Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

issues with redirecting and malaware bytes


  • Please log in to reply
15 replies to this topic

#1 LadyNC

LadyNC

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 11 October 2012 - 08:12 PM

I have been having issues for 3 days now. It started with IE and Google chrome redirecting when clicking on a search link. I ran malaware bytes, spybot s&d, and Mcafee. I also ran them in safe mode. Mcafee found nothing. Malawarebytes found some trojans and so I "fixed" and restarted. But it still didn't correct the redirecting. Today it rebooted by itself. Now if I run Malaware bytes it keeps finding these 2 tojans Trojan Agent C:\/Windows\svchost.exe and Trojan Agent C:\Windows\svchost.exe and then has a random number after. Everytime I scan it shows a different number. How do I get rid of these? besides taking it to a repair shop? I am running Windows 7 64 bit. Thanks for any help. I read through the other posts of similar issues but am unsure as to what to do to try to fix it.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 AM

Posted 11 October 2012 - 08:24 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 09:28 AM

Ok I hope I am doing this right... the last report looks ugly.

08:00:30.0739 1440 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:00:31.0259 1440 ============================================================
08:00:31.0259 1440 Current date / time: 2012/10/12 08:00:31.0259
08:00:31.0259 1440 SystemInfo:
08:00:31.0259 1440
08:00:31.0259 1440 OS Version: 6.1.7601 ServicePack: 1.0
08:00:31.0259 1440 Product type: Workstation
08:00:31.0260 1440 ComputerName: ANGELA-PC
08:00:31.0260 1440 UserName: Angela
08:00:31.0260 1440 Windows directory: C:\Windows
08:00:31.0260 1440 System windows directory: C:\Windows
08:00:31.0260 1440 Running under WOW64
08:00:31.0260 1440 Processor architecture: Intel x64
08:00:31.0260 1440 Number of processors: 2
08:00:31.0260 1440 Page size: 0x1000
08:00:31.0260 1440 Boot type: Normal boot
08:00:31.0260 1440 ============================================================
08:00:33.0522 1440 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:00:33.0533 1440 Drive \Device\Harddisk1\DR1 - Size: 0x775FFE00 (1.87 Gb), SectorSize: 0x200, Cylinders: 0x3CA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x40, Type 'W'
08:00:33.0533 1440 ============================================================
08:00:33.0533 1440 \Device\Harddisk0\DR0:
08:00:33.0533 1440 MBR partitions:
08:00:33.0533 1440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
08:00:33.0533 1440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x48AF7AB0
08:00:33.0533 1440 \Device\Harddisk1\DR1:
08:00:33.0533 1440 MBR partitions:
08:00:33.0533 1440 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3BAF7F
08:00:33.0533 1440 ============================================================
08:00:33.0563 1440 C: <-> \Device\Harddisk0\DR0\Partition2
08:00:33.0563 1440 ============================================================
08:00:33.0563 1440 Initialize success
08:00:33.0563 1440 ============================================================
08:00:58.0374 2276 ============================================================
08:00:58.0374 2276 Scan started
08:00:58.0374 2276 Mode: Manual;
08:00:58.0374 2276 ============================================================
08:01:04.0060 2276 ================ Scan system memory ========================
08:01:04.0060 2276 System memory - ok
08:01:04.0060 2276 ================ Scan services =============================
08:01:05.0162 2276 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:01:05.0182 2276 1394ohci - ok
08:01:05.0252 2276 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:01:05.0272 2276 ACPI - ok
08:01:05.0360 2276 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:01:05.0654 2276 AcpiPmi - ok
08:01:05.0816 2276 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:01:05.0818 2276 AdobeFlashPlayerUpdateSvc - ok
08:01:05.0910 2276 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:01:05.0946 2276 adp94xx - ok
08:01:05.0971 2276 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:01:05.0992 2276 adpahci - ok
08:01:06.0002 2276 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:01:06.0043 2276 adpu320 - ok
08:01:06.0063 2276 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:01:06.0065 2276 AeLookupSvc - ok
08:01:06.0119 2276 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:01:06.0135 2276 AFD - ok
08:01:06.0170 2276 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:01:06.0204 2276 agp440 - ok
08:01:06.0214 2276 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:01:06.0274 2276 ALG - ok
08:01:06.0290 2276 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:01:06.0316 2276 aliide - ok
08:01:06.0326 2276 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:01:06.0353 2276 amdide - ok
08:01:06.0378 2276 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:01:06.0476 2276 AmdK8 - ok
08:01:06.0498 2276 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:01:06.0569 2276 AmdPPM - ok
08:01:06.0615 2276 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:01:06.0641 2276 amdsata - ok
08:01:06.0668 2276 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:01:06.0700 2276 amdsbs - ok
08:01:06.0730 2276 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:01:06.0750 2276 amdxata - ok
08:01:06.0800 2276 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:01:06.0850 2276 AppID - ok
08:01:06.0882 2276 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:01:06.0952 2276 AppIDSvc - ok
08:01:07.0006 2276 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:01:07.0082 2276 Appinfo - ok
08:01:07.0147 2276 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:01:07.0176 2276 Apple Mobile Device - ok
08:01:07.0189 2276 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:01:07.0221 2276 arc - ok
08:01:07.0234 2276 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:01:07.0259 2276 arcsas - ok
08:01:07.0283 2276 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:01:07.0388 2276 AsyncMac - ok
08:01:07.0414 2276 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:01:07.0415 2276 atapi - ok
08:01:07.0442 2276 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:01:07.0460 2276 AudioEndpointBuilder - ok
08:01:07.0491 2276 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:01:07.0496 2276 AudioSrv - ok
08:01:07.0539 2276 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:01:07.0651 2276 AxInstSV - ok
08:01:07.0687 2276 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:01:07.0763 2276 b06bdrv - ok
08:01:07.0803 2276 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:01:07.0852 2276 b57nd60a - ok
08:01:07.0950 2276 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:01:07.0970 2276 BBSvc - ok
08:01:07.0990 2276 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:01:08.0003 2276 BBUpdate - ok
08:01:08.0052 2276 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:01:08.0101 2276 BDESVC - ok
08:01:08.0116 2276 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:01:08.0118 2276 Beep - ok
08:01:08.0172 2276 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:01:08.0172 2276 BFE - ok
08:01:08.0222 2276 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:01:08.0224 2276 BITS - ok
08:01:08.0254 2276 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:01:08.0254 2276 blbdrive - ok
08:01:08.0294 2276 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:01:08.0294 2276 Bonjour Service - ok
08:01:08.0325 2276 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:01:08.0326 2276 bowser - ok
08:01:08.0336 2276 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:01:08.0426 2276 BrFiltLo - ok
08:01:08.0447 2276 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:01:08.0478 2276 BrFiltUp - ok
08:01:08.0518 2276 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:01:08.0518 2276 Browser - ok
08:01:08.0538 2276 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:01:08.0598 2276 Brserid - ok
08:01:08.0608 2276 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:01:08.0660 2276 BrSerWdm - ok
08:01:08.0782 2276 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:01:08.0852 2276 BrUsbMdm - ok
08:01:08.0872 2276 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:01:08.0932 2276 BrUsbSer - ok
08:01:08.0976 2276 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:01:09.0014 2276 BTHMODEM - ok
08:01:09.0044 2276 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:01:09.0104 2276 bthserv - ok
08:01:09.0122 2276 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:01:09.0166 2276 cdfs - ok
08:01:09.0201 2276 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:01:09.0204 2276 cdrom - ok
08:01:09.0228 2276 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:01:09.0301 2276 CertPropSvc - ok
08:01:09.0340 2276 [ 060720F5A80B5A1F6D18A9CE24510F7E ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:01:09.0340 2276 cfwids - ok
08:01:09.0370 2276 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:01:09.0412 2276 circlass - ok
08:01:09.0432 2276 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:01:09.0432 2276 CLFS - ok
08:01:09.0492 2276 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:01:09.0522 2276 clr_optimization_v2.0.50727_32 - ok
08:01:09.0562 2276 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:01:09.0572 2276 clr_optimization_v2.0.50727_64 - ok
08:01:09.0632 2276 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:01:09.0632 2276 clr_optimization_v4.0.30319_32 - ok
08:01:09.0652 2276 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:01:09.0652 2276 clr_optimization_v4.0.30319_64 - ok
08:01:09.0686 2276 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:01:09.0721 2276 CmBatt - ok
08:01:09.0731 2276 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:01:09.0760 2276 cmdide - ok
08:01:09.0795 2276 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:01:09.0966 2276 CNG - ok
08:01:10.0036 2276 [ CB0E01A5A433B5BCC6F760E01CA9CD8B ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
08:01:10.0076 2276 CnxtHdAudService - ok
08:01:10.0126 2276 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:01:10.0316 2276 Compbatt - ok
08:01:10.0346 2276 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:01:10.0408 2276 CompositeBus - ok
08:01:10.0858 2276 COMSysApp - ok
08:01:10.0908 2276 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:01:10.0948 2276 crcdisk - ok
08:01:10.0981 2276 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:01:10.0984 2276 CryptSvc - ok
08:01:11.0022 2276 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:01:11.0025 2276 CtClsFlt - ok
08:01:11.0120 2276 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:01:11.0120 2276 DcomLaunch - ok
08:01:11.0150 2276 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:01:11.0281 2276 defragsvc - ok
08:01:11.0392 2276 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:01:11.0402 2276 DfsC - ok
08:01:11.0426 2276 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:01:11.0429 2276 Dhcp - ok
08:01:11.0439 2276 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:01:11.0441 2276 discache - ok
08:01:11.0468 2276 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:01:11.0554 2276 Disk - ok
08:01:11.0584 2276 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:01:11.0596 2276 Dnscache - ok
08:01:11.0641 2276 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
08:01:11.0932 2276 DockLoginService - ok
08:01:11.0963 2276 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:01:12.0049 2276 dot3svc - ok
