rspndr - ok
12:37:53.0074 4508 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:37:53.0139 4508 RSUSBSTOR - ok
12:37:53.0200 4508 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:37:53.0311 4508 RTL8167 - ok
12:37:53.0327 4508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:37:53.0328 4508 SamSs - ok
12:37:53.0361 4508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:37:53.0435 4508 sbp2port - ok
12:37:53.0463 4508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:37:53.0472 4508 SCardSvr - ok
12:37:53.0516 4508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:37:53.0577 4508 scfilter - ok
12:37:53.0626 4508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:37:53.0665 4508 Schedule - ok
12:37:53.0702 4508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:37:53.0703 4508 SCPolicySvc - ok
12:37:53.0736 4508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:37:53.0795 4508 SDRSVC - ok
12:37:53.0864 4508 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
12:37:53.0869 4508 SeaPort - ok
12:37:53.0916 4508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:37:53.0921 4508 secdrv - ok
12:37:53.0958 4508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:37:54.0010 4508 seclogon - ok
12:37:54.0042 4508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:37:54.0048 4508 SENS - ok
12:37:54.0069 4508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:37:54.0075 4508 SensrSvc - ok
12:37:54.0107 4508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:37:54.0112 4508 Serenum - ok
12:37:54.0128 4508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:37:54.0133 4508 Serial - ok
12:37:54.0157 4508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:37:54.0162 4508 sermouse - ok
12:37:54.0201 4508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:37:54.0270 4508 SessionEnv - ok
12:37:54.0314 4508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:37:54.0318 4508 sffdisk - ok
12:37:54.0339 4508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:37:54.0348 4508 sffp_mmc - ok
12:37:54.0368 4508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:37:54.0418 4508 sffp_sd - ok
12:37:54.0429 4508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:37:54.0433 4508 sfloppy - ok
12:37:54.0499 4508 [ CF53DCCE55E500F51089774E851E7363 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:37:54.0515 4508 SftService - ok
12:37:54.0564 4508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:37:54.0582 4508 SharedAccess - ok
12:37:54.0634 4508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:37:54.0644 4508 ShellHWDetection - ok
12:37:54.0665 4508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:37:54.0672 4508 SiSRaid2 - ok
12:37:54.0705 4508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:37:54.0715 4508 SiSRaid4 - ok
12:37:54.0814 4508 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:37:54.0818 4508 SkypeUpdate - ok
12:37:54.0848 4508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:37:54.0858 4508 Smb - ok
12:37:54.0919 4508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:37:54.0932 4508 SNMPTRAP - ok
12:37:54.0972 4508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:37:54.0973 4508 spldr - ok
12:37:55.0029 4508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:37:55.0045 4508 Spooler - ok
12:37:55.0164 4508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:37:55.0256 4508 sppsvc - ok
12:37:55.0315 4508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:37:55.0328 4508 sppuinotify - ok
12:37:55.0390 4508 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
12:37:55.0490 4508 sprtsvc_DellSupportCenter - ok
12:37:55.0531 4508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:37:55.0540 4508 srv - ok
12:37:55.0591 4508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:37:55.0600 4508 srv2 - ok
12:37:55.0642 4508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:37:55.0701 4508 srvnet - ok
12:37:55.0741 4508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:37:55.0756 4508 SSDPSRV - ok
12:37:55.0797 4508 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
12:37:55.0864 4508 SSPORT - ok
12:37:55.0881 4508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:37:55.0884 4508 SstpSvc - ok
12:37:55.0929 4508 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:37:56.0023 4508 STacSV - ok
12:37:56.0051 4508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:37:56.0055 4508 stexstor - ok
12:37:56.0099 4508 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:37:56.0110 4508 STHDA - ok
12:37:56.0159 4508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:37:56.0243 4508 stisvc - ok
12:37:56.0278 4508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:37:56.0285 4508 swenum - ok
12:37:56.0322 4508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:37:56.0348 4508 swprv - ok
12:37:56.0408 4508 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:37:56.0500 4508 SynTP - ok
12:37:56.0574 4508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:37:56.0624 4508 SysMain - ok
12:37:56.0658 4508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:37:56.0661 4508 TabletInputService - ok
12:37:56.0705 4508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:37:56.0787 4508 TapiSrv - ok
12:37:56.0824 4508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:37:56.0829 4508 TBS - ok
12:37:56.0922 4508 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:37:56.0990 4508 Tcpip - ok
12:37:57.0037 4508 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:37:57.0047 4508 TCPIP6 - ok
12:37:57.0081 4508 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:37:57.0165 4508 tcpipreg - ok
12:37:57.0204 4508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:37:57.0216 4508 TDPIPE - ok
12:37:57.0255 4508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:37:57.0317 4508 TDTCP - ok
12:37:57.0345 4508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:37:57.0428 4508 tdx - ok
12:37:57.0478 4508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:37:57.0548 4508 TermDD - ok
12:37:57.0602 4508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:37:57.0690 4508 TermService - ok
12:37:57.0715 4508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:37:57.0717 4508 Themes - ok
12:37:57.0733 4508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:37:57.0734 4508 THREADORDER - ok
12:37:57.0749 4508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:37:57.0755 4508 TrkWks - ok
12:37:57.0809 4508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:37:57.0813 4508 TrustedInstaller - ok
12:37:57.0858 4508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:37:57.0919 4508 tssecsrv - ok
12:37:57.0979 4508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:37:58.0056 4508 TsUsbFlt - ok
12:37:58.0109 4508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:37:58.0166 4508 tunnel - ok
12:37:58.0198 4508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:37:58.0208 4508 uagp35 - ok
12:37:58.0262 4508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:37:58.0352 4508 udfs - ok
12:37:58.0391 4508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:37:58.0398 4508 UI0Detect - ok
12:37:58.0442 4508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:37:58.0449 4508 uliagpkx - ok
12:37:58.0490 4508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:37:58.0558 4508 umbus - ok
12:37:58.0597 4508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:37:58.0600 4508 UmPass - ok
12:37:58.0736 4508 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:37:58.0922 4508 UNS - ok
12:37:58.0975 4508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:37:58.0993 4508 upnphost - ok
12:37:59.0055 4508 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:37:59.0173 4508 USBAAPL64 - ok
