Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adobe Update malware ??


  • Please log in to reply
10 replies to this topic

#1 Davewyst

Davewyst

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 09 October 2012 - 07:39 PM

I think I made a serious mistake in security protocol. Normally when there is an update notice popup window with a link shown, I will cancel that popup and go directly to the website of the updating company. This time for some reason, when I booted my computer and immediately got an Adobe Update popup, I just reacted and hit the link in the popup. The computer then began an apparently normal update progress report. A few seconds after that started, the keyboard and mouse went dead. At that point I realized I'd goofed and hit the power-off button. Even that did not work. (I'd forgotten about the press-and-hold forced shutdown) At that point I decided to power down from the power strip. Before I could do that, the screen went blank for a few moments and then the monitor displayed its "No Signal" message. However the computer continued to run. At that point I powered down from the power strip.

Next step was to bring up the machine in safe mode with no internet, and run McAfee virus scan -- it turned up nothing.

I'm almost certain that this ominous sequence of events was not accidental -- too many things going haywire in such a short period of time.

I am running Win7Sp1 on a Dell desktop with 8GB ram and a 1 Tb hard drive. Connection to the internet is via a wireless router connected to a DSL modem. At any given time, there may be several other devices accessing the web via wireless: laptop, printer, two smartphones, and two Kindles.

Anyone have any ideas on how to proceed?

Thanks in advance for any insight anyone can give me.
Dave

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:39 PM

Posted 09 October 2012 - 09:13 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Davewyst

Davewyst
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 10 October 2012 - 08:47 PM

Thanks, Narenxp, for the quick response.

The TDSSKiller Log:


14:10:49.0516 2532 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:10:49.0526 2532 ============================================================
14:10:49.0526 2532 Current date / time: 2012/10/10 14:10:49.0526
14:10:49.0526 2532 SystemInfo:
14:10:49.0526 2532
14:10:49.0526 2532 OS Version: 6.1.7601 ServicePack: 1.0
14:10:49.0526 2532 Product type: Workstation
14:10:49.0526 2532 ComputerName: DAVESDELL
14:10:49.0526 2532 UserName: Dave
14:10:49.0526 2532 Windows directory: C:\Windows
14:10:49.0526 2532 System windows directory: C:\Windows
14:10:49.0526 2532 Running under WOW64
14:10:49.0526 2532 Processor architecture: Intel x64
14:10:49.0526 2532 Number of processors: 4
14:10:49.0526 2532 Page size: 0x1000
14:10:49.0526 2532 Boot type: Normal boot
14:10:49.0526 2532 ============================================================
14:10:50.0586 2532 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:10:50.0596 2532 Drive \Device\Harddisk5\DR5 - Size: 0x7AF00000 (1.92 Gb), SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:10:50.0606 2532 ============================================================
14:10:50.0606 2532 \Device\Harddisk0\DR0:
14:10:50.0606 2532 MBR partitions:
14:10:50.0606 2532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x95800, BlocksNum 0x1D4C000
14:10:50.0606 2532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DE1800, BlocksNum 0x6BD135B0
14:10:50.0626 2532 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6DAF5800, BlocksNum 0x6C10800
14:10:50.0626 2532 \Device\Harddisk5\DR5:
14:10:50.0626 2532 MBR partitions:
14:10:50.0626 2532 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x3D77E0
14:10:50.0626 2532 ============================================================
14:10:50.0666 2532 C: <-> \Device\Harddisk0\DR0\Partition2
14:10:50.0706 2532 Z: <-> \Device\Harddisk0\DR0\Partition3
14:10:50.0706 2532 ============================================================
14:10:50.0706 2532 Initialize success
14:10:50.0706 2532 ============================================================
14:12:45.0416 5240 ============================================================
14:12:45.0416 5240 Scan started
14:12:45.0416 5240 Mode: Manual; TDLFS;
14:12:45.0416 5240 ============================================================
14:12:45.0876 5240 ================ Scan system memory ========================
14:12:45.0876 5240 System memory - ok
14:12:45.0876 5240 ================ Scan services =============================
14:12:45.0986 5240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:12:45.0996 5240 1394ohci - ok
14:12:46.0016 5240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:12:46.0026 5240 ACPI - ok
14:12:46.0036 5240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:12:46.0066 5240 AcpiPmi - ok
14:12:46.0166 5240 [ 765FE0463E711E5A68AC7B69538ED922 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
14:12:46.0226 5240 AdobeActiveFileMonitor8.0 - ok
14:12:46.0276 5240 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:12:46.0276 5240 AdobeARMservice - ok
14:12:46.0376 5240 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:12:46.0386 5240 AdobeFlashPlayerUpdateSvc - ok
14:12:46.0416 5240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:12:46.0436 5240 adp94xx - ok
14:12:46.0456 5240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:12:46.0466 5240 adpahci - ok
14:12:46.0466 5240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:12:46.0476 5240 adpu320 - ok
14:12:46.0496 5240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:12:46.0496 5240 AeLookupSvc - ok
14:12:46.0546 5240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:12:46.0546 5240 AFD - ok
14:12:46.0586 5240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:12:46.0586 5240 agp440 - ok
14:12:46.0596 5240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:12:46.0606 5240 ALG - ok
14:12:46.0616 5240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:12:46.0616 5240 aliide - ok
14:12:46.0626 5240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:12:46.0636 5240 amdide - ok
14:12:46.0646 5240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:12:46.0656 5240 AmdK8 - ok
14:12:46.0676 5240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:12:46.0676 5240 AmdPPM - ok
14:12:46.0706 5240 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:12:46.0746 5240 amdsata - ok
14:12:46.0756 5240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:12:46.0766 5240 amdsbs - ok
14:12:46.0776 5240 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:12:46.0776 5240 amdxata - ok
14:12:46.0816 5240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:12:46.0856 5240 AppID - ok
14:12:46.0866 5240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:12:46.0866 5240 AppIDSvc - ok
14:12:46.0896 5240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:12:46.0936 5240 Appinfo - ok
14:12:47.0016 5240 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:12:47.0096 5240 Apple Mobile Device - ok
14:12:47.0106 5240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:12:47.0106 5240 arc - ok
14:12:47.0126 5240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:12:47.0126 5240 arcsas - ok
14:12:47.0206 5240 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:12:47.0276 5240 aspnet_state - ok
14:12:47.0306 5240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:12:47.0306 5240 AsyncMac - ok
14:12:47.0316 5240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:12:47.0316 5240 atapi - ok
14:12:47.0386 5240 [ 195786ED7A26E1913A4F9799FDBC2C71 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:12:47.0466 5240 athr - ok
14:12:47.0506 5240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:12:47.0536 5240 AudioEndpointBuilder - ok
14:12:47.0546 5240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:12:47.0556 5240 AudioSrv - ok
14:12:47.0586 5240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:12:47.0626 5240 AxInstSV - ok
14:12:47.0646 5240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:12:47.0656 5240 b06bdrv - ok
14:12:47.0666 5240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:12:47.0676 5240 b57nd60a - ok
14:12:47.0686 5240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:12:47.0696 5240 BDESVC - ok
14:12:47.0706 5240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:12:47.0706 5240 Beep - ok
14:12:47.0756 5240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:12:47.0806 5240 BFE - ok
14:12:47.0826 5240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:12:47.0886 5240 BITS - ok
14:12:47.0906 5240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:12:47.0906 5240 blbdrive - ok
14:12:47.0956 5240 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:12:48.0006 5240 Bonjour Service - ok
14:12:48.0046 5240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:12:48.0046 5240 bowser - ok
14:12:48.0056 5240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:12:48.0066 5240 BrFiltLo - ok
14:12:48.0076 5240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:12:48.0086 5240 BrFiltUp - ok
14:12:48.0116 5240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:12:48.0166 5240 Browser - ok
14:12:48.0176 5240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:12:48.0186 5240 Brserid - ok
14:12:48.0196 5240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:12:48.0206 5240 BrSerWdm - ok
14:12:48.0216 5240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:12:48.0216 5240 BrUsbMdm - ok
14:12:48.0226 5240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:12:48.0226 5240 BrUsbSer - ok
14:12:48.0266 5240 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
14:12:48.0326 5240 BTCFilterService - ok
14:12:48.0346 5240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:12:48.0356 5240 BTHMODEM - ok
14:12:48.0366 5240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:12:48.0366 5240 bthserv - ok
14:12:48.0386 5240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:12:48.0386 5240 cdfs - ok
14:12:48.0426 5240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:12:48.0476 5240 cdrom - ok
14:12:48.0496 5240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:12:48.0526 5240 CertPropSvc - ok
14:12:48.0566 5240 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
14:12:48.0616 5240 cfwids - ok
14:12:48.0626 5240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:12:48.0636 5240 circlass - ok
14:12:48.0656 5240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:12:48.0656 5240 CLFS - ok
14:12:48.0706 5240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:12:48.0716 5240 clr_optimization_v2.0.50727_32 - ok
14:12:48.0746 5240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:12:48.0756 5240 clr_optimization_v2.0.50727_64 - ok
14:12:48.0826 5240 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:12:48.0926 5240 clr_optimization_v4.0.30319_32 - ok
14:12:48.0946 5240 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:12:49.0016 5240 clr_optimization_v4.0.30319_64 - ok
14:12:49.0066 5240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:12:49.0066 5240 CmBatt - ok
14:12:49.0086 5240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:12:49.0086 5240 cmdide - ok
14:12:49.0126 5240 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:12:49.0136 5240 CNG - ok
14:12:49.0166 5240 [ F38ACFF40E9EDC2B3476EDD724CEA4A0 ] COMMONFX C:\Windows\system32\drivers\COMMONFX.SYS
14:12:49.0216 5240 COMMONFX - ok
14:12:49.0236 5240 COMMONFX.DLL - ok
14:12:49.0256 5240 [ F38ACFF40E9EDC2B3476EDD724CEA4A0 ] COMMONFX.SYS C:\Windows\System32\drivers\COMMONFX.SYS
14:12:49.0256 5240 COMMONFX.SYS - ok
14:12:49.0266 5240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:12:49.0276 5240 Compbatt - ok
14:12:49.0316 5240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:12:49.0356 5240 CompositeBus - ok
14:12:49.0356 5240 COMSysApp - ok
14:12:49.0376 5240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:12:49.0376 5240 crcdisk - ok
14:12:49.0406 5240 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:12:49.0466 5240 Creative Audio Engine Licensing Service - ok
14:12:49.0496 5240 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:12:49.0536 5240 CryptSvc - ok
14:12:49.0546 5240 [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
14:12:49.0586 5240 CT20XUT.DLL - ok
14:12:49.0606 5240 [ 095C566746217CD1482EDE40A70D87D2 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
14:12:49.0656 5240 ctac32k - ok
14:12:49.0676 5240 [ 157E2196FCCD002A2EDF3B06DF7B0C9A ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
14:12:49.0726 5240 ctaud2k - ok
14:12:49.0746 5240 [ 17979EE857E930CBFDF24A12E89D77A1 ] CTAUDFX C:\Windows\system32\drivers\CTAUDFX.SYS
14:12:49.0786 5240 CTAUDFX - ok
14:12:49.0786 5240 CTAUDFX.DLL - ok
14:12:49.0806 5240 [ 17979EE857E930CBFDF24A12E89D77A1 ] CTAUDFX.SYS C:\Windows\System32\drivers\CTAUDFX.SYS
14:12:49.0806 5240 CTAUDFX.SYS - ok
14:12:49.0846 5240 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
14:12:49.0956 5240 CTAudSvcService - ok
14:12:49.0976 5240 [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
14:12:50.0016 5240 CTEAPSFX.DLL - ok
14:12:50.0036 5240 [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
14:12:50.0076 5240 CTEDSPFX.DLL - ok
14:12:50.0086 5240 [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
14:12:50.0116 5240 CTEDSPIO.DLL - ok
14:12:50.0126 5240 [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
14:12:50.0176 5240 CTEDSPSY.DLL - ok
14:12:50.0196 5240 [ FE3EAE37536C02D087E5C5D339663779 ] CTERFXFX C:\Windows\system32\drivers\CTERFXFX.SYS
14:12:50.0226 5240 CTERFXFX - ok
14:12:50.0236 5240 CTERFXFX.DLL - ok
14:12:50.0236 5240 [ FE3EAE37536C02D087E5C5D339663779 ] CTERFXFX.SYS C:\Windows\System32\drivers\CTERFXFX.SYS
14:12:50.0236 5240 CTERFXFX.SYS - ok
14:12:50.0276 5240 [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
14:12:50.0326 5240 CTEXFIFX.DLL - ok
14:12:50.0346 5240 [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
14:12:50.0386 5240 CTHWIUT.DLL - ok
14:12:50.0386 5240 [ 4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
14:12:50.0446 5240 ctprxy2k - ok
14:12:50.0466 5240 [ 4A7DE2E30B2B9253933A157401EC76D5 ] CTSBLFX C:\Windows\system32\drivers\CTSBLFX.SYS
14:12:50.0496 5240 CTSBLFX - ok
14:12:50.0506 5240 CTSBLFX.DLL - ok
14:12:50.0516 5240 [ 4A7DE2E30B2B9253933A157401EC76D5 ] CTSBLFX.SYS C:\Windows\System32\drivers\CTSBLFX.SYS
14:12:50.0516 5240 CTSBLFX.SYS - ok
14:12:50.0546 5240 [ 065ADE032A044D518AB1407D3586B7D5 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
14:12:50.0596 5240 ctsfm2k - ok
14:12:50.0646 5240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:12:50.0656 5240 DcomLaunch - ok
14:12:50.0696 5240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:12:50.0696 5240 defragsvc - ok
14:12:50.0726 5240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:12:50.0726 5240 DfsC - ok
14:12:50.0746 5240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:12:50.0786 5240 Dhcp - ok
14:12:50.0806 5240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:12:50.0816 5240 discache - ok
14:12:50.0826 5240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:12:50.0836 5240 Disk - ok
14:12:50.0866 5240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:12:50.0896 5240 Dnscache - ok
14:12:50.0976 5240 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
14:12:50.0976 5240 DockLoginService - ok
14:12:51.0006 5240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:12:51.0026 5240 dot3svc - ok
14:12:51.0066 5240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:12:51.0066 5240 DPS - ok
14:12:51.0096 5240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:12:51.0096 5240 drmkaud - ok
14:12:51.0126 5240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:12:51.0186 5240 DXGKrnl - ok
14:12:51.0216 5240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:12:51.0226 5240 EapHost - ok
14:12:51.0296 5240 [ 64585B1D85FF7566B99CED303A02F357 ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
14:12:51.0296 5240 EaseUS Agent - ok
14:12:51.0366 5240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:12:51.0426 5240 ebdrv - ok
14:12:51.0466 5240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:12:51.0466 5240 EFS - ok
14:12:51.0516 5240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:12:51.0566 5240 ehRecvr - ok
14:12:51.0606 5240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:12:51.0606 5240 ehSched - ok
14:12:51.0636 5240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:12:51.0656 5240 elxstor - ok
14:12:51.0686 5240 [ F380FF5D6D80CECC6DBBC15569757613 ] emupia C:\Windows\system32\drivers\emupia2k.sys
14:12:51.0736 5240 emupia - ok
14:12:51.0766 5240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:12:51.0766 5240 ErrDev - ok
14:12:51.0826 5240 [ BF217BE3DB6907579C13438C6EFE002D ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
14:12:51.0826 5240 EUBAKUP - ok
14:12:51.0836 5240 EUBAKUP0 - ok
14:12:51.0876 5240 [ 92E3BD1F7D6D29A10929C1F9F7660FC3 ] EUBKMON C:\Windows\system32\drivers\EUBKMON.sys
14:12:51.0886 5240 EUBKMON - ok
14:12:51.0886 5240 EUBKMON0 - ok
14:12:51.0896 5240 [ D17446353E4FEE5B7D710610E8B18AC4 ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
14:12:51.0936 5240 EUDSKACS - ok
14:12:51.0976 5240 [ 8AD925DA2E4BCD1A6E657A7248CCDED2 ] EUFDDISK C:\Windows\system32\drivers\EuFdDisk.sys
14:12:52.0036 5240 EUFDDISK - ok
14:12:52.0036 5240 EUFDDISK0 - ok
14:12:52.0066 5240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:12:52.0066 5240 EventSystem - ok
14:12:52.0096 5240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:12:52.0106 5240 exfat - ok
14:12:52.0126 5240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:12:52.0126 5240 fastfat - ok
14:12:52.0176 5240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:12:52.0186 5240 Fax - ok
14:12:52.0196 5240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:12:52.0206 5240 fdc - ok
14:12:52.0216 5240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:12:52.0216 5240 fdPHost - ok
14:12:52.0216 5240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:12:52.0216 5240 FDResPub - ok
14:12:52.0226 5240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:12:52.0226 5240 FileInfo - ok
14:12:52.0236 5240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:12:52.0236 5240 Filetrace - ok
14:12:52.0286 5240 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:12:52.0376 5240 FLEXnet Licensing Service - ok
14:12:52.0376 5240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:12:52.0386 5240 flpydisk - ok
14:12:52.0396 5240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:12:52.0396 5240 FltMgr - ok
14:12:52.0436 5240 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:12:52.0466 5240 FontCache - ok
14:12:52.0516 5240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:12:52.0566 5240 FontCache3.0.0.0 - ok
14:12:52.0576 5240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:12:52.0576 5240 FsDepends - ok
14:12:52.0606 5240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:12:52.0646 5240 Fs_Rec - ok
14:12:52.0676 5240 [ 35FD2BB5131714E657B7AB3A78642854 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
14:12:52.0726 5240 FTDIBUS - ok
14:12:52.0756 5240 [ 196C9BDDBEF9B6D0973F398BEF5B2EEE ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
14:12:52.0786 5240 FTSER2K - ok
14:12:52.0806 5240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:12:52.0806 5240 fvevol - ok
14:12:52.0836 5240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:12:52.0846 5240 gagp30kx - ok
14:12:52.0916 5240 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
14:12:52.0976 5240 GoToAssist - ok
14:12:53.0016 5240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:12:53.0026 5240 gpsvc - ok
14:12:53.0066 5240 [ A6A4223573CFCF87843CFCB3A9C237C7 ] Guard Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
14:12:53.0126 5240 Guard Agent - ok
14:12:53.0206 5240 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:12:53.0206 5240 gupdate - ok
14:12:53.0216 5240 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:12:53.0216 5240 gupdatem - ok