08:01:12.0073 2276 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:01:12.0075 2276 DPS - ok
08:01:12.0107 2276 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:01:12.0212 2276 drmkaud - ok
08:01:12.0250 2276 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:01:12.0267 2276 DXGKrnl - ok
08:01:12.0293 2276 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:01:12.0366 2276 EapHost - ok
08:01:12.0444 2276 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:01:13.0152 2276 ebdrv - ok
08:01:13.0208 2276 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:01:13.0209 2276 EFS - ok
08:01:13.0353 2276 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:01:13.0561 2276 ehRecvr - ok
08:01:13.0592 2276 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:01:13.0669 2276 ehSched - ok
08:01:13.0705 2276 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:01:13.0757 2276 elxstor - ok
08:01:13.0838 2276 [ 647C55949DD6C4C9E7C74A22E64F84FF ] EMVSCARD C:\Windows\system32\Drivers\EMVSCARD.sys
08:01:13.0918 2276 EMVSCARD - ok
08:01:13.0952 2276 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:01:13.0986 2276 ErrDev - ok
08:01:14.0053 2276 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:01:14.0056 2276 EventSystem - ok
08:01:14.0092 2276 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:01:14.0215 2276 exfat - ok
08:01:14.0242 2276 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:01:14.0245 2276 fastfat - ok
08:01:14.0286 2276 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:01:14.0429 2276 Fax - ok
08:01:14.0458 2276 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:01:14.0482 2276 fdc - ok
08:01:14.0522 2276 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:01:14.0522 2276 fdPHost - ok
08:01:14.0552 2276 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:01:14.0552 2276 FDResPub - ok
08:01:14.0572 2276 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:01:14.0595 2276 FileInfo - ok
08:01:14.0624 2276 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:01:14.0677 2276 Filetrace - ok
08:01:14.0695 2276 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:01:14.0724 2276 flpydisk - ok
08:01:14.0758 2276 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:01:14.0784 2276 FltMgr - ok
08:01:14.0833 2276 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:01:14.0853 2276 FontCache - ok
08:01:14.0899 2276 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:01:14.0939 2276 FontCache3.0.0.0 - ok
08:01:14.0952 2276 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:01:14.0979 2276 FsDepends - ok
08:01:14.0995 2276 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:01:15.0018 2276 Fs_Rec - ok
08:01:15.0046 2276 [ 7442BCA60ED46CC31C2F39728BBDD9AD ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
08:01:15.0141 2276 FTDIBUS - ok
08:01:15.0156 2276 [ 121AF3148CDDA212CFFBC4F6240699C2 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
08:01:15.0234 2276 FTSER2K - ok
08:01:15.0283 2276 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:01:15.0287 2276 fvevol - ok
08:01:15.0300 2276 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:01:15.0329 2276 gagp30kx - ok
08:01:15.0368 2276 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:01:15.0369 2276 GEARAspiWDM - ok
08:01:15.0401 2276 getPlusHelper - ok
08:01:15.0437 2276 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:01:15.0448 2276 gpsvc - ok
08:01:15.0468 2276 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:01:15.0532 2276 hcw85cir - ok
08:01:15.0554 2276 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:01:15.0558 2276 HDAudBus - ok
08:01:15.0567 2276 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:01:15.0641 2276 HidBatt - ok
08:01:15.0660 2276 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:01:15.0745 2276 HidBth - ok
08:01:15.0760 2276 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:01:15.0824 2276 HidIr - ok
08:01:15.0854 2276 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:01:15.0947 2276 hidserv - ok
08:01:15.0987 2276 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:01:15.0987 2276 HidUsb - ok
08:01:16.0021 2276 [ 852681A14AFEE00C0C3179429A08C868 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
08:01:16.0074 2276 HipShieldK - ok
08:01:16.0097 2276 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:01:16.0178 2276 hkmsvc - ok
08:01:16.0205 2276 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:01:16.0209 2276 HomeGroupListener - ok
08:01:16.0240 2276 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:01:16.0240 2276 HomeGroupProvider - ok
08:01:16.0342 2276 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:16.0342 2276 HomeNetSvc - ok
08:01:16.0382 2276 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:01:16.0407 2276 HpSAMD - ok
08:01:16.0444 2276 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:01:16.0471 2276 HTTP - ok
08:01:16.0516 2276 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:01:16.0516 2276 hwpolicy - ok
08:01:16.0546 2276 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:01:16.0566 2276 i8042prt - ok
08:01:16.0596 2276 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:01:16.0628 2276 iaStorV - ok
08:01:16.0668 2276 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:01:16.0718 2276 idsvc - ok
08:01:16.0919 2276 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:01:17.0095 2276 igfx - ok
08:01:17.0127 2276 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:01:17.0146 2276 iirsp - ok
08:01:17.0176 2276 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:01:17.0186 2276 IKEEXT - ok
08:01:17.0206 2276 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:01:17.0226 2276 intelide - ok
08:01:17.0246 2276 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:01:17.0246 2276 intelppm - ok
08:01:17.0286 2276 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:01:17.0336 2276 IPBusEnum - ok
08:01:17.0374 2276 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:01:17.0465 2276 IpFilterDriver - ok
08:01:17.0499 2276 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:01:17.0503 2276 iphlpsvc - ok
08:01:17.0515 2276 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:01:17.0544 2276 IPMIDRV - ok
08:01:17.0563 2276 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:01:17.0637 2276 IPNAT - ok
08:01:17.0674 2276 [ B7CB0B121962CD89F98C0DD89331B0C0 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:01:17.0691 2276 iPod Service - ok
08:01:17.0710 2276 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:01:17.0730 2276 IRENUM - ok
08:01:17.0740 2276 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:01:17.0760 2276 isapnp - ok
08:01:17.0780 2276 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:01:17.0835 2276 iScsiPrt - ok
08:01:17.0871 2276 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:01:17.0872 2276 kbdclass - ok
08:01:17.0911 2276 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:01:17.0912 2276 kbdhid - ok
08:01:17.0932 2276 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:01:17.0932 2276 KeyIso - ok
08:01:17.0962 2276 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:01:17.0972 2276 KSecDD - ok
08:01:18.0002 2276 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:01:18.0012 2276 KSecPkg - ok
08:01:18.0022 2276 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:01:18.0032 2276 ksthunk - ok
08:01:18.0072 2276 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:01:18.0132 2276 KtmRm - ok
08:01:18.0184 2276 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:01:18.0184 2276 LanmanServer - ok
08:01:18.0224 2276 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:01:18.0224 2276 LanmanWorkstation - ok
08:01:18.0264 2276 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:01:18.0274 2276 lltdio - ok
08:01:18.0294 2276 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:01:18.0392 2276 lltdsvc - ok
08:01:18.0414 2276 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:01:18.0416 2276 lmhosts - ok
08:01:18.0478 2276 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:01:18.0498 2276 LSI_FC - ok
08:01:18.0528 2276 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:01:18.0578 2276 LSI_SAS - ok
08:01:18.0580 2276 Scan interrupted by user!
08:01:18.0580 2276 ================ Scan global ===============================
08:01:18.0580 2276 Scan interrupted by user!
08:01:18.0580 2276 ================ Scan MBR ==================================
08:01:18.0580 2276 Scan interrupted by user!
08:01:18.0580 2276 ================ Scan VBR ==================================
08:01:18.0580 2276 Scan interrupted by user!
08:01:18.0580 2276 ============================================================
08:01:18.0580 2276 Scan finished
08:01:18.0580 2276 ============================================================
08:01:18.0591 4552 Detected object count: 0
08:01:18.0591 4552 Actual detected object count: 0
08:01:29.0774 7120 ============================================================
08:01:29.0774 7120 Scan started
08:01:29.0774 7120 Mode: Manual; TDLFS;
08:01:29.0774 7120 ============================================================
08:01:31.0607 7120 ================ Scan system memory ========================
08:01:31.0607 7120 System memory - ok
08:01:31.0607 7120 ================ Scan services =============================
08:01:31.0770 7120 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:01:31.0771 7120 1394ohci - ok
08:01:31.0805 7120 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:01:31.0807 7120 ACPI - ok
08:01:31.0861 7120 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:01:31.0861 7120 AcpiPmi - ok
08:01:31.0949 7120 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:01:31.0950 7120 AdobeFlashPlayerUpdateSvc - ok
08:01:32.0033 7120 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:01:32.0033 7120 adp94xx - ok
08:01:32.0063 7120 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:01:32.0063 7120 adpahci - ok
08:01:32.0083 7120 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:01:32.0084 7120 adpu320 - ok
08:01:32.0113 7120 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:01:32.0114 7120 AeLookupSvc - ok
08:01:32.0145 7120 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:01:32.0148 7120 AFD - ok
08:01:32.0178 7120 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:01:32.0179 7120 agp440 - ok
08:01:32.0196 7120 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:01:32.0197 7120 ALG - ok
08:01:32.0214 7120 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:01:32.0215 7120 aliide - ok
08:01:32.0228 7120 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:01:32.0229 7120 amdide - ok
08:01:32.0244 7120 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:01:32.0245 7120 AmdK8 - ok
08:01:32.0262 7120 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:01:32.0263 7120 AmdPPM - ok
08:01:32.0296 7120 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:01:32.0298 7120 amdsata - ok
08:01:32.0334 7120 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:01:32.0335 7120 amdsbs - ok
08:01:32.0366 7120 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:01:32.0395 7120 amdxata - ok
08:01:32.0484 7120 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:01:32.0485 7120 AppID - ok
08:01:32.0509 7120 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:01:32.0509 7120 AppIDSvc - ok
08:01:32.0557 7120 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:01:32.0558 7120 Appinfo - ok
08:01:32.0746 7120 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:01:32.0747 7120 Apple Mobile Device - ok
08:01:32.0764 7120 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:01:32.0765 7120 arc - ok
