Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue screen appears


  • Please log in to reply
16 replies to this topic

#1 jfa8844

jfa8844

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 08 October 2012 - 06:50 PM

Hello, this is my first post in a forum like this, I hope someone can help me and thank you in advance.

For the past couple of months my computer will randomly go to a blue screen which states:

"A problem has been detected and windows has been shut down to prevent damage to your computer.

A driver has overrun a stack-based buffer. This overrun could potentially allow a malicious user to gain control of this machine.

If this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

If problems continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such a caching or shadowing. If you need to use safe mode to remove or disable components, restart your computer, pres F8 to select Advances Startup Options, and then select safe mode.

Technical information:

*** STOP: 0x000000F7 (0xFFFFFSS00A2444C0, 0x0000FSS00S940267, 0xFFFF077FF768FD98, 0x0000000000000000)

Collecting data for crash dump ...
Initializing disk for crash dump ...
Beginning dump of physical memory,
Dumping physical memory to disk: 100
Physical memory dump complete.
Contact your system admin or technical support group for further assistance."

I then have to unplug my computer and remove its battery in order to restart. Since about the same time I have been experiencing an occasional google redirect problem in Firefox, this problem has been resolved since I shut down several firefox add-ins; I don't know if the two are related.
My computer is a Dell Laptop which is running Windows 7. I have AVG for my anti-virus. I have tried Malwarebytes anti-malware and Spybot Search and Destroy with no luck.

Please let me know what additional information is needed.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 08 October 2012 - 06:56 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 October 2012 - 10:35 AM

Thank you for your response. Here are the requested files:

19:12:16.0565 1084 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:12:16.0869 1084 ============================================================
19:12:16.0869 1084 Current date / time: 2012/10/08 19:12:16.0869
19:12:16.0869 1084 SystemInfo:
19:12:16.0869 1084
19:12:16.0869 1084 OS Version: 6.1.7601 ServicePack: 1.0
19:12:16.0869 1084 Product type: Workstation
19:12:16.0870 1084 ComputerName: JOHN-PC
19:12:16.0870 1084 UserName: John
19:12:16.0870 1084 Windows directory: C:\Windows
19:12:16.0870 1084 System windows directory: C:\Windows
19:12:16.0870 1084 Running under WOW64
19:12:16.0870 1084 Processor architecture: Intel x64
19:12:16.0870 1084 Number of processors: 8
19:12:16.0870 1084 Page size: 0x1000
19:12:16.0870 1084 Boot type: Normal boot
19:12:16.0870 1084 ============================================================
19:12:17.0792 1084 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:12:17.0803 1084 ============================================================
19:12:17.0803 1084 \Device\Harddisk0\DR0:
19:12:17.0803 1084 MBR partitions:
19:12:17.0803 1084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
19:12:17.0803 1084 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
19:12:17.0803 1084 ============================================================
19:12:17.0839 1084 C: <-> \Device\Harddisk0\DR0\Partition2
19:12:17.0839 1084 ============================================================
19:12:17.0839 1084 Initialize success
19:12:17.0839 1084 ============================================================
19:12:55.0438 6120 ============================================================
19:12:55.0438 6120 Scan started
19:12:55.0438 6120 Mode: Manual; TDLFS;
19:12:55.0438 6120 ============================================================
19:12:56.0085 6120 ================ Scan system memory ========================
19:12:56.0085 6120 System memory - ok
19:12:56.0086 6120 ================ Scan services =============================
19:12:56.0248 6120 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:12:56.0251 6120 1394ohci - ok
19:12:56.0271 6120 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
19:12:56.0272 6120 Acceler - ok
19:12:56.0320 6120 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:12:56.0326 6120 ACPI - ok
19:12:56.0374 6120 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:12:56.0375 6120 AcpiPmi - ok
19:12:56.0501 6120 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:12:56.0503 6120 AdobeFlashPlayerUpdateSvc - ok
19:12:56.0547 6120 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:12:56.0554 6120 adp94xx - ok
19:12:56.0569 6120 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:12:56.0572 6120 adpahci - ok
19:12:56.0587 6120 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:12:56.0590 6120 adpu320 - ok
19:12:56.0615 6120 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:12:56.0616 6120 AeLookupSvc - ok
19:12:56.0903 6120 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
19:12:56.0904 6120 AESTFilters - ok
19:12:56.0973 6120 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:12:56.0977 6120 AFD - ok
19:12:57.0027 6120 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:12:57.0029 6120 agp440 - ok
19:12:57.0040 6120 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:12:57.0042 6120 ALG - ok
19:12:57.0067 6120 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:12:57.0068 6120 aliide - ok
19:12:57.0093 6120 [ 17F20770F46711910271994E72A7540A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:12:57.0094 6120 AMD External Events Utility - ok
19:12:57.0097 6120 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:12:57.0097 6120 amdide - ok
19:12:57.0110 6120 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:12:57.0111 6120 AmdK8 - ok
19:12:57.0215 6120 [ 1D79CC1E4ED5F4D80A13BEE7A26DFD6A ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
19:12:57.0308 6120 amdkmdag - ok
19:12:57.0322 6120 [ 791B17BBDE5AE66DF3518F19890D9B83 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:12:57.0324 6120 amdkmdap - ok
19:12:57.0327 6120 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:12:57.0328 6120 AmdPPM - ok
19:12:57.0375 6120 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:12:57.0377 6120 amdsata - ok
19:12:57.0393 6120 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:12:57.0396 6120 amdsbs - ok
19:12:57.0410 6120 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:12:57.0410 6120 amdxata - ok
19:12:57.0453 6120 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:12:57.0454 6120 AppID - ok
19:12:57.0466 6120 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:12:57.0467 6120 AppIDSvc - ok
19:12:57.0524 6120 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:12:57.0526 6120 Appinfo - ok
19:12:57.0614 6120 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:12:57.0616 6120 Apple Mobile Device - ok
19:12:57.0635 6120 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:12:57.0636 6120 arc - ok
19:12:57.0656 6120 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:12:57.0657 6120 arcsas - ok
19:12:57.0676 6120 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:57.0676 6120 AsyncMac - ok
19:12:57.0724 6120 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:12:57.0724 6120 atapi - ok
19:12:57.0752 6120 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:12:57.0753 6120 AtiHdmiService - ok
19:12:57.0806 6120 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:12:57.0813 6120 AudioEndpointBuilder - ok
19:12:57.0827 6120 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:12:57.0830 6120 AudioSrv - ok
19:12:57.0978 6120 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:12:58.0110 6120 AVGIDSAgent - ok
19:12:58.0139 6120 [ 5FD4D6C35738899905E16E5284981427 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:12:58.0141 6120 AVGIDSDriver - ok
19:12:58.0154 6120 [ 132251CBBB95062E12FF21E212EB8FB4 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:12:58.0155 6120 AVGIDSHA - ok
19:12:58.0167 6120 [ 996FCACE7A8EFD926C8BB2C70A40C83F ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:12:58.0169 6120 Avgldx64 - ok
19:12:58.0192 6120 [ 3E0E2D8CD63C58A37CF81704E83459DD ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
19:12:58.0195 6120 Avgloga - ok
19:12:58.0204 6120 [ DC353C527816297BD11B13EA60C9BE75 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:12:58.0205 6120 Avgmfx64 - ok
19:12:58.0212 6120 [ 639CBC2F67FB25F9AB31957D9BF5CF8F ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:12:58.0213 6120 Avgrkx64 - ok
19:12:58.0226 6120 [ 1917293728A872BF520952F69E024FE6 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:12:58.0228 6120 Avgtdia - ok
19:12:58.0256 6120 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
19:12:58.0257 6120 avgtp - ok
19:12:58.0284 6120 [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:12:58.0285 6120 avgwd - ok
19:12:58.0339 6120 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:12:58.0341 6120 AxInstSV - ok
19:12:58.0382 6120 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:12:58.0388 6120 b06bdrv - ok
19:12:58.0421 6120 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:12:58.0424 6120 b57nd60a - ok
19:12:58.0451 6120 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
19:12:58.0451 6120 BCM42RLY - ok
19:12:58.0522 6120 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:12:58.0533 6120 BCM43XX - ok
19:12:58.0571 6120 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:12:58.0573 6120 BDESVC - ok
19:12:58.0593 6120 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:12:58.0594 6120 Beep - ok
19:12:58.0660 6120 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:12:58.0668 6120 BFE - ok
19:12:58.0729 6120 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:12:58.0733 6120 BITS - ok
19:12:58.0755 6120 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:12:58.0756 6120 blbdrive - ok
19:12:58.0839 6120 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:12:58.0843 6120 Bonjour Service - ok
19:12:58.0903 6120 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:12:58.0905 6120 bowser - ok
19:12:58.0918 6120 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:12:58.0919 6120 BrFiltLo - ok
19:12:58.0935 6120 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:12:58.0936 6120 BrFiltUp - ok
19:12:58.0952 6120 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:12:58.0954 6120 BridgeMP - ok
19:12:59.0004 6120 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:12:59.0006 6120 Browser - ok
19:12:59.0027 6120 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:12:59.0030 6120 Brserid - ok
19:12:59.0033 6120 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:59.0034 6120 BrSerWdm - ok
19:12:59.0048 6120 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:59.0049 6120 BrUsbMdm - ok
19:12:59.0058 6120 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:59.0059 6120 BrUsbSer - ok
19:12:59.0072 6120 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:59.0073 6120 BTHMODEM - ok
19:12:59.0086 6120 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:12:59.0087 6120 bthserv - ok
19:12:59.0116 6120 catchme - ok
19:12:59.0131 6120 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:12:59.0132 6120 cdfs - ok
19:12:59.0183 6120 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:12:59.0186 6120 cdrom - ok
19:12:59.0231 6120 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:12:59.0233 6120 CertPropSvc - ok
19:12:59.0248 6120 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:12:59.0249 6120 circlass - ok
19:12:59.0271 6120 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:12:59.0275 6120 CLFS - ok
19:12:59.0334 6120 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:59.0336 6120 clr_optimization_v2.0.50727_32 - ok
19:12:59.0377 6120 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:12:59.0380 6120 clr_optimization_v2.0.50727_64 - ok
19:12:59.0445 6120 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:59.0446 6120 clr_optimization_v4.0.30319_32 - ok
19:12:59.0491 6120 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:12:59.0492 6120 clr_optimization_v4.0.30319_64 - ok
19:12:59.0499 6120 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:59.0500 6120 CmBatt - ok
19:12:59.0545 6120 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:12:59.0546 6120 cmdide - ok
19:12:59.0611 6120 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:12:59.0616 6120 CNG - ok
19:12:59.0642 6120 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:12:59.0642 6120 Compbatt - ok
19:12:59.0697 6120 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:12:59.0698 6120 CompositeBus - ok
19:12:59.0702 6120 COMSysApp - ok
19:12:59.0720 6120 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:12:59.0721 6120 crcdisk - ok
19:12:59.0765 6120 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:12:59.0767 6120 Creative ALchemy AL6 Licensing Service - ok
19:12:59.0797 6120 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:12:59.0799 6120 Creative Audio Engine Licensing Service - ok
19:12:59.0858 6120 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:12:59.0861 6120 CryptSvc - ok
19:12:59.0899 6120 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:12:59.0901 6120 CTAudSvcService - ok
19:12:59.0925 6120 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:12:59.0927 6120 CtClsFlt - ok
19:12:59.0979 6120 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:12:59.0984 6120 DcomLaunch - ok
19:13:00.0008 6120 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:13:00.0011 6120 defragsvc - ok
19:13:00.0058 6120 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:13:00.0060 6120 DfsC - ok
19:13:00.0120 6120 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:13:00.0124 6120 Dhcp - ok
19:13:00.0134 6120 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:13:00.0135 6120 discache - ok
19:13:00.0155 6120 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:13:00.0156 6120 Disk - ok
19:13:00.0201 6120 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:13:00.0203 6120 Dnscache - ok
19:13:00.0246 6120 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
19:13:00.0248 6120 DockLoginService - ok
19:13:00.0302 6120 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:13:00.0306 6120 dot3svc - ok
19:13:00.0354 6120 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:13:00.0356 6120 Dot4 - ok
19:13:00.0393 6120 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
19:13:00.0394 6120 Dot4Print - ok
19:13:00.0413 6120 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:13:00.0414 6120 dot4usb - ok
19:13:00.0465 6120 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:13:00.0468 6120 DPS - ok
19:13:00.0514 6120 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:13:00.0515 6120 drmkaud - ok
19:13:00.0574 6120 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
19:13:00.0575 6120 dsNcAdpt - ok
19:13:00.0669 6120 [ 586855D6FD2BD978723B502306D6EC78 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
19:13:00.0674 6120 dsNcService - ok
19:13:00.0744 6120 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:13:00.0757 6120 DXGKrnl - ok
19:13:00.0771 6120 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:13:00.0773 6120 EapHost - ok
19:13:00.0836 6120 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:13:00.0884 6120 ebdrv - ok
19:13:00.0941 6120 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:13:00.0942 6120 EFS - ok
19:13:00.0990 6120 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:13:00.0997 6120 ehRecvr - ok
19:13:01.0024 6120 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:13:01.0027 6120 ehSched - ok
19:13:01.0068 6120 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:13:01.0074 6120 elxstor - ok
19:13:01.0116 6120 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:13:01.0117 6120 ErrDev - ok
19:13:01.0168 6120 [ 70A8FFBFC3BFCEDB3700A151764F5B06 ] EST_BusEnum C:\Windows\system32\DRIVERS\GenBus.sys
19:13:01.0169 6120 EST_BusEnum - ok
19:13:01.0223 6120 [ 5BABC0A42195E502B0369A02EA962C40 ] EST_Server C:\Windows\system32\DRIVERS\GenHC.sys
19:13:01.0226 6120 EST_Server - ok
19:13:01.0242 6120 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:13:01.0245 6120 EventSystem - ok
19:13:01.0258 6120 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:13:01.0260 6120 exfat - ok
19:13:01.0287 6120 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
19:13:01.0290 6120 FACAP - ok
19:13:01.0373 6120 [ 25AFC9A2DA1939AE295B346D81390C21 ] FAService c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
19:13:01.0382 6120 FAService - ok
19:13:01.0392 6120 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:13:01.0395 6120 fastfat - ok
19:13:01.0454 6120 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:13:01.0463 6120 Fax - ok
19:13:01.0473 6120 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:13:01.0474 6120 fdc - ok
19:13:01.0484 6120 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:13:01.0484 6120 fdPHost - ok
19:13:01.0492 6120 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:13:01.0493 6120 FDResPub - ok
19:13:01.0507 6120 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:13:01.0508 6120 FileInfo - ok
19:13:01.0520 6120 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:13:01.0521 6120 Filetrace - ok
19:13:01.0580 6120 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:13:01.0587 6120 FLEXnet Licensing Service - ok
19:13:01.0600 6120 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:13:01.0601 6120 flpydisk - ok
19:13:01.0654 6120 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:13:01.0656 6120 FltMgr - ok
19:13:01.0701 6120 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:13:01.0724 6120 FontCache - ok
19:13:01.0799 6120 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:13:01.0801 6120 FontCache3.0.0.0 - ok
19:13:01.0816 6120 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:13:01.0817 6120 FsDepends - ok
19:13:01.0863 6120 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:13:01.0865 6120 fssfltr - ok
19:13:01.0924 6120 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:13:01.0955 6120 fsssvc - ok
19:13:02.0014 6120 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:13:02.0015 6120 Fs_Rec - ok
19:13:02.0060 6120 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:13:02.0063 6120 fvevol - ok
19:13:02.0085 6120 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:13:02.0087 6120 gagp30kx - ok
19:13:02.0147 6120 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:13:02.0148 6120 GEARAspiWDM - ok
19:13:02.0194 6120 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
19:13:02.0196 6120 GoToAssist - ok
19:13:02.0248 6120 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:13:02.0258 6120 gpsvc - ok
19:13:02.0364 6120 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:13:02.0365 6120 gupdate - ok
19:13:02.0371 6120 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:13:02.0373 6120 gupdatem - ok
19:13:02.0386 6120 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:13:02.0388 6120 hcw85cir - ok
19:13:02.0447 6120 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:13:02.0448 6120 HDAudBus - ok
19:13:02.0466 6120 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:13:02.0467 6120 HidBatt - ok
19:13:02.0476 6120 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:13:02.0478 6120 HidBth - ok
19:13:02.0481 6120 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:13:02.0482 6120 HidIr - ok
19:13:02.0510 6120 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:13:02.0512 6120 hidserv - ok
19:13:02.0542 6120 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:13:02.0543 6120 HidUsb - ok
19:13:02.0589 6120 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:13:02.0592 6120 hkmsvc - ok
19:13:02.0642 6120 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:13:02.0645 6120 HomeGroupListener - ok
19:13:02.0658 6120 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:13:02.0661 6120 HomeGroupProvider - ok
19:13:02.0694 6120 [ 2265C80E5628CFBD9E034ED74F59C030 ] HP1319EWS C:\Windows\system32\Drivers\HP1319EWS.sys
19:13:02.0695 6120 HP1319EWS - ok
19:13:02.0707 6120 [ 3711FD6CC88934B64E68ECD9D79C7095 ] HP1319FAX C:\Windows\system32\Drivers\HP1319FAX.sys
19:13:02.0708 6120 HP1319FAX - ok
19:13:02.0753 6120 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:13:02.0755 6120 HpSAMD - ok
19:13:02.0809 6120 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:13:02.0820 6120 HTTP - ok
19:13:02.0864 6120 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:13:02.0864 6120 hwpolicy - ok
19:13:02.0910 6120 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:13:02.0912 6120 i8042prt - ok
19:13:02.0931 6120 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:13:02.0936 6120 iaStorV - ok
19:13:03.0002 6120 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:13:03.0020 6120 idsvc - ok
19:13:03.0039 6120 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:13:03.0040 6120 iirsp - ok
19:13:03.0061 6120 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:13:03.0068 6120 IKEEXT - ok
19:13:03.0119 6120 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:13:03.0120 6120 intelide - ok
19:13:03.0145 6120 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:13:03.0146 6120 intelppm - ok
19:13:03.0159 6120 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:13:03.0162 6120 IPBusEnum - ok
19:13:03.0213 6120 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:13:03.0215 6120 IpFilterDriver - ok
19:13:03.0269 6120 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:13:03.0275 6120 iphlpsvc - ok
19:13:03.0321 6120 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:13:03.0323 6120 IPMIDRV - ok
19:13:03.0334 6120 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:13:03.0336 6120 IPNAT - ok
19:13:03.0422 6120 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:13:03.0443 6120 iPod Service - ok
19:13:03.0480 6120 [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv C:\Windows\system32\drivers\iPodDrv.sys
19:13:03.0481 6120 iPodDrv - ok
19:13:03.0500 6120 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:13:03.0501 6120 IRENUM - ok
19:13:03.0558 6120 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:13:03.0559 6120 isapnp - ok
19:13:03.0603 6120 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:13:03.0607 6120 iScsiPrt - ok
19:13:03.0623 6120 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:13:03.0624 6120 kbdclass - ok
19:13:03.0678 6120 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:13:03.0679 6120 kbdhid - ok
19:13:03.0692 6120 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:13:03.0693 6120 KeyIso - ok
19:13:03.0708 6120 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:13:03.0709 6120 KSecDD - ok
19:13:03.0757 6120 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:13:03.0760 6120 KSecPkg - ok
19:13:03.0768 6120 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:13:03.0770 6120 ksthunk - ok
19:13:03.0803 6120 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:13:03.0809 6120 KtmRm - ok
19:13:03.0852 6120 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:13:03.0855 6120 LanmanServer - ok
19:13:03.0904 6120 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:13:03.0907 6120 LanmanWorkstation - ok
19:13:03.0917 6120 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:13:03.0919 6120 lltdio - ok
19:13:03.0941 6120 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:13:03.0944 6120 lltdsvc - ok
19:13:03.0952 6120 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:13:03.0953 6120 lmhosts - ok
19:13:03.0981 6120 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:13:03.0982 6120 LSI_FC - ok
19:13:03.0991 6120 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:13:03.0992 6120 LSI_SAS - ok
19:13:04.0007 6120 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:13:04.0008 6120 LSI_SAS2 - ok
19:13:04.0018 6120 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:13:04.0020 6120 LSI_SCSI - ok
19:13:04.0032 6120 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:13:04.0033 6120 luafv - ok
19:13:04.0074 6120 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:13:04.0077 6120 Mcx2Svc - ok
19:13:04.0081 6120 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:13:04.0082 6120 megasas - ok
19:13:04.0099 6120 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:13:04.0102 6120 MegaSR - ok
19:13:04.0177 6120 Microsoft SharePoint Workspace Audit Service - ok
19:13:04.0207 6120 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:13:04.0208 6120 MMCSS - ok
19:13:04.0218 6120 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:13:04.0219 6120 Modem - ok
19:13:04.0233 6120 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:13:04.0233 6120 monitor - ok
19:13:04.0281 6120 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:13:04.0282 6120 mouclass - ok
19:13:04.0302 6120 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:13:04.0303 6120 mouhid - ok
19:13:04.0353 6120 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:13:04.0355 6120 mountmgr - ok
19:13:04.0390 6120 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:13:04.0392 6120 MozillaMaintenance - ok
19:13:04.0440 6120 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:13:04.0443 6120 mpio - ok
19:13:04.0458 6120 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:13:04.0460 6120 mpsdrv - ok
19:13:04.0517 6120 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:13:04.0527 6120 MpsSvc - ok
19:13:04.0577 6120 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:13:04.0579 6120 MRxDAV - ok
19:13:04.0622 6120 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:13:04.0625 6120 mrxsmb - ok
19:13:04.0681 6120 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:13:04.0684 6120 mrxsmb10 - ok
19:13:04.0697 6120 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:13:04.0698 6120 mrxsmb20 - ok
19:13:04.0743 6120 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:13:04.0744 6120 msahci - ok
19:13:04.0788 6120 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:13:04.0790 6120 msdsm - ok
19:13:04.0809 6120 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:13:04.0811 6120 MSDTC - ok
19:13:04.0825 6120 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:13:04.0826 6120 Msfs - ok
19:13:04.0834 6120 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:13:04.0835 6120 mshidkmdf - ok
19:13:04.0875 6120 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:13:04.0876 6120 msisadrv - ok
19:13:04.0898 6120 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:13:04.0900 6120 MSiSCSI - ok
19:13:04.0903 6120 msiserver - ok
19:13:04.0921 6120 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:13:04.0922 6120 MSKSSRV - ok
19:13:04.0938 6120 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:13:04.0939 6120 MSPCLOCK - ok
19:13:04.0953 6120 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:13:04.0954 6120 MSPQM - ok
19:13:05.0005 6120 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:13:05.0009 6120 MsRPC - ok
19:13:05.0048 6120 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:13:05.0049 6120 mssmbios - ok
19:13:05.0062 6120 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:13:05.0063 6120 MSTEE - ok
19:13:05.0077 6120 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:13:05.0078 6120 MTConfig - ok
19:13:05.0091 6120 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:13:05.0092 6120 Mup - ok
19:13:05.0147 6120 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:13:05.0151 6120 napagent - ok
19:13:05.0182 6120 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:13:05.0186 6120 NativeWifiP - ok
19:13:05.0246 6120 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:13:05.0267 6120 NDIS - ok
19:13:05.0278 6120 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:13:05.0279 6120 NdisCap - ok
19:13:05.0296 6120 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:13:05.0297 6120 NdisTapi - ok
19:13:05.0344 6120 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:13:05.0345 6120 Ndisuio - ok
19:13:05.0389 6120 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:13:05.0391 6120 NdisWan - ok
19:13:05.0438 6120 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:13:05.0439 6120 NDProxy - ok
19:13:05.0484 6120 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:13:05.0486 6120 Net Driver HPZ12 - ok
19:13:05.0499 6120 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:13:05.0500 6120 NetBIOS - ok
19:13:05.0550 6120 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:13:05.0553 6120 NetBT - ok
19:13:05.0567 6120 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:13:05.0568 6120 Netlogon - ok
19:13:05.0603 6120 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:13:05.0606 6120 Netman - ok
19:13:05.0619 6120 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:13:05.0624 6120 netprofm - ok
19:13:05.0643 6120 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:13:05.0645 6120 NetTcpPortSharing - ok
19:13:05.0667 6120 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:13:05.0668 6120 nfrd960 - ok
19:13:05.0717 6120 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:13:05.0720 6120 NlaSvc - ok
19:13:05.0727 6120 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:13:05.0728 6120 Npfs - ok
19:13:05.0816 6120 [ 7E9C6BD6CFB752E0D5084C4C0725D49E ] NPWService C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe
19:13:05.0822 6120 NPWService - ok
19:13:05.0826 6120 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:13:05.0828 6120 nsi - ok
19:13:05.0835 6120 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:13:05.0835 6120 nsiproxy - ok
19:13:05.0904 6120 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:13:05.0928 6120 Ntfs - ok
19:13:05.0968 6120 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:13:05.0970 6120 Null - ok
19:13:06.0026 6120 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:13:06.0029 6120 nvraid - ok
19:13:06.0076 6120 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:13:06.0079 6120 nvstor - ok
19:13:06.0134 6120 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:13:06.0137 6120 nv_agp - ok
19:13:06.0168 6120 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
19:13:06.0170 6120 O2FLASH - ok
19:13:06.0179 6120 [ 8C2953537CA19DFAA67D612407E0F33E ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdgx64.sys
19:13:06.0180 6120 O2MDGRDR - ok
19:13:06.0227 6120 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:13:06.0229 6120 ohci1394 - ok
19:13:06.0302 6120 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:13:06.0305 6120 ose - ok
19:13:06.0449 6120 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:13:06.0468 6120 osppsvc - ok
19:13:06.0512 6120 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:13:06.0515 6120 p2pimsvc - ok
19:13:06.0528 6120 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:13:06.0532 6120 p2psvc - ok
19:13:06.0553 6120 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:13:06.0554 6120 Parport - ok
19:13:06.0594 6120 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:13:06.0596 6120 partmgr - ok
19:13:06.0611 6120 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:13:06.0613 6120 PcaSvc - ok
19:13:06.0675 6120 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
19:13:06.0677 6120 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
19:13:06.0727 6120 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:13:06.0729 6120 pci - ok
19:13:06.0778 6120 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:13:06.0779 6120 pciide - ok
19:13:06.0797 6120 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:13:06.0799 6120 pcmcia - ok
19:13:06.0815 6120 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:13:06.0816 6120 pcw - ok
19:13:06.0838 6120 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:13:06.0844 6120 PEAUTH - ok
19:13:06.0921 6120 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:13:06.0923 6120 PerfHost - ok
19:13:07.0002 6120 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:13:07.0012 6120 pla - ok
19:13:07.0099 6120 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:13:07.0104 6120 PlugPlay - ok
19:13:07.0133 6120 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:13:07.0135 6120 Pml Driver HPZ12 - ok
19:13:07.0146 6120 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:13:07.0148 6120 PNRPAutoReg - ok
19:13:07.0153 6120 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:13:07.0155 6120 PNRPsvc - ok
19:13:07.0205 6120 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:13:07.0211 6120 PolicyAgent - ok
19:13:07.0234 6120 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:13:07.0237 6120 Power - ok
19:13:07.0291 6120 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:13:07.0293 6120 PptpMiniport - ok
19:13:07.0310 6120 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:13:07.0311 6120 Processor - ok
19:13:07.0362 6120 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:13:07.0366 6120 ProfSvc - ok
19:13:07.0375 6120 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:13:07.0376 6120 ProtectedStorage - ok
19:13:07.0436 6120 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:13:07.0438 6120 Psched - ok
19:13:07.0471 6120 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:13:07.0472 6120 PxHlpa64 - ok
19:13:07.0516 6120 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:13:07.0546 6120 ql2300 - ok
19:13:07.0564 6120 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:13:07.0566 6120 ql40xx - ok
19:13:07.0586 6120 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:13:07.0590 6120 QWAVE - ok
19:13:07.0600 6120 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:13:07.0601 6120 QWAVEdrv - ok
19:13:07.0616 6120 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:13:07.0617 6120 RasAcd - ok
19:13:07.0646 6120 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:13:07.0648 6120 RasAgileVpn - ok
19:13:07.0660 6120 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:13:07.0663 6120 RasAuto - ok
19:13:07.0714 6120 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:13:07.0717 6120 Rasl2tp - ok
19:13:07.0779 6120 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:13:07.0784 6120 RasMan - ok
19:13:07.0800 6120 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:13:07.0801 6120 RasPppoe - ok
19:13:07.0827 6120 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:13:07.0829 6120 RasSstp - ok
19:13:07.0850 6120 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:13:07.0853 6120 rdbss - ok
19:13:07.0863 6120 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:13:07.0864 6120 rdpbus - ok
19:13:07.0881 6120 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:13:07.0882 6120 RDPCDD - ok
19:13:07.0889 6120 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:13:07.0889 6120 RDPENCDD - ok
19:13:07.0899 6120 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:13:07.0900 6120 RDPREFMP - ok
19:13:07.0948 6120 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:13:07.0952 6120 RDPWD - ok
19:13:08.0002 6120 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:13:08.0005 6120 rdyboost - ok
19:13:08.0029 6120 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:13:08.0032 6120 RemoteAccess - ok
19:13:08.0046 6120 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:13:08.0049 6120 RemoteRegistry - ok
19:13:08.0053 6120 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:13:08.0054 6120 RpcEptMapper - ok
19:13:08.0069 6120 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:13:08.0071 6120 RpcLocator - ok
19:13:08.0121 6120 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:13:08.0127 6120 RpcSs - ok
19:13:08.0135 6120 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:13:08.0136 6120 rspndr - ok
19:13:08.0162 6120 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:13:08.0163 6120 RTL8167 - ok
19:13:08.0175 6120 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:13:08.0176 6120 SamSs - ok
19:13:08.0222 6120 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:13:08.0224 6120 sbp2port - ok
19:13:08.0257 6120 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:13:08.0260 6120 SCardSvr - ok
19:13:08.0306 6120 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:13:08.0307 6120 scfilter - ok
19:13:08.0370 6120 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:13:08.0394 6120 Schedule - ok
19:13:08.0449 6120 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:13:08.0450 6120 SCPolicySvc - ok
19:13:08.0498 6120 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
19:13:08.0500 6120 sdbus - ok
19:13:08.0549 6120 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:13:08.0553 6120 SDRSVC - ok
19:13:08.0627 6120 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:13:08.0629 6120 SeaPort - ok
19:13:08.0638 6120 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:13:08.0639 6120 secdrv - ok
19:13:08.0692 6120 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:13:08.0694 6120 seclogon - ok
19:13:08.0712 6120 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:13:08.0714 6120 SENS - ok
19:13:08.0723 6120 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:13:08.0725 6120 SensrSvc - ok
19:13:08.0736 6120 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:13:08.0737 6120 Serenum - ok
19:13:08.0765 6120 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:13:08.0766 6120 Serial - ok
19:13:08.0829 6120 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:13:08.0830 6120 sermouse - ok
19:13:08.0879 6120 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:13:08.0883 6120 SessionEnv - ok
19:13:08.0928 6120 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
19:13:08.0929 6120 sffdisk - ok
19:13:08.0942 6120 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:13:08.0943 6120 sffp_mmc - ok
19:13:08.0958 6120 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
19:13:08.0959 6120 sffp_sd - ok
19:13:08.0971 6120 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:13:08.0971 6120 sfloppy - ok
19:13:09.0024 6120 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:13:09.0031 6120 SftService - ok
19:13:09.0063 6120 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:13:09.0067 6120 SharedAccess - ok
19:13:09.0122 6120 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:13:09.0128 6120 ShellHWDetection - ok
19:13:09.0145 6120 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:13:09.0146 6120 SiSRaid2 - ok
19:13:09.0158 6120 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:13:09.0159 6120 SiSRaid4 - ok
19:13:09.0261 6120 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:13:09.0262 6120 SkypeUpdate - ok
19:13:09.0278 6120 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:13:09.0279 6120 Smb - ok
19:13:09.0304 6120 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:13:09.0306 6120 SNMPTRAP - ok
19:13:09.0333 6120 [ 9B24DCA429F819DB314F30EE4C6C80FD ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
19:13:09.0334 6120 Sound Blaster X-Fi MB Licensing Service - ok
19:13:09.0338 6120 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:13:09.0338 6120 spldr - ok
19:13:09.0391 6120 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:13:09.0395 6120 Spooler - ok
19:13:09.0489 6120 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:13:09.0550 6120 sppsvc - ok
19:13:09.0562 6120 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:13:09.0564 6120 sppuinotify - ok
19:13:09.0615 6120 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:13:09.0620 6120 srv - ok
19:13:09.0672 6120 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:13:09.0677 6120 srv2 - ok
19:13:09.0689 6120 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:13:09.0691 6120 srvnet - ok
19:13:09.0714 6120 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:13:09.0716 6120 SSDPSRV - ok
19:13:09.0724 6120 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:13:09.0726 6120 SstpSvc - ok
19:13:09.0805 6120 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
19:13:09.0808 6120 STacSV - ok
19:13:09.0821 6120 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:13:09.0822 6120 stexstor - ok
19:13:09.0844 6120 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
19:13:09.0848 6120 STHDA - ok
19:13:09.0904 6120 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:13:09.0912 6120 stisvc - ok
19:13:09.0975 6120 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:13:09.0976 6120 swenum - ok
19:13:09.0993 6120 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:13:09.0999 6120 swprv - ok
19:13:10.0030 6120 [ 29AD5FF846E8939C10112F34CB2E334A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:13:10.0033 6120 SynTP - ok
19:13:10.0099 6120 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:13:10.0127 6120 SysMain - ok
19:13:10.0187 6120 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:13:10.0190 6120 TabletInputService - ok
19:13:10.0244 6120 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:13:10.0249 6120 TapiSrv - ok
19:13:10.0291 6120 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:13:10.0295 6120 TBS - ok
19:13:10.0372 6120 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:13:10.0399 6120 Tcpip - ok
19:13:10.0428 6120 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:13:10.0435 6120 TCPIP6 - ok
19:13:10.0482 6120 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:13:10.0483 6120 tcpipreg - ok
19:13:10.0510 6120 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:13:10.0511 6120 TDPIPE - ok
19:13:10.0554 6120 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:13:10.0555 6120 TDTCP - ok
19:13:10.0607 6120 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:13:10.0609 6120 tdx - ok
19:13:10.0618 6120 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:13:10.0620 6120 TermDD - ok
19:13:10.0677 6120 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:13:10.0686 6120 TermService - ok
19:13:10.0699 6120 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:13:10.0701 6120 Themes - ok
19:13:10.0706 6120 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:13:10.0707 6120 THREADORDER - ok
19:13:10.0717 6120 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:13:10.0719 6120 TrkWks - ok
19:13:10.0781 6120 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:13:10.0783 6120 TrustedInstaller - ok
19:13:10.0829 6120 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:13:10.0830 6120 tssecsrv - ok
19:13:10.0857 6120 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:13:10.0858 6120 TsUsbFlt - ok
19:13:10.0925 6120 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:13:10.0927 6120 tunnel - ok
19:13:10.0950 6120 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
19:13:10.0950 6120 TurboB - ok
19:13:11.0023 6120 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:13:11.0025 6120 TurboBoost - ok
19:13:11.0036 6120 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:13:11.0037 6120 uagp35 - ok
19:13:11.0083 6120 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:13:11.0088 6120 udfs - ok
19:13:11.0108 6120 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:13:11.0110 6120 UI0Detect - ok
19:13:11.0167 6120 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:13:11.0168 6120 uliagpkx - ok
19:13:11.0217 6120 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:13:11.0219 6120 umbus - ok
19:13:11.0253 6120 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:13:11.0254 6120 UmPass - ok
19:13:11.0273 6120 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:13:11.0276 6120 upnphost - ok
19:13:11.0336 6120 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:13:11.0338 6120 USBAAPL64 - ok
19:13:11.0390 6120 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:13:11.0392 6120 usbccgp - ok
19:13:11.0443 6120 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:13:11.0445 6120 usbcir - ok
19:13:11.0487 6120 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:13:11.0488 6120 usbehci - ok
19:13:11.0500 6120 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:13:11.0503 6120 usbhub - ok
19:13:11.0544 6120 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:13:11.0545 6120 usbohci - ok
19:13:11.0557 6120 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:13:11.0558 6120 usbprint - ok
19:13:11.0587 6120 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:13:11.0589 6120 usbscan - ok
19:13:11.0600 6120 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:13:11.0601 6120 USBSTOR - ok
19:13:11.0613 6120 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:13:11.0614 6120 usbuhci - ok
19:13:11.0637 6120 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:13:11.0640 6120 usbvideo - ok
19:13:11.0643 6120 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:13:11.0645 6120 UxSms - ok
19:13:11.0658 6120 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:13:11.0659 6120 VaultSvc - ok
19:13:11.0700 6120 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:13:11.0701 6120 vdrvroot - ok
19:13:11.0756 6120 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:13:11.0764 6120 vds - ok
19:13:11.0780 6120 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:13:11.0781 6120 vga - ok
19:13:11.0797 6120 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:13:11.0798 6120 VgaSave - ok
19:13:11.0846 6120 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:13:11.0849 6120 vhdmp - ok
19:13:11.0891 6120 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:13:11.0892 6120 viaide - ok
19:13:11.0947 6120 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:13:11.0948 6120 volmgr - ok
19:13:11.0998 6120 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:13:12.0003 6120 volmgrx - ok
19:13:12.0061 6120 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:13:12.0064 6120 volsnap - ok
19:13:12.0084 6120 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:13:12.0086 6120 vsmraid - ok
19:13:12.0156 6120 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:13:12.0164 6120 VSS - ok
19:13:12.0252 6120 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
19:13:12.0257 6120 vToolbarUpdater12.2.6 - ok
19:13:12.0267 6120 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:13:12.0268 6120 vwifibus - ok
19:13:12.0291 6120 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:13:12.0292 6120 vwififlt - ok
19:13:12.0300 6120 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:13:12.0301 6120 vwifimp - ok
19:13:12.0318 6120 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:13:12.0322 6120 W32Time - ok
19:13:12.0327 6120 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:13:12.0328 6120 WacomPen - ok
19:13:12.0357 6120 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:13:12.0358 6120 WANARP - ok
19:13:12.0361 6120 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:13:12.0362 6120 Wanarpv6 - ok
19:13:12.0411 6120 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:13:12.0444 6120 WatAdminSvc - ok
19:13:12.0504 6120 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:13:12.0529 6120 wbengine - ok
19:13:12.0545 6120 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:13:12.0548 6120 WbioSrvc - ok
19:13:12.0596 6120 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:13:12.0603 6120 wcncsvc - ok
19:13:12.0615 6120 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:13:12.0617 6120 WcsPlugInService - ok
19:13:12.0620 6120 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:13:12.0621 6120 Wd - ok
19:13:12.0636 6120 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:13:12.0641 6120 Wdf01000 - ok
19:13:12.0656 6120 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:13:12.0658 6120 WdiServiceHost - ok
19:13:12.0661 6120 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:13:12.0662 6120 WdiSystemHost - ok
19:13:12.0713 6120 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:13:12.0718 6120 WebClient - ok
19:13:12.0730 6120 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:13:12.0734 6120 Wecsvc - ok
19:13:12.0749 6120 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:13:12.0751 6120 wercplsupport - ok
19:13:12.0775 6120 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:13:12.0777 6120 WerSvc - ok
19:13:12.0788 6120 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:13:12.0789 6120 WfpLwf - ok
19:13:12.0812 6120 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:13:12.0814 6120 WimFltr - ok
19:13:12.0821 6120 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:13:12.0822 6120 WIMMount - ok
19:13:12.0842 6120 WinDefend - ok
19:13:12.0845 6120 WinHttpAutoProxySvc - ok
19:13:12.0905 6120 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:13:12.0908 6120 Winmgmt - ok
19:13:12.0983 6120 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:13:13.0015 6120 WinRM - ok
19:13:13.0085 6120 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:13:13.0087 6120 WinUsb - ok
19:13:13.0116 6120 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:13:13.0125 6120 Wlansvc - ok
19:13:13.0172 6120 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:13:13.0174 6120 wlcrasvc - ok
19:13:13.0252 6120 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:13:13.0261 6120 wlidsvc - ok
19:13:13.0294 6120 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
19:13:13.0295 6120 wltrysvc - ok
19:13:13.0363 6120 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:13:13.0364 6120 WmiAcpi - ok
19:13:13.0379 6120 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:13:13.0381 6120 wmiApSrv - ok
19:13:13.0384 6120 WMPNetworkSvc - ok
19:13:13.0395 6120 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:13:13.0396 6120 WPCSvc - ok
19:13:13.0445 6120 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:13:13.0449 6120 WPDBusEnum - ok
19:13:13.0463 6120 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:13:13.0464 6120 ws2ifsl - ok
19:13:13.0483 6120 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:13:13.0485 6120 wscsvc - ok
19:13:13.0488 6120 WSearch - ok
19:13:13.0569 6120 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:13:13.0613 6120 wuauserv - ok
19:13:13.0667 6120 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:13:13.0669 6120 WudfPf - ok
19:13:13.0704 6120 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:13:13.0706 6120 WUDFRd - ok
19:13:13.0751 6120 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:13:13.0753 6120 wudfsvc - ok
19:13:13.0779 6120 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:13:13.0782 6120 WwanSvc - ok
19:13:13.0850 6120 [ 74983ADDCA2D9618512C088D856D6615 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
19:13:13.0852 6120 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
19:13:13.0864 6120 ================ Scan global ===============================
19:13:13.0881 6120 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:13:13.0928 6120 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:13:13.0933 6120 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:13:13.0947 6120 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:13:13.0975 6120 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:13:13.0979 6120 [Global] - ok
19:13:13.0979 6120 ================ Scan MBR ==================================
19:13:13.0993 6120 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:13:14.0388 6120 \Device\Harddisk0\DR0 - ok
19:13:14.0389 6120 ================ Scan VBR ==================================
19:13:14.0391 6120 [ 9FC9A07FB708EA2BFBFE7C36E69D5A28 ] \Device\Harddisk0\DR0\Partition1
19:13:14.0394 6120 \Device\Harddisk0\DR0\Partition1 - ok
19:13:14.0427 6120 [ C241F8516A35C2292E22793DA062D3DF ] \Device\Harddisk0\DR0\Partition2
19:13:14.0428 6120 \Device\Harddisk0\DR0\Partition2 - ok
19:13:14.0429 6120 ============================================================
19:13:14.0429 6120 Scan finished
19:13:14.0429 6120 ============================================================
19:13:14.0435 2940 Detected object count: 0
19:13:14.0435 2940 Actual detected object count: 0
19:13:45.0377 6024 Deinitialize success

