Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe traffic blocked


  • Please log in to reply
11 replies to this topic

#1 Professor H

Professor H

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 01 November 2012 - 02:38 PM

Hello,

Symantec Endpoint Protection has repeatedly warned me that traffic has been blocked from svchost.exe.

Previously, I was getting frequent warnings about port scan attacks.

This is a 32-bit machine running Windows 7.

Help would be appreciated!

Thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:28 PM

Posted 01 November 2012 - 04:27 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Professor H

Professor H
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 01 November 2012 - 07:21 PM

Here are the logs. Thanks! One item was found by ESET.

18:34:43.0870 4148 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:34:44.0120 4148 ============================================================
18:34:44.0120 4148 Current date / time: 2012/11/01 18:34:44.0120
18:34:44.0120 4148 SystemInfo:
18:34:44.0120 4148
18:34:44.0120 4148 OS Version: 6.1.7601 ServicePack: 1.0
18:34:44.0120 4148 Product type: Workstation
18:34:44.0120 4148 ComputerName: H2012
18:34:44.0120 4148 UserName: ******
18:34:44.0120 4148 Windows directory: C:\Windows
18:34:44.0120 4148 System windows directory: C:\Windows
18:34:44.0120 4148 Processor architecture: Intel x86
18:34:44.0120 4148 Number of processors: 4
18:34:44.0120 4148 Page size: 0x1000
18:34:44.0120 4148 Boot type: Normal boot
18:34:44.0120 4148 ============================================================
18:34:44.0588 4148 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:34:44.0588 4148 ============================================================
18:34:44.0588 4148 \Device\Harddisk0\DR0:
18:34:44.0588 4148 MBR partitions:
18:34:44.0588 4148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1698000
18:34:44.0588 4148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16AC000, BlocksNum 0x23D82000
18:34:44.0588 4148 ============================================================
18:34:44.0635 4148 C: <-> \Device\Harddisk0\DR0\Partition2
18:34:44.0635 4148 ============================================================
18:34:44.0635 4148 Initialize success
18:34:44.0635 4148 ============================================================
18:36:04.0631 1424 ============================================================
18:36:04.0631 1424 Scan started
18:36:04.0631 1424 Mode: Manual; TDLFS;
18:36:04.0631 1424 ============================================================
18:36:04.0771 1424 ================ Scan system memory ========================
18:36:04.0771 1424 System memory - ok
18:36:04.0771 1424 ================ Scan services =============================
18:36:05.0146 1424 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:36:05.0146 1424 1394ohci - ok
18:36:05.0239 1424 [ EDC50031D6AB9180B3B3BD1C547C7D0A ] Acceler C:\Windows\system32\DRIVERS\accelern.sys
18:36:05.0239 1424 Acceler - ok
18:36:05.0270 1424 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:36:05.0286 1424 ACPI - ok
18:36:05.0317 1424 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:36:05.0317 1424 AcpiPmi - ok
18:36:05.0411 1424 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:36:05.0411 1424 AdobeFlashPlayerUpdateSvc - ok
18:36:05.0458 1424 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:36:05.0473 1424 adp94xx - ok
18:36:05.0504 1424 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:36:05.0520 1424 adpahci - ok
18:36:05.0536 1424 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:36:05.0551 1424 adpu320 - ok
18:36:05.0582 1424 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:36:05.0582 1424 AeLookupSvc - ok
18:36:05.0692 1424 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe
18:36:05.0692 1424 AESTFilters - ok
18:36:05.0738 1424 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:36:05.0738 1424 AFD - ok
18:36:05.0801 1424 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:36:05.0801 1424 agp440 - ok
18:36:05.0832 1424 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:36:05.0848 1424 aic78xx - ok
18:36:05.0894 1424 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:36:05.0894 1424 ALG - ok
18:36:05.0941 1424 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:36:05.0941 1424 aliide - ok
18:36:05.0957 1424 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:36:05.0957 1424 amdagp - ok
18:36:05.0988 1424 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:36:05.0988 1424 amdide - ok
18:36:06.0019 1424 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:36:06.0019 1424 AmdK8 - ok
18:36:06.0035 1424 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:36:06.0050 1424 AmdPPM - ok
18:36:06.0097 1424 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:36:06.0144 1424 amdsata - ok
18:36:06.0175 1424 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:36:06.0175 1424 amdsbs - ok
18:36:06.0206 1424 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:36:06.0206 1424 amdxata - ok
18:36:06.0269 1424 [ 476A6EFB2BB338D2854B3751367F8F71 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:36:06.0284 1424 ApfiltrService - ok
18:36:06.0316 1424 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:36:06.0316 1424 AppID - ok
18:36:06.0378 1424 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:36:06.0378 1424 AppIDSvc - ok
18:36:06.0409 1424 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:36:06.0409 1424 Appinfo - ok
18:36:06.0456 1424 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:36:06.0456 1424 AppMgmt - ok
18:36:06.0487 1424 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
18:36:06.0487 1424 arc - ok
18:36:06.0534 1424 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:36:06.0534 1424 arcsas - ok
18:36:06.0674 1424 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:36:06.0674 1424 aspnet_state - ok
18:36:06.0721 1424 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:36:06.0721 1424 AsyncMac - ok
18:36:06.0784 1424 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:36:06.0784 1424 atapi - ok
18:36:06.0893 1424 [ FF270313C14FC180B6C49BB0B302E0FB ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe
18:36:06.0971 1424 ATService - ok
18:36:07.0018 1424 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:36:07.0018 1424 AudioEndpointBuilder - ok
18:36:07.0064 1424 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:36:07.0080 1424 Audiosrv - ok
18:36:07.0111 1424 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:36:07.0111 1424 AxInstSV - ok
18:36:07.0174 1424 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
18:36:07.0189 1424 b06bdrv - ok
18:36:07.0267 1424 [ 68FB5AF4534AA98B364EA585703D2456 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:36:07.0283 1424 b57nd60x - ok
18:36:07.0330 1424 [ 63E991FCB420A3B06E86C58BCFB994BB ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
18:36:07.0330 1424 BCM42RLY - ok
18:36:07.0454 1424 [ 684320E13CFF66CBAC085654E26ED712 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
18:36:07.0470 1424 BCM43XX - ok
18:36:07.0532 1424 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:36:07.0532 1424 BDESVC - ok
18:36:07.0564 1424 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:36:07.0564 1424 Beep - ok
18:36:07.0595 1424 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:36:07.0610 1424 BFE - ok
18:36:07.0860 1424 [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20121005.012\BHDrvx86.sys
18:36:07.0876 1424 BHDrvx86 - ok
18:36:08.0000 1424 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:36:08.0016 1424 BITS - ok
18:36:08.0016 1424 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:36:08.0032 1424 blbdrive - ok
18:36:08.0063 1424 [ A1115D933E7E3588E6DD53B03219F808 ] Blfp C:\Windows\system32\DRIVERS\basp.sys
18:36:08.0078 1424 Blfp - ok
18:36:08.0110 1424 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:36:08.0110 1424 bowser - ok
18:36:08.0156 1424 [ E7CA80FA5A7E82ED87E8140E0BDFA13B ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
18:36:08.0156 1424 BrcmMgmtAgent - ok
18:36:08.0203 1424 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:36:08.0203 1424 BrFiltLo - ok
18:36:08.0234 1424 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:36:08.0234 1424 BrFiltUp - ok
18:36:08.0281 1424 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:36:08.0281 1424 Browser - ok
18:36:08.0312 1424 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:36:08.0328 1424 Brserid - ok
18:36:08.0344 1424 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:36:08.0359 1424 BrSerWdm - ok
18:36:08.0390 1424 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:36:08.0406 1424 BrUsbMdm - ok
18:36:08.0422 1424 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:36:08.0422 1424 BrUsbSer - ok
18:36:08.0437 1424 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:36:08.0453 1424 BTHMODEM - ok
18:36:08.0484 1424 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:36:08.0484 1424 bthserv - ok
18:36:08.0515 1424 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:36:08.0515 1424 cdfs - ok
18:36:08.0562 1424 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:36:08.0578 1424 cdrom - ok
18:36:08.0609 1424 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:36:08.0609 1424 CertPropSvc - ok
18:36:08.0640 1424 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
18:36:08.0640 1424 circlass - ok
18:36:08.0671 1424 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:36:08.0687 1424 CLFS - ok
18:36:08.0749 1424 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:36:08.0796 1424 clr_optimization_v2.0.50727_32 - ok
18:36:08.0858 1424 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:36:08.0874 1424 clr_optimization_v4.0.30319_32 - ok
18:36:08.0921 1424 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:36:08.0921 1424 CmBatt - ok
18:36:08.0936 1424 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:36:08.0936 1424 cmdide - ok
18:36:08.0999 1424 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:36:09.0030 1424 CNG - ok
18:36:09.0061 1424 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:36:09.0061 1424 Compbatt - ok
18:36:09.0092 1424 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:36:09.0092 1424 CompositeBus - ok
18:36:09.0108 1424 COMSysApp - ok
18:36:09.0155 1424 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:36:09.0186 1424 crcdisk - ok
18:36:09.0264 1424 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:36:09.0264 1424 CryptSvc - ok
18:36:09.0311 1424 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:36:09.0311 1424 CSC - ok
18:36:09.0342 1424 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:36:09.0342 1424 CscService - ok
18:36:09.0389 1424 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
18:36:09.0404 1424 CtAudDrv - ok
18:36:09.0436 1424 [ 01725C2F2757B985CD171C0480AB86B0 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:36:09.0436 1424 CtClsFlt - ok
18:36:09.0482 1424 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys
18:36:09.0482 1424 CVirtA - ok
18:36:09.0592 1424 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
18:36:09.0638 1424 CVPND - ok
18:36:09.0685 1424 [ 18994842386FD3039279D7865740ABBD ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
18:36:09.0685 1424 CVPNDRVA - ok
18:36:09.0716 1424 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:36:09.0716 1424 DcomLaunch - ok