14:12:53.0246 5240 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:12:53.0306 5240 gusvc - ok
14:12:53.0366 5240 [ 82B68F585110AE8500A6D23623AE1F74 ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
14:12:53.0446 5240 ha10kx2k - ok
14:12:53.0456 5240 [ 83F647F9ACE9192556F758E528024F68 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
14:12:53.0496 5240 hap16v2k - ok
14:12:53.0516 5240 [ E815D29361DE89D24C8DBE3E5A7006C9 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
14:12:53.0556 5240 hap17v2k - ok
14:12:53.0566 5240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:12:53.0566 5240 hcw85cir - ok
14:12:53.0606 5240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:12:53.0646 5240 HdAudAddService - ok
14:12:53.0676 5240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:12:53.0676 5240 HDAudBus - ok
14:12:53.0726 5240 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:12:53.0776 5240 HECIx64 - ok
14:12:53.0796 5240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:12:53.0796 5240 HidBatt - ok
14:12:53.0806 5240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:12:53.0816 5240 HidBth - ok
14:12:53.0826 5240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:12:53.0826 5240 HidIr - ok
14:12:53.0846 5240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:12:53.0846 5240 hidserv - ok
14:12:53.0876 5240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:12:53.0916 5240 HidUsb - ok
14:12:53.0946 5240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:12:53.0986 5240 hkmsvc - ok
14:12:54.0016 5240 [ 414B9325E6C96D80678498390C7BF79B ] HMuKstE C:\Windows\system32\DRIVERS\HMuKstE.sys
14:12:54.0056 5240 HMuKstE - ok
14:12:54.0076 5240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:12:54.0076 5240 HomeGroupListener - ok
14:12:54.0106 5240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:12:54.0106 5240 HomeGroupProvider - ok
14:12:54.0146 5240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:12:54.0196 5240 HpSAMD - ok
14:12:54.0236 5240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:12:54.0236 5240 HTTP - ok
14:12:54.0276 5240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:12:54.0276 5240 hwpolicy - ok
14:12:54.0326 5240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:12:54.0386 5240 i8042prt - ok
14:12:54.0536 5240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:12:54.0626 5240 iaStorV - ok
14:12:54.0676 5240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:12:54.0726 5240 idsvc - ok
14:12:54.0926 5240 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:12:55.0106 5240 igfx - ok
14:12:55.0136 5240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:12:55.0136 5240 iirsp - ok
14:12:55.0166 5240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:12:55.0216 5240 IKEEXT - ok
14:12:55.0266 5240 [ EE64207F2F5C20BFE5F73DB2566C4601 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:12:55.0336 5240 IntcAzAudAddService - ok
14:12:55.0356 5240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:12:55.0356 5240 intelide - ok
14:12:55.0376 5240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:12:55.0376 5240 intelppm - ok
14:12:55.0396 5240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:12:55.0406 5240 IPBusEnum - ok
14:12:55.0436 5240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:12:55.0476 5240 IpFilterDriver - ok
14:12:55.0506 5240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:12:55.0506 5240 iphlpsvc - ok
14:12:55.0526 5240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:12:55.0566 5240 IPMIDRV - ok
14:12:55.0576 5240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:12:55.0586 5240 IPNAT - ok
14:12:55.0606 5240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:12:55.0606 5240 IRENUM - ok
14:12:55.0616 5240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:12:55.0626 5240 isapnp - ok
14:12:55.0636 5240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:12:55.0676 5240 iScsiPrt - ok
14:12:55.0706 5240 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:12:55.0746 5240 k57nd60a - ok
14:12:55.0766 5240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:12:55.0776 5240 kbdclass - ok
14:12:55.0786 5240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:12:55.0816 5240 kbdhid - ok
14:12:55.0826 5240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:12:55.0826 5240 KeyIso - ok
14:12:55.0836 5240 KMW_KBD - ok
14:12:55.0856 5240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:12:55.0856 5240 KSecDD - ok
14:12:55.0876 5240 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:12:55.0876 5240 KSecPkg - ok
14:12:55.0886 5240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:12:55.0896 5240 ksthunk - ok
14:12:55.0906 5240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:12:55.0916 5240 KtmRm - ok
14:12:55.0946 5240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:12:55.0976 5240 LanmanServer - ok
14:12:56.0016 5240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:12:56.0056 5240 LanmanWorkstation - ok
14:12:56.0076 5240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:12:56.0086 5240 lltdio - ok
14:12:56.0106 5240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:12:56.0106 5240 lltdsvc - ok
14:12:56.0126 5240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:12:56.0126 5240 lmhosts - ok
14:12:56.0146 5240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:12:56.0156 5240 LSI_FC - ok
14:12:56.0166 5240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:12:56.0176 5240 LSI_SAS - ok
14:12:56.0186 5240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:12:56.0186 5240 LSI_SAS2 - ok
14:12:56.0206 5240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:12:56.0216 5240 LSI_SCSI - ok
14:12:56.0226 5240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:12:56.0226 5240 luafv - ok
14:12:56.0256 5240 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:12:56.0306 5240 LVPr2M64 - ok
14:12:56.0336 5240 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:12:56.0346 5240 LVPr2Mon - ok
14:12:56.0376 5240 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
14:12:56.0376 5240 LVPrcS64 - ok
14:12:56.0396 5240 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:12:56.0456 5240 LVRS64 - ok
14:12:56.0566 5240 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:12:56.0736 5240 LVUVC64 - ok
14:12:56.0806 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:56.0806 5240 McAfee SiteAdvisor Service - ok
14:12:56.0816 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:56.0816 5240 McMPFSvc - ok
14:12:56.0846 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:56.0846 5240 mcmscsvc - ok
14:12:56.0856 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:56.0856 5240 McNaiAnn - ok
14:12:56.0886 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:56.0886 5240 McNASvc - ok
14:12:56.0946 5240 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
14:12:56.0956 5240 McODS - ok
14:12:56.0956 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:56.0966 5240 McProxy - ok
14:12:57.0006 5240 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:12:57.0016 5240 McShield - ok
14:12:57.0076 5240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:12:57.0126 5240 Mcx2Svc - ok
14:12:57.0136 5240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:12:57.0146 5240 megasas - ok
14:12:57.0166 5240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:12:57.0166 5240 MegaSR - ok
14:12:57.0196 5240 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
14:12:57.0236 5240 mfeapfk - ok
14:12:57.0256 5240 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
14:12:57.0296 5240 mfeavfk - ok
14:12:57.0316 5240 mfeavfk01 - ok
14:12:57.0326 5240 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:12:57.0326 5240 mfefire - ok
14:12:57.0346 5240 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
14:12:57.0386 5240 mfefirek - ok
14:12:57.0416 5240 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
14:12:57.0426 5240 mfehidk - ok
14:12:57.0446 5240 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
14:12:57.0486 5240 mfenlfk - ok
14:12:57.0496 5240 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
14:12:57.0536 5240 mferkdet - ok
14:12:57.0546 5240 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
14:12:57.0546 5240 mfevtp - ok
14:12:57.0566 5240 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
14:12:57.0566 5240 mfewfpk - ok
14:12:57.0586 5240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:12:57.0586 5240 MMCSS - ok
14:12:57.0596 5240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:12:57.0606 5240 Modem - ok
14:12:57.0646 5240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:12:57.0646 5240 monitor - ok
14:12:57.0696 5240 [ A70BF78713B104C46C4E6E7858B6F02E ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
14:12:57.0746 5240 motccgp - ok
14:12:57.0756 5240 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
14:12:57.0786 5240 motccgpfl - ok
14:12:57.0816 5240 [ 6CBC0F4005593C96C9AECAD39F0690FC ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
14:12:57.0856 5240 motmodem - ok
14:12:57.0906 5240 [ 705568B735847B3304F9602834DEF733 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
14:12:57.0906 5240 MotoHelper - ok
14:12:57.0916 5240 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
14:12:57.0956 5240 MotoSwitchService - ok
14:12:57.0976 5240 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
14:12:58.0006 5240 Motousbnet - ok
14:12:58.0036 5240 [ 307727F9829FB46FF4BE0E4D1DAC5002 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
14:12:58.0066 5240 motusbdevice - ok
14:12:58.0086 5240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:12:58.0096 5240 mouclass - ok
14:12:58.0116 5240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:12:58.0126 5240 mouhid - ok
14:12:58.0156 5240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:12:58.0156 5240 mountmgr - ok
14:12:58.0226 5240 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:12:58.0286 5240 MozillaMaintenance - ok
14:12:58.0306 5240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:12:58.0346 5240 mpio - ok
14:12:58.0366 5240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:12:58.0366 5240 mpsdrv - ok
14:12:58.0406 5240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:12:58.0416 5240 MpsSvc - ok
14:12:58.0446 5240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:12:58.0486 5240 MRxDAV - ok
14:12:58.0516 5240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:12:58.0526 5240 mrxsmb - ok
14:12:58.0556 5240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:12:58.0566 5240 mrxsmb10 - ok
14:12:58.0576 5240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:12:58.0576 5240 mrxsmb20 - ok
14:12:58.0596 5240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:12:58.0646 5240 msahci - ok
14:12:58.0666 5240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:12:58.0716 5240 msdsm - ok
14:12:58.0746 5240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:12:58.0746 5240 MSDTC - ok
14:12:58.0756 5240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:12:58.0766 5240 Msfs - ok
14:12:58.0776 5240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:12:58.0776 5240 mshidkmdf - ok
14:12:58.0786 5240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:12:58.0786 5240 msisadrv - ok
14:12:58.0806 5240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:12:58.0816 5240 MSiSCSI - ok
14:12:58.0816 5240 msiserver - ok
14:12:58.0836 5240 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:12:58.0836 5240 MSK80Service - ok
14:12:58.0856 5240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:12:58.0856 5240 MSKSSRV - ok
14:12:58.0866 5240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:12:58.0876 5240 MSPCLOCK - ok
14:12:58.0886 5240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:12:58.0886 5240 MSPQM - ok
14:12:58.0916 5240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:12:58.0916 5240 MsRPC - ok
14:12:58.0926 5240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:12:58.0936 5240 mssmbios - ok
14:12:58.0946 5240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:12:58.0946 5240 MSTEE - ok
14:12:58.0956 5240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:12:58.0956 5240 MTConfig - ok
14:12:58.0966 5240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:12:58.0966 5240 Mup - ok
14:12:58.0986 5240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:12:58.0996 5240 napagent - ok
14:12:59.0016 5240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:12:59.0016 5240 NativeWifiP - ok
14:12:59.0036 5240 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:12:59.0046 5240 NDIS - ok
14:12:59.0056 5240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:12:59.0066 5240 NdisCap - ok
14:12:59.0076 5240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:12:59.0086 5240 NdisTapi - ok
14:12:59.0116 5240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:12:59.0166 5240 Ndisuio - ok
14:12:59.0196 5240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:12:59.0246 5240 NdisWan - ok
14:12:59.0276 5240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:12:59.0316 5240 NDProxy - ok
14:12:59.0326 5240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:12:59.0336 5240 NetBIOS - ok
14:12:59.0346 5240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:12:59.0346 5240 NetBT - ok
14:12:59.0356 5240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:12:59.0356 5240 Netlogon - ok
14:12:59.0386 5240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:12:59.0386 5240 Netman - ok
14:12:59.0416 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:59.0476 5240 NetMsmqActivator - ok
14:12:59.0496 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:59.0496 5240 NetPipeActivator - ok
14:12:59.0506 5240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:12:59.0516 5240 netprofm - ok
14:12:59.0526 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:59.0526 5240 NetTcpActivator - ok
14:12:59.0536 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:59.0536 5240 NetTcpPortSharing - ok
14:12:59.0566 5240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:12:59.0576 5240 nfrd960 - ok
14:12:59.0616 5240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:12:59.0616 5240 NlaSvc - ok
14:12:59.0626 5240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:12:59.0626 5240 Npfs - ok
14:12:59.0636 5240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:12:59.0636 5240 nsi - ok
14:12:59.0646 5240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:12:59.0646 5240 nsiproxy - ok
14:12:59.0676 5240 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:12:59.0706 5240 Ntfs - ok
14:12:59.0716 5240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:12:59.0716 5240 Null - ok
14:12:59.0736 5240 [ CB599955CE2CE9694721562F9481CD84 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:12:59.0786 5240 NVHDA - ok
14:12:59.0936 5240 [ 56ECA691BD4EF5CBF07B6D08B32F12AE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:13:00.0076 5240 nvlddmkm - ok
14:13:00.0096 5240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:13:00.0146 5240 nvraid - ok
14:13:00.0156 5240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:13:00.0206 5240 nvstor - ok
14:13:00.0226 5240 [ 61FCBB743063A1A11D9130F62CD0F5A8 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:13:00.0226 5240 nvsvc - ok
14:13:00.0236 5240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:13:00.0246 5240 nv_agp - ok
14:13:00.0256 5240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:13:00.0256 5240 ohci1394 - ok
14:13:00.0276 5240 [ 85EA378116E2C4385993BA5124536FFC ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
14:13:00.0326 5240 ossrv - ok
14:13:00.0336 5240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:13:00.0346 5240 p2pimsvc - ok
14:13:00.0356 5240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:13:00.0356 5240 p2psvc - ok
14:13:00.0386 5240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:13:00.0386 5240 Parport - ok
14:13:00.0416 5240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:13:00.0426 5240 partmgr - ok
14:13:00.0436 5240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:13:00.0436 5240 PcaSvc - ok
14:13:00.0466 5240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:13:00.0476 5240 pci - ok
14:13:00.0486 5240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:13:00.0486 5240 pciide - ok
14:13:00.0506 5240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:13:00.0516 5240 pcmcia - ok
14:13:00.0596 5240 [ 4D2336BF839A5BA5F91BDED952FF0BA1 ] PCSUService C:\Program Files (x86)\PC Speed Up\PCSUService.exe
14:13:00.0596 5240 PCSUService - ok
14:13:00.0606 5240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:13:00.0606 5240 pcw - ok
14:13:00.0636 5240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:13:00.0646 5240 PEAUTH - ok
14:13:00.0706 5240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:13:00.0706 5240 PerfHost - ok
14:13:00.0776 5240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:13:00.0856 5240 pla - ok
14:13:00.0906 5240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:13:00.0906 5240 PlugPlay - ok
14:13:00.0926 5240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:13:00.0936 5240 PNRPAutoReg - ok
14:13:00.0966 5240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:13:00.0976 5240 PNRPsvc - ok
14:13:00.0996 5240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:13:01.0016 5240 PolicyAgent - ok
14:13:01.0046 5240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:13:01.0046 5240 Power - ok
14:13:01.0066 5240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:13:01.0066 5240 PptpMiniport - ok
14:13:01.0076 5240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:13:01.0086 5240 Processor - ok
14:13:01.0126 5240 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:13:01.0126 5240 ProfSvc - ok
14:13:01.0136 5240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:13:01.0136 5240 ProtectedStorage - ok
