Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Moneypak Virus Aftermath?


  • Please log in to reply
20 replies to this topic

#1 thermality

thermality

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 09:46 AM

Mod Edit: Split from http://www.bleepingcomputer.com/forums/topic466198.html/page__p__2884827#entry2884827 - Hamluis.

Hi, I'm new to the forum and not sure about correct protocol, so I don't know if I should post in this thread or start a new one. I too was recently hit with the FBI Moneypak virus. I'm not overly tech-competent so I probably went about it wrong, but after doing some research I was able to get my computer back in operation with no blatant performance or behavioral issues. However, some things I've read about the aftereffects of trojans have me worried that the computer is still not safe to use for online bill paying, etc. I just want to get back to a comfort level where I can pay bills, not worry about infecting other computers with files or email, etc.

The computer is a two-year old Dell Inspiron laptop running Windows 7 and McAfee. I've always had it set for automatic service packs, updates, scanning, etc. I believe the infection was a drive-by from an unknown web site sometime late 10/27/12, and the computer was locked by the virus when I started it the next morning. After doing some research on another computer, I was able to identify the infection and restore the computer using Malwarebytes, Rogue Killer and CC Cleaner, the latter which I installed and ran in normal Windows mode while logged on with an Administrator account (I have since created a non-Administrator account).

Here is the intial Malwarebytes log:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.09.29.05

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Michael :: MICHAEL-PC [administrator]

Protection: Disabled

10/28/2012 8:49:50 AM
mbam-log-2012-10-28 (08-49-50).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 534117
Time elapsed: 1 hour(s), 39 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\$Recycle.Bin\S-1-5-21-3047886905-1886587621-869775745-1000\$R9A3SMS.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Michael\AppData\Local\Temp\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Quarantined and deleted successfully.
C:\Users\Michael\Favorites\Desktop\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)

All subsequent scans have found no problems in either normal or safe mode. I still have the bad files in Malwarebytes' quarantine. Here's the initial Rogue Killer log:

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Michael [Admin rights]
Mode : Scan -- Date : 10/28/2012 18:12:31

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][BLACKLIST DLL] HKLM\[...]\Run : RunDLLEntry (C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry) -> FOUND
[RUN][BLACKLIST DLL] HKLM\[...]\Run : CTMasterOnOffMonitor (Rundll32.exe CTMWatch.dll StartCTMasterOnOffWatch) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9640320AS ATA Device +++++
--- User ---
[MBR] e90acf8937db65f2aa275da8126cb509
[BSP] 7a6d4b4590eb08a01847e8012418ba29 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30800325 | Size: 595440 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

All subsequent scans in normal and safe modes show no problems. Scans by several other antivirus, removal and registry apps show no problems, none of the files and registry entries I've seen in step-by-step guides seem to be present on my computer. Nevertheless, some lingering indicators worry me:

Whenever I run Malwarebytes or Rogue Killer in safe mode, the computer will not reboot in any mode no matter how many times I try, and is likely to produce blue screens. But if I wait awhile (15 minutes or so), it will boot in normal mode, although it sometimes takes a couple of tries. After that, I can reboot in any mode I choose, although the computer has crashed and turned itself off a couple of times since the recovery for no apparent reason.

When I tried to install Kaspersky in safe mode with networking, the install failed and Kaspersky reported that I might have a virus, suggested I download and run its virus killer, but when I did, it found no viruses.

Task Manager shows some processes -- atieclxx.exe and csrss.exe -- that I've read are normal Windows files but are also cloned by trojans, and I can't view properties or path names for them. There are also three rundll.exe files that can't be identified or traced.

Task Manager also shows a long list of 98 services that have been stopped -- among them McAfee Scanner, Microsoft event scanner, Microsoft error reporting, Flash updater, etc -- and I can't restart them with any user account permissions.

Any help will be enormously appreciated. I have worried myself sick over this, and have some pressing business to take care of that can only be done with software on my computer. I will monitor this thread as often as work will allow, several times a day.