12:37:59.0227 4508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:37:59.0295 4508 usbccgp - ok
12:37:59.0335 4508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:37:59.0345 4508 usbcir - ok
12:37:59.0388 4508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:37:59.0464 4508 usbehci - ok
12:37:59.0499 4508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:37:59.0584 4508 usbhub - ok
12:37:59.0614 4508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:37:59.0705 4508 usbohci - ok
12:37:59.0734 4508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:37:59.0737 4508 usbprint - ok
12:37:59.0759 4508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:37:59.0826 4508 USBSTOR - ok
12:37:59.0839 4508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:37:59.0926 4508 usbuhci - ok
12:38:00.0014 4508 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:38:00.0080 4508 usbvideo - ok
12:38:00.0114 4508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:38:00.0119 4508 UxSms - ok
12:38:00.0127 4508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:38:00.0128 4508 VaultSvc - ok
12:38:00.0173 4508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:38:00.0175 4508 vdrvroot - ok
12:38:00.0226 4508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:38:00.0292 4508 vds - ok
12:38:00.0334 4508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:00.0337 4508 vga - ok
12:38:00.0347 4508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:38:00.0356 4508 VgaSave - ok
12:38:00.0399 4508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:38:00.0469 4508 vhdmp - ok
12:38:00.0503 4508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:38:00.0511 4508 viaide - ok
12:38:00.0535 4508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:38:00.0537 4508 volmgr - ok
12:38:00.0586 4508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:38:00.0593 4508 volmgrx - ok
12:38:00.0610 4508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:38:00.0617 4508 volsnap - ok
12:38:00.0653 4508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:00.0666 4508 vsmraid - ok
12:38:00.0739 4508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:38:00.0750 4508 VSS - ok
12:38:00.0759 4508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:00.0762 4508 vwifibus - ok
12:38:00.0776 4508 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:00.0781 4508 vwififlt - ok
12:38:00.0807 4508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:38:00.0819 4508 W32Time - ok
12:38:00.0848 4508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:38:00.0854 4508 WacomPen - ok
12:38:00.0894 4508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:38:00.0962 4508 WANARP - ok
12:38:00.0965 4508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:38:00.0968 4508 Wanarpv6 - ok
12:38:01.0061 4508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:38:01.0088 4508 WatAdminSvc - ok
12:38:01.0160 4508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:38:01.0272 4508 wbengine - ok
12:38:01.0296 4508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:38:01.0305 4508 WbioSrvc - ok
12:38:01.0347 4508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:38:01.0407 4508 wcncsvc - ok
12:38:01.0418 4508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:01.0423 4508 WcsPlugInService - ok
12:38:01.0459 4508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:38:01.0468 4508 Wd - ok
12:38:01.0502 4508 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:38:01.0512 4508 Wdf01000 - ok
12:38:01.0526 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:38:01.0529 4508 WdiServiceHost - ok
12:38:01.0533 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:38:01.0536 4508 WdiSystemHost - ok
12:38:01.0574 4508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:38:01.0648 4508 WebClient - ok
12:38:01.0685 4508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:38:01.0694 4508 Wecsvc - ok
12:38:01.0710 4508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:38:01.0713 4508 wercplsupport - ok
12:38:01.0739 4508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:38:01.0745 4508 WerSvc - ok
12:38:01.0773 4508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:01.0776 4508 WfpLwf - ok
12:38:01.0820 4508 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:38:01.0897 4508 WimFltr - ok
12:38:01.0926 4508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:38:01.0930 4508 WIMMount - ok
12:38:01.0942 4508 WinDefend - ok
12:38:01.0951 4508 WinHttpAutoProxySvc - ok
12:38:02.0028 4508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:38:02.0033 4508 Winmgmt - ok
12:38:02.0118 4508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:38:02.0270 4508 WinRM - ok
12:38:02.0342 4508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:02.0439 4508 WinUsb - ok
12:38:02.0508 4508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:38:02.0542 4508 Wlansvc - ok
12:38:02.0683 4508 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:02.0737 4508 wlidsvc - ok
12:38:02.0771 4508 [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
12:38:02.0834 4508 wltrysvc - ok
12:38:02.0873 4508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:38:02.0881 4508 WmiAcpi - ok
12:38:02.0920 4508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:38:02.0928 4508 wmiApSrv - ok
12:38:02.0969 4508 WMPNetworkSvc - ok
12:38:03.0014 4508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:38:03.0021 4508 WPCSvc - ok
12:38:03.0065 4508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:38:03.0069 4508 WPDBusEnum - ok
12:38:03.0094 4508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:38:03.0100 4508 ws2ifsl - ok
12:38:03.0115 4508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:38:03.0123 4508 wscsvc - ok
12:38:03.0131 4508 WSearch - ok
12:38:03.0242 4508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:38:03.0275 4508 wuauserv - ok
12:38:03.0313 4508 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:38:03.0376 4508 WudfPf - ok
12:38:03.0406 4508 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:03.0468 4508 WUDFRd - ok
12:38:03.0506 4508 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:38:03.0554 4508 wudfsvc - ok
12:38:03.0581 4508 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:38:03.0592 4508 WwanSvc - ok
12:38:03.0699 4508 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:38:03.0710 4508 YahooAUService - ok
12:38:03.0749 4508 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:38:03.0765 4508 yukonw7 - ok
12:38:03.0805 4508 ================ Scan global ===============================
12:38:03.0840 4508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:38:03.0886 4508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:38:03.0952 4508 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:38:03.0975 4508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:38:04.0018 4508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:38:04.0027 4508 [Global] - ok
12:38:04.0028 4508 ================ Scan MBR ==================================
12:38:04.0059 4508 [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
12:38:04.0738 4508 \Device\Harddisk0\DR0 - ok
12:38:04.0739 4508 ================ Scan VBR ==================================
12:38:04.0743 4508 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
12:38:04.0747 4508 \Device\Harddisk0\DR0\Partition1 - ok
12:38:04.0781 4508 [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2
12:38:04.0783 4508 \Device\Harddisk0\DR0\Partition2 - ok
12:38:04.0784 4508 ============================================================
12:38:04.0784 4508 Scan finished
12:38:04.0784 4508 ============================================================
12:38:04.0801 9156 Detected object count: 0
12:38:04.0801 9156 Actual detected object count: 0