14:13:01.0186 5240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:13:01.0186 5240 Psched - ok
14:13:01.0216 5240 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:13:01.0226 5240 PxHlpa64 - ok
14:13:01.0276 5240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:13:01.0306 5240 ql2300 - ok
14:13:01.0316 5240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:13:01.0316 5240 ql40xx - ok
14:13:01.0326 5240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:13:01.0336 5240 QWAVE - ok
14:13:01.0346 5240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:13:01.0346 5240 QWAVEdrv - ok
14:13:01.0356 5240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:13:01.0366 5240 RasAcd - ok
14:13:01.0386 5240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:13:01.0386 5240 RasAgileVpn - ok
14:13:01.0396 5240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:13:01.0406 5240 RasAuto - ok
14:13:01.0406 5240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:13:01.0446 5240 Rasl2tp - ok
14:13:01.0456 5240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:13:01.0486 5240 RasMan - ok
14:13:01.0496 5240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:13:01.0506 5240 RasPppoe - ok
14:13:01.0516 5240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:13:01.0516 5240 RasSstp - ok
14:13:01.0536 5240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:13:01.0536 5240 rdbss - ok
14:13:01.0546 5240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:13:01.0556 5240 rdpbus - ok
14:13:01.0556 5240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:13:01.0556 5240 RDPCDD - ok
14:13:01.0576 5240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:13:01.0576 5240 RDPENCDD - ok
14:13:01.0586 5240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:13:01.0586 5240 RDPREFMP - ok
14:13:01.0616 5240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:13:01.0656 5240 RDPWD - ok
14:13:01.0686 5240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:13:01.0686 5240 rdyboost - ok
14:13:01.0706 5240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:13:01.0716 5240 RemoteAccess - ok
14:13:01.0736 5240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:13:01.0736 5240 RemoteRegistry - ok
14:13:01.0756 5240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:13:01.0766 5240 RpcEptMapper - ok
14:13:01.0776 5240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:13:01.0776 5240 RpcLocator - ok
14:13:01.0826 5240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:13:01.0836 5240 RpcSs - ok
14:13:01.0846 5240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:13:01.0856 5240 rspndr - ok
14:13:01.0856 5240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:13:01.0866 5240 SamSs - ok
14:13:01.0896 5240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:13:01.0946 5240 sbp2port - ok
14:13:01.0966 5240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:13:01.0966 5240 SCardSvr - ok
14:13:02.0006 5240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:13:02.0066 5240 scfilter - ok
14:13:02.0106 5240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:13:02.0156 5240 Schedule - ok
14:13:02.0186 5240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:13:02.0186 5240 SCPolicySvc - ok
14:13:02.0196 5240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:13:02.0226 5240 SDRSVC - ok
14:13:02.0296 5240 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:13:02.0296 5240 SeaPort - ok
14:13:02.0306 5240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:13:02.0316 5240 secdrv - ok
14:13:02.0346 5240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:13:02.0386 5240 seclogon - ok
14:13:02.0396 5240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:13:02.0396 5240 SENS - ok
14:13:02.0406 5240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:13:02.0416 5240 SensrSvc - ok
14:13:02.0456 5240 [ 9F6490423AC3271E84A90A0DD9D30A3B ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
14:13:02.0496 5240 Ser2pl - ok
14:13:02.0516 5240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:13:02.0516 5240 Serenum - ok
14:13:02.0526 5240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:13:02.0536 5240 Serial - ok
14:13:02.0546 5240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:13:02.0546 5240 sermouse - ok
14:13:02.0586 5240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:13:02.0626 5240 SessionEnv - ok
14:13:02.0646 5240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:13:02.0646 5240 sffdisk - ok
14:13:02.0666 5240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:13:02.0666 5240 sffp_mmc - ok
14:13:02.0676 5240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:13:02.0716 5240 sffp_sd - ok
14:13:02.0726 5240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:13:02.0736 5240 sfloppy - ok
14:13:02.0796 5240 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
14:13:02.0896 5240 SftService - ok
14:13:02.0916 5240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:13:02.0926 5240 SharedAccess - ok
14:13:02.0946 5240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:13:02.0946 5240 ShellHWDetection - ok
14:13:02.0966 5240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:13:02.0976 5240 SiSRaid2 - ok
14:13:02.0986 5240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:13:02.0996 5240 SiSRaid4 - ok
14:13:03.0036 5240 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:13:07.0196 5240 SkypeUpdate - ok
14:13:07.0206 5240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:13:07.0216 5240 Smb - ok
14:13:07.0236 5240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:13:07.0236 5240 SNMPTRAP - ok
14:13:07.0246 5240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:13:07.0246 5240 spldr - ok
14:13:07.0276 5240 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:13:07.0276 5240 Spooler - ok
14:13:07.0366 5240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:13:07.0386 5240 sppsvc - ok
14:13:07.0406 5240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:13:07.0406 5240 sppuinotify - ok
14:13:07.0456 5240 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
14:13:07.0526 5240 sprtsvc_DellSupportCenter - ok
14:13:07.0556 5240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:13:07.0566 5240 srv - ok
14:13:07.0586 5240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:13:07.0596 5240 srv2 - ok
14:13:07.0606 5240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:13:07.0606 5240 srvnet - ok
14:13:07.0616 5240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:13:07.0616 5240 SSDPSRV - ok
14:13:07.0626 5240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:13:07.0636 5240 SstpSvc - ok
14:13:07.0646 5240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:13:07.0646 5240 stexstor - ok
14:13:07.0676 5240 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:13:07.0676 5240 StillCam - ok
14:13:07.0706 5240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:13:07.0756 5240 stisvc - ok
14:13:07.0796 5240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:13:07.0796 5240 swenum - ok
14:13:07.0806 5240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:13:07.0816 5240 swprv - ok
14:13:07.0866 5240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:13:07.0906 5240 SysMain - ok
14:13:07.0936 5240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:13:07.0966 5240 TabletInputService - ok
14:13:07.0986 5240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:13:08.0006 5240 TapiSrv - ok
14:13:08.0036 5240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:13:08.0036 5240 TBS - ok
14:13:08.0096 5240 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:13:08.0126 5240 Tcpip - ok
14:13:08.0176 5240 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:13:08.0196 5240 TCPIP6 - ok
14:13:08.0216 5240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:13:08.0276 5240 tcpipreg - ok
14:13:08.0286 5240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:13:08.0296 5240 TDPIPE - ok
14:13:08.0316 5240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:13:08.0366 5240 TDTCP - ok
14:13:08.0376 5240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:13:08.0416 5240 tdx - ok
14:13:08.0426 5240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:13:08.0456 5240 TermDD - ok
14:13:08.0476 5240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:13:08.0506 5240 TermService - ok
14:13:08.0516 5240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:13:08.0516 5240 Themes - ok
14:13:08.0546 5240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:13:08.0546 5240 THREADORDER - ok
14:13:08.0556 5240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:13:08.0566 5240 TrkWks - ok
14:13:08.0606 5240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:13:08.0656 5240 TrustedInstaller - ok
14:13:08.0706 5240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:13:08.0756 5240 tssecsrv - ok
14:13:08.0796 5240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:13:08.0846 5240 TsUsbFlt - ok
14:13:08.0896 5240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:13:08.0896 5240 tunnel - ok
14:13:08.0916 5240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:13:08.0926 5240 uagp35 - ok
14:13:08.0956 5240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:13:08.0986 5240 udfs - ok
14:13:09.0006 5240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:13:09.0006 5240 UI0Detect - ok
14:13:09.0026 5240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:13:09.0036 5240 uliagpkx - ok
14:13:09.0056 5240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:13:09.0096 5240 umbus - ok
14:13:09.0106 5240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:13:09.0106 5240 UmPass - ok
14:13:09.0126 5240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:13:09.0136 5240 upnphost - ok
14:13:09.0146 5240 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:13:09.0186 5240 usbaudio - ok
14:13:09.0216 5240 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:13:09.0246 5240 usbccgp - ok
14:13:09.0276 5240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:13:09.0286 5240 usbcir - ok
14:13:09.0296 5240 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:13:09.0356 5240 usbehci - ok
14:13:09.0366 5240 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:13:09.0406 5240 usbhub - ok
14:13:09.0416 5240 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:13:09.0456 5240 usbohci - ok
14:13:09.0466 5240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:13:09.0466 5240 usbprint - ok
14:13:09.0486 5240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:13:09.0516 5240 USBSTOR - ok
14:13:09.0526 5240 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:13:09.0556 5240 usbuhci - ok
14:13:09.0576 5240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:13:09.0586 5240 UxSms - ok
14:13:09.0596 5240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:13:09.0596 5240 VaultSvc - ok
14:13:09.0596 5240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:13:09.0606 5240 vdrvroot - ok
14:13:09.0646 5240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:13:09.0656 5240 vds - ok
14:13:09.0666 5240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:13:09.0676 5240 vga - ok
14:13:09.0686 5240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:13:09.0696 5240 VgaSave - ok
14:13:09.0716 5240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:13:09.0756 5240 vhdmp - ok
14:13:09.0766 5240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:13:09.0776 5240 viaide - ok
14:13:09.0786 5240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:13:09.0786 5240 volmgr - ok
14:13:09.0806 5240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:13:09.0806 5240 volmgrx - ok
14:13:09.0826 5240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:13:09.0826 5240 volsnap - ok
14:13:09.0846 5240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:13:09.0846 5240 vsmraid - ok
14:13:09.0906 5240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:13:09.0946 5240 VSS - ok
14:13:09.0956 5240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:13:09.0956 5240 vwifibus - ok
14:13:09.0976 5240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:13:09.0986 5240 vwififlt - ok
14:13:10.0006 5240 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:13:10.0006 5240 vwifimp - ok
14:13:10.0026 5240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:13:10.0026 5240 W32Time - ok
14:13:10.0036 5240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:13:10.0046 5240 WacomPen - ok
14:13:10.0066 5240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:13:10.0106 5240 WANARP - ok
14:13:10.0116 5240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:13:10.0116 5240 Wanarpv6 - ok
14:13:10.0166 5240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:13:10.0236 5240 WatAdminSvc - ok
14:13:10.0276 5240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:13:10.0326 5240 wbengine - ok
14:13:10.0346 5240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:13:10.0346 5240 WbioSrvc - ok
14:13:10.0356 5240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:13:10.0366 5240 wcncsvc - ok
14:13:10.0376 5240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:13:10.0386 5240 WcsPlugInService - ok
14:13:10.0396 5240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:13:10.0396 5240 Wd - ok
14:13:10.0416 5240 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:13:10.0426 5240 Wdf01000 - ok
14:13:10.0426 5240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:13:10.0436 5240 WdiServiceHost - ok
14:13:10.0436 5240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:13:10.0446 5240 WdiSystemHost - ok
14:13:10.0466 5240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:13:10.0516 5240 WebClient - ok
14:13:10.0526 5240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:13:10.0536 5240 Wecsvc - ok
14:13:10.0556 5240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:13:10.0556 5240 wercplsupport - ok
14:13:10.0566 5240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:13:10.0566 5240 WerSvc - ok
14:13:10.0576 5240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:13:10.0586 5240 WfpLwf - ok
14:13:10.0606 5240 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:13:10.0636 5240 WimFltr - ok
14:13:10.0656 5240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:13:10.0656 5240 WIMMount - ok
14:13:10.0666 5240 WinDefend - ok
14:13:10.0666 5240 WinHttpAutoProxySvc - ok
14:13:10.0716 5240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:13:10.0726 5240 Winmgmt - ok
14:13:10.0756 5240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:13:10.0826 5240 WinRM - ok
14:13:10.0886 5240 [ FE88B288356E7B47B74B13372ADD906D ] winusb C:\Windows\system32\DRIVERS\WinUsb.sys
14:13:10.0936 5240 winusb - ok
14:13:10.0966 5240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:13:10.0976 5240 Wlansvc - ok
14:13:10.0996 5240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:13:10.0996 5240 WmiAcpi - ok
14:13:11.0016 5240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:13:11.0026 5240 wmiApSrv - ok
14:13:11.0056 5240 WMPNetworkSvc - ok
14:13:11.0066 5240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:13:11.0076 5240 WPCSvc - ok
14:13:11.0106 5240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:13:11.0146 5240 WPDBusEnum - ok
14:13:11.0156 5240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:13:11.0166 5240 ws2ifsl - ok
14:13:11.0176 5240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:13:11.0176 5240 wscsvc - ok
14:13:11.0186 5240 WSearch - ok
14:13:11.0256 5240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:13:11.0266 5240 wuauserv - ok
14:13:11.0276 5240 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:13:11.0306 5240 WudfPf - ok
14:13:11.0346 5240 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:13:11.0396 5240 WUDFRd - ok
14:13:11.0396 5240 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:13:11.0426 5240 wudfsvc - ok
14:13:11.0436 5240 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:13:11.0446 5240 WwanSvc - ok
14:13:11.0496 5240 [ 7C5522028410A4A34BB8021F026733AF ] XMouseButton Launcher C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
14:13:11.0496 5240 XMouseButton Launcher - ok
14:13:11.0576 5240 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:13:11.0586 5240 YahooAUService - ok
14:13:11.0606 5240 ================ Scan global ===============================
14:13:11.0626 5240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:13:11.0656 5240 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:13:11.0716 5240 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:13:11.0736 5240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:13:11.0766 5240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:13:11.0766 5240 [Global] - ok
14:13:11.0776 5240 ================ Scan MBR ==================================
14:13:11.0786 5240 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
14:13:11.0986 5240 \Device\Harddisk0\DR0 - ok
14:13:11.0996 5240 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk5\DR5
14:13:12.0746 5240 \Device\Harddisk5\DR5 - ok
14:13:12.0746 5240 ================ Scan VBR ==================================
14:13:12.0766 5240 [ 446D6EBAFA984EFA48CE3F0277F0E1D1 ] \Device\Harddisk0\DR0\Partition1
14:13:12.0776 5240 \Device\Harddisk0\DR0\Partition1 - ok
14:13:12.0786 5240 [ 73C1B9439A49EE1254051E78691B787D ] \Device\Harddisk0\DR0\Partition2
14:13:12.0796 5240 \Device\Harddisk0\DR0\Partition2 - ok
14:13:12.0826 5240 [ 242686C92CABF2CBF45C91E0C4457AF6 ] \Device\Harddisk0\DR0\Partition3
14:13:12.0826 5240 \Device\Harddisk0\DR0\Partition3 - ok
14:13:12.0836 5240 [ 01DF850A73057CBCBA6C8444B10C4AC0 ] \Device\Harddisk5\DR5\Partition1
14:13:12.0836 5240 \Device\Harddisk5\DR5\Partition1 - ok
14:13:12.0836 5240 ============================================================
14:13:12.0836 5240 Scan finished
14:13:12.0836 5240 ============================================================
14:13:12.0846 3484 Detected object count: 0
14:13:12.0846 3484 Actual detected object count: 0
14:20:45.0134 2456 Deinitialize success