NEXT ONE:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-08 19:14:11
-----------------------------
19:14:11.986 OS Version: Windows x64 6.1.7601 Service Pack 1
19:14:11.986 Number of processors: 8 586 0x1E05
19:14:11.987 ComputerName: JOHN-PC UserName: John
19:14:12.776 Initialize success
19:14:58.250 AVAST engine defs: 12100801
19:20:46.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:20:46.505 Disk 0 Vendor: WDC_WD2500BEKT-75A25T0 01.01A01 Size: 238475MB BusType: 11
19:20:46.850 Disk 0 MBR read successfully
19:20:46.854 Disk 0 MBR scan
19:20:46.937 Disk 0 Windows VISTA default MBR code
19:20:46.941 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
19:20:46.954 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
19:20:46.967 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 223434 MB offset 30801920
19:20:46.987 Disk 0 scanning C:\Windows\system32\drivers
19:20:58.952 Service scanning
19:21:22.045 Modules scanning
19:21:22.059 Disk 0 trace - called modules:
19:21:22.075 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:21:22.082 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d57790]
19:21:22.090 3 CLASSPNP.SYS[fffff8800187043f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004af1680]
19:21:23.177 AVAST engine scan C:\Windows
19:21:25.611 AVAST engine scan C:\Windows\system32
19:25:17.496 AVAST engine scan C:\Windows\system32\drivers
19:25:29.391 AVAST engine scan C:\Users\John
19:49:25.167 AVAST engine scan C:\ProgramData
19:52:50.373 Scan finished successfully
19:54:04.022 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\MBR.dat"
19:54:04.027 The log file has been saved successfully to "C:\Users\John\Desktop\aswMBR.txt"