08:01:32.0784 7120 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:01:32.0785 7120 arcsas - ok
08:01:32.0799 7120 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:01:32.0800 7120 AsyncMac - ok
08:01:32.0822 7120 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:01:32.0823 7120 atapi - ok
08:01:32.0859 7120 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:01:32.0864 7120 AudioEndpointBuilder - ok
08:01:32.0883 7120 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:01:32.0888 7120 AudioSrv - ok
08:01:32.0914 7120 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:01:32.0915 7120 AxInstSV - ok
08:01:32.0938 7120 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:01:32.0941 7120 b06bdrv - ok
08:01:32.0963 7120 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:01:32.0965 7120 b57nd60a - ok
08:01:33.0039 7120 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
08:01:33.0041 7120 BBSvc - ok
08:01:33.0058 7120 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
08:01:33.0060 7120 BBUpdate - ok
08:01:33.0077 7120 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:01:33.0082 7120 BDESVC - ok
08:01:33.0108 7120 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:01:33.0108 7120 Beep - ok
08:01:33.0207 7120 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:01:33.0217 7120 BFE - ok
08:01:33.0254 7120 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:01:33.0260 7120 BITS - ok
08:01:33.0279 7120 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:01:33.0280 7120 blbdrive - ok
08:01:33.0324 7120 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:01:33.0326 7120 Bonjour Service - ok
08:01:33.0358 7120 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:01:33.0359 7120 bowser - ok
08:01:33.0379 7120 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:01:33.0380 7120 BrFiltLo - ok
08:01:33.0396 7120 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:01:33.0397 7120 BrFiltUp - ok
08:01:33.0424 7120 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:01:33.0426 7120 Browser - ok
08:01:33.0442 7120 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:01:33.0444 7120 Brserid - ok
08:01:33.0465 7120 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:01:33.0466 7120 BrSerWdm - ok
08:01:33.0481 7120 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:01:33.0482 7120 BrUsbMdm - ok
08:01:33.0510 7120 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:01:33.0511 7120 BrUsbSer - ok
08:01:33.0534 7120 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:01:33.0535 7120 BTHMODEM - ok
08:01:33.0566 7120 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:01:33.0567 7120 bthserv - ok
08:01:33.0597 7120 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:01:33.0599 7120 cdfs - ok
08:01:33.0676 7120 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:01:33.0677 7120 cdrom - ok
08:01:33.0720 7120 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:01:33.0721 7120 CertPropSvc - ok
08:01:33.0743 7120 [ 060720F5A80B5A1F6D18A9CE24510F7E ] cfwids C:\Windows\system32\drivers\cfwids.sys
08:01:33.0744 7120 cfwids - ok
08:01:33.0763 7120 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:01:33.0764 7120 circlass - ok
08:01:33.0785 7120 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:01:33.0788 7120 CLFS - ok
08:01:33.0851 7120 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:01:33.0852 7120 clr_optimization_v2.0.50727_32 - ok
08:01:33.0964 7120 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:01:33.0965 7120 clr_optimization_v2.0.50727_64 - ok
08:01:34.0011 7120 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:01:34.0012 7120 clr_optimization_v4.0.30319_32 - ok
08:01:34.0079 7120 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:01:34.0079 7120 clr_optimization_v4.0.30319_64 - ok
08:01:34.0109 7120 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:01:34.0109 7120 CmBatt - ok
08:01:34.0131 7120 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:01:34.0132 7120 cmdide - ok
08:01:34.0178 7120 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:01:34.0181 7120 CNG - ok
08:01:34.0232 7120 [ CB0E01A5A433B5BCC6F760E01CA9CD8B ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
08:01:34.0237 7120 CnxtHdAudService - ok
08:01:34.0259 7120 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:01:34.0259 7120 Compbatt - ok
08:01:34.0314 7120 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:01:34.0315 7120 CompositeBus - ok
08:01:34.0325 7120 COMSysApp - ok
08:01:34.0342 7120 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:01:34.0343 7120 crcdisk - ok
08:01:34.0381 7120 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:01:34.0383 7120 CryptSvc - ok
08:01:34.0420 7120 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
08:01:34.0421 7120 CtClsFlt - ok
08:01:34.0606 7120 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:01:34.0611 7120 DcomLaunch - ok
08:01:34.0685 7120 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:01:34.0687 7120 defragsvc - ok
08:01:34.0722 7120 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:01:34.0722 7120 DfsC - ok
08:01:34.0782 7120 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:01:34.0782 7120 Dhcp - ok
08:01:34.0812 7120 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:01:34.0812 7120 discache - ok
08:01:34.0834 7120 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:01:34.0836 7120 Disk - ok
08:01:34.0864 7120 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:01:34.0864 7120 Dnscache - ok
08:01:34.0934 7120 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
08:01:34.0934 7120 DockLoginService - ok
08:01:34.0974 7120 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:01:34.0974 7120 dot3svc - ok
08:01:35.0014 7120 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:01:35.0024 7120 DPS - ok
08:01:35.0034 7120 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:01:35.0034 7120 drmkaud - ok
08:01:35.0124 7120 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:01:35.0134 7120 DXGKrnl - ok
08:01:35.0154 7120 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:01:35.0154 7120 EapHost - ok
08:01:35.0366 7120 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:01:35.0386 7120 ebdrv - ok
08:01:35.0416 7120 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:01:35.0417 7120 EFS - ok
08:01:35.0486 7120 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:01:35.0490 7120 ehRecvr - ok
08:01:35.0515 7120 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:01:35.0517 7120 ehSched - ok
08:01:35.0549 7120 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:01:35.0552 7120 elxstor - ok
08:01:35.0580 7120 [ 647C55949DD6C4C9E7C74A22E64F84FF ] EMVSCARD C:\Windows\system32\Drivers\EMVSCARD.sys
08:01:35.0582 7120 EMVSCARD - ok
08:01:35.0610 7120 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:01:35.0611 7120 ErrDev - ok
08:01:35.0663 7120 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:01:35.0666 7120 EventSystem - ok
08:01:35.0718 7120 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:01:35.0718 7120 exfat - ok
08:01:35.0738 7120 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:01:35.0738 7120 fastfat - ok
08:01:35.0818 7120 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:01:35.0828 7120 Fax - ok
08:01:35.0851 7120 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:01:35.0852 7120 fdc - ok
08:01:35.0873 7120 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:01:35.0874 7120 fdPHost - ok
08:01:35.0890 7120 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:01:35.0890 7120 FDResPub - ok
08:01:35.0910 7120 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:01:35.0910 7120 FileInfo - ok
08:01:35.0940 7120 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:01:35.0940 7120 Filetrace - ok
08:01:35.0960 7120 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:01:35.0960 7120 flpydisk - ok
08:01:36.0010 7120 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:01:36.0021 7120 FltMgr - ok
08:01:36.0082 7120 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:01:36.0092 7120 FontCache - ok
08:01:36.0149 7120 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:01:36.0150 7120 FontCache3.0.0.0 - ok
08:01:36.0184 7120 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:01:36.0194 7120 FsDepends - ok
08:01:36.0214 7120 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:01:36.0224 7120 Fs_Rec - ok
08:01:36.0270 7120 [ 7442BCA60ED46CC31C2F39728BBDD9AD ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
08:01:36.0271 7120 FTDIBUS - ok
08:01:36.0289 7120 [ 121AF3148CDDA212CFFBC4F6240699C2 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
08:01:36.0290 7120 FTSER2K - ok
08:01:36.0350 7120 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:01:36.0352 7120 fvevol - ok
08:01:36.0367 7120 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:01:36.0368 7120 gagp30kx - ok
08:01:36.0476 7120 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:01:36.0476 7120 GEARAspiWDM - ok
08:01:36.0486 7120 getPlusHelper - ok
08:01:36.0542 7120 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:01:36.0548 7120 gpsvc - ok
08:01:36.0566 7120 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:01:36.0567 7120 hcw85cir - ok
08:01:36.0612 7120 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:01:36.0613 7120 HDAudBus - ok
08:01:36.0633 7120 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:01:36.0633 7120 HidBatt - ok
08:01:36.0651 7120 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:01:36.0653 7120 HidBth - ok
08:01:36.0674 7120 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:01:36.0675 7120 HidIr - ok
08:01:36.0710 7120 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:01:36.0711 7120 hidserv - ok
08:01:36.0737 7120 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:01:36.0737 7120 HidUsb - ok
08:01:36.0796 7120 [ 852681A14AFEE00C0C3179429A08C868 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
08:01:36.0798 7120 HipShieldK - ok
08:01:36.0828 7120 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:01:36.0828 7120 hkmsvc - ok
08:01:36.0897 7120 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:01:36.0899 7120 HomeGroupListener - ok
08:01:36.0950 7120 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:01:36.0950 7120 HomeGroupProvider - ok
08:01:37.0067 7120 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:37.0069 7120 HomeNetSvc - ok
08:01:37.0121 7120 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:01:37.0122 7120 HpSAMD - ok
08:01:37.0152 7120 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:01:37.0162 7120 HTTP - ok
08:01:37.0200 7120 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:01:37.0201 7120 hwpolicy - ok
08:01:37.0244 7120 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:01:37.0244 7120 i8042prt - ok
08:01:37.0274 7120 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:01:37.0274 7120 iaStorV - ok
08:01:37.0344 7120 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:01:37.0354 7120 idsvc - ok
08:01:37.0782 7120 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:01:37.0862 7120 igfx - ok
08:01:37.0893 7120 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:01:37.0895 7120 iirsp - ok
08:01:37.0965 7120 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:01:37.0971 7120 IKEEXT - ok
08:01:38.0008 7120 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:01:38.0009 7120 intelide - ok
08:01:38.0028 7120 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:01:38.0028 7120 intelppm - ok
08:01:38.0062 7120 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:01:38.0064 7120 IPBusEnum - ok
08:01:38.0090 7120 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:01:38.0091 7120 IpFilterDriver - ok