The aswMBR log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-10 16:09:06
-----------------------------
16:09:06.726 OS Version: Windows x64 6.1.7601 Service Pack 1
16:09:06.726 Number of processors: 4 586 0x2502
16:09:06.726 ComputerName: DAVESDELL UserName: Dave
16:09:16.991 Initialize success
16:09:25.368 AVAST engine defs: 12101000
16:10:20.483 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:10:20.498 Disk 0 Vendor: ST31000528AS CC45 Size: 953869MB BusType: 3
16:10:20.498 Disk 0 MBR read successfully
16:10:20.498 Disk 0 MBR scan
16:10:20.498 Disk 0 Windows VISTA default MBR code
16:10:20.498 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 298 MB offset 63
16:10:20.514 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 612352
16:10:20.529 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 883238 MB offset 31332352
16:10:20.529 Disk 0 Partition - 00 0F Extended LBA 55330 MB offset 1840205824
16:10:20.561 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 55329 MB offset 1840207872
16:10:20.592 Disk 0 scanning C:\Windows\system32\drivers
16:10:30.014 Service scanning
16:10:45.833 Modules scanning
16:10:45.833 Disk 0 trace - called modules:
16:10:45.848 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
16:10:45.848 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007cec060]
16:10:45.848 3 CLASSPNP.SYS[fffff88001bd043f] -> nt!IofCallDriver -> [0xfffffa80079bb580]
16:10:45.864 5 ACPI.sys[fffff88000f6e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80079bd060]
16:10:53.711 AVAST engine scan C:\Windows
16:10:55.739 AVAST engine scan C:\Windows\system32
16:13:38.213 AVAST engine scan C:\Windows\system32\drivers
16:13:50.256 AVAST engine scan C:\Users\Dave
16:30:44.757 AVAST engine scan C:\ProgramData
16:32:46.765 Scan finished successfully
18:35:58.526 Disk 0 MBR has been saved successfully to "C:\Temp\Malware Fixes\MBR.dat"
18:35:58.526 The log file has been saved successfully to "C:\Temp\Malware Fixes\aswMBR.txt"