18:36:09.0748 1424 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:36:09.0763 1424 defragsvc - ok
18:36:09.0888 1424 [ 5953ED0990B6F10C9C4C36C7B80941FE ] DFEPService c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
18:36:09.0935 1424 DFEPService - ok
18:36:09.0966 1424 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:36:09.0966 1424 DfsC - ok
18:36:10.0028 1424 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:36:10.0044 1424 Dhcp - ok
18:36:10.0075 1424 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:36:10.0075 1424 discache - ok
18:36:10.0106 1424 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
18:36:10.0106 1424 Disk - ok
18:36:10.0169 1424 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:36:10.0169 1424 dmvsc - ok
18:36:10.0216 1424 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys
18:36:10.0216 1424 DNE - ok
18:36:10.0247 1424 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:36:10.0262 1424 Dnscache - ok
18:36:10.0294 1424 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:36:10.0309 1424 dot3svc - ok
18:36:10.0325 1424 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:36:10.0325 1424 DPS - ok
18:36:10.0387 1424 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:36:10.0387 1424 drmkaud - ok
18:36:10.0418 1424 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:36:10.0434 1424 DXGKrnl - ok
18:36:10.0496 1424 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:36:10.0496 1424 EapHost - ok
18:36:10.0684 1424 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
18:36:10.0762 1424 ebdrv - ok
18:36:10.0886 1424 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:36:10.0902 1424 eeCtrl - ok
18:36:10.0949 1424 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:36:10.0964 1424 EFS - ok
18:36:11.0027 1424 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:36:11.0042 1424 ehRecvr - ok
18:36:11.0089 1424 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:36:11.0089 1424 ehSched - ok
18:36:11.0136 1424 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:36:11.0183 1424 elxstor - ok
18:36:11.0214 1424 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:36:11.0214 1424 EraserUtilRebootDrv - ok
18:36:11.0230 1424 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:36:11.0230 1424 ErrDev - ok
18:36:11.0276 1424 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:36:11.0276 1424 EventSystem - ok
18:36:11.0323 1424 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:36:11.0323 1424 exfat - ok
18:36:11.0354 1424 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:36:11.0354 1424 fastfat - ok
18:36:11.0417 1424 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:36:11.0417 1424 Fax - ok
18:36:11.0464 1424 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
18:36:11.0464 1424 fdc - ok
18:36:11.0479 1424 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:36:11.0479 1424 fdPHost - ok
18:36:11.0495 1424 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:36:11.0510 1424 FDResPub - ok
18:36:11.0510 1424 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:36:11.0510 1424 FileInfo - ok
18:36:11.0526 1424 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:36:11.0542 1424 Filetrace - ok
18:36:11.0604 1424 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:36:11.0620 1424 FLEXnet Licensing Service - ok
18:36:11.0651 1424 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:36:11.0666 1424 flpydisk - ok
18:36:11.0698 1424 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:36:11.0698 1424 FltMgr - ok
18:36:11.0744 1424 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:36:11.0760 1424 FontCache - ok
18:36:11.0854 1424 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:36:11.0885 1424 FontCache3.0.0.0 - ok
18:36:11.0916 1424 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:36:11.0916 1424 FsDepends - ok
18:36:11.0932 1424 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:36:11.0932 1424 Fs_Rec - ok
18:36:11.0978 1424 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:36:11.0994 1424 fvevol - ok
18:36:12.0041 1424 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:36:12.0041 1424 gagp30kx - ok
18:36:12.0103 1424 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:36:12.0119 1424 gpsvc - ok
18:36:12.0244 1424 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:36:12.0244 1424 gupdate - ok
18:36:12.0275 1424 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:36:12.0275 1424 gupdatem - ok
18:36:12.0306 1424 [ FCF70F44BBA64A2EB1B87D8A54101DCA ] HBtnKey C:\Windows\system32\drivers\HBtnKey.sys
18:36:12.0353 1424 HBtnKey - ok
18:36:12.0368 1424 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:36:12.0368 1424 hcw85cir - ok
18:36:12.0400 1424 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:36:12.0400 1424 HDAudBus - ok
18:36:12.0400 1424 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:36:12.0415 1424 HidBatt - ok
18:36:12.0431 1424 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:36:12.0431 1424 HidBth - ok
18:36:12.0478 1424 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:36:12.0478 1424 HidIr - ok
18:36:12.0509 1424 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:36:12.0509 1424 hidserv - ok
18:36:12.0540 1424 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:36:12.0540 1424 HidUsb - ok
18:36:12.0571 1424 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:36:12.0587 1424 hkmsvc - ok
18:36:12.0587 1424 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:36:12.0602 1424 HomeGroupListener - ok
18:36:12.0634 1424 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:36:12.0649 1424 HomeGroupProvider - ok
18:36:12.0649 1424 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:36:12.0649 1424 HpSAMD - ok
18:36:12.0680 1424 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:36:12.0696 1424 HTTP - ok
18:36:12.0712 1424 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:36:12.0712 1424 hwpolicy - ok
18:36:12.0758 1424 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:36:12.0758 1424 i8042prt - ok
18:36:12.0805 1424 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:36:12.0805 1424 iaStor - ok
18:36:12.0821 1424 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:36:12.0821 1424 iaStorV - ok
18:36:12.0899 1424 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:36:12.0930 1424 idsvc - ok
18:36:13.0133 1424 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20121030.003\IDSvix86.sys
18:36:13.0148 1424 IDSVix86 - ok
18:36:13.0928 1424 [ 721A8D48B2DC8C1C58C61CB948491EA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:36:14.0147 1424 igfx - ok
18:36:14.0194 1424 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:36:14.0194 1424 iirsp - ok
18:36:14.0240 1424 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:36:14.0272 1424 IKEEXT - ok
18:36:14.0287 1424 [ E3C36AC5AE87EC970AE8EA2A93D59AE1 ] Impcd C:\Windows\system32\drivers\Impcd.sys
18:36:14.0303 1424 Impcd - ok
18:36:14.0350 1424 [ 5576AD2F0039D2BCCCA3567FC0BF981C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:36:14.0350 1424 IntcDAud - ok
18:36:14.0381 1424 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:36:14.0381 1424 intelide - ok
18:36:14.0396 1424 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:36:14.0412 1424 intelppm - ok
18:36:14.0428 1424 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:36:14.0428 1424 IPBusEnum - ok
18:36:14.0459 1424 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:36:14.0474 1424 IpFilterDriver - ok
18:36:14.0506 1424 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:36:14.0552 1424 iphlpsvc - ok
18:36:14.0568 1424 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:36:14.0584 1424 IPMIDRV - ok
18:36:14.0599 1424 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:36:14.0599 1424 IPNAT - ok
18:36:14.0646 1424 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:36:14.0646 1424 IRENUM - ok
18:36:14.0662 1424 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:36:14.0677 1424 isapnp - ok
18:36:14.0708 1424 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:36:14.0708 1424 iScsiPrt - ok
18:36:14.0771 1424 [ 5A9894E80575647DC77A7D1954B05CE7 ] jhi_service C:\Program Files\Intel\Services\IPT\jhi_service.exe
18:36:14.0786 1424 jhi_service - ok
18:36:14.0818 1424 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:36:14.0833 1424 kbdclass - ok
18:36:14.0864 1424 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:36:14.0864 1424 kbdhid - ok
18:36:14.0880 1424 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:36:14.0896 1424 KeyIso - ok
18:36:14.0927 1424 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:36:14.0927 1424 KSecDD - ok
18:36:14.0958 1424 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:36:14.0958 1424 KSecPkg - ok
18:36:14.0989 1424 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:36:15.0005 1424 KtmRm - ok
18:36:15.0067 1424 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:36:15.0083 1424 LanmanServer - ok
18:36:15.0114 1424 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:36:15.0114 1424 LanmanWorkstation - ok
18:36:15.0161 1424 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:36:15.0161 1424 lltdio - ok
18:36:15.0223 1424 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:36:15.0239 1424 lltdsvc - ok
18:36:15.0254 1424 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:36:15.0254 1424 lmhosts - ok
18:36:15.0317 1424 [ BD16CFC982ED578C9BC6C6764DE3CD77 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:36:15.0317 1424 LMS - ok
18:36:15.0348 1424 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:36:15.0348 1424 LSI_FC - ok
18:36:15.0395 1424 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:36:15.0395 1424 LSI_SAS - ok
18:36:15.0410 1424 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:36:15.0426 1424 LSI_SAS2 - ok
18:36:15.0457 1424 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:36:15.0457 1424 LSI_SCSI - ok
18:36:15.0473 1424 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:36:15.0488 1424 luafv - ok
18:36:15.0504 1424 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:36:15.0504 1424 Mcx2Svc - ok
18:36:15.0520 1424 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
18:36:15.0520 1424 megasas - ok
18:36:15.0551 1424 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:36:15.0551 1424 MegaSR - ok
18:36:15.0598 1424 [ 34A6E8BABFF9A3F5342976B9EA0E4899 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
18:36:15.0598 1424 MEI - ok
18:36:15.0676 1424 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:36:15.0707 1424 Microsoft Office Groove Audit Service - ok
18:36:15.0738 1424 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:36:15.0738 1424 MMCSS - ok
18:36:15.0769 1424 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:36:15.0769 1424 Modem - ok
18:36:15.0800 1424 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:36:15.0800 1424 monitor - ok
18:36:15.0832 1424 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:36:15.0832 1424 mouclass - ok
18:36:15.0863 1424 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:36:15.0863 1424 mouhid - ok
18:36:15.0894 1424 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:36:15.0894 1424 mountmgr - ok
18:36:16.0003 1424 [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:36:16.0034 1424 MozillaMaintenance - ok
18:36:16.0050 1424 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:36:16.0066 1424 mpio - ok