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 02 October 2012 - 01:09 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 01:12 PM

Here is the aswMBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-02 12:54:43
-----------------------------
12:54:43.231 OS Version: Windows x64 6.1.7601 Service Pack 1
12:54:43.231 Number of processors: 4 586 0x2505
12:54:43.232 ComputerName: FAMILY UserName:
12:54:44.497 Initialize success
12:58:04.263 AVAST engine defs: 12100200
12:58:51.277 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:58:51.281 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
12:58:51.310 Disk 0 MBR read successfully
12:58:51.315 Disk 0 MBR scan
12:58:51.324 Disk 0 Windows 7 default MBR code
12:58:51.344 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
12:58:51.365 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
12:58:51.387 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461838 MB offset 30926848
12:58:51.427 Disk 0 scanning C:\Windows\system32\drivers
12:59:06.769 Service scanning
13:00:08.715 Modules scanning
13:00:08.731 Disk 0 trace - called modules:
13:00:08.765 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:00:09.100 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c52060]
13:00:09.110 3 CLASSPNP.SYS[fffff8800164d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004983050]
13:00:10.674 AVAST engine scan C:\Windows
13:00:15.105 AVAST engine scan C:\Windows\system32
13:06:27.545 AVAST engine scan C:\Windows\system32\drivers
13:06:47.861 AVAST engine scan C:\Users\Family
13:10:54.730 Disk 0 MBR has been saved successfully to "C:\Users\Family\Downloads\MBR.dat"
13:10:54.739 The log file has been saved successfully to "C:\Users\Family\Downloads\aswMBR log.txt"