Edited by hamluis, 02 November 2012 - 10:47 AM.
Split, PM sent new OP - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:30 AM

Posted 02 November 2012 - 02:19 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 03:02 PM

Hi. Thanks so much for helping. I already had TDSSKiller but I downloaded the update. Here's the log:

14:46:04.0300 1432 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:46:05.0105 1432 ============================================================
14:46:05.0105 1432 Current date / time: 2012/11/02 14:46:05.0105
14:46:05.0105 1432 SystemInfo:
14:46:05.0105 1432
14:46:05.0105 1432 OS Version: 6.1.7601 ServicePack: 1.0
14:46:05.0105 1432 Product type: Workstation
14:46:05.0105 1432 ComputerName: MICHAEL-PC
14:46:05.0105 1432 UserName: michaelg
14:46:05.0105 1432 Windows directory: C:\Windows
14:46:05.0105 1432 System windows directory: C:\Windows
14:46:05.0105 1432 Running under WOW64
14:46:05.0105 1432 Processor architecture: Intel x64
14:46:05.0106 1432 Number of processors: 8
14:46:05.0106 1432 Page size: 0x1000
14:46:05.0106 1432 Boot type: Normal boot
14:46:05.0106 1432 ============================================================
14:46:07.0291 1432 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:46:07.0302 1432 ============================================================
14:46:07.0302 1432 \Device\Harddisk0\DR0:
14:46:07.0302 1432 MBR partitions:
14:46:07.0302 1432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
14:46:07.0302 1432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
14:46:07.0302 1432 ============================================================
14:46:07.0420 1432 C: <-> \Device\Harddisk0\DR0\Partition2
14:46:07.0420 1432 ============================================================
14:46:07.0420 1432 Initialize success
14:46:07.0420 1432 ============================================================
14:47:20.0996 5420 ============================================================
14:47:20.0996 5420 Scan started
14:47:20.0996 5420 Mode: Manual; TDLFS;
14:47:20.0996 5420 ============================================================
14:47:23.0223 5420 ================ Scan system memory ========================
14:47:23.0223 5420 System memory - ok
14:47:23.0224 5420 ================ Scan services =============================
14:47:23.0412 5420 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:47:23.0414 5420 1394ohci - ok
14:47:23.0444 5420 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:47:23.0446 5420 ACPI - ok
14:47:23.0487 5420 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:47:23.0543 5420 AcpiPmi - ok
14:47:23.0711 5420 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:47:23.0713 5420 AdobeFlashPlayerUpdateSvc - ok
14:47:23.0910 5420 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:47:23.0918 5420 adp94xx - ok
14:47:23.0950 5420 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:47:23.0957 5420 adpahci - ok
14:47:23.0976 5420 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:47:23.0989 5420 adpu320 - ok
14:47:24.0036 5420 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:47:24.0038 5420 AeLookupSvc - ok
14:47:24.0212 5420 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
14:47:24.0213 5420 AESTFilters - ok
14:47:24.0269 5420 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:47:24.0276 5420 AFD - ok
14:47:24.0317 5420 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:47:24.0325 5420 agp440 - ok
14:47:24.0372 5420 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:47:24.0377 5420 ALG - ok
14:47:24.0401 5420 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:47:24.0405 5420 aliide - ok
14:47:24.0424 5420 [ 3D90CF67DB75823A8480E56BBCD2E028 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:47:24.0426 5420 AMD External Events Utility - ok
14:47:24.0444 5420 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:47:24.0446 5420 amdide - ok
14:47:24.0498 5420 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:47:24.0505 5420 AmdK8 - ok
14:47:24.0648 5420 [ 52679612D742BF74CA1BA6AB86DDF431 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
14:47:24.0713 5420 amdkmdag - ok
14:47:24.0741 5420 [ 414E0788920A8C856032BE2CBF29F984 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:47:24.0799 5420 amdkmdap - ok
14:47:24.0819 5420 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:47:24.0823 5420 AmdPPM - ok
14:47:24.0982 5420 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:47:25.0045 5420 amdsata - ok
14:47:25.0097 5420 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:47:25.0108 5420 amdsbs - ok
14:47:25.0126 5420 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:47:25.0173 5420 amdxata - ok
14:47:25.0232 5420 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:47:25.0285 5420 AppID - ok
14:47:25.0336 5420 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:47:25.0345 5420 AppIDSvc - ok
14:47:25.0369 5420 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:47:25.0370 5420 Appinfo - ok
14:47:25.0453 5420 [ 018857EAD9A077A56AEDFC0E5EF7A24A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:47:25.0454 5420 Apple Mobile Device - ok