08:01:38.0148 7120 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:01:38.0153 7120 iphlpsvc - ok
08:01:38.0190 7120 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:01:38.0191 7120 IPMIDRV - ok
08:01:38.0222 7120 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:01:38.0222 7120 IPNAT - ok
08:01:38.0294 7120 [ B7CB0B121962CD89F98C0DD89331B0C0 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:01:38.0304 7120 iPod Service - ok
08:01:38.0324 7120 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:01:38.0324 7120 IRENUM - ok
08:01:38.0365 7120 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:01:38.0368 7120 isapnp - ok
08:01:38.0486 7120 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:01:38.0496 7120 iScsiPrt - ok
08:01:38.0526 7120 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:01:38.0536 7120 kbdclass - ok
08:01:38.0628 7120 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:01:38.0628 7120 kbdhid - ok
08:01:38.0657 7120 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:01:38.0659 7120 KeyIso - ok
08:01:38.0690 7120 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:01:38.0690 7120 KSecDD - ok
08:01:38.0750 7120 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:01:38.0750 7120 KSecPkg - ok
08:01:38.0770 7120 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:01:38.0770 7120 ksthunk - ok
08:01:38.0790 7120 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:01:38.0800 7120 KtmRm - ok
08:01:38.0826 7120 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:01:38.0829 7120 LanmanServer - ok
08:01:38.0866 7120 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:01:38.0871 7120 LanmanWorkstation - ok
08:01:38.0905 7120 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:01:38.0907 7120 lltdio - ok
08:01:38.0932 7120 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:01:38.0936 7120 lltdsvc - ok
08:01:38.0962 7120 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:01:38.0962 7120 lmhosts - ok
08:01:38.0995 7120 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:01:38.0996 7120 LSI_FC - ok
08:01:39.0020 7120 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:01:39.0022 7120 LSI_SAS - ok
08:01:39.0048 7120 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:01:39.0103 7120 LSI_SAS2 - ok
08:01:39.0155 7120 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:01:39.0188 7120 LSI_SCSI - ok
08:01:39.0220 7120 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:01:39.0222 7120 luafv - ok
08:01:39.0278 7120 [ C121367D21599367F2ADB9C11B7BABAA ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:01:39.0280 7120 McAfee SiteAdvisor Service - ok
08:01:39.0324 7120 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:39.0324 7120 McMPFSvc - ok
08:01:39.0375 7120 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:39.0377 7120 McNaiAnn - ok
08:01:39.0486 7120 [ D91364110D6B8BE10FF54C6759A4325A ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
08:01:39.0486 7120 McODS - ok
08:01:39.0536 7120 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:39.0546 7120 mcpltsvc - ok
08:01:39.0596 7120 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:39.0596 7120 McProxy - ok
08:01:39.0626 7120 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:01:39.0678 7120 Mcx2Svc - ok
08:01:39.0708 7120 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:01:39.0728 7120 megasas - ok
08:01:39.0788 7120 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:01:39.0870 7120 MegaSR - ok
08:01:39.0923 7120 [ E22C7F74A7DB967D4B5494D4F4741A24 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
08:01:39.0926 7120 mfeapfk - ok
08:01:39.0972 7120 [ FF35A09972ADCE3A4681B73CF9A79021 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
08:01:39.0990 7120 mfeavfk - ok
08:01:40.0070 7120 mfeavfk01 - ok
08:01:40.0172 7120 [ E5759231E02261A45FA3CB4D5B89191F ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
08:01:40.0182 7120 mfecore - ok
08:01:40.0257 7120 [ 654F96701AB0D17450D1A3B3E821F4B1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:01:40.0291 7120 mfefire - ok
08:01:40.0341 7120 [ BDD6C75F62EBBF54452ADE742B6E7C03 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
08:01:40.0373 7120 mfefirek - ok
08:01:40.0624 7120 [ B7EB3115E2CDBB3F907450859959A66B ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
08:01:41.0559 7120 mfehidk - ok
08:01:41.0584 7120 [ 7337F4E0B66DFF4745F94742FFA7FA97 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
08:01:41.0588 7120 mfencbdc - ok
08:01:41.0649 7120 [ FAAA6132991A2B41FED3E74168125133 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
08:01:41.0680 7120 mfencrk - ok
08:01:41.0820 7120 [ 67E68AC647F1C58E795431DC9FBAFC9C ] mfevtp C:\Windows\system32\mfevtps.exe
08:01:41.0911 7120 mfevtp - ok
08:01:41.0962 7120 [ B475810C8B9D12034C70FF3ED07B6723 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
08:01:42.0004 7120 mfewfpk - ok
08:01:42.0024 7120 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:01:42.0024 7120 MMCSS - ok
08:01:42.0056 7120 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:01:42.0145 7120 Modem - ok
08:01:42.0182 7120 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:01:42.0184 7120 monitor - ok
08:01:42.0228 7120 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:01:42.0238 7120 mouclass - ok
08:01:42.0288 7120 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:01:42.0288 7120 mouhid - ok
08:01:42.0338 7120 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:01:42.0338 7120 mountmgr - ok
08:01:42.0496 7120 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:01:42.0519 7120 mpio - ok
08:01:42.0540 7120 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:01:42.0542 7120 mpsdrv - ok
08:01:42.0713 7120 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:01:42.0719 7120 MpsSvc - ok
08:01:42.0752 7120 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:01:42.0860 7120 MRxDAV - ok
08:01:42.0887 7120 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:01:42.0899 7120 mrxsmb - ok
08:01:42.0961 7120 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:01:42.0966 7120 mrxsmb10 - ok
08:01:42.0996 7120 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:01:43.0015 7120 mrxsmb20 - ok
08:01:43.0038 7120 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:01:43.0068 7120 msahci - ok
08:01:43.0108 7120 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:01:43.0162 7120 msdsm - ok
08:01:43.0186 7120 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:01:43.0270 7120 MSDTC - ok
08:01:43.0314 7120 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:01:43.0316 7120 Msfs - ok
08:01:43.0342 7120 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:01:43.0402 7120 mshidkmdf - ok
08:01:43.0424 7120 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:01:43.0469 7120 msisadrv - ok
08:01:43.0496 7120 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:01:43.0584 7120 MSiSCSI - ok
08:01:43.0601 7120 msiserver - ok
08:01:43.0676 7120 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
08:01:43.0676 7120 MSK80Service - ok
08:01:43.0716 7120 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:01:43.0821 7120 MSKSSRV - ok
08:01:43.0847 7120 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:01:43.0993 7120 MSPCLOCK - ok
08:01:44.0013 7120 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:01:44.0082 7120 MSPQM - ok
08:01:44.0130 7120 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:01:44.0194 7120 MsRPC - ok
08:01:44.0224 7120 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:01:44.0224 7120 mssmbios - ok
08:01:44.0260 7120 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:01:44.0333 7120 MSTEE - ok
08:01:44.0347 7120 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:01:44.0428 7120 MTConfig - ok
08:01:44.0479 7120 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:01:44.0592 7120 Mup - ok
08:01:44.0654 7120 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:01:44.0654 7120 napagent - ok
08:01:44.0704 7120 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:01:44.0794 7120 NativeWifiP - ok
08:01:44.0856 7120 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:01:44.0896 7120 NDIS - ok
08:01:44.0958 7120 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:01:44.0998 7120 NdisCap - ok
08:01:45.0120 7120 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:01:45.0120 7120 NdisTapi - ok
08:01:45.0160 7120 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:01:45.0257 7120 Ndisuio - ok
08:01:45.0294 7120 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:01:45.0297 7120 NdisWan - ok
08:01:45.0326 7120 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:01:45.0328 7120 NDProxy - ok
08:01:45.0360 7120 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:01:45.0362 7120 NetBIOS - ok
08:01:45.0425 7120 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:01:45.0429 7120 NetBT - ok
08:01:45.0448 7120 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:01:45.0450 7120 Netlogon - ok
08:01:45.0492 7120 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:01:45.0515 7120 Netman - ok
08:01:45.0540 7120 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:01:45.0544 7120 netprofm - ok
08:01:45.0574 7120 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:01:45.0607 7120 NetTcpPortSharing - ok
08:01:45.0624 7120 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:01:45.0656 7120 nfrd960 - ok
08:01:45.0726 7120 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:01:45.0736 7120 NlaSvc - ok
08:01:45.0746 7120 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:01:45.0756 7120 Npfs - ok
08:01:45.0786 7120 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:01:45.0796 7120 nsi - ok
08:01:45.0806 7120 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:01:45.0806 7120 nsiproxy - ok
08:01:45.0956 7120 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:01:46.0096 7120 Ntfs - ok
08:01:46.0106 7120 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:01:46.0106 7120 Null - ok
08:01:46.0136 7120 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:01:46.0216 7120 nvraid - ok
08:01:46.0236 7120 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:01:46.0276 7120 nvstor - ok
08:01:46.0306 7120 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:01:46.0356 7120 nv_agp - ok
08:01:46.0646 7120 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:01:46.0726 7120 odserv - ok
08:01:46.0756 7120 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:01:46.0816 7120 ohci1394 - ok
08:01:46.0876 7120 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:01:46.0906 7120 ose - ok
08:01:46.0926 7120 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:01:46.0936 7120 p2pimsvc - ok
08:01:46.0966 7120 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:01:46.0976 7120 p2psvc - ok
08:01:47.0036 7120 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:01:47.0046 7120 Parport - ok
08:01:47.0076 7120 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:01:47.0106 7120 partmgr - ok
08:01:47.0146 7120 [ 8A0F8A9580D9F2FC512A35D5709088A9 ] pavboot C:\Windows\system32\drivers\pavboot64.sys
08:01:47.0256 7120 pavboot - ok
08:01:47.0286 7120 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:01:47.0286 7120 PcaSvc - ok
08:01:47.0316 7120 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:01:47.0316 7120 pci - ok
08:01:47.0356 7120 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:01:47.0386 7120 pciide - ok
08:01:47.0406 7120 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:01:47.0456 7120 pcmcia - ok
08:01:47.0466 7120 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:01:47.0516 7120 pcw - ok