#5 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 01:18 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Family (administrator) on 02-10-2012 at 13:13:47
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost








































































































































































































108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.
67.215.245.19 www.google-analytics.com.
67.215.245.19 ad-emea.doubleclick.net.
67.215.245.19 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Family
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 5C-AC-4C-E7-1D-1A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 1C-65-9D-67-D5-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-67-D5-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e1dc:c5f8:f87c:d8fa%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, September 23, 2012 3:22:04 AM
Lease Expires . . . . . . . . . . : Wednesday, October 03, 2012 12:00:50 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 219964829
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-35-54-C0-F0-4D-A2-99-0E-7D
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8E48C1EE-E81B-43EF-A485-2A65C370263A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{11A32A34-FB35-4FE4-A8B0-72B08853F739}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c4a:3f4a:9cbb:d327(Preferred)
Link-local IPv6 Address . . . . . : fe80::c4a:3f4a:9cbb:d327%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4002:801::1009
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104


Pinging google.com [74.125.227.38] with 32 bytes of data:
Reply from 74.125.227.38: bytes=32 time=374ms TTL=52
Reply from 74.125.227.38: bytes=32 time=51ms TTL=52

Ping statistics for 74.125.227.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 374ms, Average = 212ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=237ms TTL=48
Reply from 72.30.38.140: bytes=32 time=271ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 237ms, Maximum = 271ms, Average = 254ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...5c ac 4c e7 1d 1a ......Bluetooth Device (Personal Area Network)
12...1c 65 9d 67 d5 43 ......Broadcom Virtual Wireless Adapter
11...1c 65 9d 67 d5 43 ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.68 281
192.168.1.68 255.255.255.255 On-link 192.168.1.68 281
192.168.1.255 255.255.255.255 On-link 192.168.1.68 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:c4a:3f4a:9cbb:d327/128
On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::c4a:3f4a:9cbb:d327/128
On-link
11 281 fe80::e1dc:c5f8:f87c:d8fa/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/02/2012 00:00:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 150541

Error: (10/02/2012 00:00:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 150541

Error: (10/02/2012 00:00:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/02/2012 11:58:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134

Error: (10/02/2012 11:58:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134

Error: (10/02/2012 11:58:22 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/02/2012 11:58:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3089

Error: (10/02/2012 11:58:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3089

Error: (10/02/2012 11:58:21 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/02/2012 11:58:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044


System errors:
=============
Error: (10/02/2012 00:00:51 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/02/2012 02:43:52 AM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/01/2012 06:05:51 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/01/2012 03:52:12 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/01/2012 02:19:14 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/01/2012 11:29:50 AM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/01/2012 09:16:06 AM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (10/01/2012 07:10:59 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (10/01/2012 03:17:53 AM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (09/30/2012 06:45:20 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.


Microsoft Office Sessions:
=========================
Error: (10/02/2012 00:00:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 150541

Error: (10/02/2012 00:00:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 150541

Error: (10/02/2012 00:00:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/02/2012 11:58:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134

Error: (10/02/2012 11:58:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134

Error: (10/02/2012 11:58:22 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/02/2012 11:58:21 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3089

Error: (10/02/2012 11:58:21 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3089