14:47:25.0488 5420 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:47:25.0494 5420 arc - ok
14:47:25.0509 5420 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:47:25.0521 5420 arcsas - ok
14:47:25.0543 5420 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:47:25.0552 5420 AsyncMac - ok
14:47:25.0584 5420 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:47:25.0585 5420 atapi - ok
14:47:25.0623 5420 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:47:25.0671 5420 AtiHdmiService - ok
14:47:25.0715 5420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:47:25.0718 5420 AudioEndpointBuilder - ok
14:47:25.0744 5420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:47:25.0752 5420 AudioSrv - ok
14:47:25.0803 5420 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:47:25.0867 5420 AxInstSV - ok
14:47:25.0916 5420 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:47:25.0923 5420 b06bdrv - ok
14:47:25.0991 5420 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:47:25.0996 5420 b57nd60a - ok
14:47:26.0085 5420 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:47:26.0091 5420 BDESVC - ok
14:47:26.0118 5420 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:47:26.0123 5420 Beep - ok
14:47:26.0189 5420 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:47:26.0192 5420 BFE - ok
14:47:26.0223 5420 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:47:26.0228 5420 BITS - ok
14:47:26.0263 5420 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:47:26.0267 5420 blbdrive - ok
14:47:26.0363 5420 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:47:26.0365 5420 Bonjour Service - ok
14:47:26.0406 5420 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:47:26.0446 5420 bowser - ok
14:47:26.0468 5420 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:47:26.0471 5420 BrFiltLo - ok
14:47:26.0504 5420 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:47:26.0514 5420 BrFiltUp - ok
14:47:26.0548 5420 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:47:26.0551 5420 Browser - ok
14:47:26.0587 5420 [ 6DF544E72FF139E8FBBBA6D0E569BEA5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
14:47:26.0642 5420 BrSerIb - ok
14:47:26.0677 5420 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:47:26.0683 5420 Brserid - ok
14:47:26.0693 5420 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:47:26.0696 5420 BrSerWdm - ok
14:47:26.0707 5420 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:47:26.0709 5420 BrUsbMdm - ok
14:47:26.0717 5420 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:47:26.0720 5420 BrUsbSer - ok
14:47:26.0759 5420 [ 80082AD46578F0D3270D2E56D6433082 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
14:47:26.0816 5420 BrUsbSIb - ok
14:47:26.0876 5420 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:47:26.0876 5420 BthEnum - ok
14:47:26.0901 5420 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:47:26.0903 5420 BTHMODEM - ok
14:47:26.0937 5420 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:47:26.0939 5420 BthPan - ok
14:47:26.0985 5420 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:47:26.0993 5420 BTHPORT - ok
14:47:27.0021 5420 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:47:27.0023 5420 bthserv - ok
14:47:27.0079 5420 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:47:27.0080 5420 BTHUSB - ok
14:47:27.0147 5420 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:47:27.0149 5420 btwaudio - ok
14:47:27.0242 5420 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:47:27.0247 5420 btwavdt - ok
14:47:27.0327 5420 [ 6DDE1E97BE4D50253DFB9090A6A62524 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:47:27.0338 5420 btwdins - ok
14:47:27.0371 5420 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:47:27.0372 5420 btwl2cap - ok
14:47:27.0383 5420 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:47:27.0385 5420 btwrchid - ok
14:47:27.0415 5420 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:47:27.0420 5420 cdfs - ok
14:47:27.0467 5420 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:47:27.0525 5420 cdrom - ok
14:47:27.0572 5420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:47:27.0574 5420 CertPropSvc - ok
14:47:27.0639 5420 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
14:47:27.0684 5420 cfwids - ok
14:47:27.0733 5420 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:47:27.0738 5420 circlass - ok
14:47:27.0788 5420 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:47:27.0794 5420 CLFS - ok
14:47:27.0876 5420 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:47:27.0877 5420 clr_optimization_v2.0.50727_32 - ok
14:47:27.0913 5420 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:47:27.0914 5420 clr_optimization_v2.0.50727_64 - ok
14:47:28.0005 5420 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:47:28.0058 5420 clr_optimization_v4.0.30319_32 - ok
14:47:28.0089 5420 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:47:28.0143 5420 clr_optimization_v4.0.30319_64 - ok
14:47:28.0188 5420 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:47:28.0191 5420 CmBatt - ok