NEXT ONE:


C:\Users\John\Downloads\mp3mymp3install.exe multiple threats cleaned by deleting - quarantined


Thank you.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 09 October 2012 - 10:53 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 October 2012 - 02:54 PM

Malware bytes:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
John :: JOHN-PC [administrator]

10/9/2012 1:12:19 PM
mbam-log-2012-10-09 (13-12-19).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 409649
Time elapsed: 58 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


mini toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by John (administrator) on 09-10-2012 at 14:15:42
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : John-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : host.utmb.edu

Ethernet adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physical Address. . . . . . . . . : 00-FF-20-18-BA-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 78-E4-00-DF-7A-74
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : host.utmb.edu
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-B9-ED-D3-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1de8:fea6:5029:31b1%11(Preferred)
IPv4 Address. . . . . . . . . . . : 129.109.6.63(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Lease Obtained. . . . . . . . . . : Tuesday, October 09, 2012 1:05:35 PM
Lease Expires . . . . . . . . . . : Tuesday, October 16, 2012 1:05:35 PM
Default Gateway . . . . . . . . . : 129.109.7.254
DHCP Server . . . . . . . . . . . : 129.109.1.3
DHCPv6 IAID . . . . . . . . . . . : 285222585
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-E5-40-86-00-26-B9-ED-D3-D0
DNS Servers . . . . . . . . . . . : 129.109.1.207
129.109.1.208
Primary WINS Server . . . . . . . : 129.109.148.197
Secondary WINS Server . . . . . . : 129.109.148.198
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : host.utmb.edu
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 78-E4-00-DF-7A-74
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::84e5:b9b6:77fc:b269%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.20.21.120(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 09, 2012 1:05:42 PM
Lease Expires . . . . . . . . . . : Tuesday, October 09, 2012 9:05:42 PM
Default Gateway . . . . . . . . . : 10.20.21.254
DHCP Server . . . . . . . . . . . : 129.109.1.3
DHCPv6 IAID . . . . . . . . . . . : 192472064
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-E5-40-86-00-26-B9-ED-D3-D0
DNS Servers . . . . . . . . . . . : 129.109.1.207
129.109.1.208
Primary WINS Server . . . . . . . : 129.109.148.197
Secondary WINS Server . . . . . . : 129.109.148.198
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.tx.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {0A8B12B8-A93A-4869-861A-3D68C88BBA6B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : host.utmb.edu
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:816d:63f::816d:63f(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 129.109.1.207
129.109.1.208
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F510C75A-1BAF-472E-9174-D0242DE4A55D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1cc4:17e1:7e92:f9c0(Preferred)
Link-local IPv6 Address . . . . . : fe80::1cc4:17e1:7e92:f9c0%25(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.host.utmb.edu:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : host.utmb.edu
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BBFC12DC-D968-4C15-8E5A-2AF029E6626C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: utmb-addc1.utmb.edu
Address: 129.109.1.207

Name: google.com
Addresses: 2001:4860:4002:801::1008
74.125.227.46
74.125.227.32
74.125.227.33
74.125.227.34
74.125.227.35
74.125.227.36
74.125.227.37
74.125.227.38
74.125.227.39
74.125.227.40
74.125.227.41


Pinging google.com [74.125.227.32] with 32 bytes of data:
Reply from 74.125.227.32: bytes=32 time=35ms TTL=52
Reply from 74.125.227.32: bytes=32 time=32ms TTL=52

Ping statistics for 74.125.227.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 35ms, Average = 33ms
Server: utmb-addc1.utmb.edu
Address: 129.109.1.207

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=954ms TTL=45
Reply from 72.30.38.140: bytes=32 time=1253ms TTL=45

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 954ms, Maximum = 1253ms, Average = 1103ms
Server: utmb-addc1.utmb.edu
Address: 129.109.1.207

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 ff 20 18 ba 04 ......Juniper Network Connect Virtual Adapter
13...78 e4 00 df 7a 74 ......Microsoft Virtual WiFi Miniport Adapter
11...00 26 b9 ed d3 d0 ......Realtek PCIe GBE Family Controller
10...78 e4 00 df 7a 74 ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 129.109.7.254 129.109.6.63 10
0.0.0.0 0.0.0.0 10.20.21.254 10.20.21.120 30
10.20.21.0 255.255.255.0 On-link 10.20.21.120 286
10.20.21.120 255.255.255.255 On-link 10.20.21.120 286
10.20.21.255 255.255.255.255 On-link 10.20.21.120 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
129.109.6.0 255.255.254.0 On-link 129.109.6.63 266
129.109.6.63 255.255.255.255 On-link 129.109.6.63 266
129.109.7.255 255.255.255.255 On-link 129.109.6.63 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 129.109.6.63 266
224.0.0.0 240.0.0.0 On-link 10.20.21.120 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 129.109.6.63 266
255.255.255.255 255.255.255.255 On-link 10.20.21.120 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 1110 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
25 58 2001::/32 On-link
25 306 2001:0:9d38:953c:1cc4:17e1:7e92:f9c0/128
On-link
16 1010 2002::/16 On-link
16 266 2002:816d:63f::816d:63f/128
On-link
11 266 fe80::/64 On-link
10 286 fe80::/64 On-link
25 306 fe80::/64 On-link
25 306 fe80::1cc4:17e1:7e92:f9c0/128
On-link
11 266 fe80::1de8:fea6:5029:31b1/128
On-link
10 286 fe80::84e5:b9b6:77fc:b269/128
On-link
1 306 ff00::/8 On-link
25 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files (x86)\Generic\Network Printer Wizard\NPWprint.dll [195584] (Elite Silicon Technology Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/09/2012 10:55:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/09/2012 10:55:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/09/2012 10:54:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/09/2012 10:53:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (10/09/2012 08:45:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14399

Error: (10/09/2012 08:45:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14399

Error: (10/09/2012 08:45:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2012 08:45:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2823

Error: (10/09/2012 08:45:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2823

Error: (10/09/2012 08:45:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/09/2012 01:12:03 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer BENI-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DF028E91-D55E-44A4-81E1-8AF270750483}.
The master browser is stopping or an election is being forced.