18:36:16.0066 1424 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:36:16.0066 1424 mpsdrv - ok
18:36:16.0128 1424 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:36:16.0175 1424 MpsSvc - ok
18:36:16.0190 1424 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:36:16.0206 1424 MRxDAV - ok
18:36:16.0237 1424 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:36:16.0237 1424 mrxsmb - ok
18:36:16.0268 1424 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:36:16.0284 1424 mrxsmb10 - ok
18:36:16.0284 1424 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:36:16.0300 1424 mrxsmb20 - ok
18:36:16.0331 1424 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:36:16.0331 1424 msahci - ok
18:36:16.0362 1424 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:36:16.0378 1424 msdsm - ok
18:36:16.0409 1424 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:36:16.0409 1424 MSDTC - ok
18:36:16.0440 1424 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:36:16.0440 1424 Msfs - ok
18:36:16.0456 1424 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:36:16.0456 1424 mshidkmdf - ok
18:36:16.0487 1424 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:36:16.0487 1424 msisadrv - ok
18:36:16.0518 1424 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:36:16.0565 1424 MSiSCSI - ok
18:36:16.0580 1424 msiserver - ok
18:36:16.0612 1424 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:36:16.0612 1424 MSKSSRV - ok
18:36:16.0674 1424 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:36:16.0705 1424 MSPCLOCK - ok
18:36:16.0721 1424 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:36:16.0721 1424 MSPQM - ok
18:36:16.0752 1424 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:36:16.0752 1424 MsRPC - ok
18:36:16.0768 1424 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:36:16.0783 1424 mssmbios - ok
18:36:16.0783 1424 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:36:16.0783 1424 MSTEE - ok
18:36:16.0799 1424 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:36:16.0814 1424 MTConfig - ok
18:36:16.0830 1424 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:36:16.0830 1424 Mup - ok
18:36:16.0877 1424 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:36:16.0892 1424 napagent - ok
18:36:16.0924 1424 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:36:16.0939 1424 NativeWifiP - ok
18:36:17.0064 1424 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20121031.022\NAVENG.SYS
18:36:17.0064 1424 NAVENG - ok
18:36:17.0392 1424 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20121031.022\NAVEX15.SYS
18:36:17.0407 1424 NAVEX15 - ok
18:36:17.0626 1424 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:36:17.0657 1424 NDIS - ok
18:36:17.0688 1424 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:36:17.0704 1424 NdisCap - ok
18:36:17.0750 1424 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:36:17.0750 1424 NdisTapi - ok
18:36:17.0782 1424 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:36:17.0782 1424 Ndisuio - ok
18:36:17.0797 1424 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:36:17.0797 1424 NdisWan - ok
18:36:17.0828 1424 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:36:17.0828 1424 NDProxy - ok
18:36:17.0860 1424 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:36:17.0860 1424 Net Driver HPZ12 - ok
18:36:17.0938 1424 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:36:17.0938 1424 NetBIOS - ok
18:36:17.0953 1424 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:36:17.0953 1424 NetBT - ok
18:36:17.0969 1424 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:36:17.0984 1424 Netlogon - ok
18:36:18.0016 1424 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:36:18.0031 1424 Netman - ok
18:36:18.0062 1424 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:36:18.0078 1424 NetMsmqActivator - ok
18:36:18.0078 1424 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:36:18.0078 1424 NetPipeActivator - ok
18:36:18.0094 1424 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:36:18.0094 1424 netprofm - ok
18:36:18.0094 1424 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:36:18.0094 1424 NetTcpActivator - ok
18:36:18.0109 1424 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:36:18.0109 1424 NetTcpPortSharing - ok
18:36:18.0140 1424 [ 104BE93F0607C6AA0D85319581F96EC2 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
18:36:18.0156 1424 netvsc - ok
18:36:18.0203 1424 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:36:18.0203 1424 nfrd960 - ok
18:36:18.0234 1424 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:36:18.0234 1424 NlaSvc - ok
18:36:18.0265 1424 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:36:18.0265 1424 Npfs - ok
18:36:18.0265 1424 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:36:18.0265 1424 nsi - ok
18:36:18.0281 1424 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:36:18.0281 1424 nsiproxy - ok
18:36:18.0374 1424 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:36:18.0406 1424 Ntfs - ok
18:36:18.0452 1424 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:36:18.0452 1424 Null - ok
18:36:18.0468 1424 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:36:18.0484 1424 nvraid - ok
18:36:18.0546 1424 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:36:18.0546 1424 nvstor - ok
18:36:18.0577 1424 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:36:18.0577 1424 nv_agp - ok
18:36:18.0624 1424 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
18:36:18.0640 1424 O2FLASH - ok
18:36:18.0671 1424 [ 5F63917FCC257ED11E828230BE594194 ] O2MDFRDR C:\Windows\system32\drivers\O2MDFw7.sys
18:36:18.0686 1424 O2MDFRDR - ok
18:36:18.0702 1424 [ FDC901900D9B1B671B3388C3023BD2EA ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRw7.sys
18:36:18.0702 1424 O2MDRRDR - ok
18:36:18.0749 1424 [ 4635935FC972C582632BF45C26BFCB0E ] O2SDIOAssist c:\Windows\system32\srvany.exe
18:36:18.0764 1424 O2SDIOAssist - ok
18:36:18.0780 1424 [ D5A27C1ECD36564FED061EFB78BD0A62 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7.sys
18:36:18.0780 1424 O2SDJRDR - ok
18:36:18.0967 1424 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:36:18.0998 1424 odserv - ok
18:36:19.0045 1424 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:36:19.0045 1424 ohci1394 - ok
18:36:19.0092 1424 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:36:19.0092 1424 ose - ok
18:36:19.0139 1424 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:36:19.0139 1424 p2pimsvc - ok
18:36:19.0201 1424 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:36:19.0217 1424 p2psvc - ok
18:36:19.0248 1424 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:36:19.0248 1424 Parport - ok
18:36:19.0279 1424 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:36:19.0295 1424 partmgr - ok
18:36:19.0326 1424 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:36:19.0326 1424 Parvdm - ok
18:36:19.0357 1424 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
18:36:19.0357 1424 PBADRV - ok
18:36:19.0388 1424 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:36:19.0388 1424 PcaSvc - ok
18:36:19.0451 1424 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:36:19.0451 1424 pci - ok
18:36:19.0498 1424 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:36:19.0498 1424 pciide - ok
18:36:19.0529 1424 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:36:19.0544 1424 pcmcia - ok
18:36:19.0560 1424 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:36:19.0560 1424 pcw - ok
18:36:19.0700 1424 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:36:19.0716 1424 PEAUTH - ok
18:36:19.0763 1424 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:36:19.0778 1424 PeerDistSvc - ok
18:36:19.0841 1424 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:36:19.0888 1424 pla - ok
18:36:19.0950 1424 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:36:19.0966 1424 PlugPlay - ok
18:36:19.0981 1424 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:36:19.0981 1424 Pml Driver HPZ12 - ok
18:36:19.0997 1424 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:36:19.0997 1424 PNRPAutoReg - ok
18:36:20.0012 1424 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:36:20.0012 1424 PNRPsvc - ok
18:36:20.0044 1424 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:36:20.0044 1424 PolicyAgent - ok
18:36:20.0059 1424 [ AC42F771CC29727BD1663F211E9AC507 ] Power C:\Windows\system32\umpo.dll
18:36:20.0075 1424 Power - ok
18:36:20.0122 1424 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:36:20.0122 1424 PptpMiniport - ok
18:36:20.0168 1424 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
18:36:20.0168 1424 Processor - ok
18:36:20.0215 1424 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:36:20.0231 1424 ProfSvc - ok
18:36:20.0246 1424 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:36:20.0246 1424 ProtectedStorage - ok
18:36:20.0262 1424 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:36:20.0262 1424 Psched - ok
18:36:20.0309 1424 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:36:20.0309 1424 PxHelp20 - ok
18:36:20.0371 1424 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:36:20.0434 1424 ql2300 - ok
18:36:20.0465 1424 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:36:20.0480 1424 ql40xx - ok
18:36:20.0512 1424 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:36:20.0527 1424 QWAVE - ok
18:36:20.0543 1424 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:36:20.0543 1424 QWAVEdrv - ok
18:36:20.0558 1424 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:36:20.0558 1424 RasAcd - ok
18:36:20.0605 1424 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:36:20.0605 1424 RasAgileVpn - ok
18:36:20.0636 1424 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:36:20.0636 1424 RasAuto - ok
18:36:20.0652 1424 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:36:20.0652 1424 Rasl2tp - ok
18:36:20.0668 1424 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:36:20.0668 1424 RasMan - ok
18:36:20.0683 1424 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:36:20.0683 1424 RasPppoe - ok
18:36:20.0683 1424 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:36:20.0699 1424 RasSstp - ok
18:36:20.0699 1424 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:36:20.0714 1424 rdbss - ok
18:36:20.0730 1424 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:36:20.0730 1424 rdpbus - ok
18:36:20.0746 1424 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:36:20.0746 1424 RDPCDD - ok
18:36:20.0777 1424 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:36:20.0792 1424 RDPDR - ok
18:36:20.0824 1424 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:36:20.0824 1424 RDPENCDD - ok
18:36:20.0839 1424 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:36:20.0839 1424 RDPREFMP - ok
18:36:20.0886 1424 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:36:20.0917 1424 RDPWD - ok
18:36:20.0933 1424 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:36:20.0933 1424 rdyboost - ok
18:36:20.0980 1424 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:36:20.0980 1424 RemoteAccess - ok
18:36:21.0011 1424 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:36:21.0011 1424 RemoteRegistry - ok
18:36:21.0370 1424 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:36:21.0401 1424 RoxMediaDB12OEM - ok
18:36:21.0432 1424 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:36:21.0432 1424 RoxWatch12 - ok