14:47:28.0352 5420 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:47:28.0354 5420 cmdide - ok
14:47:28.0398 5420 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:47:28.0400 5420 CNG - ok
14:47:28.0438 5420 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:47:28.0442 5420 Compbatt - ok
14:47:28.0477 5420 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:47:28.0545 5420 CompositeBus - ok
14:47:28.0551 5420 COMSysApp - ok
14:47:28.0569 5420 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:47:28.0571 5420 crcdisk - ok
14:47:28.0632 5420 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:47:28.0633 5420 Creative ALchemy AL6 Licensing Service - ok
14:47:28.0655 5420 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:47:28.0656 5420 Creative Audio Engine Licensing Service - ok
14:47:28.0703 5420 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:47:28.0704 5420 CryptSvc - ok
14:47:28.0752 5420 [ 65F2FF1CEDB89D537AA6768ECDAF408A ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
14:47:28.0757 5420 CTAudSvcService - ok
14:47:28.0796 5420 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:47:28.0858 5420 CtClsFlt - ok
14:47:28.0909 5420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:47:28.0913 5420 DcomLaunch - ok
14:47:28.0943 5420 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:47:28.0946 5420 defragsvc - ok
14:47:28.0995 5420 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:47:29.0059 5420 DfsC - ok
14:47:29.0113 5420 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:47:29.0118 5420 Dhcp - ok
14:47:29.0148 5420 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:47:29.0149 5420 discache - ok
14:47:29.0176 5420 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:47:29.0177 5420 Disk - ok
14:47:29.0208 5420 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:47:29.0209 5420 Dnscache - ok
14:47:29.0268 5420 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
14:47:29.0270 5420 DockLoginService - ok
14:47:29.0362 5420 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:47:29.0460 5420 dot3svc - ok
14:47:29.0493 5420 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:47:29.0497 5420 DPS - ok
14:47:29.0521 5420 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:47:29.0531 5420 drmkaud - ok
14:47:29.0584 5420 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:47:29.0654 5420 DXGKrnl - ok
14:47:29.0682 5420 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:47:29.0683 5420 EapHost - ok
14:47:29.0781 5420 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:47:29.0812 5420 ebdrv - ok
14:47:29.0850 5420 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:47:29.0852 5420 EFS - ok
14:47:29.0942 5420 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:47:29.0950 5420 ehRecvr - ok
14:47:29.0983 5420 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:47:29.0985 5420 ehSched - ok
14:47:30.0035 5420 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:47:30.0050 5420 elxstor - ok
14:47:30.0080 5420 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:47:30.0084 5420 ErrDev - ok
14:47:30.0141 5420 esgiguard - ok
14:47:30.0185 5420 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:47:30.0188 5420 EventSystem - ok
14:47:30.0208 5420 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:47:30.0213 5420 exfat - ok
14:47:30.0235 5420 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
14:47:30.0237 5420 FACAP - ok
14:47:30.0352 5420 [ 2B85D60E470ACF871E4EF0DB02E26861 ] FAService C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
14:47:30.0366 5420 FAService - ok
14:47:30.0400 5420 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:47:30.0406 5420 fastfat - ok
14:47:30.0604 5420 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:47:30.0612 5420 Fax - ok
14:47:30.0632 5420 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:47:30.0635 5420 fdc - ok
14:47:30.0673 5420 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:47:30.0674 5420 fdPHost - ok
14:47:30.0683 5420 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:47:30.0684 5420 FDResPub - ok
14:47:30.0708 5420 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:47:30.0710 5420 FileInfo - ok
14:47:30.0716 5420 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:47:30.0718 5420 Filetrace - ok
14:47:30.0731 5420 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:47:30.0733 5420 flpydisk - ok
14:47:30.0784 5420 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:47:30.0827 5420 FltMgr - ok
14:47:30.0871 5420 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:47:30.0877 5420 FontCache - ok
14:47:30.0937 5420 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:47:30.0938 5420 FontCache3.0.0.0 - ok
14:47:30.0969 5420 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:47:30.0976 5420 FsDepends - ok
14:47:31.0013 5420 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:47:31.0074 5420 Fs_Rec - ok
14:47:31.0140 5420 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:47:31.0142 5420 fvevol - ok