Error: (10/09/2012 01:06:18 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/09/2012 01:05:59 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/09/2012 01:05:40 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/09/2012 01:05:35 PM) (Source: BugCheck) (User: )
Description: 0x000000f7 (0xfffff8800762f4c0, 0x0000f8800785c87a, 0xffff077ff87a3785, 0x0000000000000000)C:\Windows\MEMORY.DMP100912-31652-01

Error: (10/09/2012 01:05:34 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:03:06 PM on ?10/?9/?2012 was unexpected.

Error: (10/09/2012 00:12:01 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer BENI-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DF028E91-D55E-44A4-81E1-8AF270750483}.
The master browser is stopping or an election is being forced.

Error: (10/08/2012 05:58:50 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/08/2012 05:58:39 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (10/08/2012 05:58:30 PM) (Source: BugCheck) (User: )
Description: 0x000000f7 (0xfffff88009d7a4c0, 0x0000f880077d52fa, 0xffff077ff882ad05, 0x0000000000000000)C:\Windows\MEMORY.DMP100812-35802-01


Microsoft Office Sessions:
=========================
Error: (10/09/2012 10:55:45 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\John\downloads\esetsmartinstaller_enu.exe

Error: (10/09/2012 10:55:25 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/09/2012 10:54:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/09/2012 10:53:34 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (10/09/2012 08:45:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14399

Error: (10/09/2012 08:45:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14399

Error: (10/09/2012 08:45:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2012 08:45:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2823

Error: (10/09/2012 08:45:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2823

Error: (10/09/2012 08:45:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Acrobat 9 Pro - English, Franais, Deutsch (Version: 9.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.010.0412.1408)
AVG 2013 (Version: 13.0.2591)
AVG 2013 (Version: 13.0.2677)
AVG 2013 (Version: 2013.0.2677)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0412.1409.23514)
Catalyst Control Center Graphics Full Existing (Version: 2010.0412.1409.23514)
Catalyst Control Center Graphics Full New (Version: 2010.0412.1409.23514)
Catalyst Control Center Graphics Light (Version: 2010.0412.1409.23514)
Catalyst Control Center Graphics Previews Common (Version: 2010.0412.1409.23514)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0412.1409.23514)
Catalyst Control Center InstallProxy (Version: 2010.0412.1409.23514)
Catalyst Control Center Localization All (Version: 2010.0412.1409.23514)
ccc-core-static (Version: 2010.0412.1409.23514)
ccc-utility64 (Version: 2010.0412.1409.23514)
CCC Help Chinese Standard (Version: 2010.0412.1408.23514)
CCC Help Chinese Traditional (Version: 2010.0412.1408.23514)
CCC Help Danish (Version: 2010.0412.1408.23514)
CCC Help Dutch (Version: 2010.0412.1408.23514)
CCC Help English (Version: 2010.0412.1408.23514)
CCC Help Finnish (Version: 2010.0412.1408.23514)
CCC Help French (Version: 2010.0412.1408.23514)
CCC Help German (Version: 2010.0412.1408.23514)
CCC Help Italian (Version: 2010.0412.1408.23514)
CCC Help Japanese (Version: 2010.0412.1408.23514)
CCC Help Korean (Version: 2010.0412.1408.23514)
CCC Help Norwegian (Version: 2010.0412.1408.23514)
CCC Help Portuguese (Version: 2010.0412.1408.23514)
CCC Help Russian (Version: 2010.0412.1408.23514)
CCC Help Spanish (Version: 2010.0412.1408.23514)
CCC Help Swedish (Version: 2010.0412.1408.23514)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Citrix XenApp Web Plugin (Version: 11.0.0.5357)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.2.6032.55)
Dell Webcam Central (Version: 1.40.05)
doubleTwist (Version: 3.2.0.12944)
DW WLAN Card Utility (Version: 5.60.48.18)
EndNote 9.0.1 (Version: 9.0.1.1748)
ESET Online Scanner v3
FastAccess (Version: 2.4.91.1)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FreeOnlineRadioPlayerRecorder Toolbar (Version: 6.3.3.3)
Google Calendar Sync
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
ISI ResearchSoft - Export Helper
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Juniper Networks Network Connect 7.0.0 (Version: 7.0.0.16499)
Juniper Networks Network Connect 7.1.0 (Version: 7.1.0.18193)
Juniper Networks, Inc. Setup Client (Version: 7.1.2.10059)
Junk Mail filter update (Version: 15.4.3502.0922)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MP3MyMP3 3.0
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MusicBrainz Picard (Version: 0.12.1)
Network Printer Wizard (Version: 1.0.0.9)
Networking USB Server (Version: 09.0527.1200)
Office Animation Runtime (Version: 11.0.5510.0)
PowerDVD DX (Version: 8.3.6107)
Quicken 2011 (Version: 20.1.8.6)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.72.80.56)
Roxio Burn (Version: 1.01)
SimCity 4 Deluxe
Skins (Version: 2010.0412.1409.23514)
Skype Click to Call (Version: 5.6.8442)
Skype 5.10 (Version: 5.10.116)
Sound Blaster X-Fi MB (Version: 1.0)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 14.0.13.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WavePad Sound Editor
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 4084.51 MB
Available physical RAM: 1938.65 MB
Total Pagefile: 8167.21 MB
Available Pagefile: 5675.76 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.66 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:25.47 GB) NTFS
3 Drive v: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.11 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHN-PC

Administrator Guest John

========================= Restore Points ==================================

29-09-2012 19:29:11 Removed HP Update
29-09-2012 19:42:03 Installed AVG 2013
29-09-2012 19:42:27 Installed AVG 2013
30-09-2012 08:00:36 Windows Update
01-10-2012 15:07:22 Windows Update
09-10-2012 16:46:30 Scheduled Checkpoint

**** End of log ****


Farber service scanner:

Farbar Service Scanner Version: 07-10-2012
Ran by John (administrator) on 09-10-2012 at 14:19:39
Running from "C:\Users\John\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner:

# AdwCleaner v2.004 - Logfile created 10/09/2012 at 14:23:40
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : John - JOHN-PC
# Boot Mode : Normal
# Running from : C:\Users\John\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\John\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\John\AppData\Local\Conduit
Folder Deleted : C:\Users\John\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\John\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\John\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\John\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\John\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Folder Deleted : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\gyvxasrx.default\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\dlQUE
Key Deleted : HKLM\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0A7DA60A-1F72-48CE-83F3-856F7BDA3BC4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0A7DA60A-1F72-48CE-83F3-856F7BDA3BC4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC52D6C4-4AD9-47D9-A9DA-D4C03045C8EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D61A3352-69B2-4ECA-88D5-35FBBFAA0D83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9422CCE-4351-4E07-AF8C-2963765DB84C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\gyvxasrx.default\prefs.js

C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\gyvxasrx.default\user.js ... Deleted !

Deleted : user_pref("CT2737658..clientLogIsEnabled", true);
Deleted : user_pref("CT2737658..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2737658..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2737658.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2737658.CurrentServerDate", "15-6-2011");
Deleted : user_pref("CT2737658.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2737658.DialogsGetterLastCheckTime", "Wed Jun 15 2011 12:06:52 GMT-0500 (Central Daylig[...]
Deleted : user_pref("CT2737658.DownloadReferralCookieData", "");
Deleted : user_pref("CT2737658.FirstServerDate", "15-6-2011");
Deleted : user_pref("CT2737658.FirstTimeFF3", true);
Deleted : user_pref("CT2737658.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2737658.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2737658.HasUserGlobalKeys", true);
Deleted : user_pref("CT2737658.Initialize", true);
Deleted : user_pref("CT2737658.InitializeCommonPrefs", true);
Deleted : user_pref("CT2737658.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2737658.InstalledDate", "Wed Jun 15 2011 12:06:53 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2737658.InvalidateCache", false);
Deleted : user_pref("CT2737658.IsGrouping", false);
Deleted : user_pref("CT2737658.IsMulticommunity", false);
Deleted : user_pref("CT2737658.IsOpenThankYouPage", true);
Deleted : user_pref("CT2737658.IsOpenUninstallPage", true);
Deleted : user_pref("CT2737658.LanguagePackLastCheckTime", "Wed Jun 15 2011 12:06:53 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT2737658.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2737658.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2737658.LastLogin_3.3.3.2", "Wed Jun 15 2011 12:06:51 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT2737658.LatestVersion", "3.3.3.2");
Deleted : user_pref("CT2737658.Locale", "en");
Deleted : user_pref("CT2737658.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2737658.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2737658.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2737658.RadioIsPodcast", false);
Deleted : user_pref("CT2737658.RadioLastCheckTime", "Wed Jun 15 2011 12:06:53 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2737658.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2737658.RadioLastUpdateServer", "129259829623770000");
Deleted : user_pref("CT2737658.RadioMediaID", "21145355");
Deleted : user_pref("CT2737658.RadioMediaType", "Media Player");
Deleted : user_pref("CT2737658.RadioMenuSelectedID", "EBRadioMenu_CT273765821145355");
Deleted : user_pref("CT2737658.RadioStationName", "Classic%20Rock");
Deleted : user_pref("CT2737658.RadioStationURL", "hxxp://www.gotradio.com/player/launch.asp?id=22&cr=lb");
Deleted : user_pref("CT2737658.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2737658.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2737658.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2737658.SearchInNewTabLastCheckTime", "Wed Jun 15 2011 12:06:53 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT2737658.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2737658.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2737658.ServiceMapLastCheckTime", "Wed Jun 15 2011 12:06:47 GMT-0500 (Central Daylight [...]
Deleted : user_pref("CT2737658.SettingsLastCheckTime", "Wed Jun 15 2011 12:06:47 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2737658.SettingsLastUpdate", "1307988668");
Deleted : user_pref("CT2737658.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2737658.ThirdPartyComponentsLastCheck", "Wed Jun 15 2011 12:06:47 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2737658.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2737658.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2737658");
Deleted : user_pref("CT2737658.UserID", "UN11577375637744158");
Deleted : user_pref("CT2737658.alertChannelId", "1129903");
Deleted : user_pref("CT2737658.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2737658.globalFirstTimeInfoLastCheckTime", "Wed Jun 15 2011 12:06:53 GMT-0500 (Central [...]
Deleted : user_pref("CT2737658.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2737658.myStuffEnabled", true);
Deleted : user_pref("CT2737658.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2737658.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2737658.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2737658.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2737658.testingCtid", "");
Deleted : user_pref("CT2737658.toolbarAppMetaDataLastCheckTime", "Wed Jun 15 2011 12:06:53 GMT-0500 (Central D[...]
Deleted : user_pref("CT2737658.toolbarContextMenuLastCheckTime", "Wed Jun 15 2011 12:06:54 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2737658", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2737658",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2737658/CT2737658[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2737658");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{f999a48b-1950-4d81-9971-79018f807b4b}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "freeonlineradioplayerrecorder");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2737658");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Jun 15 2011 12:06:49 GMT-05[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 15 2011 12:06:45 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "60da3403-427b-48a4-b7ac-b5a1d15135e9");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Jun 15 2011 12:06:54 GMT-0500 (Cen[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "1df5fd89-cb9d-4589-a9ad-720718d5bd2b");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

*************************

AdwCleaner[S1].txt - [17890 octets] - [09/10/2012 14:23:40]

########## EOF - C:\AdwCleaner[S1].txt - [17951 octets] ##########



Junkware removal tool:
[/b]

Junkware Removal Tool (JRT) by Thisisu
Version: 1.3.6 (10.09.2012)
OS: Windows 7 Home Premium x64
Ran by John on Tue 10/09/2012 at 14:43:10.96
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/09/2012 at 14:43:27.80
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 09 October 2012 - 03:38 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 October 2012 - 04:05 PM

rkill:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/09/2012 03:58:44 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/09/2012 03:58:55 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)



Autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "RunDLLEntry" "AmbRun Endpoints Dynamic Link Library" "Creative Technology Ltd." "c:\windows\system32\ambrune.dll"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrobat_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "FATrayAlert" "FATrayMon" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\fatraymon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Networking USB Server" "Networking USB Server" "Arkview" "c:\program files (x86)\arkview\networking usb server\networking usb server.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "StartCCC" "Catalyst Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "UpdReg" "Creative UpdReg" "Creative Technology Ltd." "c:\windows\updreg.exe"
+ "VolPanel" "VolPanlu.exe" "Creative Technology Ltd" "c:\program files (x86)\creative\sb x-fi mb\volume panel\volpanlu.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
+ "Launcher" "VistaLauncher" "Softthinks" "c:\program files (x86)\dell datasafe local backup\components\scheduler\launcher.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Google Calendar Sync.lnk" "Google Calendar Sync" "Google" "c:\program files (x86)\google\google calendar sync\googlecalendarsync.exe"
"C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "" "" "File not found: C:\Users\John\AppData\Local\Akamai\netsession_win.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu64.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu64.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "FAIESSOHelper Class" "FAIESSO Application" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faiesso.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "PodcastBHO Class" "1.0" "doubleTwist Corporation" "c:\program files (x86)\common files\doubletwist\iepodcastplugin.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe Flash Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\NCH Swift Sound\wavepadShakeIcon" "WavePad Sound Editor" "NCH Software" "c:\program files (x86)\nch swift sound\wavepad\wavepad.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Creative ALchemy AL6 Licensing Service" "Provides licensing services for Creative ALchemy." "Creative Labs" "c:\program files (x86)\common files\creative labs shared\service\al6licensing.exe"
+ "Creative Audio Engine Licensing Service" "Provides licensing services for Creative Audio Engine." "Creative Labs" "c:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe"
+ "CTAudSvcService" "Creative Audio Service" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\ctaudsvc.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "dsNcService" "Manages secure network connections" "Juniper Networks" "c:\program files (x86)\juniper networks\common files\dsncservice.exe"
+ "FAService" "FAService" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faservice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NPWService" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence, so that users can discover and use those services without any unnecessary manual setup or administration." "" "c:\program files (x86)\generic\network printer wizard\npwservice.exe"
+ "O2FLASH" "O2 Flash Memory Service" "O2Micro International" "c:\windows\system32\drivers\o2flash.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Sound Blaster X-Fi MB Licensing Service" "Provides licensing services for Sound Blaster X-Fi MB" "Creative Labs" "c:\program files (x86)\common files\creative labs shared\service\xmblicensing.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe"
+ "TurboBoost" "Turbo Boost Monitor Service" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "vToolbarUpdater12.2.6" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\12.2.6\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "Dell Inc." "c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Acceler" "Accelerometer Port I/O" "ST Microelectronics" "c:\windows\system32\drivers\acceler.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "dsNcAdpt" "dsNcAdapter" "Juniper Networks" "c:\windows\system32\drivers\dsncadpt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EST_BusEnum" "USB Server Bus Enumerator 64 bit Driver" " " "c:\windows\system32\drivers\genbus.sys"
+ "EST_Server" "USB Server Device 64 bit Driver" " " "c:\windows\system32\drivers\genhc.sys"
+ "FACAP" "faCap WebCam Capture" "Sensible Vision " "c:\windows\system32\drivers\facap.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HP1319EWS" "USB EWS Communication Driver" "Marvell Semiconductor, Inc." "c:\windows\system32\drivers\hp1319ews.sys"
+ "HP1319FAX" "USB FAX Communication Driver" "Marvell Semiconductor, Inc." "c:\windows\system32\drivers\hp1319fax.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "iPodDrv" "doubleTwist iPod Driver" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\ipoddrv.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "O2MDGRDR" "" "O2Micro " "c:\windows\system32\drivers\o2mdgx64.sys"
+ "PCDSRVC{1E208CE0-FB7451FF-06020200}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\dell support center\pcdsrvc_x64.pkms"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "" "c:\windows\system32\drivers\turbob.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}" "" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "BPM Metadata" "Creative BPM Metadata Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\metabpmu.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\ac3srcu.ax"
+ "Creative Audio Gain Filter" "Audio Gain Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\audgain.ax"
+ "Creative CDDA Source Filter" "CDDA Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\cdda.ax"
+ "Creative File Reader Filter" "Creative File Reader Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\filreadu.ax"
+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\flacsrcu.ax"
+ "Creative Internet Source Filter" "Creative Internet Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\inetsrcu.ax"
+ "Creative LiveRecording Filter_SxS" "Live Recording Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\liverecu.ax"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative MLP Source Filter" "Creative MLP Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\mlpsrcu.ax"
+ "Creative NVF Filter" "Creative Nomad Voice File Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\nvfsrcu.ax"
+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\oggsrcu.ax"
+ "Creative PCM Raw Writer" "Creative Raw Writer" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\rawwritu.ax"
+ "Creative Recording Wav_Asio Filter" "Audio Recording Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\audiorec.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "Creative Wave Writer" "Wave Writer" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\wavwrite.ax"
+ "Creative WMA Source Filter" "Creative WMA Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\wmasrc.ax"
+ "Creative WMA Writer" "WMA Writer" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\wmawrite.ax"
+ "CT CMSS3 filter" "Sample" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\cmss3.ax"
+ "CT HPVirtualizer filter" "Creative Headphone Virtualizer Filter" "Creative Technology, Ltd." "c:\program files (x86)\creative\shared files\virtual.ax"
+ "CT Karaoke filter" "Creative Karaoke Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\karaoke.ax"
+ "CT PDP filter" "Creative Crystalizer Filter" "Creative Technology, Ltd." "c:\program files (x86)\creative\shared files\pdp.ax"
+ "CT SmartVolumeManagement filter" "Creative Compressor Plugin" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\dscompr.ax"
+ "CT Time-Scaling filter" "Sample" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\timescal.ax"
+ "CT Upsampler filter" "Sample" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\upsample.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clnavx.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clline21.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\cltzan.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files (x86)\ffdshow\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files (x86)\ffdshow\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files (x86)\ffdshow\flvsplitter.ax"
+ "Matroska Source" "Matroska Splitter" "Gabest" "c:\program files (x86)\ffdshow\matroskasplitter.ax"
+ "Matroska Splitter" "Matroska Splitter" "Gabest" "c:\program files (x86)\ffdshow\matroskasplitter.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "Mpeg Source" "Mpeg Splitter" "Gabest" "c:\program files (x86)\ffdshow\mpegsplitter.ax"
+ "Mpeg Splitter" "Mpeg Splitter" "Gabest" "c:\program files (x86)\ffdshow\mpegsplitter.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "Noise Reduction" "Creative Noise Reduction Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\noisredu.ax"
+ "Ogg Source" "Ogg Splitter" "Gabest" "c:\program files (x86)\ffdshow\oggsplitter.ax"
+ "Ogg Splitter" "Ogg Splitter" "Gabest" "c:\program files (x86)\ffdshow\oggsplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SVM Metadata" "Creative SVM Metadata Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\metasvmu.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FACredProv" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
+ "FACredProv2" "FACredProv2 Application" "Sensible Vision " "c:\windows\system32\facredprov2.dll"
+ "WLIDCredentialProvider" "Microsoft Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "FACredProvFilter" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers" "" "" ""
+ "dsNcCredentialProvider" "Network Connect Credential Provider" "Juniper Networks" "c:\windows\system32\dsnccredprov.dll"
+ "dsNcSmartCardProvider" "Network Connect Smart Card Credential Provider" "Juniper Networks" "c:\windows\system32\dsncsmartcardprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "NPWprint" "Network Printer Wizard Library" "Elite Silicon Technology Inc." "c:\program files (x86)\generic\network printer wizard\npwprint.dll"
+ "WindowsLive Local NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "HP LJ M1319 MFP LM" "Spooler Language Monitor for HP LaserJet Series 1020/2600" "Zenographics, Inc." "c:\windows\system32\zlm1319.dll"
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "FAPassSync" "FAPassSync" "Sensible Vision " "c:\windows\system32\fapasssync.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"


I am not sure I ran the autoruns file correctly, please let me know if this is not the output you expected. Thank you.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 09 October 2012 - 05:20 PM

Do you still have BSOD

#9 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 October 2012 - 06:35 PM

I got the last one while I was running Malwarebytes earlier today; they usually come at random once a day or so. I will let you know if I get another one. Do you think the problem may be fixed?

Thank you.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 09 October 2012 - 06:44 PM

If you receive BSOD again go to

C:\windows\minidump folder

Upload the latest minidump file

#11 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 October 2012 - 07:36 PM

Ok, will do. Thanks.

#12 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 11 October 2012 - 01:50 PM

I just got another BSOD

The minidump looks like a strange format. Here it is, let me know if I need to do something different to upload it:

PAGEDU64  x  pF pc d  PAGEo\  PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE  PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE     + + S +  F @xv? o\  # x?PE  Y6    PAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE PAGE2 ('ߧPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEtHe PAGE  P GEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGEPAGE    H  ! n s hx 8 ` 8 x @ @   P D
9?    s p s y s . s y s @ P   c r a s h d m p . s y s  p  d u m p _ p c i i d e x p 0  d u m p _ m s a h c i . 0   d u m p _ d u m p f v e    `p    1  X     @& &@      + + S +  F @xv? o\  # x?PE  Y6    @                @      @        @  P7  6  P6  7   = Щ<   5  0v   PooL  Р @  & ђ  %  & PooL  Р @'    1   A  PooL0  Р    n  C k  n PooL@  Р ` B    b     PooLP  Р ` ,  N)  \ J) ;R N) PooL`  Р Z '  fR O  PooLp  Р    q   ! 

 PooL  Р    J  _ J  J PooL  Р @] /I        PooL  Р @   h {w  h T{ h PooL  Р ' g  ^  5q ^  ^ PooL  Р ` p ]  \ Qt  [ $# \ PooL  Р `G   ^ q b ^ a ^ PooL  Р a {^  . |[  * [ . PooL  Р      ,  
@  PooL   Р    ( 1 V0 ( + ( PooL  Р @60 ( 
 ! 
 
 PooL   Р @   ,  k (  , PooL0  Р j '  `< - < ^< p< `< PooL@  Р ` < Z<  .' x P ,' z: .' PooLP  Р `M Q$ 
 Ր *
 &
 PooL`  Р "
   Q    PooLp  Р         S  PooL  Р          PooL  Р @ {  q(  PooL  Р @   !3     PooL  Р    
a 


PooL  Р ` 
  qR ,  8  PooL  Р `)       l  PooL  Р      U  o  PooL  Р  U   F 1jG + D p F PooL   Р + D    PooL  Р z@z  7v   3v 7v  PooL  Р {z u  ld 1M  } id g ld  PooL0  Р `{ {҄ _  :8 X .9 78 59 :8  PooL@  Р {`{"8 8   A
 @ 
/   PooLP  Р |{= 3
   a C  +   PooL`  Р | |   1x    PooLp  Р ||e  A ' 5L A O A  PooL  Р @}|J ?  z a   v ܤ z  PooL  Р }@}ԣ r  Y  I   PooL  Р ~}          PooL  Р `~ ~   q   p   PooL  Р ~`~*    1>   .   PooL  Р ~E [  X y \ X b X  PooL  Р  W "S   Dp C     PooL  Р ;   g q h g i g  PooL   Р @Qh g  i 1ڟ  f  i  PooL  Р @   )  J* ) q* )  PooL   Р 6* k)  5 q> 5 5 66 5  PooL0  Р ` 5 5  . S / . 0 .  PooL@  Р `G/ G.  a  e a g a  PooLP  Р Xe wa   ބ      PooL`  Р     I  K I K I  PooLp  Р K I   -J      PooL  Р @   z ! z v q z  PooL  Р @v r        PooL  Р    7 3 # 5 " 7  PooL  Р ` }# %  F Q* VI F K F  PooL  Р `SI F    1     PooL  Р -    af b  u   PooL  Р  a   v Qw  u  v  PooL  Р  r  
      PooL   Р    fx8   - 4 W )  A  !  P $ ǟ % 띄) a O,   e*   ) o   e*  q@ q@ >e ?e ȕȕTBe 7Ee  Ge M,M,He HHaKe hh0Ne @1@1"Pe Re HKHKSe |Ve <Ye (( HH]e hh ]be #ee ȗȗge @7'@7'Sje Gle ((,+" HHj/ `Y`Ykse , :B ȘȘ ze -  ((Ae HH F @;@Pwe a؈e 3 șș: z? F ((lfK HHzR hh.RW <y^ ppue ȚȚ W \p  FC ((  HH / hh kV  ~ țț  _{  ((  HHk8 hhJ>*  xg  ȜȜ :S 00<e 00De ((e HH`e hhB  /  3e 0<0<be ~N ~c (( K HH R hhY Ɔc Nc )) e P)P)~Le @ ((pc HH hh@@ @g Bc ȟȟp Qc qc ((ۘ`# HHc# hh@ @ó c ȠȠ˜= 1R= @G ((@O HHZ*G hh-G @b/ 1c ȡȡ@N; oea ha ((@K HH@P hh@W @y\ @c ZZ6:f v hSS (( HH8S hhфc Y x ȣȣa c ʑ/ ((+ HHL hh c:-  ȤȤUS q/ *9 PR0|=8ff HH-,~ hh(  w NP ȥȥ'  w Q ((NKL HHO) hh7X p. P[ ȦȦe< ι8 7 ((h HH_D hh !  ȧȧǭ n q ((봌 HH4M hhK%  Uq ȨȨ8 k6> y9> (( HH$ hhS( - 9sX ȩȩӌ ?֌ x، ((ی HH8c݌ hhߌ )bkd Y ȪȪpd Jrd k ((He HH:n hh 0 d ȫȫ _ k&  ! ((F$ 00=y @PMuk  Ͽf ]
GG d 