18:36:21.0479 1424 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:36:21.0479 1424 RpcEptMapper - ok
18:36:21.0510 1424 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:36:21.0510 1424 RpcLocator - ok
18:36:21.0526 1424 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:36:21.0541 1424 RpcSs - ok
18:36:21.0572 1424 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:36:21.0588 1424 rspndr - ok
18:36:21.0619 1424 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:36:21.0619 1424 s3cap - ok
18:36:21.0635 1424 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:36:21.0635 1424 SamSs - ok
18:36:21.0666 1424 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:36:21.0666 1424 sbp2port - ok
18:36:21.0697 1424 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:36:21.0697 1424 SCardSvr - ok
18:36:21.0728 1424 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:36:21.0728 1424 scfilter - ok
18:36:21.0760 1424 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:36:21.0791 1424 Schedule - ok
18:36:21.0822 1424 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:36:21.0822 1424 SCPolicySvc - ok
18:36:21.0838 1424 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:36:21.0838 1424 SDRSVC - ok
18:36:21.0869 1424 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:36:21.0869 1424 secdrv - ok
18:36:21.0884 1424 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:36:21.0884 1424 seclogon - ok
18:36:22.0025 1424 [ 889C97ACB58C78B9DB6F94FAEDA05B70 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
18:36:22.0056 1424 SecureStorageService - ok
18:36:22.0072 1424 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:36:22.0072 1424 SENS - ok
18:36:22.0103 1424 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:36:22.0103 1424 SensrSvc - ok
18:36:22.0228 1424 [ 74885BDFF62E537F268EBF8E8CEC24BB ] SepMasterService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
18:36:22.0228 1424 SepMasterService - ok
18:36:22.0259 1424 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:36:22.0274 1424 Serenum - ok
18:36:22.0290 1424 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:36:22.0306 1424 Serial - ok
18:36:22.0321 1424 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:36:22.0321 1424 sermouse - ok
18:36:22.0352 1424 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:36:22.0368 1424 SessionEnv - ok
18:36:22.0384 1424 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:36:22.0384 1424 sffdisk - ok
18:36:22.0415 1424 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:36:22.0430 1424 sffp_mmc - ok
18:36:22.0446 1424 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:36:22.0446 1424 sffp_sd - ok
18:36:22.0462 1424 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:36:22.0462 1424 sfloppy - ok
18:36:22.0493 1424 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:36:22.0493 1424 SharedAccess - ok
18:36:22.0524 1424 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:36:22.0540 1424 ShellHWDetection - ok
18:36:22.0555 1424 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:36:22.0571 1424 sisagp - ok
18:36:22.0602 1424 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:36:22.0602 1424 SiSRaid2 - ok
18:36:22.0618 1424 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:36:22.0618 1424 SiSRaid4 - ok
18:36:22.0930 1424 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:36:23.0023 1424 Skype C2C Service - ok
18:36:23.0086 1424 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:36:23.0086 1424 SkypeUpdate - ok
18:36:23.0117 1424 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:36:23.0132 1424 Smb - ok
18:36:23.0226 1424 [ 244687A7F63848235B8B5CC493B6CAFF ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\Smc.exe
18:36:23.0257 1424 SmcService - ok
18:36:23.0273 1424 [ 6CD803703835CC3EA4E8D47B2517F1C1 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\snac.exe
18:36:23.0288 1424 SNAC - ok
18:36:23.0320 1424 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:36:23.0335 1424 SNMPTRAP - ok
18:36:23.0351 1424 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:36:23.0351 1424 spldr - ok
18:36:23.0382 1424 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:36:23.0398 1424 Spooler - ok
18:36:23.0491 1424 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:36:23.0569 1424 sppsvc - ok
18:36:23.0585 1424 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:36:23.0585 1424 sppuinotify - ok
18:36:23.0632 1424 [ 818FF33E09C5EF86E721E1FC00154564 ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSP.SYS
18:36:23.0647 1424 SRTSP - ok
18:36:23.0663 1424 [ 3C01529E8B986D9DC7489F7CE8BCAD91 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SRTSPX.SYS
18:36:23.0663 1424 SRTSPX - ok
18:36:23.0678 1424 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:36:23.0694 1424 srv - ok
18:36:23.0710 1424 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:36:23.0710 1424 srv2 - ok
18:36:23.0725 1424 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:36:23.0741 1424 srvnet - ok
18:36:23.0756 1424 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:36:23.0756 1424 SSDPSRV - ok
18:36:23.0788 1424 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:36:23.0788 1424 SstpSvc - ok
18:36:23.0866 1424 [ A97FCA92BE4E62BC589371058CBC769E ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
18:36:23.0866 1424 STacSV - ok
18:36:23.0912 1424 [ D8FC8D47FBFCB3852E40F5D5058ABC6A ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
18:36:23.0912 1424 stdcfltn - ok
18:36:23.0944 1424 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:36:23.0959 1424 stexstor - ok
18:36:23.0990 1424 [ D5D73B49D53FCC47E2828D6805DFA0F6 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
18:36:23.0990 1424 STHDA - ok
18:36:24.0100 1424 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:36:24.0115 1424 StiSvc - ok
18:36:24.0162 1424 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:36:24.0178 1424 stllssvr - ok
18:36:24.0193 1424 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:36:24.0209 1424 StorSvc - ok
18:36:24.0256 1424 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:36:24.0256 1424 storvsc - ok
18:36:24.0302 1424 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:36:24.0302 1424 swenum - ok
18:36:24.0365 1424 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:36:24.0380 1424 swprv - ok
18:36:24.0427 1424 [ A0B824E49347B279ACB3903C04C78F75 ] SyDvCtrl C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\SyDvCtrl32.sys
18:36:24.0427 1424 SyDvCtrl - ok
18:36:24.0458 1424 [ 4F52D56310FEF75249914F352DDE7D13 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMDS.SYS
18:36:24.0474 1424 SymDS - ok
18:36:24.0505 1424 [ 71B5577BADCF9C9420393395601BB995 ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMEFA.SYS
18:36:24.0505 1424 SymEFA - ok
18:36:24.0536 1424 [ 98D28D08E68145FB550EE7670B43BAF2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
18:36:24.0552 1424 SymEvent - ok
18:36:24.0583 1424 [ 7450A24AFBC9B0804D0A987204FFC0F8 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\Ironx86.SYS
18:36:24.0583 1424 SymIRON - ok
18:36:24.0630 1424 [ 6E70D06E851F7920281677FE20AC0E92 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x86\SYMNETS.SYS
18:36:24.0630 1424 SYMNETS - ok
18:36:24.0661 1424 [ 04990C25043705985F1EC40BF704AAAC ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
18:36:24.0692 1424 SynthVid - ok
18:36:24.0739 1424 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:36:24.0786 1424 SysMain - ok
18:36:24.0802 1424 [ 65C165C4324D153429BF3BA9350F3084 ] SysPlant C:\Windows\system32\Drivers\SysPlant.sys
18:36:24.0802 1424 SysPlant - ok
18:36:24.0833 1424 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:36:24.0833 1424 TabletInputService - ok
18:36:24.0848 1424 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:36:24.0864 1424 TapiSrv - ok
18:36:24.0880 1424 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:36:24.0880 1424 TBS - ok
18:36:24.0958 1424 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:36:25.0004 1424 Tcpip - ok
18:36:25.0036 1424 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:36:25.0036 1424 TCPIP6 - ok
18:36:25.0067 1424 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:36:25.0067 1424 tcpipreg - ok
18:36:25.0176 1424 [ 3D52B206D9F6F3ECFDB5D676614E47B6 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:36:25.0254 1424 tcsd_win32.exe - ok
18:36:25.0691 1424 [ 0BAD1BC9BA31218B682455182134537D ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
18:36:25.0753 1424 TdmService - ok
18:36:25.0800 1424 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:36:25.0800 1424 TDPIPE - ok
18:36:25.0831 1424 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:36:25.0831 1424 TDTCP - ok
18:36:25.0862 1424 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:36:25.0862 1424 tdx - ok
18:36:25.0909 1424 [ 438A8CA953BDC64AF68AA9C5E9624ED6 ] Teefer2 C:\Windows\system32\DRIVERS\Teefer.sys
18:36:25.0909 1424 Teefer2 - ok
18:36:25.0925 1424 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:36:25.0925 1424 TermDD - ok
18:36:26.0065 1424 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:36:26.0081 1424 TermService - ok
18:36:26.0096 1424 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:36:26.0112 1424 Themes - ok
18:36:26.0143 1424 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:36:26.0143 1424 THREADORDER - ok
18:36:26.0174 1424 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:36:26.0190 1424 TrkWks - ok
18:36:26.0268 1424 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:36:26.0268 1424 TrustedInstaller - ok
18:36:26.0299 1424 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:36:26.0299 1424 tssecsrv - ok
18:36:26.0330 1424 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:36:26.0330 1424 TsUsbFlt - ok
18:36:26.0346 1424 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:36:26.0346 1424 TsUsbGD - ok
18:36:26.0393 1424 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:36:26.0393 1424 tunnel - ok
18:36:26.0424 1424 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:36:26.0424 1424 uagp35 - ok
18:36:26.0455 1424 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:36:26.0471 1424 udfs - ok
18:36:26.0502 1424 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:36:26.0518 1424 UI0Detect - ok
18:36:26.0549 1424 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:36:26.0549 1424 uliagpkx - ok
18:36:26.0580 1424 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:36:26.0580 1424 umbus - ok
18:36:26.0596 1424 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
18:36:26.0596 1424 UmPass - ok
18:36:26.0627 1424 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:36:26.0642 1424 UmRdpService - ok
18:36:27.0017 1424 [ 30B67FBC4D170B1FB2AED6784FAE4AB4 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:36:27.0095 1424 UNS - ok
18:36:27.0173 1424 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:36:27.0173 1424 upnphost - ok
18:36:27.0220 1424 [ 4663AD7F61519E88687393BFCB154E4C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:36:27.0220 1424 usbccgp - ok
18:36:27.0251 1424 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:36:27.0266 1424 usbcir - ok
18:36:27.0298 1424 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:36:27.0298 1424 usbehci - ok
18:36:27.0344 1424 [ 57CA3E7C775C22C62927A41838E10938 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:36:27.0360 1424 usbhub - ok