Error: (10/02/2012 11:58:21 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/02/2012 11:58:20 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Photoshop Lightroom 3.4 64-bit (Version: 3.4.1)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader 9.5.1 (Version: 9.5.1)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.609.0)
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.7.42)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.4323.24051)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.40)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Webcam Central (Version: 1.40.05)
Dropbox (Version: 1.4.17)
DW WLAN Card Utility (Version: 5.60.48.35)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
GoToAssist 8.0.0.514
iCloud (Version: 1.1.0.40)
Inkscape 0.48.1 (Version: 0.48.1)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.4.1002)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 18 (64-bit) (Version: 6.0.180)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LastPass (uninstall only)
LEGO Universe
Live! Cam Avatar Creator (Version: 4.6.3009.1)
LoJack Factory Installer (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SecurityCenter (Version: 11.0.669)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Publisher 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Monopoly® (Version: 3.0.2.32)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OverDrive Media Console (Version: 3.2.20)
Picasa 3 (Version: 3.8)
Quickset64 (Version: 10.5.0)
QuickTime (Version: 7.70.80.34)
Roxio Burn (Version: 1.01)
Samsung CLP-310 Series
Samsung ML-2510 Series
Skype Toolbars (Version: 5.0.4126)
Skype™ 5.10 (Version: 5.10.116)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
WIDCOMM Bluetooth Software (Version: 6.2.1.1100)
WildTangent Games (Version: 1.0.0.71)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Dell Games) (Version: 4.0.5.37)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (Version: 03/24/2010 6.3.0.2501)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 3894.69 MB
Available physical RAM: 1606.24 MB
Total Pagefile: 7787.57 MB
Available Pagefile: 4370.37 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.59 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:352.63 GB) NTFS

========================= Users: ========================================

User accounts for \\FAMILY

Administrator Family Guest


**** End of log ****

#6 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 04:20 PM

I ran ESET as recommended in another similar thread, and it found and deleted the Krypik trojan. Everything seems to be working correctly now. Is there anything else I should do now? Here is the text.

C:\Users\Family\AppData\Local\Temp\10.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\115E.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\12E4.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\17F2.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\1802.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\1831.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\1850.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\18AE.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\1978.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\1F52.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\1FEF.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\20.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\21.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\21A4.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\24FD.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\24FE.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\2C4C.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\2D18.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\2D27.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\2D28.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\2DB4.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\3052.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\30CF.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\3726.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\38EA.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\3B26.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\3B89.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\4143.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\42AA.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\4336.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\4365.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\4394.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\43C3.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\451A.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\453.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\48A3.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\495E.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\498D.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\4EF9.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\5060.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\537C.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\5485.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\5486.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\5487.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\556F.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\5570.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\58B9.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\61CE.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\626A.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\62F6.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\63A2.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\649B.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6518.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6528.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6529.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\668F.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6C87.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6DD0.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6E4D.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6EAA.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6ED9.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6EF8.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6F56.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\6F75.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7A10.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7A4D.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7A7C.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7A8C.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7C31.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7CBE.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7CED.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7D5A.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7DD7.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7DE6.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\7E25.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\80A4.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\817F.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\818E.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\81DC.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\8298.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\8372.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\83FE.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9222.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\987E.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9951.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9952.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9B64.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9DC4.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9E98.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9F0C.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\9F0D.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\A2F2.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\AB7B.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\ABC9.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\ABCA.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\AD01.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\AD02.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\AD11.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\ADBC.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\B079.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\B0B8.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\B5D7.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CB6D.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CEF1.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CF8D.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CF8E.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CF8F.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CF90.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CF91.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\CFBC.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\D539.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DBCD.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DCA7.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DD24.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DD82.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DDF.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DE2D.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DE4D.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DEBA.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DEC9.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DF18.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\DF56.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E030.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E07E.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E10B.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E168.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E169.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E4B3.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E520.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E521.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E58D.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E5EC.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E648.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E6B5.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E761.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E7EF.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E80.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E815.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E8C8.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\E993.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EA0.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EA1.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EA2.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EA3.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EA4.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EA5.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EAAB.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\ECE.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EF2E.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EF7C.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EFBA.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\EFCA.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\F0D3.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\F5D2.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\F5D3.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\F92C.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\F9B8.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FA45.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FBFB.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FC0B.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FC95.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FCF3.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FD12.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FD8F.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FDB0.tmp Win64/Simda.A trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FE0C.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FE1C.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FE3B.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FEF6.tmp a variant of Win32/Injector.UNP trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FF35.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\FFB1.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE126F.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE15.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE1EFD.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE2264.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE238B.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE3591.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE40A7.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE4FBE.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE56C6.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE5FD3.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE605.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE670.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE69B3.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE78C9.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE7FCA.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE824F.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE84DC.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE93E3.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SE9587.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEA04F.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEA054.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEA19C.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEA305.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEA696.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEABE4.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEADF4.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEAF07.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEC319.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEC324.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SECAA4.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SECF3A.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SED702.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SED9B6.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEDB56.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEE18E.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEE204.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEE388.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEECF.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEED1C.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEF72B.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEF7D8.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEFDF3.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined
C:\Users\Family\AppData\Local\Temp\SEFE13.tmp.dll a variant of Win64/Kryptik.D trojan cleaned by deleting - quarantined

Edited by heather_c, 02 October 2012 - 09:53 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 02 October 2012 - 04:44 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here



Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Right click on the tool and select run as administrator.After scan gets completed,post the generated log here.