14:47:31.0172 5420 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:47:31.0177 5420 gagp30kx - ok
14:47:31.0226 5420 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
14:47:31.0227 5420 GoToAssist - ok
14:47:31.0288 5420 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:47:31.0299 5420 gpsvc - ok
14:47:31.0344 5420 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:47:31.0347 5420 gupdate - ok
14:47:31.0386 5420 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:47:31.0388 5420 gupdatem - ok
14:47:31.0425 5420 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:47:31.0427 5420 hcw85cir - ok
14:47:31.0463 5420 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:47:31.0464 5420 HDAudBus - ok
14:47:31.0479 5420 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:47:31.0481 5420 HidBatt - ok
14:47:31.0500 5420 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:47:31.0501 5420 HidBth - ok
14:47:31.0525 5420 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:47:31.0531 5420 HidIr - ok
14:47:31.0567 5420 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:47:31.0569 5420 hidserv - ok
14:47:31.0716 5420 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:47:31.0779 5420 HidUsb - ok
14:47:31.0835 5420 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
14:47:31.0894 5420 HipShieldK - ok
14:47:31.0918 5420 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:47:31.0919 5420 hkmsvc - ok
14:47:31.0952 5420 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:47:31.0954 5420 HomeGroupListener - ok
14:47:31.0989 5420 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:47:31.0994 5420 HomeGroupProvider - ok
14:47:32.0029 5420 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:47:32.0096 5420 HpSAMD - ok
14:47:32.0152 5420 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:47:32.0156 5420 HTTP - ok
14:47:32.0186 5420 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:47:32.0186 5420 hwpolicy - ok
14:47:32.0206 5420 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:47:32.0211 5420 i8042prt - ok
14:47:32.0251 5420 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:47:32.0309 5420 iaStorV - ok
14:47:32.0359 5420 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:47:32.0367 5420 idsvc - ok
14:47:32.0394 5420 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:47:32.0399 5420 iirsp - ok
14:47:32.0442 5420 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:47:32.0447 5420 IKEEXT - ok
14:47:32.0466 5420 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:47:32.0467 5420 intelide - ok
14:47:32.0490 5420 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:47:32.0492 5420 intelppm - ok
14:47:32.0528 5420 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:47:32.0541 5420 IPBusEnum - ok
14:47:32.0582 5420 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:47:32.0642 5420 IpFilterDriver - ok
14:47:32.0689 5420 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:47:32.0693 5420 iphlpsvc - ok
14:47:32.0858 5420 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:47:32.0903 5420 IPMIDRV - ok
14:47:32.0937 5420 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:47:32.0942 5420 IPNAT - ok
14:47:32.0969 5420 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:47:32.0975 5420 IRENUM - ok
14:47:32.0995 5420 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:47:32.0998 5420 isapnp - ok
14:47:33.0020 5420 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:47:33.0087 5420 iScsiPrt - ok
14:47:33.0133 5420 [ 9291643B494F87BFDAC95A524F69E737 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
14:47:33.0178 5420 itecir - ok
14:47:33.0218 5420 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:47:33.0287 5420 k57nd60a - ok
14:47:33.0317 5420 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:47:33.0321 5420 kbdclass - ok
14:47:33.0350 5420 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:47:33.0400 5420 kbdhid - ok
14:47:33.0426 5420 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:47:33.0427 5420 KeyIso - ok
14:47:33.0472 5420 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:47:33.0523 5420 KSecDD - ok
14:47:33.0553 5420 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:47:33.0599 5420 KSecPkg - ok
14:47:33.0638 5420 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:47:33.0642 5420 ksthunk - ok
14:47:33.0674 5420 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:47:33.0686 5420 KtmRm - ok
14:47:33.0736 5420 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:47:33.0743 5420 LanmanServer - ok
14:47:33.0776 5420 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:47:33.0781 5420 LanmanWorkstation - ok
14:47:33.0959 5420 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
14:47:33.0962 5420 LBTServ - ok
14:47:34.0020 5420 [ BECBD7CD46776B8739EE18061F45A581 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
14:47:34.0075 5420 LEqdUsb - ok
14:47:34.0092 5420 [ 21D6BD7D62C270059EB8E2B1D4095880 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
14:47:34.0140 5420 LHidEqd - ok
14:47:34.0156 5420 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:47:34.0196 5420 LHidFilt - ok