18:36:27.0391 1424 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:36:27.0407 1424 usbohci - ok
18:36:27.0422 1424 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:36:27.0422 1424 usbprint - ok
18:36:27.0454 1424 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:36:27.0454 1424 USBSTOR - ok
18:36:27.0485 1424 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:36:27.0500 1424 usbuhci - ok
18:36:27.0532 1424 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:36:27.0547 1424 usbvideo - ok
18:36:27.0578 1424 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:36:27.0594 1424 UxSms - ok
18:36:27.0625 1424 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:36:27.0625 1424 VaultSvc - ok
18:36:27.0672 1424 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:36:27.0672 1424 vdrvroot - ok
18:36:27.0703 1424 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:36:27.0781 1424 vds - ok
18:36:27.0797 1424 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:36:27.0812 1424 vga - ok
18:36:27.0828 1424 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:36:27.0828 1424 VgaSave - ok
18:36:27.0859 1424 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:36:27.0859 1424 vhdmp - ok
18:36:27.0890 1424 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:36:27.0890 1424 viaagp - ok
18:36:27.0922 1424 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:36:27.0922 1424 ViaC7 - ok
18:36:27.0937 1424 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:36:27.0937 1424 viaide - ok
18:36:27.0953 1424 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:36:27.0953 1424 VMBusHID - ok
18:36:27.0968 1424 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:36:27.0968 1424 volmgr - ok
18:36:28.0015 1424 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:36:28.0046 1424 volmgrx - ok
18:36:28.0062 1424 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:36:28.0062 1424 volsnap - ok
18:36:28.0109 1424 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:36:28.0109 1424 vsmraid - ok
18:36:28.0156 1424 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:36:28.0234 1424 VSS - ok
18:36:28.0249 1424 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:36:28.0249 1424 vwifibus - ok
18:36:28.0280 1424 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:36:28.0280 1424 vwififlt - ok
18:36:28.0312 1424 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:36:28.0327 1424 W32Time - ok
18:36:28.0343 1424 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:36:28.0358 1424 WacomPen - ok
18:36:28.0374 1424 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:36:28.0374 1424 WANARP - ok
18:36:28.0374 1424 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:36:28.0374 1424 Wanarpv6 - ok
18:36:28.0436 1424 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:36:28.0483 1424 WatAdminSvc - ok
18:36:28.0670 1424 [ 79E2E832DE566CFEDBF4E6DAFE73B959 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
18:36:28.0686 1424 Wave Authentication Manager Service - ok
18:36:28.0795 1424 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:36:28.0811 1424 wbengine - ok
18:36:28.0811 1424 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:36:28.0811 1424 WbioSrvc - ok
18:36:28.0842 1424 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:36:28.0842 1424 wcncsvc - ok
18:36:28.0858 1424 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:36:28.0858 1424 WcsPlugInService - ok
18:36:28.0889 1424 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
18:36:28.0904 1424 Wd - ok
18:36:28.0951 1424 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:36:28.0951 1424 Wdf01000 - ok
18:36:28.0982 1424 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:36:28.0982 1424 WdiServiceHost - ok
18:36:28.0982 1424 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:36:28.0982 1424 WdiSystemHost - ok
18:36:28.0998 1424 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:36:28.0998 1424 WebClient - ok
18:36:28.0998 1424 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:36:28.0998 1424 Wecsvc - ok
18:36:29.0014 1424 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:36:29.0029 1424 wercplsupport - ok
18:36:29.0060 1424 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:36:29.0060 1424 WerSvc - ok
18:36:29.0138 1424 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:36:29.0154 1424 WfpLwf - ok
18:36:29.0185 1424 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:36:29.0185 1424 WIMMount - ok
18:36:29.0326 1424 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:36:29.0326 1424 WinDefend - ok
18:36:29.0326 1424 WinHttpAutoProxySvc - ok
18:36:29.0372 1424 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:36:29.0388 1424 Winmgmt - ok
18:36:29.0419 1424 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:36:29.0466 1424 WinRM - ok
18:36:29.0528 1424 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:36:29.0544 1424 Wlansvc - ok
18:36:29.0575 1424 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:36:29.0591 1424 wlcrasvc - ok
18:36:29.0653 1424 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:36:29.0684 1424 wlidsvc - ok
18:36:29.0731 1424 [ 54950D34613936FEE2D50FDC8A810FEB ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
18:36:29.0731 1424 wltrysvc - ok
18:36:29.0856 1424 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:36:29.0856 1424 WmiAcpi - ok
18:36:29.0918 1424 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:36:29.0918 1424 wmiApSrv - ok
18:36:30.0293 1424 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:36:30.0308 1424 WMPNetworkSvc - ok
18:36:30.0371 1424 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:36:30.0371 1424 WPCSvc - ok
18:36:30.0418 1424 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:36:30.0418 1424 WPDBusEnum - ok
18:36:30.0511 1424 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:36:30.0511 1424 ws2ifsl - ok
18:36:30.0574 1424 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:36:30.0574 1424 wscsvc - ok
18:36:30.0574 1424 WSearch - ok
18:36:31.0135 1424 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:36:31.0151 1424 wuauserv - ok
18:36:31.0198 1424 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:36:31.0198 1424 WudfPf - ok
18:36:31.0307 1424 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:36:31.0307 1424 WUDFRd - ok
18:36:31.0369 1424 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:36:31.0369 1424 wudfsvc - ok
18:36:31.0416 1424 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:36:31.0416 1424 WwanSvc - ok
18:36:31.0541 1424 ================ Scan global ===============================
18:36:31.0588 1424 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:36:31.0666 1424 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:36:31.0681 1424 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:36:31.0697 1424 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:36:31.0744 1424 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:36:31.0744 1424 [Global] - ok
18:36:31.0759 1424 ================ Scan MBR ==================================
18:36:31.0759 1424 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:36:32.0867 1424 \Device\Harddisk0\DR0 - ok
18:36:32.0867 1424 ================ Scan VBR ==================================
18:36:32.0929 1424 [ A52B753A5F3DA403CAE346CC771D29C4 ] \Device\Harddisk0\DR0\Partition1
18:36:32.0929 1424 \Device\Harddisk0\DR0\Partition1 - ok
18:36:32.0960 1424 [ BAD3D997CA9C1F6ABB08BF9E831CEF55 ] \Device\Harddisk0\DR0\Partition2
18:36:32.0992 1424 \Device\Harddisk0\DR0\Partition2 - ok
18:36:32.0992 1424 ============================================================
18:36:32.0992 1424 Scan finished
18:36:32.0992 1424 ============================================================
18:36:33.0007 4104 Detected object count: 0
18:36:33.0007 4104 Actual detected object count: 0
18:42:16.0179 5628 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-01 18:38:05
-----------------------------
18:38:05.023 OS Version: Windows 6.1.7601 Service Pack 1
18:38:05.023 Number of processors: 4 586 0x2A07
18:38:05.023 ComputerName: H2012 UserName:
18:38:06.411 Initialize success
18:44:30.589 AVAST engine defs: 12110100
18:44:39.387 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:44:39.403 Disk 0 Vendor: WDC_WD32 03.0 Size: 305245MB BusType: 3
18:44:39.419 Disk 0 MBR read successfully
18:44:39.419 Disk 0 MBR scan
18:44:39.419 Disk 0 Windows VISTA default MBR code
18:44:39.419 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
18:44:39.434 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11568 MB offset 81920
18:44:39.450 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 293636 MB offset 23773184
18:44:39.465 Disk 0 scanning sectors +625139712
18:44:39.543 Disk 0 scanning C:\Windows\system32\drivers
18:44:49.949 Service scanning
18:45:18.528 Modules scanning
18:45:30.212 Disk 0 trace - called modules:
18:45:30.743 ntkrnlpa.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys halmacpi.dll iaStor.sys
18:45:30.758 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87b9d030]
18:45:30.774 3 CLASSPNP.SYS[8bbdc59e] -> nt!IofCallDriver -> [0x87b9c420]
18:45:30.789 5 stdcfltn.sys[8c1d4854] -> nt!IofCallDriver -> [0x8646d958]
18:45:30.805 7 ACPI.sys[8b8c13d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86012028]
18:45:31.991 AVAST engine scan C:\Windows
18:45:35.064 AVAST engine scan C:\Windows\system32
18:49:01.374 AVAST engine scan C:\Windows\system32\drivers
18:49:15.601 AVAST engine scan C:\Users\H
18:50:11.512 Disk 0 MBR has been saved successfully to "C:\Users\H\Desktop\MBR.dat"
18:50:11.512 The log file has been saved successfully to "C:\Users\H\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-01 18:38:05
-----------------------------
18:38:05.023 OS Version: Windows 6.1.7601 Service Pack 1
18:38:05.023 Number of processors: 4 586 0x2A07
18:38:05.023 ComputerName: H2012 UserName:
18:38:06.411 Initialize success
18:44:30.589 AVAST engine defs: 12110100
18:44:39.387 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:44:39.403 Disk 0 Vendor: WDC_WD32 03.0 Size: 305245MB BusType: 3
18:44:39.419 Disk 0 MBR read successfully
18:44:39.419 Disk 0 MBR scan
18:44:39.419 Disk 0 Windows VISTA default MBR code
18:44:39.419 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
18:44:39.434 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11568 MB offset 81920
18:44:39.450 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 293636 MB offset 23773184
18:44:39.465 Disk 0 scanning sectors +625139712
18:44:39.543 Disk 0 scanning C:\Windows\system32\drivers
18:44:49.949 Service scanning
18:45:18.528 Modules scanning
18:45:30.212 Disk 0 trace - called modules:
18:45:30.743 ntkrnlpa.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys halmacpi.dll iaStor.sys
18:45:30.758 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87b9d030]
18:45:30.774 3 CLASSPNP.SYS[8bbdc59e] -> nt!IofCallDriver -> [0x87b9c420]
18:45:30.789 5 stdcfltn.sys[8c1d4854] -> nt!IofCallDriver -> [0x8646d958]
18:45:30.805 7 ACPI.sys[8b8c13d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86012028]
18:45:31.991 AVAST engine scan C:\Windows
18:45:35.064 AVAST engine scan C:\Windows\system32
18:49:01.374 AVAST engine scan C:\Windows\system32\drivers
18:49:15.601 AVAST engine scan C:\Users\H
18:50:11.512 Disk 0 MBR has been saved successfully to "C:\Users\H\Desktop\MBR.dat"
18:50:11.512 The log file has been saved successfully to "C:\Users\H\Desktop\aswMBR.txt"