~ (( e HH Ee k'n  S- Χd ȭȭ  k" $ ((d HHq˲d hhme e 00b0 ȮȮ3d Cd d ((+Fd HH hhd d @5 sd ȯȯ}e @^ @l
((d HHd hhf+d Nud jpD5 ȰȰ8d  d d ((/\d HHVd hha7e Yd x?d ȱȱd Id d ((hd HHZd hh@V j| Te ȲȲ|e 
e  ((be HH:e hhe Te ee ȳȳQ }e # e ((W#e HH%e >| |*e ?A,e ȴȴ>/e >1e T2e ((b6e HH7e hhR:e hwhw    {{  d   a й}   $ жж    00@@PP``ppзз    00@@PP``pp ^@  2,  e   u@Cg   J% !  q4  & $ - QB Tr  F tHe    d @ !    
}   @q q     P8X: !     ֙' ߧ  @ k'n hh0C : @  @  @  @  <p8p       <G] =  A te  <C a+ @˙ nLN  YI3'Y""
d x E E M     j   O   GenuineIntel ?!  r   P (D P  X hWhWxWxW Xs   WW       -   XX 9$ߧ  -. Ж x2 h  Jl C > 
- g;[Zc ] E Жn   p     @pcdrsysinfodir  tص  m @ ݌V  Ph   @
 2 b Y  * 5  ^<[
 PP-  M [ a X  @@   hphp i      pppp`W   hq     qqJe HH:l+B 0t0t`pchq  X"X"`p`hq  `p q@ (q(q`p  p    `W   prrrrr ` X
`pppP 
    @s@s Whshs  C  w/  9$ߧss Őw tt #   0t0t w?w? ӓ صhZ     o\  , 8 F # o   PZ  Iv?x? o  x?v?H" EPx?P  o v?V x?@@Dflt h   +o @o v?    E\ p @`p @ Hz hx - `p^ - " - o - o  S `W `p  - H" - o - o hx S `p@B `  h- 0z h-   - v  X p - p  w 3 F x- +   KDBG@  m   f pF pc c P  x   r ` и o o   x       `           G  @         H   h e     p p  d N X @   hF L  Ȯ J  0  | 8  | 8 ( p d 8( M! K $     N  @   3 + @ # S   ( $  K `  ^ &AU ?P ?   iL aMM 0  ~ 7L @ b '[J   F\ [J DL `  @
t.
[J P  [J  @ p  L ` P [J @
2 [J  0 P1 L `  K [J P  dO  0 [J h [J P r L   m_ L p  !& L e [J 0   L x r L  Ŝ [J ( ʣK 0  -E L  @ DV [J 0 0
 @ u J @  0 { @P    4L 0 p:  ,L oO   W O <  ^K [J ( 0= / NO G   4P W  v} 4P ( ]  0e O ` ! '4P @  _ y4P 0   ' ȒL D XJ   Vs .L 8 E  ] [J @F ~L    L 8  `  [J    L  ^0 s$P 8   I բ#P   !0 SWP   B L @  [J @ p 6 [J  hn P @ Ѐ o> [J  P Ǐ [J    ?[J @  b[J  t b[J  ͫ c[J H  &q [J `   [J p   2L 8 F Ub >L  @  WPP P P 4 L 8   s N 0 [J  { [J 8 p `
 bL  ` ܧ :[J 0 h [J @   | tL  @  L   o L H  > ^[J  t [J  ?_ .[J P   G GL =  g [J 0   {WPP P    RP  0  ")P   `  FL h  B [J  @ $ UK   P f Xb @_K p  @ @ H L   ` z L   @  ^L x @  Y M  P ` pi  M ( `  . . ^zK  @; 9[J  <  T L 0    L     $J    u L 8  ` R3 !L  `  E : [J  P  )^ [J @  Ŵ [J    E 1J    WR M @  [J   l c O   Q 6EJ P  ` [J  `  ; L  `  I ` l `  [J  @n @  rL   p c [J h  @q   pL  0t   [J 
 u  Q oL p
 w  K' [J
 y  N [J  y 0 U L p  } G J  ~  X L  `  1O  M x  e P ( dL  f 0 x\ 戽K (
 PF  Pz [J
 J  n [J
 @L R [J ( L  $ /)XK  T  
M  `V   L 0 @Y  } 5J  [ x [J  \ P [J @ ] r L  @^ 0
 [J   ` P1 0h0
P H @ A t[J  @ [J  _ ` @ q ` p  FL  A 0 { [J  C   $L 0 i P  [J   0 U{ ;[J   0 - L 8 @  ke [J   p fEJ   V ΓL 8 0  8- (dM    n y[J    % &M @ a   N  f @  遷M  h  @[J H `i q) I  i `
ɷ
[J  @t @  .E X t  @ *M  x  ( DL  y  B zH    
+M  `  9 +M   W zK x p `  [J   P B %J (  *h [J  `   _M   c ܄M ! \ S y s t e m R o o t \ s y s t e m 3 2 \ n t o s k r n l . e x e  \ S y s t e m R o o t \ s y s t e m 3 2 \ h a l . d l l  \ S y s t e m R o o t \ s y s t e m 3 2 \ k d c o m . d l l . \ S y s t e m R o o t \ s y s t e m 3 2 \ m c u p d a t e _ G e n u i n e I n t e l . d l l  \ S y s t e m R o o t \ s y s t e m 3 2 \ P S H E D . d l l  \ S y s t e m R o o t \ s y s t e m 3 2 \ C L F S . S Y S  \ S y s t e m R o o t \ s y s t e m 3 2 \ C I . d l l ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ W d f 0 1 0 0 0 . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ W D F L D R . S Y S % \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ A C P I . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ W M I L I B . S Y S ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ m s i s a d r v . s y s $ \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ p c i . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ v d r v r o o t . s y s ( \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ p a r t m g r . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ c o m p b a t t . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ B A T T C . S Y S ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ v o l m g r . s y s ( \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ v o l m g r x . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ m o u n t m g r . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ a t a p i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ a t a p o r t . S Y S ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ m s a h c i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ P C I I D E X . S Y S ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ a m d x a t a . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ f l t m g r . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ f i l e i n f o . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ P x H l p a 6 4 . s y s % \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ N t f s . s y s & \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ m s r p c . s y s ' \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ k s e c d d . s y s $ \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ c n g . s y s $ \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ p c w . s y s ' \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ F s _ R e c . s y s % \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ n d i s . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ N E T I O . S Y S ( \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ k s e c p k g . s y s & \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ t c p i p . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ f w p k c l n t . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ v o l s n a p . s y s & \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ s p l d r . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ r d y b o o s t . s y s $ \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ m u p . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ h w p o l i c y . s y s ' \ S y s t e m R o o t \ S y s t e m 3 2 \ D R I V E R S \ f v e v o l . s y s % \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ d i s k . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ C L A S S P N P . S Y S ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g r k x 6 4 . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g l o g a . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g i d s h a . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ c d r o m . s y s % \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ N u l l . S Y S % \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ B e e p . S Y S , \ ? ? \ C : \ W i n d o w s \ s y s t e m 3 2 \ d r i v e r s \ a v g t p x 6 4 . s y s $ \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ v g a . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ V I D E O P R T . S Y S ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ w a t c h d o g . s y s ' \ S y s t e m R o o t \ S y s t e m 3 2 \ D R I V E R S \ R D P C D D . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ r d p e n c d d . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ r d p r e f m p . s y s % \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ M s f s . S Y S % \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ N p f s . S Y S $ \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ t d x . s y s $ \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ T D I . S Y S ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g t d i a . s y s & \ S y s t e m R o o t \ S y s t e m 3 2 \ D R I V E R S \ n e t b t . s y s $ \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ a f d . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ w s 2 i f s l . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ w f p l w f . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ p a c e r . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ v w i f i f l t . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ n e t b i o s . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ w a n a r p . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ t e r m d d . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ r d b s s . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ n s i p r o x y . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ m s s m b i o s . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ d i s c a c h e . s y s % \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ d f s c . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ b l b d r i v e . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g l d x 6 4 . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g m f x 6 4 . s y s . \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a v g i d s d r i v e r a . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ t u n n e l . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ w m i a c p i . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a t i k m p a g . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a t i p m d a g . s y s ( \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ d x g k r n l . s y s ( \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ d x g m m s 1 . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ H D A u d B u s . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ u s b e h c i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ U S B P O R T . S Y S ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ b c m w l 6 6 4 . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ v w i f i b u s . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ 1 3 9 4 o h c i . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ s d b u s . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ o 2 m d g x 6 4 . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ S C S I P O R T . S Y S ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ R t 6 4 w i n 7 . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ C m B a t t . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ i 8 0 4 2 p r t . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ k b d c l a s s . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ S y n T P . s y s % \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ U S B D . S Y S ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ m o u c l a s s . s y s , \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ G E A R A s p i W D M . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ A c c e l e r . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ i n t e l p p m . s y s - \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ C o m p o s i t e B u s . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ d s N c A d p t . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ A g i l e V p n . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ r a s l 2 t p . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ n d i s t a p i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ n d i s w a n . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ r a s p p p o e . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ r a s p p t p . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ r a s s s t p . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ s w e n u m . s y s # \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ k s . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ G e n B u s . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ u m b u s . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ u s b h u b . s y s ( \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ N D P r o x y . S Y S ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ A t i H d m i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ p o r t c l s . s y s % \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ d r m k . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ k s t h u n k . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ s t w r t 6 4 . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ u s b c c g p . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ u s b v i d e o . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ C t C l s F l t . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ c r a s h d m p . s y s - \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ d u m p _ d u m p a t a . s y s , \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ d u m p _ m s a h c i . s y s - \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ d u m p _ d u m p f v e . s y s  \ S y s t e m R o o t \ S y s t e m 3 2 \ w i n 3 2 k . s y s & \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ D x a p i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ m o n i t o r . s y s  \ S y s t e m R o o t \ S y s t e m 3 2 \ T S D D D . d l l  \ S y s t e m R o o t \ S y s t e m 3 2 \ c d d . d l l & \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ l u a f v . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ W u d f P f . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ l l t d i o . s y s & \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ n w i f i . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ n d i s u i o . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ r s p n d r . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ T u r b o B . s y s % \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ H T T P . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ b o w s e r . s y s ' \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ m p s d r v . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ m r x s m b . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ m r x s m b 1 0 . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ m r x s m b 2 0 . s y s ( \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ v w i f i m p . s y s + \ ? ? \ C : \ W i n d o w s \ s y s t e m 3 2 \ d r i v e r s \ i P o d D r v . s y s ' \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ p e a u t h . s y s ' \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ s e c d r v . S Y S ' \ S y s t e m R o o t \ S y s t e m 3 2 \ D R I V E R S \ s r v n e t . s y s ) \ S y s t e m R o o t \ S y s t e m 3 2 \ d r i v e r s \ t c p i p r e g . s y s 8 \ ? ? \ C : \ P r o g r a m F i l e s ( x 8 6 ) \ C y b e r L i n k \ P o w e r D V D D X \ 0 0 0 . f c l % \ S y s t e m R o o t \ S y s t e m 3 2 \ D R I V E R S \ s r v 2 . s y s $ \ S y s t e m R o o t \ S y s t e m 3 2 \ D R I V E R S \ s r v . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ d r i v e r s \ B C M 4 2 R L Y . s y s ( \ S y s t e m R o o t \ S y s t e m 3 2 \ D r i v e r s \ f a s t f a t . S Y S & \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ G e n H C . s y s ) \ S y s t e m R o o t \ s y s t e m 3 2 \ D R I V E R S \ a s y n c m a c . s y s  \ S y s t e m R o o t \ S y s t e m 3 2 \ A T M F D . D L L 9 \ ? ? \ c : \ p r o g r a m f i l e s \ d e l l s u p p o r t c e n t e r \ p c d s r v c _ x 6 4 . p k m s J  (   $   X      .   . P |  /  h  /  P /   3   3  3   C   7601.17944.amd64fre.win7sp1_gdr.120830-0333 56e8ba13-7029-4728-a506-2ddb4a0c  Y6  8 P Key    X J (v t EPx? v?@   PZ F  o\  , 8 F # o   PZ  Iv?x? o  x?v?H" EPx?P  o v?V x?@@Dflt h   +o @o v?    E\ p @`p @ Hz hx - `p^ - " - o - o  S `W `p  - H" - o - o hx S `p@B `  h- 0z h-   - v  X p - p  w 3 F x- +        |   h  l  PT       -+   8 8 { _  Xk p\ ! @  8 CЎ 3/
(p,$" 6  B
$"  Ҏ  2 `  VL 2 \ W i n d o w s \ a s s e m b l y \ N a t i v e I m a g e s _ v 2 . 0 . 5 0 7 2 7 _ 6 4 \ S y s t e m . S e c u r i t y \ 1 8 7 5 b 5 0 d 0 2 2 8 f 2 9 a e f 0 0 b e d 3 8 a b 5 9 4 d 6 \ S y s t e m . S e c u r i t y . n i . d l l D e v  8  '  2 @!t  8 8O Ӎ p r#  l  8  0Ҏ  @5 p,$"  8   uP  p  8 FO   p  8 Ɛ  j 5 p,$"  .
x#  ϐ    @  ;N  \ W i n d o w s \ a s s e m b l y \ N a t i v e I m a g e s _ v 2 . 0 . 5 0 7 2 7 _ 6 4 \ S y s t e m . W e b \ 9 5 f 3 8 e 7 4 8 5 b b e 2 b 7 3 b 6 0 5 5 c 4 5 1 9 6 f e d d \ S y s t e m . W e b . n i . d l l PT`         , D    (  Ph  P    SFdo pjkpjk@  &  00@@    xx       GēВ X'   @   ƍ                   D.h..T5x5p/   d4h.4T5x55 XX    ``  FP   xHP ``  |GP   dIP  \0h.00182   00   PP  hh    \0h.0 1182           88   XX \0h.001182            (( \0h.0T1182             \0h.0x1282  XX  pp         \0h.01$282  ((   ``    3h.3 404D4   @ @     XX   xx 3h.3 404D4   @ @     PP   pp 3h.3 404D4   @ @     HH   hh 3h.3 404D4   @ @  H H EeH% 
 ]e% { fDž  HEHMHUCLELMt
 CtB 2H H H9 t+H9 t"H kL f H  C@t   HEHMHULELMfH  H  % LG# L#  MEB;D NMcIIMӃ uPL A@ t?HEHMHUIII# HEHMHULLLfffffff  Hd$H|$H  Hv tH;5O" HC5G"  Ly L+A HFpHGpHFhHGhHF`HG`HFXHGXHFPHGPHFHHGHHF@HG@HF8HG8HF0HG0HF(HG(HF HG HFHGHFHGHFHG @ P Ae%8" H H H eL% O D A
 A   eH % yz tWHE3HEHEHEHEHEHEf)E)E )E)E )E0)E@ D"; D"HEeH %  @t.HEAt˦ eH % A@t HeH3 HEUM3f t>HE eH% H@pH  H tf 3uL H HEL  L 3ffffffH L IIHH I UA HH H$  Ã u[EHMHULELM葄 EHMHULELMH H=X# wH?;sH<8  J E3E E u E E H L` HPHL$ HT$(LD$0LL$8LT$@I;; HL$ HT$(LD$0LL$8LT$@HPAHEH: HEYfD H8 H$  )t$0)|$@D)D$PD)L$`D)T$pD)XD)`D)hD)pD)xHHxHpL`Lh Lp(Lx0LT$ W
fffffff  H H$  )t$0)|$@D)D$PD)L$`D)T$pD)XD)`D)hD)pD)xHHxHpL`Lh Lp(Lx0eH% `L s t H$8 3ɉHHHL@PLH LP(LX0D AD$ LEHHڰ H$  (t$0(|$@D(D$PD(L$`D(T$pD(YD(aD(iD(qD(yHHyHqLaLi Lq(Ly0  eH % yz t D"J7 D"eH %  @t%At eH % A@t He: Uf t (E(M (U(] (e0(m@L]LULMLEHUHMHEHH H HU(E(M (U(] (e0(m@L]LULMLEHUHMHEHH H Hfffffff  H(eH% H H D
  t4J E3E E u D D H LeH % yz tWHE3HEHEHEHEHEHEf)E)E )E)E )E0)E@ D"5 D"HEeH %  @t.HEAtH eH % A@t HeH3} HEUM3f t>HE eH% H@pH  H tf 3uL H HEL  L 3ffffffH L IIHfffffff fffffff ff eH% Hz(HHHq HHHI0HHHgHHQ8fHMHEH )$ )$ D)$ D)$ D)$ D)$ D)$  D)$ D)$  D)$0 L$ L$ L$ L$ H$x H$ H$p H HD$ H+HD$(H- HD$0H{ HD$8HT$pHT$XHUHT$PHl$H H L$ L$ L$ HĨ fffffff fffffff fffffff  H(HAXfop0fox@fDo@PfDoH`fDoPpfDo fDo fDo fDo fDo L L  L( L0 H H H  e% g HMHEH(fffffff fffffff @ H )$ )$ D)$ D)$ D)$ D)$ D)$  D)$ D)$  D)$0 L$ L$ L$ L$ H HD$ H+HD$(H- HD$0H[ HD$8HT$pHT$XHUHT$PHt$H H} L$ L$ L$ HĨ fffffff H(HAXfop0fox@fDo@PfDoH`fDoPpfDo fDo fDo fDo fDo L L  L( L0 eH% e% e H(fffffff fffffff fffffff f HhLELMLUL]LD$pIIPH HD$ H+HD$(HD$0HC HD$8LD$XHUHT$PHl$H H^| L$ L$ L$ Hhe e% LD$pIIPLELMLUL]Hhfffff H )$ )$ D)$ D)$ D)$ D)$ D)$  D)$ D)$  D)$0 L$ L$ L$ L$ H$x H$ H$p L$HHT$pHT$XHUHT$PHn HD$pfop0fox@fDo@PfDoH`fDoPpfDo fDo fDo fDo fDo L L  L( L0 H H H  HĨ Ðff H(' H(HD$   HL$HT$LD$LL$ H0eH % HK a eH % H@ TRGDDumpBlob  @ZueFC6W(5 3
'=
F<! H  H  H      L ``7 ``7 " @y7 @pkt  ?n @fp ^ ?n @fp ^ >n @fp ^ =n @fp ^ ^=n @fp ^ G<n @fp ^ u@d c_>P,6@u \@d c_>pn @u C@d c_>oR@u *@d c_>0`@u @d c_> @u ?d c_>@u ?d c_>@ @u ?d cp ^ B?d c
 +f    ??d cp ^ )S c_>_?H o)S c_>9H V)S c_>H =)S c_>B H $)S c_>H )S c_>:H (S c_>dH (S cp ^ U(S c
 C    R(S cp ^ B c_> bp B c_> p B c_>p oB c_>@ip VB c_>p p =B c_>Cp jn P$ ` `I jn P `  jn P/.
`I  jn P\ jn P\ jn P/.
`I  jn P| `C jn P| jn P| ` jn P$ `  I jn P `  jn P$ `  I jn P `  jn P$ `  I jn P `  |jn P$ `  I yjn P `  sjn P$ `  I pjn P `  jjn P$ ` I gjn P `  $jn `' $ #jn `' $ jn 2 O7"L
jn 2 O7"L jn 2 O7"T \:DLgX+   # ڲ 6@}    R  S |  { uu vv . % n %  - %  H  H #  # F F  F  h  h G  G g  g             }  Dell Inc. A14 03/31/2011     Dell Inc. Studio 1747 4567   
 Dell Inc. 0J509P Not Applicable    Dell Inc. *   5A    U2E1 Intel CPU Version  @ @ X @ L1 Cache    X  L2 Cache   X  L3 Cache   USB 
 MONITOR   !FireWire   Ethernet 
   OZ888GS0
 HD-Audio  Dell System 1[02EB] 13[PP36S]  Jumper settings can be described here.         @ @ 
 5 M1 Bank 0 830B NT2GC64B8HC0NS-CG   @ @ 
 5 M2 Bank 1 830B NT2GC64B8HC0NS-CG      ?          ?         !\+ <
System Battery Bay Simplo DELL W0 1.1 Li-ion 
 ?  3   1#YY  c Voltage Probe  ! c ! c Temperature Probe " c Electrical Current Probe # Intel $ '%    " To Be Defined By O.E.M To Be Defined By O.E.M To Be Defined By O.E.M To Be Defined By O.E.M 2.50    20070319 20070319  p q -. ATI 011.021.000.007
US-101 Proprietary        / zlCG4
ln 
~ M H z    , C o m p o n e n t I n f o r m a t i o n   & C o n f i g u r a t i o n D a t a   I d e n t i f i e r  J I n t e l 6 4 F a m i l y 6 M o d e l 3 0 S t e p p i n g 5 ( P r o c e s s o r N a m e S t r i n g  ` I n t e l ( R ) C o r e ( T M ) i 7 C P U Q 8 2 0 @ 1 . 7 3 G H z " U p d a t e S i g n a t u r e     U p d a t e S t a t u s   " V e n d o r I d e n t i f i e r   G e n u i n e I n t e l M S R 8 B   o=ЎD*5-` GenuntelineI GenuntelineI       ZU ,! ZU ,!   @ @   @ @           
0D  0D            
    ; '      