The eSet log:


C:\Users\Dave\Downloads\cnet_freezonlinetv142_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Dave\Downloads\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Dave\Downloads\SoftonicDownloader_for_microsoft-office-word-viewer.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined


It looks to me as if everything is good. There are only a few places in the logs which I don't understand, but right now this seems to be a False Alarm.

We'll see.

Thanks again for this great site.
Dave

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:39 PM

Posted 10 October 2012 - 08:49 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Davewyst

Davewyst
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 11 October 2012 - 03:22 PM



Here are the five logs:


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.11.03

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Dave :: DAVESDELL [administrator]

10/10/2012 9:26:37 PM
mbam-log-2012-10-10 (21-26-37).txt

Scan type: Full scan (C:\|J:\|Z:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 609259
Time elapsed: 1 hour(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Dave\Downloads\BorgStim_v_001.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)


MiniToolBox:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Dave (administrator) on 11-10-2012 at 10:09:47
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
/


127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net
127.0.0.1 ads.active.com
127.0.0.1 am1.activemeter.com
127.0.0.1 www.activemeter.com
127.0.0.1 ads.activepower.net
127.0.0.1 data2.activshopper.com
127.0.0.1 stat.active24stats.nl
127.0.0.1 ad2games.com
127.0.0.1 cms.ad2click.nl

There are 12347 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

DW1525 (802.11n) WLAN PCIe Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DavesDell
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C2-17-FE-8E-E2-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1525 (802.11n) WLAN PCIe Card
Physical Address. . . . . . . . . : C4-17-FE-8E-E2-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::74de:f44:bf98:b1d1%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 11, 2012 9:47:10 AM
Lease Expires . . . . . . . . . . : Thursday, October 18, 2012 10:10:29 AM
Default Gateway . . . . . . . . . : fe80::224:1ff:fece:870f%11
192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 48:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:8c4:2ae6:bba1:a738(Preferred)
Link-local IPv6 Address . . . . . : fe80::8c4:2ae6:bba1:a738%54(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{A7EFA52D-FA79-4C76-8F30-43851B0D7334}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {022D094E-755F-45D0-B679-0D0E8DCA6CAA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C733617B-200B-480A-B460-BD1306D8DF2E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4009:803::1001
74.125.225.130
74.125.225.131
74.125.225.132
74.125.225.133
74.125.225.134
74.125.225.135
74.125.225.136
74.125.225.137
74.125.225.142
74.125.225.128
74.125.225.129


Pinging google.com [74.125.225.129] with 32 bytes of data:
Reply from 74.125.225.129: bytes=32 time=549ms TTL=54
Reply from 74.125.225.129: bytes=32 time=93ms TTL=54

Ping statistics for 74.125.225.129:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 549ms, Average = 321ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=702ms TTL=48
Reply from 98.139.183.24: bytes=32 time=529ms TTL=46

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 529ms, Maximum = 702ms, Average = 615ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...c2 17 fe 8e e2 e3 ......Microsoft Virtual WiFi Miniport Adapter
11...c4 17 fe 8e e2 e3 ......DW1525 (802.11n) WLAN PCIe Card
1...........................Software Loopback Interface 1
54...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
55...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
56...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
57...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.13 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.13 276
192.168.0.13 255.255.255.255 On-link 192.168.0.13 276
192.168.0.255 255.255.255.255 On-link 192.168.0.13 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.13 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.13 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 276 ::/0 fe80::224:1ff:fece:870f
54 58 ::/0 On-link
1 306 ::1/128 On-link
54 58 2001::/32 On-link
54 306 2001:0:4137:9e76:8c4:2ae6:bba1:a738/128
On-link
11 276 fe80::/64 On-link
54 306 fe80::/64 On-link
54 306 fe80::8c4:2ae6:bba1:a738/128
On-link
11 276 fe80::74de:f44:bf98:b1d1/128
On-link
1 306 ff00::/8 On-link
54 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/11/2012 10:03:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 06:40:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 06:36:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 04:08:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 03:58:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 02:09:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 02:06:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/09/2012 02:38:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (10/09/2012 02:38:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/09/2012 01:47:09 PM) (Source: Swapdrive Backup) (User: )
Description: Swapdrive Backup: Web Service Error: System.Net.WebException: The remote name could not be resolved: 'wsvcdell.backup.com'
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest req)
at Swapdrive.Shared.ActivationWsvcs.GetInfo()


System errors:
=============
Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1069

Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service failed to start due to the following error:
%%1069

Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1115

Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1069

Error: (10/10/2012 11:02:27 PM) (Source: Service Control Manager) (User: )
Description: The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%1352

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/10/2012 11:02:27 PM) (Source: BROWSER) (User: )
Description: The browser has failed to start because the dependent service LanmanWorkstation had invalid service status 4294967295.
Status Meaning
1 Service Stopped

2 Start Pending

3 Stop Pending

4 Running

5 Continue Pending

6 Pause Pending

7 Paused

Error: (10/10/2012 09:00:51 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (10/10/2012 09:00:51 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}


Microsoft Office Sessions:
=========================
Error: (10/11/2012 10:03:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Temp\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/10/2012 06:40:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Temp\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/10/2012 06:36:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Temp\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/10/2012 04:08:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Temp\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/10/2012 03:58:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Temp\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/10/2012 02:09:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Temp\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/10/2012 02:06:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest\\Dottylaptop\Shared Documents\Malware Fixes\esetsmartinstaller_enu.exe

Error: (10/09/2012 02:38:32 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll2

Error: (10/09/2012 02:38:14 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (10/09/2012 01:47:09 PM) (Source: Swapdrive Backup)(User: )
Description: Swapdrive Backup: Web Service Error: System.Net.WebException: The remote name could not be resolved: 'wsvcdell.backup.com'
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest req)
at Swapdrive.Shared.ActivationWsvcs.GetInfo()


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Amazon Kindle
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Audacity 1.3.14 (Unicode)
Audacity 2.0
Bonjour (Version: 2.0.4.0)
Brother MFL-Pro Suite MFC-5890CN (Version: 1.0.1.0)
CCleaner (Version: 3.14)
CGoban 3
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Creative Audio Console (Version: 1.33)
Creative Software AutoUpdate (Version: 1.40)
CyArk Viewer Lite
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Driver Fetch
EaseUS Todo Backup Free 4.0 (Version: 4.0.0.1)
Efficient Reminder 3.10
ErosLink (Version: 1.0.0.0)
Eroslink Updater to 1.1a (Version: 1.0.0.0)
ESET Online Scanner v3
Evernote v. 4.5.8 (Version: 4.5.8.7356)
FFmpeg v0.6.2 for Audacity
GIMP 2.6.11 (Version: 2.6.11)
GoldWave v5.57
GoldWave v5.67
Google Chrome (Version: 22.0.1229.79)
Google Drive (Version: 1.4.3365.1552)
Google Earth (Version: 6.1.0.5001)
Google SketchUp 8 (Version: 3.0.3117)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
HiView
Hornil StylePix (Version: 1.6.5.2181)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 16 (Version: 6.0.160)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8089.726)
LAME v3.98.2 for Audacity
LAME v3.99.3 (for Windows)
Logitech Vid (Version: 1.10.1009)
Logitech Webcam Software (Version: 12.10.1113)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee SecurityCenter (Version: 11.0.678)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
mIRC (Version: 7.17)
MotoHelper 2.0.40 Driver 4.8.0 (Version: 2.0.40)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 4.8.0 (Version: 4.8.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
Mozilla Firefox 8.0.1 (x86 en-US) (Version: 8.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Notepad++ (Version: 6.1.3)
NVIDIA Drivers (Version: 1.4)
OLYMPUS Raw Codec (Version: 1.3.0)
OOo-dev 3.4 (Version: 3.4.9583)
OpenAL
OpenOffice.org 3.3 (Version: 3.3.9567)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
PC Speed Up - Complete uninstall (Version: 3.1.2)
PCsync (Version: 5.07.3001)
Picasa 3 (Version: 3.8)
PL-2303 USB-to-Serial (Version: 1.00.000)
PowerDVD DX (Version: 8.3.6029)
QRreader (Version: 1.3)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
RealUpgrade 1.1 (Version: 1.1.0)
ScanSoft PaperPort 11 (Version: 11.2.0000)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
Smartstim (Version: 4.0.0.71)
Smartstim 2 live sessions (Version: 1.02.0000)
Smartstim 2 new year sessions (Version: 1.02.0000)
Smartstim 2 princess sessions (Version: 1.02.0000)
Smartstim 3 (Version: 1.00.0000)
Smartstim R (Version: 1.03.000)
Smartstim R princess sessions (Version: 1.02.0000)
The Ultimate Troubleshooter
UFRaw 0.17
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
ViewSonic Monitor Drivers
Vim 7.2 (self-installing)
Visual Analyser 2011 (Version: 14.0.0.19)
Visual C++ 2008 Runtime (x64) (Version: 1.0.1)
VLC media player 1.1.11 (Version: 1.1.11)
Winamp (Version: 5.572 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
X-Mouse Button Control 2.4 (Version: 2.4)
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 8055.12 MB
Available physical RAM: 6479.96 MB
Total Pagefile: 16108.43 MB
Available Pagefile: 14144.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.07 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:862.54 GB) (Free:733.2 GB) NTFS
7 Drive j: (USBDISK100) (Removable) (Total:1.92 GB) (Free:0.38 GB) FAT
8 Drive z: (Test Partition) (Fixed) (Total:54.03 GB) (Free:53.94 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVESDELL

Admin Administrator Dave
Dotty Guest Juggle5

========================= Restore Points ==================================

13-09-2012 18:48:02 Scheduled Checkpoint
21-09-2012 18:28:20 Scheduled Checkpoint
24-09-2012 21:16:20 Installed Evernote v. 4.5.8
02-10-2012 18:04:23 Scheduled Checkpoint
09-10-2012 19:42:57 Scheduled Checkpoint

**** End of log ****


FarBar Service Scanner log:


Farbar Service Scanner Version: 07-10-2012
Ran by Dave (administrator) on 11-10-2012 at 10:45:37
Running from "C:\Temp\MalwareFixes"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Adware Cleaner log:


# AdwCleaner v2.004 - Logfile created 10/11/2012 at 10:50:03
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Dave - DAVESDELL
# Boot Mode : Normal
# Running from : C:\Temp\MalwareFixes\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\cwv7clzh.Daves Firefox profile\searchplugins\Ask.xml
Folder Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\cwv7clzh.Daves Firefox profile\Conduit
Folder Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\cwv7clzh.Daves Firefox profile\Save

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\0qbvrdk0.default\prefs.js

C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\0qbvrdk0.default\user.js ... Deleted !