ESET LOG:

C:\Users\H\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:28 PM

Posted 01 November 2012 - 07:35 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Professor H

Professor H
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 03 November 2012 - 01:49 PM

I ran all scans except the last one (Junkware removal tool). Google chrome says the file appears malicious. Are you sure about that one?

All other logs are below. Thanks!

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.03.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
H :: H2012 [administrator]

11/3/2012 10:49:03 AM
mbam-log-2012-11-03 (10-49-03).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 480889
Time elapsed: 1 hour(s), 47 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by H (administrator) on 03-11-2012 at 14:32:04
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1530 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Cisco Systems VPN Adapter = Local Area Connection 2 (Hardware not present)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : H2012
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : DW1530 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 84-4B-F5-39-7F-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d989:46f8:34ab:448d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, November 03, 2012 10:47:11 AM
Lease Expires . . . . . . . . . . : Sunday, November 04, 2012 2:03:59 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 243551221
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-97-83-18-D0-67-E5-53-DA-1E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Blandy
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : D0-67-E5-53-DA-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Blandy:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::145a:21b:3f57:fefb%20(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 687865856
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-97-83-18-D0-67-E5-53-DA-1E
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:803::1008
74.125.228.103
74.125.228.104
74.125.228.96
74.125.228.98
74.125.228.97
74.125.228.100
74.125.228.110
74.125.228.101
74.125.228.99
74.125.228.102
74.125.228.105


Pinging google.com [74.125.228.96] with 32 bytes of data:
Reply from 74.125.228.96: bytes=32 time=13ms TTL=54
Reply from 74.125.228.96: bytes=32 time=15ms TTL=54

Ping statistics for 74.125.228.96:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 15ms, Average = 14ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=141ms TTL=49
Reply from 98.138.253.109: bytes=32 time=164ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 141ms, Maximum = 164ms, Average = 152ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...84 4b f5 39 7f ec ......DW1530 Wireless-N WLAN Half-Mini Card
11...d0 67 e5 53 da 1e ......Broadcom NetXtreme 57xx Gigabit Controller
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
20 306 fe80::/64 On-link
20 306 fe80::145a:21b:3f57:fefb/128
On-link
13 281 fe80::d989:46f8:34ab:448d/128
On-link
1 306 ff00::/8 On-link
20 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/03/2012 00:55:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/03/2012 10:46:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2012 11:35:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2012 06:29:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2012 10:14:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/01/2012 09:31:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2012 04:14:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2012 00:17:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/31/2012 11:13:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2012 09:20:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/03/2012 10:45:46 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/02/2012 05:29:43 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/02/2012 11:35:04 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/01/2012 06:29:19 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/01/2012 02:22:23 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.53 did not allow the name to be claimed by
this computer.