14:47:34.0240 5420 [ 06DC2FDC6282F0D68910417B1150C848 ] LinksysUpdater C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
14:47:34.0243 5420 LinksysUpdater - ok
14:47:34.0278 5420 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:47:34.0287 5420 lltdio - ok
14:47:34.0326 5420 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:47:34.0342 5420 lltdsvc - ok
14:47:34.0356 5420 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:47:34.0357 5420 lmhosts - ok
14:47:34.0374 5420 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:47:34.0421 5420 LMouFilt - ok
14:47:34.0466 5420 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:47:34.0474 5420 LSI_FC - ok
14:47:34.0488 5420 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:47:34.0494 5420 LSI_SAS - ok
14:47:34.0516 5420 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:47:34.0521 5420 LSI_SAS2 - ok
14:47:34.0541 5420 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:47:34.0550 5420 LSI_SCSI - ok
14:47:34.0579 5420 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:47:34.0585 5420 luafv - ok
14:47:34.0627 5420 [ A8382713F5870E4AF1DE4E8F7AF9D882 ] Macromedia Licensing Service C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
14:47:34.0628 5420 Macromedia Licensing Service - ok
14:47:34.0656 5420 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:47:34.0696 5420 MBAMProtector - ok
14:47:34.0729 5420 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:47:34.0731 5420 MBAMScheduler - ok
14:47:34.0756 5420 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:47:34.0764 5420 MBAMService - ok
14:47:34.0872 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:34.0874 5420 McAfee SiteAdvisor Service - ok
14:47:35.0010 5420 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
14:47:35.0011 5420 McComponentHostService - ok
14:47:35.0129 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:35.0131 5420 McMPFSvc - ok
14:47:35.0163 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:47:35.0164 5420 mcmscsvc - ok
14:47:35.0173 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:47:35.0174 5420 McNaiAnn - ok
14:47:35.0194 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:47:35.0196 5420 McNASvc - ok
14:47:35.0279 5420 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
14:47:35.0284 5420 McODS - ok
14:47:35.0326 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:47:35.0329 5420 McProxy - ok
14:47:35.0384 5420 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:47:35.0386 5420 McShield - ok
14:47:35.0411 5420 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:47:35.0443 5420 Mcx2Svc - ok
14:47:35.0476 5420 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:47:35.0479 5420 megasas - ok
14:47:35.0533 5420 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:47:35.0547 5420 MegaSR - ok
14:47:35.0595 5420 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
14:47:35.0600 5420 mfeapfk - ok
14:47:35.0667 5420 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
14:47:35.0712 5420 mfeavfk - ok
14:47:35.0738 5420 mfeavfk01 - ok
14:47:35.0795 5420 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:47:35.0798 5420 mfefire - ok
14:47:35.0852 5420 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
14:47:35.0905 5420 mfefirek - ok
14:47:35.0961 5420 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
14:47:36.0029 5420 mfehidk - ok
14:47:36.0246 5420 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
14:47:36.0248 5420 mferkdet - ok
14:47:36.0275 5420 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
14:47:36.0280 5420 mfevtp - ok
14:47:36.0312 5420 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
14:47:36.0387 5420 mfewfpk - ok
14:47:36.0425 5420 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:47:36.0426 5420 MMCSS - ok
14:47:36.0439 5420 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:47:36.0441 5420 Modem - ok
14:47:36.0483 5420 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:47:36.0485 5420 monitor - ok
14:47:36.0511 5420 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:47:36.0521 5420 mouclass - ok
14:47:36.0543 5420 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:47:36.0552 5420 mouhid - ok
14:47:36.0591 5420 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:47:36.0593 5420 mountmgr - ok
14:47:36.0654 5420 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:47:36.0655 5420 MozillaMaintenance - ok
14:47:36.0684 5420 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:47:36.0725 5420 mpio - ok
14:47:36.0758 5420 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:47:36.0763 5420 mpsdrv - ok
14:47:36.0814 5420 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:47:36.0826 5420 MpsSvc - ok
14:47:36.0860 5420 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:47:36.0912 5420 MRxDAV - ok
14:47:36.0939 5420 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:47:36.0979 5420 mrxsmb - ok
14:47:37.0006 5420 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:47:37.0046 5420 mrxsmb10 - ok
14:47:37.0069 5420 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:47:37.0113 5420 mrxsmb20 - ok