08:01:47.0566 7120 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:01:47.0576 7120 PEAUTH - ok
08:01:47.0786 7120 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:01:47.0886 7120 PerfHost - ok
08:01:47.0996 7120 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:01:48.0326 7120 pla - ok
08:01:48.0366 7120 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:01:48.0376 7120 PlugPlay - ok
08:01:48.0416 7120 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:01:48.0576 7120 PNRPAutoReg - ok
08:01:48.0596 7120 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:01:48.0606 7120 PNRPsvc - ok
08:01:48.0626 7120 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:01:48.0756 7120 PolicyAgent - ok
08:01:48.0786 7120 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:01:48.0796 7120 Power - ok
08:01:48.0846 7120 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:01:48.0846 7120 PptpMiniport - ok
08:01:48.0886 7120 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:01:48.0956 7120 Processor - ok
08:01:48.0996 7120 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:01:48.0996 7120 ProfSvc - ok
08:01:49.0026 7120 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:01:49.0026 7120 ProtectedStorage - ok
08:01:49.0066 7120 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:01:49.0066 7120 Psched - ok
08:01:49.0146 7120 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
08:01:49.0186 7120 PxHlpa64 - ok
08:01:49.0286 7120 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:01:49.0626 7120 ql2300 - ok
08:01:49.0636 7120 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:01:49.0696 7120 ql40xx - ok
08:01:49.0726 7120 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:01:49.0776 7120 QWAVE - ok
08:01:49.0796 7120 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:01:49.0866 7120 QWAVEdrv - ok
08:01:49.0886 7120 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:01:50.0016 7120 RasAcd - ok
08:01:50.0086 7120 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:01:50.0086 7120 RasAgileVpn - ok
08:01:50.0126 7120 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:01:50.0256 7120 RasAuto - ok
08:01:50.0296 7120 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:01:50.0296 7120 Rasl2tp - ok
08:01:50.0336 7120 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:01:50.0516 7120 RasMan - ok
08:01:50.0556 7120 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:01:50.0556 7120 RasPppoe - ok
08:01:50.0606 7120 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:01:50.0736 7120 RasSstp - ok
08:01:50.0786 7120 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:01:50.0796 7120 rdbss - ok
08:01:50.0816 7120 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:01:50.0926 7120 rdpbus - ok
08:01:50.0946 7120 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:01:50.0946 7120 RDPCDD - ok
08:01:50.0956 7120 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:01:50.0956 7120 RDPENCDD - ok
08:01:50.0986 7120 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:01:50.0986 7120 RDPREFMP - ok
08:01:51.0066 7120 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:01:51.0086 7120 RDPWD - ok
08:01:51.0116 7120 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:01:51.0216 7120 rdyboost - ok
08:01:51.0236 7120 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:01:51.0306 7120 RemoteAccess - ok
08:01:51.0336 7120 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:01:51.0436 7120 RemoteRegistry - ok
08:01:51.0476 7120 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
08:01:51.0496 7120 RimUsb - ok
08:01:51.0516 7120 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:01:51.0516 7120 RpcEptMapper - ok
08:01:51.0546 7120 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:01:51.0586 7120 RpcLocator - ok
08:01:51.0656 7120 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:01:51.0666 7120 RpcSs - ok
08:01:51.0686 7120 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:01:51.0686 7120 rspndr - ok
08:01:51.0716 7120 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:01:51.0726 7120 RTL8167 - ok
08:01:51.0746 7120 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:01:51.0746 7120 SamSs - ok
08:01:51.0776 7120 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:01:51.0806 7120 sbp2port - ok
08:01:51.0886 7120 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:01:51.0886 7120 SBSDWSCService - ok
08:01:51.0906 7120 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:01:51.0976 7120 SCardSvr - ok
08:01:51.0996 7120 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:01:52.0056 7120 scfilter - ok
08:01:52.0106 7120 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:01:52.0126 7120 Schedule - ok
08:01:52.0166 7120 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:01:52.0166 7120 SCPolicySvc - ok
08:01:52.0206 7120 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
08:01:52.0206 7120 sdbus - ok
08:01:52.0246 7120 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:01:52.0276 7120 SDRSVC - ok
08:01:52.0306 7120 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:01:52.0306 7120 secdrv - ok
08:01:52.0336 7120 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:01:52.0416 7120 seclogon - ok
08:01:52.0436 7120 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:01:52.0446 7120 SENS - ok
08:01:52.0476 7120 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:01:52.0556 7120 SensrSvc - ok
08:01:52.0596 7120 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:01:52.0596 7120 Serenum - ok
08:01:52.0636 7120 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:01:52.0636 7120 Serial - ok
08:01:52.0686 7120 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:01:52.0716 7120 sermouse - ok
08:01:52.0756 7120 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:01:52.0806 7120 SessionEnv - ok
08:01:52.0826 7120 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:01:52.0866 7120 sffdisk - ok
08:01:52.0896 7120 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:01:52.0966 7120 sffp_mmc - ok
08:01:52.0986 7120 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:01:53.0046 7120 sffp_sd - ok
08:01:53.0076 7120 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:01:53.0136 7120 sfloppy - ok
08:01:53.0206 7120 [ 7F475425582163602EF1589C0071E521 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:01:53.0246 7120 SftService - ok
08:01:53.0276 7120 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:01:53.0376 7120 SharedAccess - ok
08:01:53.0416 7120 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:01:53.0436 7120 ShellHWDetection - ok
08:01:53.0466 7120 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:01:53.0486 7120 SiSRaid2 - ok
08:01:53.0506 7120 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:01:53.0526 7120 SiSRaid4 - ok
08:01:53.0556 7120 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:01:53.0626 7120 Smb - ok
08:01:53.0686 7120 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:01:53.0736 7120 SNMPTRAP - ok
08:01:53.0756 7120 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:01:53.0786 7120 spldr - ok
08:01:53.0826 7120 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:01:53.0826 7120 Spooler - ok
08:01:53.0906 7120 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:01:53.0976 7120 sppsvc - ok
08:01:53.0996 7120 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:01:54.0096 7120 sppuinotify - ok
08:01:54.0146 7120 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
08:01:54.0146 7120 sprtsvc_DellSupportCenter - ok
08:01:54.0186 7120 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:01:54.0206 7120 srv - ok
08:01:54.0226 7120 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:01:54.0236 7120 srv2 - ok
08:01:54.0266 7120 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:01:54.0266 7120 srvnet - ok
08:01:54.0306 7120 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:01:54.0306 7120 SSDPSRV - ok
08:01:54.0326 7120 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:01:54.0426 7120 SstpSvc - ok
08:01:54.0476 7120 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:01:54.0496 7120 stexstor - ok
08:01:54.0556 7120 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:01:54.0576 7120 stisvc - ok
08:01:54.0616 7120 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:01:54.0616 7120 swenum - ok
08:01:54.0716 7120 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:01:54.0856 7120 SwitchBoard - ok
08:01:54.0886 7120 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:01:54.0896 7120 swprv - ok
08:01:54.0966 7120 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:01:54.0996 7120 SysMain - ok
08:01:55.0036 7120 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:01:55.0066 7120 TabletInputService - ok
08:01:55.0106 7120 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:01:55.0226 7120 TapiSrv - ok
08:01:55.0256 7120 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:01:55.0426 7120 TBS - ok
08:01:55.0496 7120 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:01:55.0526 7120 Tcpip - ok
08:01:55.0586 7120 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:01:55.0596 7120 TCPIP6 - ok
08:01:55.0636 7120 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:01:55.0636 7120 tcpipreg - ok
08:01:55.0676 7120 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:01:55.0676 7120 TDPIPE - ok
08:01:55.0706 7120 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:01:55.0706 7120 TDTCP - ok
08:01:55.0746 7120 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:01:55.0746 7120 tdx - ok
08:01:55.0776 7120 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:01:55.0776 7120 TermDD - ok
08:01:55.0836 7120 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:01:55.0846 7120 TermService - ok
08:01:55.0866 7120 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:01:55.0876 7120 Themes - ok
08:01:55.0896 7120 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:01:55.0896 7120 THREADORDER - ok
08:01:55.0916 7120 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:01:55.0926 7120 TrkWks - ok
08:01:55.0966 7120 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:01:55.0966 7120 TrustedInstaller - ok
08:01:56.0006 7120 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:01:56.0006 7120 tssecsrv - ok
08:01:56.0056 7120 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:01:56.0056 7120 TsUsbFlt - ok
08:01:56.0096 7120 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:01:56.0106 7120 tunnel - ok
08:01:56.0126 7120 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:01:56.0126 7120 uagp35 - ok
08:01:56.0166 7120 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:01:56.0166 7120 udfs - ok
08:01:56.0206 7120 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:01:56.0246 7120 UI0Detect - ok
08:01:56.0266 7120 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:01:56.0266 7120 uliagpkx - ok
08:01:56.0336 7120 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:01:56.0336 7120 umbus - ok
08:01:56.0366 7120 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:01:56.0366 7120 UmPass - ok
08:01:56.0396 7120 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:01:56.0396 7120 upnphost - ok
08:01:56.0446 7120 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:01:56.0446 7120 USBAAPL64 - ok
08:01:56.0496 7120 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:01:56.0496 7120 usbaudio - ok
08:01:56.0696 7120 [ C73CB90E6A2FF90FD02451A8DFC6AF8A ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
08:01:56.0696 7120 usbbus - ok
08:01:56.0716 7120 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:01:56.0716 7120 usbccgp - ok