Error: (11/01/2012 02:17:13 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.53 did not allow the name to be claimed by
this computer.

Error: (11/01/2012 02:12:03 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.53 did not allow the name to be claimed by
this computer.

Error: (11/01/2012 02:06:53 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.53 did not allow the name to be claimed by
this computer.

Error: (11/01/2012 02:01:43 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.53 did not allow the name to be claimed by
this computer.

Error: (11/01/2012 01:56:33 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.53 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (10/16/2012 10:14:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3468 seconds with 480 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.4)
AccelerometerP11 (Version: 2.00.10.33)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.2)
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
AuthenTec Fingerprint Software (Version: 8.4.4.20)
BioAPI Framework (Version: 1.0.2)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 14.4.6.2)
Canon iP4700 series Printer Driver
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cisco Systems VPN Client 5.0.07.0290 (ITC) (Version: 5.0.6)
Custom (Version: 01.00.00.000)
CyberLink PowerDVD 9.5 (Version: 9.5.1.5127)
D3DX10 (Version: 15.4.2368.0902)
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Client System Update (Version: 1.2.3)
Dell Data Protection | Access (Version: 02.01.01.001)
Dell Data Protection | Access (Version: 2.1.00001.001)
Dell Data Protection | Access | Drivers (Version: 2.01.018)
Dell Data Protection | Access | Middleware (Version: 2.01.010)
Dell Edoc Viewer (Version: 1.0.0)
Dell Feature Enhancement Pack (Version: 2.1.000)
Dell Touchpad (Version: 7.1208.101.125)
Dell Webcam Central (Version: 1.40.54)
DellAccess (Version: 01.00.00.108)
Digital Line Detect (Version: 1.21)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card Utility (Version: 5.100.235.13)
EMBASSY Security Center (Version: 04.02.00.173)
ESET Online Scanner v3
Gemalto (Version: 01.01.01.0000)
Google Chrome (Version: 22.0.1229.94)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
HP LaserJet P2050 Series 6.0 (Version: 6.0)
hppFonts (Version: 001.001.00061)
hppQFolderP2050 (Version: 1.00.0000)
Intel® Identity Protection Technology 1.2.22.0 (Version: 1.2.22.0)
Intel® Management Engine Components (Version: 7.1.40.1161)
Intel® Processor Graphics (Version: 8.15.10.2418)
ITC Network Setup Tool (Version: 1.1.3)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MATLAB R2012a (Version: 7.14)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Modem Diagnostic Tool (Version: 1.0.28.0)
Mozilla Maintenance Service (Version: 16.0.2)
Mozilla Thunderbird 16.0.2 (x86 en-US) (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netwaiting (Version: 2.5.59)
NTRU TCG Software Stack (Version: 2.1.36)
O2Micro Flash Memory Card Windows Driver (Version: 3.0.07.23)
O2Micro OZ776 SCR Driver (Version: 1.1.4.210GS)
PC-CCID (Version: 2.0.0)
PhotoShowExpress (Version: 2.0.063)
Preboot Manager (Version: 03.02.00.096)
PremiumSoft Navicat Lite 9.1
Private Information Manager (Version: 07.00.00.047)
R for Windows 2.15.1 (Version: 2.15.1)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
SigmaPlot 11.1.0 (Version: 11.1.0)
Skype Click to Call (Version: 6.3.11079)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPBA 5.9 (Version: 5.9.4.6686)
Symantec Endpoint Protection (Version: 12.1.1000.157)
Tinn-R 2.3.7.1
Trusted Drive Manager (Version: 4.1.1.312)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
VanDyke Software SecureFX 6.6 (Version: 6.6.1)
Wave Infrastructure Installer (Version: 07.03.17.0010)
Wave Support Software Installer (Version: 05.12.00.036)
WebReg (Version: 100.0.170.000)
Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) (Version: 05/13/2009 8.4.2.0)
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zotero Standalone 3.0.8 (x86 en-US) (Version: 3.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3242.27 MB
Available physical RAM: 1774.97 MB
Total Pagefile: 6482.82 MB
Available Pagefile: 4855.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.08 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:286.75 GB) (Free:224.65 GB) NTFS

========================= Users: ========================================

User accounts for \\H2012

Administrator Guest H

========================= Restore Points ==================================

08-10-2012 15:52:53 Scheduled Checkpoint
11-10-2012 12:31:57 Windows Update
11-10-2012 13:47:16 Windows Update
16-10-2012 14:14:43 Windows Update
17-10-2012 13:25:37 Installed Java 7 Update 9
19-10-2012 18:08:41 Windows Update
23-10-2012 13:49:20 Windows Update
26-10-2012 21:09:00 Windows Update
30-10-2012 21:09:12 Windows Update
02-11-2012 21:29:28 Windows Update

**** End of log ****


Farbar Service Scanner Version: 03-11-2012
Ran by H (administrator) on 03-11-2012 at 14:33:56
Running from "C:\Users\H\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-13 09:07] - [2012-08-22 13:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-11 08:32] - [2012-06-02 00:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.006 - Logfile created 11/03/2012 at 14:36:05
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : H - H2012
# Boot Mode : Normal
# Running from : C:\Users\H\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\KYLEHA~1\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\KYLEHA~1\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\KYLEHA~1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Kyle Haynes\AppData\Local\Ilivid Player

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1939 octets] - [03/11/2012 14:36:05]

########## EOF - C:\AdwCleaner[S1].txt - [1999 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:28 PM

Posted 03 November 2012 - 01:50 PM

I ran all scans except the last one (Junkware removal tool). Google chrome says the file appears malicious. Are you sure about that one?


Yes

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Professor H

Professor H
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 03 November 2012 - 02:08 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 2.5.8 (11.03.2012)
OS: Windows 7 Professional x86
Ran by H on Sat 11/03/2012 at 14:53:03.77
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\H\appdata\locallow\datamngr"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sat 11/03/2012 at 14:57:19.22
End of Report


Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/03/2012 02:59:59 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* c:\Windows\system32\srvany.exe (PID: 556) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/03/2012 03:00:16 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)