    (  (  Intel® Core(TMIntel® Core(TM  ) i7 CPU Q) i7 CPU Q  820 @ 1.73GHz 820 @ 1.73GHz   @`  @`      $0 $0 @;蠰BHqF=  APIC PTLTD APIC  LTPFACP INTEL CRESTLNE ALANHPET8 
INTEL CRESTLNE LOHRBOOT( PTLTD $SBFTBL$  LTPMCFG< 2INTEL CRESTLNE LOHROSFRp JDELL DELL ASL SLICv DELL CL09  LTPSSDT PmRef CpuPm 0 INTL HTL(,$  LMT,FP\RJPH 4
7 cdrom LR  "XGJtz4 LR4   t1#pV{EZoc\觨 `V  LR<   غ=6T53觨 `V pM LR(  T  "XGJtz= 4 LR8   غ=6T53觨 `V  LR4   t1#pV{EZoc\觨 `V  LR4   t1#pV{EZoc\觨 `V  LR4  $
'[;{{s觨 `V  LR4 X ah.z?R"^觨 `V  LR4
 ah.z?R"^觨 `V  LR4  ah.z?R"^觨 `V  LR4  ah.z?R"^觨 `V  LR4
( ah.z?R"^觨 `V  LR$  \ xږ쿒4觨 LR4   N ] m觨 `V  LR   "XGJtz4 LR   "XGJtz4 LR   "XGJtz4 LR  ( "XGJtz4 LR  H "XGJtz4 LR  h "XGJtz4 LR(   "XGJtzJ 4 LR   "XGJtz4 LR   "XGJtz4 LR   "XGJtz4 LR   "XGJtz4 LR  0 "XGJtz4 LR  P "XGJtz4 LR  p "XGJtz4 LR   "XGJtz4 LR   "XGJtz4 LR  "XGJtz4 LR4 !  N ] m觨 `V  LR4 "  ah.z?R"^觨 `V  LR4 # D ah.z?R"^觨 `V  LR4 $ x
'[;{{s觨 `Ve  LR4 % 
'[;{{s觨 `V e LR4 &  t1#pV{EZoc\觨 `V   LR4 '  t1#pV{EZoc\觨 `V  LR8 ( H غ=6T53觨 `V LR8 ) | d_ l0]g觨 `V LR< *  غ=6T53觨 `V  LR< +  غ=6T53觨 `V `3 LR< , ( غ=6T53觨 `V `\ LR< - d غ=6T53觨 `V 0c LR< .  غ=6T53觨 `V Pe LR< /  غ=6T53觨 `V @%~ LR< 0  غ=6T53觨 `V Pe LR< 1 T غ=6T53觨 `V Pe LR< 2  غ=6T53觨 `V N LR< 3  غ=6T53觨 `V `e LR< 4   غ=6T53觨 `V py LR< 5 D  غ=6T53觨 `V `$V LR< 6  غ=6T53觨 `V `$V LR< 7  غ=6T53觨 `V  LJ~/Mc   Wdf01000   K (  0  msisadrv    vdrvroot K pi  cdrom  i4  q HDAudBus  J  vwifibus  R  1394ohci  :V  SynTP K W  intelppm  #\  CompositeBus  e_  umbus `0   monitor
  q PEAUTH



Thank you.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 11 October 2012 - 02:29 PM

Upload the minidump file to

http://www.filedropper.com/

and post the link here

#14 jfa8844

jfa8844
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 11 October 2012 - 05:41 PM

http://www.filedropper.com/101112-38641-01

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 PM

Posted 11 October 2012 - 06:05 PM

BSOD is caused by this driver-GENHC.SYS

Launch Autoruns and uncheck this entry

+ "EST_Server" "USB Server Device 64 bit Driver" " " "c:\windows\system32\drivers\genhc.sys"

Restart the PC.Leave for a day or two and let me know if you still experience BSOD.

Edited by narenxp, 11 October 2012 - 06:05 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users