08:01:56.0756 7120 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:01:56.0766 7120 usbcir - ok
08:01:56.0786 7120 [ 856CE1F23785369BB5A2DE0AEDAD0AA7 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
08:01:56.0796 7120 UsbDiag - ok
08:01:56.0836 7120 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:01:56.0836 7120 usbehci - ok
08:01:56.0876 7120 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:01:56.0876 7120 usbhub - ok
08:01:56.0946 7120 [ F81055629778D33C9317B32E4D2B58DB ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
08:01:56.0956 7120 USBModem - ok
08:01:56.0976 7120 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:01:56.0976 7120 usbohci - ok
08:01:57.0016 7120 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:01:57.0016 7120 usbprint - ok
08:01:57.0036 7120 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:01:57.0036 7120 USBSTOR - ok
08:01:57.0066 7120 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:01:57.0066 7120 usbuhci - ok
08:01:57.0176 7120 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:01:57.0176 7120 usbvideo - ok
08:01:57.0196 7120 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:01:57.0196 7120 UxSms - ok
08:01:57.0216 7120 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:01:57.0226 7120 VaultSvc - ok
08:01:57.0256 7120 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:01:57.0256 7120 vdrvroot - ok
08:01:57.0306 7120 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:01:57.0466 7120 vds - ok
08:01:57.0506 7120 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:01:57.0506 7120 vga - ok
08:01:57.0526 7120 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:01:57.0526 7120 VgaSave - ok
08:01:57.0566 7120 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:01:57.0576 7120 vhdmp - ok
08:01:57.0596 7120 [ 1B962F41EEE94D57A34C0BEC1C116D08 ] VIACRX64 C:\Windows\system32\DRIVERS\viacr64.sys
08:01:57.0596 7120 VIACRX64 - ok
08:01:57.0626 7120 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:01:57.0626 7120 viaide - ok
08:01:57.0646 7120 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:01:57.0656 7120 volmgr - ok
08:01:57.0696 7120 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:01:57.0706 7120 volmgrx - ok
08:01:57.0726 7120 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:01:57.0726 7120 volsnap - ok
08:01:57.0756 7120 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:01:57.0756 7120 vsmraid - ok
08:01:57.0806 7120 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:01:57.0846 7120 VSS - ok
08:01:57.0856 7120 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:01:57.0866 7120 vwifibus - ok
08:01:57.0896 7120 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:01:58.0026 7120 W32Time - ok
08:01:58.0046 7120 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:01:58.0056 7120 WacomPen - ok
08:01:58.0086 7120 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:01:58.0096 7120 WANARP - ok
08:01:58.0116 7120 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:01:58.0116 7120 Wanarpv6 - ok
08:01:58.0166 7120 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:01:58.0226 7120 WatAdminSvc - ok
08:01:58.0276 7120 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:01:58.0386 7120 wbengine - ok
08:01:58.0416 7120 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:01:58.0486 7120 WbioSrvc - ok
08:01:58.0526 7120 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:01:58.0606 7120 wcncsvc - ok
08:01:58.0626 7120 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:01:58.0706 7120 WcsPlugInService - ok
08:01:58.0766 7120 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:01:58.0816 7120 Wd - ok
08:01:58.0916 7120 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:01:58.0936 7120 Wdf01000 - ok
08:01:58.0956 7120 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:01:58.0966 7120 WdiServiceHost - ok
08:01:58.0976 7120 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:01:58.0976 7120 WdiSystemHost - ok
08:01:59.0006 7120 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:01:59.0056 7120 WebClient - ok
08:01:59.0076 7120 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:01:59.0166 7120 Wecsvc - ok
08:01:59.0196 7120 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:01:59.0196 7120 wercplsupport - ok
08:01:59.0226 7120 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:01:59.0226 7120 WerSvc - ok
08:01:59.0256 7120 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:01:59.0256 7120 WfpLwf - ok
08:01:59.0296 7120 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:01:59.0296 7120 WimFltr - ok
08:01:59.0316 7120 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:01:59.0316 7120 WIMMount - ok
08:01:59.0336 7120 WinDefend - ok
08:01:59.0356 7120 WinHttpAutoProxySvc - ok
08:01:59.0416 7120 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:01:59.0416 7120 Winmgmt - ok
08:01:59.0476 7120 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:01:59.0586 7120 WinRM - ok
08:01:59.0636 7120 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:01:59.0646 7120 WinUsb - ok
08:01:59.0676 7120 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:01:59.0746 7120 Wlansvc - ok
08:01:59.0846 7120 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:01:59.0896 7120 wlidsvc - ok
08:01:59.0926 7120 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:01:59.0926 7120 WmiAcpi - ok
08:01:59.0976 7120 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:02:00.0026 7120 wmiApSrv - ok
08:02:00.0096 7120 WMPNetworkSvc - ok
08:02:00.0146 7120 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:02:00.0216 7120 WPCSvc - ok
08:02:00.0246 7120 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:02:00.0246 7120 WPDBusEnum - ok
08:02:00.0276 7120 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:02:00.0286 7120 ws2ifsl - ok
08:02:00.0296 7120 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:02:00.0296 7120 wscsvc - ok
08:02:00.0316 7120 WSearch - ok
08:02:00.0646 7120 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:02:00.0676 7120 wuauserv - ok
08:02:00.0696 7120 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:02:00.0706 7120 WudfPf - ok
08:02:00.0746 7120 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:02:00.0746 7120 WUDFRd - ok
08:02:00.0776 7120 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:02:00.0786 7120 wudfsvc - ok
08:02:00.0806 7120 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:02:00.0856 7120 WwanSvc - ok
08:02:00.0926 7120 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:02:00.0956 7120 YahooAUService - ok
08:02:00.0976 7120 ================ Scan global ===============================
08:02:00.0996 7120 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:02:01.0026 7120 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
08:02:01.0046 7120 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
08:02:01.0076 7120 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:02:01.0096 7120 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:02:01.0106 7120 [Global] - ok
08:02:01.0106 7120 ================ Scan MBR ==================================
08:02:01.0126 7120 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:02:01.0126 7120 Suspicious mbr (Forged): \Device\Harddisk0\DR0
08:02:01.0166 7120 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
08:02:01.0166 7120 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
08:02:01.0186 7120 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:02:01.0186 7120 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:02:01.0206 7120 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
08:02:01.0516 7120 \Device\Harddisk1\DR1 - ok
08:02:01.0516 7120 ================ Scan VBR ==================================
08:02:01.0516 7120 [ F233DA5874DF6BCFD16B8A3589365534 ] \Device\Harddisk0\DR0\Partition1
08:02:01.0516 7120 \Device\Harddisk0\DR0\Partition1 - ok
08:02:01.0536 7120 [ 39BB5C657009DBC9D62E63E9DE236A8D ] \Device\Harddisk0\DR0\Partition2
08:02:01.0536 7120 \Device\Harddisk0\DR0\Partition2 - ok
08:02:01.0546 7120 [ 5A0D6C27DA7902D6574CCCB1136C005B ] \Device\Harddisk1\DR1\Partition1
08:02:01.0546 7120 \Device\Harddisk1\DR1\Partition1 - ok
08:02:01.0556 7120 ============================================================
08:02:01.0556 7120 Scan finished
08:02:01.0556 7120 ============================================================
08:02:01.0566 5704 Detected object count: 2
08:02:01.0566 5704 Actual detected object count: 2
08:02:34.0224 5704 \Device\Harddisk0\DR0\# - copied to quarantine
08:02:34.0277 5704 \Device\Harddisk0\DR0 - copied to quarantine
08:02:34.0652 5704 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:02:34.0826 5704 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:02:34.0948 5704 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
08:02:35.0184 5704 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
08:02:35.0257 5704 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
08:02:35.0306 5704 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
08:02:35.0329 5704 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:02:35.0375 5704 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:02:35.0586 5704 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:02:35.0626 5704 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
08:02:35.0653 5704 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
08:02:35.0681 5704 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
08:02:35.0748 5704 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
08:02:35.0840 5704 \Device\Harddisk0\DR0 - ok
08:02:35.0860 5704 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
08:02:35.0860 5704 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:02:35.0860 5704 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
08:03:00.0753 6140 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-12 08:14:06
-----------------------------
08:14:06.816 OS Version: Windows x64 6.1.7601 Service Pack 1
08:14:06.816 Number of processors: 2 586 0x170A
08:14:06.816 ComputerName: ANGELA-PC UserName: Angela
08:14:07.924 Initialize success
08:15:16.613 AVAST engine defs: 12101200
08:15:23.992 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:15:23.992 Disk 0 Vendor: WDC_WD6400AAKS-75A7B2 01.03B01 Size: 610480MB BusType: 3
08:15:23.992 Disk 0 MBR read successfully
08:15:23.992 Disk 0 MBR scan
08:15:24.023 Disk 0 Windows VISTA default MBR code
08:15:24.023 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
08:15:24.039 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
08:15:24.070 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595439 MB offset 30801920
08:15:24.117 Disk 0 scanning C:\Windows\system32\drivers
08:15:40.840 Service scanning
08:16:01.120 Modules scanning
08:16:01.120 Disk 0 trace - called modules:
08:16:01.136 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
08:16:01.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c2c700]
08:16:01.136 3 CLASSPNP.SYS[fffff880011ce43f] -> nt!IofCallDriver -> [0xfffffa80047444d0]
08:16:01.136 5 ACPI.sys[fffff88000f107a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004774680]
08:16:03.382 AVAST engine scan C:\Windows
08:16:06.970 AVAST engine scan C:\Windows\system32
08:21:49.718 AVAST engine scan C:\Windows\system32\drivers
08:22:06.629 AVAST engine scan C:\Users\Angela
08:23:23.724 File: C:\Users\Angela\AppData\Local\Macromedia\Deployment\lbewpd.dll **INFECTED** Win32:BHO-AGZ [Trj]
08:34:16.055 AVAST engine scan C:\ProgramData
08:37:56.827 Scan finished successfully
08:50:55.954 Disk 0 MBR has been saved successfully to "C:\Users\Angela\Desktop\MBR.dat"
08:50:55.985 The log file has been saved successfully to "C:\Users\Angela\Desktop\aswMBR.txt"