"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files\adobe\acrobat 9.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\acrobat 9.0\acrobat\acrobat_sl.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\delltpad\apoint.exe"
+ "Broadcom Wireless Manager UI" "DW WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dw wlan card\wltray.exe"
+ "DBRMTray" "DBRM_Toaster" "Dell Computer Corporation" "c:\dell\dbrm\reminder\dbrmtrayicon.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files\dell webcam\dell webcam central\webcamdell2.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files\roxio\oem\roxio burn\roxioburnlauncher.exe"
+ "DFEPApplication" "Dell Feature Enhancement Pack" "Dell Inc." "c:\program files\dell\feature enhancement pack\dfepapplication.exe"
+ "FreeFallProtection" "FF_Protection MFC Application" "" "c:\program files\stmicroelectronics\accelerometerp11\ff_protection.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovemonitor.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Logitech Download Assistant" "Logitech Download Assistant" "Logitech, Inc." "c:\windows\system32\logilda.dll"
+ "PDVD9LanguageShortcut" "PowerDVD Language Application" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\language\language.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RemoteControl9" "PowerDVD RC Service" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\pdvd9serv.exe"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\sharedcom\roxwatchtray12oem.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
+ "TdmNotify" "Trusted Drive Manager User Notifier" "Wave Systems Corp." "c:\program files\dell\dell data protection\access\advanced\wave\trusted drive manager\tdmnotify.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "DBRMTray" "TrayApp" "Microsoft" "c:\dell\dbrm\reminder\trayapp.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Digital Line Detect.lnk" "Digital Line Detection" "Avanquest Software " "c:\program files\digital line detect\dlg.exe"
+ "UVA ITC Network Setup Tool Cert Checker.lnk" "" "" "c:\windows\installer\{e0274560-0fb3-4928-9800-6b45aaefb506}\_39b470e5817d54f276433b.exe"
+ "VPN Client.lnk" "" "" "c:\windows\installer\{b0bf7057-6869-4e4b-920c-ea2a58da07f0}\icon3e5562ed7.ico"
"C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Smart Settings.lnk" "DellSmartSettings" "Microsoft" "c:\program files\dell\feature enhancement pack\smartsettings.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\h\appdata\local\google\update\googleupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "grooveLocalGWS" "GrooveSystemServices Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovesystemservices.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "LDVPMenu" "Symantec Endpoint Protection" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\vpshell2.dll"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files\roxio\oem\roxio burn\rb_contextmenu.dll"
+ "RXDCExtSvr12" "Roxio Creator Shell Extension" "Sonic Solutions" "c:\program files\roxio\oem\virtual drive 12\dc_shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files\adobe\acrobat 9.0\acrobat elements\contextmenu.dll"
+ "LDVPMenu" "Symantec Endpoint Protection" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\vpshell2.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr12" "Roxio Creator Shell Extension" "Sonic Solutions" "c:\program files\roxio\oem\virtual drive 12\dc_shellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "EnabledUnlockedFDEIconOverlay" "TDM Icon Overlay" "Wave Systems Corp." "c:\program files\dell\dell data protection\access\advanced\wave\trusted drive manager\tdmiconoverlay.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "UninitializedFdeIconOverlay" "TDM Icon Overlay" "Wave Systems Corp." "c:\program files\dell\dell data protection\access\advanced\wave\trusted drive manager\tdmiconoverlay.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Symantec Intrusion Prevention" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\ips\ipsbho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskUserS-1-5-21-1739788951-2944234116-441127335-1001Core" "Google Installer" "Google Inc." "c:\users\h\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1739788951-2944234116-441127335-1001UA" "Google Installer" "Google Inc." "c:\users\h\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsrv.exe"
+ "ATService" "Provides applications with access to AuthenTec fingerprint sensors." "AuthenTec, Inc." "c:\program files\fingerprint sensor\atservice.exe"
+ "BrcmMgmtAgent" "Monitors and propagate changes in manageability settings of management enabled Broadcom network interfaces." "Broadcom Corporation" "c:\program files\broadcom\mgmtagent\brcmmgmtagent.exe"
+ "CVPND" "Cisco Systems VPN Client" "Cisco Systems, Inc." "c:\program files\cisco systems\vpn client\cvpnd.exe"
+ "DFEPService" "Dell Feature Enhancement Pack Service" "Dell Inc." "c:\program files\dell\feature enhancement pack\dfepservice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "jhi_service" "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology" "Intel Corporation" "c:\program files\intel\services\ipt\jhi_service.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "" "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "O2FLASH" "O2 Flash Memory Service" "O2Micro International" "c:\windows\system32\drivers\o2flash.exe"
+ "O2SDIOAssist" "O2Micro SDIO service" "" "c:\windows\system32\srvany.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RoxMediaDB12OEM" "Roxio RoxMediaDB12OEM Service" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe"
+ "SecureStorageService" "Wave Secure Storage Service" "Wave Systems Corp." "c:\program files\dell\dell data protection\access\advanced\wave\secure storage manager\securestorageservice.exe"
+ "SepMasterService" "Provides malware and threat protection for Symantec Endpoint Protection" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\ccsvchst.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "SmcService" "Provides communication with the Symantec Endpoint Protection Manager. It also provides network threat protection and application and device control for the client." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\smc.exe"
+ "SNAC" "Checks that the computer complies with the defined security policy and communicates with the Symantec Enforcers to allow your computer to access the corporate network." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\snac.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "tcsd_win32.exe" "TCS service for accessing the TPM" "" "c:\program files\ntru cryptosystems\ntru tcg software stack\bin\tcsd_win32.exe"
+ "TdmService" "Manages self-encrypting drives." "Wave Systems Corp." "c:\program files\dell\dell data protection\access\advanced\wave\trusted drive manager\tdmservice.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files\intel\intel® management engine components\uns\uns.exe"
+ "Wave Authentication Manager Service" "Manages secure authentication mechanisms" "Wave Systems Corp." "c:\program files\dell\dell data protection\access\advanced\wave\authentication manager\waveamservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "Dell Inc." "c:\program files\dell\dw wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Acceler" "Accelerometer Port I/O" "ST Microelectronics" "c:\windows\system32\drivers\accelern.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl6.sys"
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\bashdefs\20121005.012\bhdrvx86.sys"
+ "Blfp" "Broadcom Advanced Server Program Driver" "Broadcom Corporation" "c:\windows\system32\drivers\basp.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtAudDrv" "Advanced Audio FX Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\ctauddrv.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "CVirtA" "Cisco Systems VPN Adapter" "Cisco Systems, Inc." "c:\windows\system32\drivers\cvirta.sys"
+ "CVPNDRVA" "Cisco Systems VPN Client IPSec Driver" "Cisco Systems, Inc." "c:\windows\system32\drivers\cvpndrva.sys"
+ "DNE" "Deterministic Network Enhancer" "Deterministic Networks, Inc." "c:\windows\system32\drivers\dne2000.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "HBtnKey" "Dell Tablet PC Key Button HID Driver" "Dell Inc." "c:\windows\system32\drivers\hbtnkey.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x86" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVix86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\ipsdefs\20121102.001\idsvix86.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEI" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\heci.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\virusdefs\20121102.021\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\symantec endpoint protection\12.1.1000.157.105\data\definitions\virusdefs\20121102.021\navex15.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "O2MDFRDR" "O2Micro Media Reader Driver" "O2Micro " "c:\windows\system32\drivers\o2mdfw7.sys"
+ "O2MDRRDR" "O2Micro Media Reader Driver" "O2Micro " "c:\windows\system32\drivers\o2mdrw7.sys"
+ "O2SDJRDR" "O2Micro SD Reader Driver" "O2Micro " "c:\windows\system32\drivers\o2sdjw7.sys"
+ "PBADRV" "PBADRV" "Dell Inc" "c:\windows\system32\drivers\pbadrv.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x86\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x86\srtspx.sys"
+ "stdcfltn" "Disk Class Filter Driver for Accelerometer" "ST Microelectronics" "c:\windows\system32\drivers\stdcfltn.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "SyDvCtrl" "syDvCtrl Device Control Driver" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\sydvctrl32.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x86\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x86\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x86\ironx86.sys"
+ "SYMNETS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\sep\0c0103e8\009d.105\x86\symnets.sys"
+ "SysPlant" "Symantec CMC Firewall SysPlant" "Symantec Corporation" "c:\windows\system32\drivers\sysplant.sys"
+ "Teefer2" "Teefer2 Service" "Symantec Corporation" "c:\windows\system32\drivers\teefer.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder (PDVD9)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD9)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd9\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD9)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\audiofilter\claudiocd.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files\cyberlink\powerdvd9\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD9)" "DigestFilter Dynamic Link Library" "" "c:\program files\cyberlink\powerdvd9\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD9)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter (PDVD9)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder" "CyberLink Video Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD9)" "CLHBMixer" " " "c:\program files\cyberlink\powerdvd9\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD9)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter (PDVD9)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD9)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder (PDVD9)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter (PDVD9)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder (PDVD9)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD9)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD9)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD9)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD9)" "CyberLink Tzan Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD9)" "CyberLink Video Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clcvd.ax"
+ "CyberLink Video/SP Decoder (PDVD9)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd9\videofilter\clvsd.ax"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\mediaanalyser.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files\roxio\oem\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files\roxio\oem\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files\roxio\oem\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files\roxio\oem\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\mvwcdsutil.dll"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files\roxio\oem\common\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files\roxio\oem\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\roxio\oem\common\sonichddemuxer.dll"
+ "Sonic MPEG Multiplexer" "MPEG Multiplexer-Plus DS Filter" "Sonic Solutions Inc." "c:\program files\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\oem\videocore 12\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "Provider Object" "Windows Vista and Windows 7 Credential Provider" "UPEK Inc." "c:\program files\common files\spba\provider.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "Provider Filter Object" "Windows Vista and Windows 7 Credential Provider" "UPEK Inc." "c:\program files\common files\spba\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "SEP" "" "" "File not found: C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll"
+ "spba" "PS QL Logon Kernel" "UPEK Inc." "c:\program files\common files\spba\homefus2.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "Canon BJ Language Monitor iP4700 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma1.dll"
+ "HP Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Hewlett Packard" "c:\windows\system32\hptcpmon.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages" "" "" ""
+ "wvauth" "Authentication Package" "Wave Systems Corp." "c:\windows\system32\wvauth.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "DW WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"
+ "SnacNp" "Symantec SNAC Network Provider" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\12.1.1000.157.105\bin\snacnp.dll"
+ "TdmNetworkProvider" "TDM Network Provider" "Wave Systems Corp." "c:\windows\system32\tdmnetworkprovider.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:28 PM

Posted 03 November 2012 - 02:16 PM

Current issues?

#9 Professor H

Professor H
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 04 November 2012 - 02:12 PM

So far so good!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:28 PM

Posted 04 November 2012 - 02:39 PM

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 Professor H

Professor H
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:28 PM

Posted 05 November 2012 - 04:29 PM

I started getting the warning from Endpoint Protection again when I brought my computer to work in the morning. I wonder if having the computer on this network has something to do with the issue.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:28 PM

Posted 05 November 2012 - 09:18 PM

I would suggest you to contact your IT dept.I'm not finding anything suspicious in your logs.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users