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log

Edited by narenxp, 02 October 2012 - 04:44 PM.


#8 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 09:37 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.02.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Family :: FAMILY [administrator]

10/2/2012 5:55:31 PM
mbam-log-2012-10-02 (17-55-31).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 415056
Time elapsed: 2 hour(s), 15 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Family\AppData\Local\Temp\0.12041292232150003.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

(end)

#9 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 09:54 PM

Farbar Service Scanner Version: 19-09-2012
Ran by Family (administrator) on 02-10-2012 at 21:50:52
Running from "C:\Users\Family\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 10:05 PM

# AdwCleaner v2.003 - Logfile created 10/02/2012 at 22:00:17
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Family - FAMILY
# Boot Mode : Normal
# Running from : C:\Users\Family\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\mumb4h76.default\searchplugins\search.xml
Folder Deleted : C:\Users\~1\AppData\Local\Temp\boost_interprocess

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\mumb4h76.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1395 octets] - [02/10/2012 22:00:17]

########## EOF - C:\AdwCleaner[S1].txt - [1455 octets] ##########

#11 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 10:18 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.2 (10.02.2012)
OS: Windows 7 Home Premium x64
Ran by Family on Tue 10/02/2012 at 22:16:49.02
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/02/2012 at 22:17:04.27
End of Report

#12 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 02 October 2012 - 10:29 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Family (administrator) on 02-10-2012 at 22:29:15
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:46 PM

Posted 02 October 2012 - 10:36 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 03 October 2012 - 06:48 AM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/03/2012 06:46:58 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\Samsung\PanelMgr\SSMMgr.exe (PID: 4160) [WD-HEUR]
* C:\Windows\Samsung\PanelMgr\caller64.exe (PID: 4892) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/03/2012 06:47:22 AM
Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)

#15 heather_c

heather_c
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 03 October 2012 - 07:15 AM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "Dell DataSafe Online" "DataSafeOnline" "" "c:\program files (x86)\dell datasafe online\datasafeonline.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "Samsung PanelMgr" "" "" "c:\windows\samsung\panelmgr\ssmmgr.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "DSUpdateLauncher" "Hidden Start" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\hstart.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Users\Cabanas Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\cabanas family\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cabanas family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cabanas family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\cabanas family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\family\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "LastPass Browser Helper Object" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass\lpbar64.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120425122350.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn2\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "LastPass Browser Helper Object" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass\lpbar.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120425122350.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn0\ytsingleinstance.dll"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "LastPass Toolbar" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass\lpbar64.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "LastPass Toolbar" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass\lpbar.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn2\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "LastPass" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass\lpbar64.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "LastPass" "LastPass Toolbar" "LastPass" "c:\program files (x86)\lastpass\lpbar.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-CabanasFamily-Cabanas Family" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\{5543CD5D-E159-4F1D-A677-B8189069E237}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{7841B96D-6289-4C34-94FE-2770C53871FA}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{DCC74D46-7618-44DB-BA68-E71D155C3F24}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor9.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\photoshopelementsfileagent.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsr64.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv64.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "Dell Inc." "c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BcmVWL" "Broadcom 802.11 Network Adapter Virtual Wireless Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmvwl64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt" "Widcomm Bluetooth USB Filter for Windows XP" "Broadcom Corporation." "c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "DgiVecp" "Windows 2k,XP IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes" "Samsung Electronics Co., Ltd." "c:\windows\system32\drivers\dgivecp.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SSPORT" "Port Contention Driver" "Samsung Electronics" "c:\windows\system32\drivers\ssport.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_avc_ds.ax"
+ "MainConcept DV Dif Parser" "DV Dif Parser DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder" "DirectShow DVCPro Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer" "DV-Splitter DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder" "DirectShow DVCPro50 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder" "DirectShow DVCProHD Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Track1Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track2filter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CL31C Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\cl31cl6.dll"
+ "SUGO3 Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\sugo3l6.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users