[OK] File is clean.

Profile name : Daves Firefox profile [Profil par défaut]
File : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\cwv7clzh.Daves Firefox profile\prefs.js

C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\cwv7clzh.Daves Firefox profile\user.js ... Deleted !

Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1060933.CTID", "CT1060933");
Deleted : user_pref("CT1060933.CommunitiesChangesLastCheckTime", "Tue Jun 22 2010 12:27:26 GMT-0500 (Central D[...]
Deleted : user_pref("CT1060933.CommunityChanged", true);
Deleted : user_pref("CT1060933.CurrentServerDate", "22-6-2010");
Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT1060933.DownloadDomainsListLastCheckTime", "Tue Jun 22 2010 12:17:17 GMT-0500 (Central [...]
Deleted : user_pref("CT1060933.DownloadDomainsListLastServerUpdateTime", "1201073583");
Deleted : user_pref("CT1060933.EnableClickToSearchBox", false);
Deleted : user_pref("CT1060933.EnableSearchHistory", false);
Deleted : user_pref("CT1060933.EnableSearchSuggest", false);
Deleted : user_pref("CT1060933.EnableUsage", false);
Deleted : user_pref("CT1060933.FirstServerDate", "22-6-2010");
Deleted : user_pref("CT1060933.FirstTime", true);
Deleted : user_pref("CT1060933.FirstTimeFF3", true);
Deleted : user_pref("CT1060933.FixPageNotFoundErrors", false);
Deleted : user_pref("CT1060933.GroupingInvalidateCache", false);
Deleted : user_pref("CT1060933.GroupingLastCheckTime", "0");
Deleted : user_pref("CT1060933.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1060933.Initialize", true);
Deleted : user_pref("CT1060933.InitializeCommonPrefs", true);
Deleted : user_pref("CT1060933.InstalledDate", "Tue Jun 22 2010 12:17:18 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.IsGrouping", false);
Deleted : user_pref("CT1060933.IsMulticommunity", true);
Deleted : user_pref("CT1060933.IsOpenThankYouPage", true);
Deleted : user_pref("CT1060933.IsOpenUninstallPage", true);
Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Tue Jun 22 2010 12:17:18 GMT-0500 (Central Dayligh[...]
Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1060933.LastLogin_2.5.6.0", "Tue Jun 22 2010 12:17:38 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("CT1060933.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.LoginCache", 4);
Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1060933.MCDetectTooltipShow", false);
Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1060933.RadioIsPodcast", false);
Deleted : user_pref("CT1060933.RadioLastCheckTime", "0");
Deleted : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT1060933.RadioLastUpdateServer", "0");
Deleted : user_pref("CT1060933.RadioMediaID", "5020427");
Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");
Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT10609335020427");
Deleted : user_pref("CT1060933.RadioShrinked", "shrinked");
Deleted : user_pref("CT1060933.RadioStationName", "Classic%20Rock");
Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://tuner1.dc1.sonixtream.com/playlists/wmgk/wmgkWMGKFM.a[...]
Deleted : user_pref("CT1060933.SHRINK_TOOLBAR", 0);
Deleted : user_pref("CT1060933.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT1060933.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Tue Jun 22 2010 12:17:38 GMT-0500 (Central Dayli[...]
Deleted : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1060933.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT1060933.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Tue Jun 22 2010 12:27:26 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT1060933.SettingsLastUpdate", "1273615896");
Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Tue Jun 22 2010 12:17:17 GMT-0500 (Central Day[...]
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1273615896");
Deleted : user_pref("CT1060933.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT1060933.UserID", "UN60523722663913269");
Deleted : user_pref("CT1060933.ValidationData_Toolbar", 2);
Deleted : user_pref("CT1060933.clientLogIsEnabled", true);
Deleted : user_pref("CT1060933.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT1060933.components.1000048", false);
Deleted : user_pref("CT1060933.components.1000082", false);
Deleted : user_pref("CT1060933.components.128305918656969002", false);
Deleted : user_pref("CT1060933.components.128305930616381410", false);
Deleted : user_pref("CT1060933.components.129032145384800518", false);
Deleted : user_pref("CT1060933.components.129032152822456983", false);
Deleted : user_pref("CT1060933.components.129032154330894193", false);
Deleted : user_pref("CT1060933.components.129032157011675027", false);
Deleted : user_pref("CT1060933.components.129032162642925076", false);
Deleted : user_pref("CT1060933.components.129078058382649592", false);
Deleted : user_pref("CT1060933.components.129098749106874573", false);
Deleted : user_pref("CT1060933.myStuffEnabled", true);
Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1060933.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=mcafee[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 22 2010 12:17:17 GMT-0500 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 22 2010 12:17:17 GMT-0500 (Central D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{0e046e03-f0fd-446a-b616-282918d5114e}");

Profile name : default
File : C:\Users\Juggle5\AppData\Roaming\Mozilla\Firefox\Profiles\v8yo1u5b.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.79

File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [10334 octets] - [11/10/2012 10:50:03]

########## EOF - C:\AdwCleaner[S1].txt - [10395 octets] ##########


JunkRemovalTool log:


Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.0 (10.10.2012)
OS: Windows 7 Home Premium x64
Ran by Dave on 10/11/2012 at 11:10:43.54
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Windows\freecorder"



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 10/11/2012 at 11:24:44.01
End of Report


Looks like it cleaned out some stuff, but whether it was important, I don't know. The supposed trojan BorgStim... was downloaded from a reputable site about 3 or 4 years ago and hasn't been run since.

This is probably the cleanest my PC has been since I bought it.

Thanks! What's next?

Dave

#6 Davewyst

Davewyst
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 11 October 2012 - 03:33 PM

I guess this thread should be in the Virus, Trojan, Spyware, and Malware Removal Logs Forum by now. Would someone with the ability to do so please move this thread to there. Sorry I haven't followed the protocol.

Dave

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:39 PM

Posted 11 October 2012 - 03:52 PM

I would instruct you to virus removal forum if we need advanced tools.Until then follow my instructions :)

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Edited by narenxp, 11 October 2012 - 03:54 PM.


#8 Davewyst

Davewyst
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 12 October 2012 - 12:10 PM

Narenxp, I've pasted in the rkill log file below, but I have a problem with the autoruns log file. It is a .arn file and is not in ASCII. There does not seem to be any way to attach a binary file to a post. How do I handle the .arn file? I tried to save the log as a .txt file and resulted in gibberish.

Anyway, here's the rkill log:


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 11:12:19 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (PID: 1824) [Mal-GEN]
* C:\Windows\System32\jusched.exe (PID: 5200) [FI]
* C:\Windows\System32\jucheck.exe (PID: 6108) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Dave\Desktop\rkill\rkill-10-12-2012-11-12-26.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

/# This MVPS HOSTS file is a free download from: #
127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net #[Dialer.Aconti]
127.0.0.1 ads.active.com
127.0.0.1 am1.activemeter.com
127.0.0.1 www.activemeter.com #[Tracking.Cookie]
127.0.0.1 ads.activepower.net

20 out of 14693 HOSTS entries shown. <<<<Dave's note: all of the remaining hosts file entries redirect to 127.0.0.1 >>>>>
Please review HOSTS file for further entries.

Program finished at: 10/12/2012 11:12:36 AM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)


Dave

Edited by Davewyst, 12 October 2012 - 12:14 PM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:39 PM

Posted 12 October 2012 - 01:07 PM

Do not rename the .arn file to .txt.Folow my instructions

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here



#10 Davewyst

Davewyst
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 12 October 2012 - 02:41 PM

That is exactly what I did. Here is the .txt file.

Oops. I guess that is not exactly what I did. This time it worked.


Here is the autoruns.txt log file.