C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.10.2012_08.00.31\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.10.2012_08.00.31\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.10.2012_08.00.31\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.OX trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.10.2012_08.00.31\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.10.2012_08.00.31\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.10.2012_08.00.31\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Default\aagfdggdgfgbdhdggeddgggddedigfgd\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Angela\AppData\Local\Macromedia\Deployment\lbewpd.dll a variant of Win32/Kryptik.AMWV trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Angela\AppData\Local\Temp\NODFEF7.tmp a variant of Win32/Kryptik.AMWV trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Angela\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\4f20b760-3fc63b3d a variant of Java/Exploit.Agent.NDH trojan cleaned by deleting - quarantined
C:\Users\Angela\Downloads\gimp_31.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Windows\Temp\Temporary Internet Files\Content.IE5\6WFXQOU4\kitty-goes-crazy-for-laser[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined

#4 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 09:40 AM

I rebooted my computer and I am not sure if I need to do anything else at this point. I will wait for you reply. I did check IE to see if it was still redirecting me and it did not and I tried this several times. I am hoping that I don't have to do anything else. Thanks for your help!

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 AM

Posted 12 October 2012 - 10:44 AM

Run TDSSkiller and select DELETE

08:02:35.0860 5704 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 03:08 PM

It took a while but here it is:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Angela :: ANGELA-PC [administrator]

10/12/2012 12:20:46 PM
mbam-log-2012-10-12 (12-20-46).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399729
Time elapsed: 1 hour(s), 10 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\TDSSKiller_Quarantine\12.10.2012_12.18.51\tdlfs0000\tsk0002.dta (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Angela (administrator) on 12-10-2012 at 13:42:38
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15266 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Angela-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-2D-18-D9-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6411:d232:3c14:e036%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, October 12, 2012 1:38:43 PM
Lease Expires . . . . . . . . . . : Monday, January 18, 2038 11:14:07 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 234890797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-2E-A6-92-00-26-2D-18-D9-10
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2006:3091:9de4:e193(Preferred)
Link-local IPv6 Address . . . . . : fe80::2006:3091:9de4:e193%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4002:c03::66
74.125.139.139
74.125.139.100
74.125.139.101
74.125.139.102
74.125.139.113
74.125.139.138


Pinging google.com [173.194.37.35] with 32 bytes of data:
Reply from 173.194.37.35: bytes=32 time=406ms TTL=51
Reply from 173.194.37.35: bytes=32 time=35ms TTL=51

Ping statistics for 173.194.37.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 406ms, Average = 220ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=680ms TTL=50
Reply from 98.139.183.24: bytes=32 time=662ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 662ms, Maximum = 680ms, Average = 671ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 26 2d 18 d9 10 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.8 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.8 276
192.168.2.8 255.255.255.255 On-link 192.168.2.8 276
192.168.2.255 255.255.255.255 On-link 192.168.2.8 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.8 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.8 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:6ab8:2006:3091:9de4:e193/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::2006:3091:9de4:e193/128
On-link
10 276 fe80::6411:d232:3c14:e036/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/12/2012 08:51:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/12/2012 07:55:02 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/12/2012 07:55:02 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/12/2012 07:54:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7878

Error: (10/12/2012 07:54:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7878

Error: (10/12/2012 07:54:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/12/2012 07:54:48 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/12/2012 07:54:47 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (10/12/2012 07:18:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0xc98
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (10/12/2012 07:17:26 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0xe54
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (10/12/2012 10:32:07 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/12/2012 10:32:06 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/12/2012 07:54:34 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (10/12/2012 03:16:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Works 9 (KB2754670).

Error: (10/12/2012 03:07:14 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/12/2012 03:07:13 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/12/2012 03:06:32 AM) (Source: BugCheck) (User: )
Description: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff800033080c5)C:\Windows\MEMORY.DMP101212-16333-01

Error: (10/11/2012 08:28:34 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/11/2012 08:28:34 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/11/2012 03:04:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Works 9 (KB2754670).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.6.0.19140)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader 9.5.1 (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Autumn's Treasures: The Jade Coin
Big Fish Games: Game Manager (Version: 2.0.0.28)
Bing Bar (Version: 7.1.391.0)
Bonjour (Version: 3.0.0.2)
Bully Dog Update Agent (Version: 1.0.5.38)
Cake Mania Back to the Bakery (remove only)
Castle Link (Version: 3.30.3)
CCleaner (Version: 3.17)
Christmas Wonderland
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.98.70.0)
Coupon Printer for Windows (Version: 5.0.0.0)
Dell DataSafe Local Backup - Support Software (Version: 2.31)
Dell DataSafe Local Backup (Version: 9.3.44)
Dell DataSafe Online (Version: 1.1.0031)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Webcam Central (Version: 1.40.05)
Diner Dash Hometown Hero - Gourmet
EA Download Manager (Version: 5.0.0.255)
ESET Online Scanner v3
Express Dictate
Express Scribe
Facebook Plug-In
Google Chrome (Version: 22.0.1229.94)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 14.0.8089.726)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Losi
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Total Protection (Version: 12.0.637)
McAfee Virtual Technician (Version: 5.5.2.0)
McAfee Virtual Technician (Version: 6.5.0.2101)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
MSVCRT (Version: 14.0.1468.721)
Nitto 1320 Legends Public Beta 0.10 (Version: 0.10)
OpenOffice.org 3.1 (Version: 3.1.9399)
Panda ActiveScan 2.0 (Version: 01.04.01.0014)
Pando Media Booster (Version: 2.3.5.6)
PDF Settings CS5 (Version: 10.0)
PDF Settings CS6 (Version: 11.0)
PopCap Browser Plugin
PowerDVD DX (Version: 8.3.5424)
PurePlay Poker (Version: 2.0.3104.0)
QuickTime (Version: 7.70.80.34)
Roxio Burn (Version: 1.0)
Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Smilebox (Version: 1.1.1.1)
Spin & Win
Spybot - Search & Destroy (Version: 1.6.2)
Tekin HotWire (Version: 1.0.0)
The Sims™ 3 (Version: 1.12.70)
The Treasures of Mystery Island
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3964.8 MB
Available physical RAM: 2175.95 MB
Total Pagefile: 7927.8 MB
Available Pagefile: 6043.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.63 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:507.4 GB) NTFS

========================= Users: ========================================

User accounts for \\ANGELA-PC

Administrator Angela Guest

========================= Restore Points ==================================

05-10-2012 07:00:29 Windows Update
06-10-2012 07:00:30 Windows Update
07-10-2012 07:00:27 Windows Update
08-10-2012 07:00:27 Windows Update
09-10-2012 07:00:30 Windows Update
10-10-2012 07:00:29 Windows Update
11-10-2012 07:00:32 Windows Update
12-10-2012 01:14:48 Installed Java™ 6 Update 35
12-10-2012 07:11:12 Windows Update

**** End of log ****

Farbar Service Scanner Version: 07-10-2012
Ran by Angela (administrator) on 12-10-2012 at 13:47:42
Running from "C:\Users\Angela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T7QAG5WA"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 03:10] - [2012-06-02 01:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 14:15:36
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Angela - ANGELA-PC
# Boot Mode : Normal
# Running from : C:\Users\Angela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9I9VV56\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WeCareReminder

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\Software\GamesBarSetup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v6.0.2 (en-US)

Profile name : default
File : C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\vvct553u.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1996 octets] - [12/10/2012 14:15:36]

########## EOF - C:\AdwCleaner[S1].txt - [2056 octets] ##########

Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.9 (10.12.2012)
OS: Windows 7 Home Premium x64
Ran by Angela on Fri 10/12/2012 at 13:48:34.63
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\conduit"
Successfully deleted: [KEY] "hkey_local_machine\software\conduit"



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\coupons\Coupons.ico
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\CouponsDotCom.url
Successfully deleted: [FILE] C:\Program Files (x86)\coupons\uninstall.exe



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\coupons"



*** FireFox detected and repaired

Successfully deleted: [user.js] from C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\vvct553u.default
Successfully deleted: [npCouponPrinter.dll] from [FF plugins]
Successfully deleted: [npMozCouponPrinter.dll] from [FF plugins]
Successfully deleted: [TRACUR.AV] C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\vvct553u.default\extensions\snfnsrehra@snfnsrehra.org.xpi


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 10/12/2012 at 14:07:55.65
End of Report

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 AM

Posted 12 October 2012 - 03:13 PM

Run malwarebytes once again and post the clean log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 03:15 PM

By the way... since the first scan I did this morning I keep getting this error when it reboots and windows loads. Run DLL error C:\users\Angela\Appdata\local\Macromedia\Deployment\lbewpd.dll

#9 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 04:38 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Angela :: ANGELA-PC [administrator]

10/12/2012 4:16:22 PM
mbam-log-2012-10-12 (16-16-22).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 400086
Time elapsed: 1 hour(s), 10 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 05:30:56 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Angela\AppData\Local\{59962b30-47c8-8fe9-83b5-c6fb541b566f}\ [ZA Dir]
* C:\Users\Angela\AppData\Local\{59962b30-47c8-8fe9-83b5-c6fb541b566f}\L\ [ZA Dir]
* C:\Users\Angela\AppData\Local\{59962b30-47c8-8fe9-83b5-c6fb541b566f}\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15286 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/12/2012 05:31:09 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)

I am not sure what to do about the last one. I am having trouble with the last one. The only unzip file I have is in one of the Express programs I have and am unsure how to open or unzip the file. Can you walk me through opening and extracting that file? Thanks

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 AM

Posted 12 October 2012 - 05:21 PM

Regarding autoruns,install this software

http://www.rarlab.com/rar/winrar-x64-420.exe

and extract it

Edited by narenxp, 12 October 2012 - 06:25 PM.


#11 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 06:24 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 07:13:41 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15286 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/12/2012 07:13:48 PM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)


Ok I have the winrar open and there are 4 files in it what do I do next? I have never used this program nor have I unzipped files. Do I right click? or use one of the buttons in the winrar window?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 AM

Posted 12 October 2012 - 06:26 PM

Ok I have the winrar open and there are 4 files in it what do I do next? I have never used this program nor have I unzipped files. Do I right click? or use one of the buttons in the winrar window?


Double click on downloaded autoruns zip file and follow my previous instructions

#13 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 06:30 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "AdobeCS5.5ServiceManager" "Adobe CS5.5 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe"
+ "AdobeCS6ServiceManager" "Adobe CS6 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe"
+ "Dell DataSafe Online" "DataSafeOnline" "" "c:\program files (x86)\dell datasafe online\datasafeonline.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files (x86)\roxio\roxio burn\roxioburnlauncher.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcpltui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\angela\appdata\local\google\update\googleupdate.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ExpressZip" "" "" "c:\program files (x86)\nch software\expresszip\ezcm64.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ExpressZip" "" "" "c:\program files (x86)\nch software\expresszip\ezcm64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn0\ytsingleinstance.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\AdobeAAMUpdater-1.0-Angela-PC-Angela" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-619774264-2740994790-1941993216-1001Core" "Google Installer" "Google Inc." "c:\users\angela\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-619774264-2740994790-1941993216-1001UA" "Google Installer" "Google Inc." "c:\users\angela\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\NCH Software\ExpressZipReminder" "Express Zip" "NCH Software" "c:\program files (x86)\nch software\expresszip\expresszip.exe"
+ "\NCH Software\ExpressZipSevenDays" "Express Zip" "NCH Software" "c:\program files (x86)\nch software\expresszip\expresszip.exe"
+ "\PCConfidential" "" "" "File not found: C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe"
+ "\{1DC43D25-B265-4B63-AB37-33BB6F00F036}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{73569048-2A51-4CF4-9FF9-A4B453781656}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{9C97F2B6-C2DC-4FE7-B42A-A77A1B0D0865}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{B6BBF37A-FB69-4638-9959-C56F05EEE17E}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{C8339DA3-9306-4B76-8FBA-78EA612DBB92}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{CA7329FE-D694-414C-A890-FB736AA9AE0D}" "Google Chrome" "Google Inc." "c:\users\angela\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "getPlusHelper" "" "" "File not found: C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll"
+ "HomeNetSvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "mcpltsvc" "McAfee Platform Services" "McAfee, Inc." "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe"
+ "mfecore" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\amcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EMVSCARD" "USB Smart Card Reader" "USB Smart Card Reader" "c:\windows\system32\drivers\emvscard.sys"
+ "FTDIBUS" "FTDIBUS USB Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftdibus.sys"
+ "FTSER2K" "FTDIBUS Serial Device Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftser2k.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfencbdc" "McAfee Content driver Copyright © 2010 McAfee, Inc. All Rights Reserved." "McAfee, Inc." "c:\windows\system32\drivers\mfencbdc.sys"
+ "mfencrk" "McAfee Content driver Copyright © 2010 McAfee, Inc. All Rights Reserved." "McAfee, Inc." "c:\windows\system32\drivers\mfencrk.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pavboot" "Panda Boot Driver" "Panda Security, S.L." "c:\windows\system32\drivers\pavboot64.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbbus" "LG CDMA USB Multi function Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64bus.sys"
+ "UsbDiag" "LGE Mobile USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64diag.sys"
+ "USBModem" "LGE Mobile Modem Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64modem.sys"
+ "VIACRX64" "Card Reader WDM driver x64 version" "VIA Technologies, Inc. " "c:\windows\system32\drivers\viacr64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.dmb1" "Morgan Multimedia M-JPEG V3 codec" "Morgan Multimedia" "c:\windows\m3jpeg32.dll"
+ "vidc.GEOX" "Geovision® Codec" "Geovision" "c:\windows\geocodec.dll"
+ "vidc.iv50" "Ligos Indeo® Video 5.11" "Ligos Corporation" "c:\windows\ir50_32.dll"
+ "vidc.MJPG" "Morgan Multimedia M-JPEG V3 codec" "Morgan Multimedia" "c:\windows\m3jpeg32.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Audio Mixer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT DV Extract" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Format Conversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Screen Capture filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 AM

Posted 12 October 2012 - 06:31 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#15 LadyNC

LadyNC
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 12 October 2012 - 07:05 PM

You have been an absolute godsend! I thank you for helping me pretty much all day long! This is one great site! I hope to never have to use this again! I have a paid subscription for my Antivirus... they are getting an earfull from me... I had them on this computer Monday night but they said all was fine.. Thanks again and you have a nice evening and fabulous weekend!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users