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AsioThk32Reg" "Creative ASIO Driver" "Creative Technology Ltd" "c:\windows\syswow64\ctasio.dll"
+ "kmw_run.exe" "" "" "File not found: kmw_run.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Calendar Google.lnk" "Google Chrome" "Google Inc." "c:\users\dave\appdata\local\google\chrome\application\chrome.exe"
+ "Efficient Reminder.lnk" "" "Efficient Software" "c:\program files (x86)\efficient reminder\efficientreminder.exe"
+ "EvernoteClipper.lnk" "Evernote Clipper" "Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041" "c:\users\dave\appdata\local\apps\evernote\evernote\evernoteclipper.exe"
+ "Home.lnk" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\dave\appdata\local\google\update\googleupdate.exe"
+ "GoogleDriveSync" "Google Drive" "Google" "c:\program files (x86)\google\drive\googledrivesync.exe"
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe"
+ "PCSpeedUp" "" "" "c:\program files (x86)\pc speed up\pcsunotifier.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
+ "SimpleShlExt" "EaseUS Todo Backup Application" "CHENGDU YIWO Tech Development Co.,Ltd" "c:\program files (x86)\easeus\todo backup\bin\x64\imagesh.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "gvim" "A small project for the context menu of gvim!" "Tianmiao Hu's Developer Studio" "c:\program files (x86)\vim\vim72\gvimext.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SimpleShlExt" "EaseUS Todo Backup Application" "CHENGDU YIWO Tech Development Co.,Ltd" "c:\program files (x86)\easeus\todo backup\bin\x64\imagesh.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "GDriveBlacklistedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSharedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncingOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120621172349.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120621172349.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Windows Live Toolbar" "Windows Live Toolbar Core" "Microsoft Corporation" "c:\program files (x86)\windows live\toolbar\wltcore.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
"HKCU\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Add to Evernote 4" "" "" "File not found: C:\Users\Dave\AppData\Local\Apps\Evernote\Evernote\EvernoteIE.dll/204"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Skype add-on for Internet Explorer" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3312981001-2053668010-3765771111-1000Core" "Google Installer" "Google Inc." "c:\users\dave\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3312981001-2053668010-3765771111-1000UA" "Google Installer" "Google Inc." "c:\users\dave\appdata\local\google\update\googleupdate.exe"
+ "\JavaUpdateSched" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\windows\system32\jusched.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\MotoHelper Initial Update" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\MotoHelper MUM" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\MotoHelper Routing" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\MotoHelper Update" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\PC SpeedUp Service Deactivator" "" "" "c:\program files (x86)\pc speed up\pcsusd.exe"
+ "\RealCreateProcessScheduledTask1770392S-1-5-21-3312981001-2053668010-3765771111-1000" "" "" "File not found: c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "\RealCreateProcessScheduledTask20463977S-1-5-21-3312981001-2053668010-3765771111-1000" "" "" "File not found: c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "\RealCreateProcessScheduledTask4061454S-1-5-21-3312981001-2053668010-3765771111-1000" "" "" "File not found: c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3312981001-2053668010-3765771111-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3312981001-2053668010-3765771111-1007" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3312981001-2053668010-3765771111-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3312981001-2053668010-3765771111-1007" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RegistryBooster" "" "" "File not found: C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe"
+ "\{1DCE263F-B2CC-4125-88F4-764DF97B8521}" "" "" "File not found: C:\Users\Dave\Music\Utilities\freqanalyser\FreqAnalyser.EXE"
+ "\{21824F8F-97E9-4F76-9074-12ADB7DBD522}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{351872DB-1D17-4A9E-B6C4-DC65D34CD760}" "" "" "File not found: C:\Users\Dave\Music\Utilities\freqanalyser\FreqAnalyser.EXE"
+ "\{40AD07DA-BD72-4858-9258-BF10CA7D09CB}" "" "" "File not found: C:\Users\Dave\Music\Utilities\freqanalyser\FreqAnalyser.EXE"
+ "\{5DB25742-149A-4C8A-A383-B79A1AFA5D67}" "" "" "File not found: C:\Users\Dave\Music\Utilities\freqanalyser\FreqAnalyser.EXE"
+ "\{67B1B4C4-4E93-4A7D-967B-3C469C03428C}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{6D3929B1-B096-4955-ABB0-189609F82144}" "" "" "File not found: C:\Users\Dave\Music\Utilities\ANALYSER.EXE"
+ "\{73A4A64F-3DCF-41B9-9FD4-C49E8C6F03A9}" "" "" "File not found: C:\Users\Dave\Music\Utilities\freqanalyser\FreqAnalyser.EXE"
+ "\{D5200BFB-694A-483E-9FFD-174F98E400A0}" "" "" "File not found: C:\Users\Dave\Music\Utilities\ANALYSER.EXE"
+ "\{E0CA358C-9B00-474F-817F-01A8EF5B2E01}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{E3E74FBC-3BD4-4F93-8633-37ACC71EE00C}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{E8542AC5-E3DC-4F82-9230-0CD5CB9B0A35}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor8.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\photoshopelementsfileagent.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "EaseUS Agent" "Provides service to backup files and image disks." "CHENGDU YIWO Tech Development Co., Ltd" "c:\program files (x86)\easeus\todo backup\bin\agent.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "LVPrcS64" "Injector service" "Logitech Inc." "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"
+ "McAfee SiteAdvisor Service" "McAfee Service Host" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfevtps.exe"
+ "MotoHelper" "MotoHelper Service" "" "c:\program files (x86)\motorola\motohelper\motohelperservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "PCSUService" "PC Speed Up service." "" "c:\program files (x86)\pc speed up\pcsuservice.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XMouseButton Launcher" "Windows service to run XMouseButtonControl with admin priviledges on any user session." "Highresolution Enterprises" "c:\program files\highresolution enterprises\x-mouse button control\xmousebuttonsvc.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTCFilterService" "Motorola Unsafe Removal Filter Driver" "Motorola Inc" "c:\windows\system32\drivers\motfilt.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "COMMONFX" "Creative Common FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\commonfx.sys"
+ "COMMONFX.DLL" "" "" "File not found: system32\COMMONFX.DLL"
+ "COMMONFX.SYS" "Creative Common FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\commonfx.sys"
+ "CT20XUT.DLL" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\ct20xut.dll"
+ "ctac32k" "Creative AC3 SW Decoder Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctac32k.sys"
+ "ctaud2k" "Creative WDM Audio Device Driver" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaud2k.sys"
+ "CTAUDFX" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaudfx.sys"
+ "CTAUDFX.DLL" "" "" "File not found: system32\CTAUDFX.DLL"
+ "CTAUDFX.SYS" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaudfx.sys"
+ "CTEAPSFX.DLL" "APS FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\cteapsfx.dll"
+ "CTEDSPFX.DLL" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\ctedspfx.dll"
+ "CTEDSPIO.DLL" "E-MU E-DSP I/O Plugin" "Creative Technology Ltd" "c:\windows\system32\ctedspio.dll"
+ "CTEDSPSY.DLL" "E-MU E-DSP DSP System Plugin" "Creative Technology Ltd" "c:\windows\system32\ctedspsy.dll"
+ "CTERFXFX" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\cterfxfx.sys"
+ "CTERFXFX.DLL" "" "" "File not found: system32\CTERFXFX.DLL"
+ "CTERFXFX.SYS" "E-MU E-DSP Effects Plugin Module" "Creative Technology Ltd" "c:\windows\system32\drivers\cterfxfx.sys"
+ "CTEXFIFX.DLL" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\ctexfifx.dll"
+ "CTHWIUT.DLL" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\cthwiut.dll"
+ "ctprxy2k" "Creative Proxy Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctprxy2k.sys"
+ "CTSBLFX" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsblfx.sys"
+ "CTSBLFX.DLL" "" "" "File not found: system32\CTSBLFX.DLL"
+ "CTSBLFX.SYS" "Creative SB FX Plug-in" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsblfx.sys"
+ "ctsfm2k" "SoundFont® Manager (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsfm2k.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "emupia" "E-mu Plug-in Architecture Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\emupia2k.sys"
+ "EUBAKUP" "Disk Backup Driver" "CHENGDU YIWO Tech Development Co., Ltd" "c:\windows\system32\drivers\eubakup.sys"
+ "EUBAKUP0" "" "" "File not found: C:\Windows\system32\drivers\EUBAKUP0.sys"
+ "EUBKMON" "" "" "c:\windows\system32\drivers\eubkmon.sys"
+ "EUBKMON0" "" "" "File not found: C:\Windows\system32\drivers\EUBKMON0.sys"
+ "EUDSKACS" "Disk Access Driver" "CHENGDU YIWO Tech Development Co., Ltd" "c:\windows\system32\drivers\eudskacs.sys"
+ "EUFDDISK" "Disk Backup Image Preview Driver" "CHENGDU YIWO Tech Development Co., Ltd" "c:\windows\system32\drivers\eufddisk.sys"
+ "EUFDDISK0" "" "" "File not found: C:\Windows\system32\drivers\EUFDDISK0.sys"
+ "FTDIBUS" "FTDIBUS USB Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftdibus.sys"
+ "FTSER2K" "FTDIBUS Serial Device Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftser2k.sys"
+ "ha10kx2k" "Creative EMU10KX HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ha10kx2k.sys"
+ "hap16v2k" "Creative EMU10KX-P16v HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\hap16v2k.sys"
+ "hap17v2k" "Creative EMU10KX-P17v HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\hap17v2k.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HMuKstE" "Dritek USB Mouse HID Filter Driver" "Dritek System Inc." "c:\windows\system32\drivers\hmukste.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "KMW_KBD" "" "" "File not found: System32\DRIVERS\KMW_KBD.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVPr2M64" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2m64.sys"
+ "LVPr2Mon" "Logitech LVPr2M64 Driver" "Logitech Inc." "c:\windows\system32\drivers\lvpr2m64.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "motccgp" "Motorola USB Composite Device Driver" "Motorola" "c:\windows\system32\drivers\motccgp.sys"
+ "motccgpfl" "Motorola USB Composite Filter Driver" "Motorola" "c:\windows\system32\drivers\motccgpfl.sys"
+ "motmodem" "Motorola USB Modem and Ports Driver" "Motorola" "c:\windows\system32\drivers\motmodem.sys"
+ "MotoSwitchService" "" "Motorola" "c:\windows\system32\drivers\motswch.sys"
+ "Motousbnet" "Motorola USB Networking Driver" "Motorola" "c:\windows\system32\drivers\motousbnet.sys"
+ "motusbdevice" "Motorola USB Device Driver" "Motorola Inc" "c:\windows\system32\drivers\motusbdevice.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 186.34 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ossrv" "Creative OS Services Driver (WDM)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctoss2k.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2pl" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl64.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "MainConcept (Adobe2) AAC Decoder" "AAC audio decoder filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder" "AAC audio encoder filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Track1Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\track2filter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" ""
+ "OLYMPUS RAW FORMAT" "OLYMPUS RAW CODEC" "OLYMPUS IMAGING CORP. " "c:\program files\olympus\olympus raw codec\olyrawcodec.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" ""
+ "OLYMPUS RAW FORMAT" "OLYMPUS RAW CODEC" "OLYMPUS IMAGING CORP. " "c:\program files (x86)\olympus\olympus raw codec\olyrawcodec.dll"
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "OLYMPUS Raw Format Decoder" "OLYMPUS RAW CODEC" "OLYMPUS IMAGING CORP. " "c:\program files\olympus\olympus raw codec\olyrawcodec.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "OLYMPUS Raw Format Decoder" "OLYMPUS RAW CODEC" "OLYMPUS IMAGING CORP. " "c:\program files (x86)\olympus\olympus raw codec\olyrawcodec.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
"C:\Users\Dave\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml"
+ "MiniRadio" "Listen with comfort to this radio player with the ability to add all stations you want." "Ronnie Rodermond" "C:\Users\Dave\AppData\Local\Microsoft\Windows Sidebar\Gadgets\MiniRadio_EN.gadget\Gadget.xml"
+ "Volume Desktop Gadget" "Desktop Volume Control Gadget." "Lorne L. Reap" "C:\Users\Dave\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Volume0Desktop0Gadget.gadget\Gadget.xml"



I sure hope you have some automated tools to help you analyze these log files. Analyzing these all just by eye seems very difficult.

Thanks
Dave

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:39 PM

Posted 12 October 2012 - 02:49 PM

We do not use any tools to analyze logs :)

Looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users