14:47:37.0150 5420 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:47:37.0202 5420 msahci - ok
14:47:37.0223 5420 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:47:37.0281 5420 msdsm - ok
14:47:37.0345 5420 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:47:37.0353 5420 MSDTC - ok
14:47:37.0391 5420 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:47:37.0395 5420 Msfs - ok
14:47:37.0410 5420 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:47:37.0415 5420 mshidkmdf - ok
14:47:37.0444 5420 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:47:37.0446 5420 msisadrv - ok
14:47:37.0475 5420 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:47:37.0489 5420 MSiSCSI - ok
14:47:37.0495 5420 msiserver - ok
14:47:37.0545 5420 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:47:37.0548 5420 MSK80Service - ok
14:47:37.0595 5420 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:47:37.0604 5420 MSKSSRV - ok
14:47:37.0619 5420 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:47:37.0620 5420 MSPCLOCK - ok
14:47:37.0631 5420 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:47:37.0631 5420 MSPQM - ok
14:47:37.0662 5420 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:47:37.0696 5420 MsRPC - ok
14:47:37.0727 5420 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:47:37.0728 5420 mssmbios - ok
14:47:37.0760 5420 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:47:37.0767 5420 MSTEE - ok
14:47:37.0780 5420 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:47:37.0788 5420 MTConfig - ok
14:47:37.0811 5420 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:47:37.0821 5420 Mup - ok
14:47:37.0867 5420 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:47:37.0905 5420 napagent - ok
14:47:37.0937 5420 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:47:37.0943 5420 NativeWifiP - ok
14:47:37.0984 5420 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:47:37.0996 5420 NDIS - ok
14:47:38.0009 5420 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:47:38.0016 5420 NdisCap - ok
14:47:38.0044 5420 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:47:38.0052 5420 NdisTapi - ok
14:47:38.0082 5420 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:47:38.0133 5420 Ndisuio - ok
14:47:38.0169 5420 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:47:38.0209 5420 NdisWan - ok
14:47:38.0250 5420 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:47:38.0313 5420 NDProxy - ok
14:47:38.0424 5420 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:47:38.0427 5420 NetBIOS - ok
14:47:38.0494 5420 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:47:38.0498 5420 NetBT - ok
14:47:38.0522 5420 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:47:38.0523 5420 Netlogon - ok
14:47:38.0568 5420 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:47:38.0575 5420 Netman - ok
14:47:38.0656 5420 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:47:38.0660 5420 netprofm - ok
14:47:38.0686 5420 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:47:38.0691 5420 NetTcpPortSharing - ok
14:47:38.0864 5420 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
14:47:38.0932 5420 NETw5s64 - ok
14:47:38.0978 5420 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:47:38.0984 5420 nfrd960 - ok
14:47:39.0039 5420 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:47:39.0045 5420 NlaSvc - ok
14:47:39.0099 5420 [ 0F078C31E9123DF22A49C54B26CE556A ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
14:47:39.0107 5420 nmservice - ok
14:47:39.0135 5420 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:47:39.0137 5420 Npfs - ok
14:47:39.0173 5420 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:47:39.0174 5420 nsi - ok
14:47:39.0183 5420 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:47:39.0184 5420 nsiproxy - ok
14:47:39.0261 5420 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:47:39.0317 5420 Ntfs - ok
14:47:39.0356 5420 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:47:39.0361 5420 Null - ok
14:47:39.0401 5420 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:47:39.0454 5420 nvraid - ok
14:47:39.0616 5420 Nvsdedir - ok
14:47:39.0650 5420 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:47:39.0696 5420 nvstor - ok
14:47:39.0741 5420 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:47:39.0749 5420 nv_agp - ok
14:47:39.0777 5420 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:47:39.0788 5420 ohci1394 - ok
14:47:39.0855 5420 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:47:39.0856 5420 ose - ok
14:47:40.0024 5420 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:47:40.0046 5420 osppsvc - ok
14:47:40.0110 5420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:47:40.0113 5420 p2pimsvc - ok
14:47:40.0150 5420 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:47:40.0153 5420 p2psvc - ok
14:47:40.0189 5420 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:47:40.0192 5420 Parport - ok
14:47:40.0220 5420 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:47:40.0281 5420 partmgr - ok
14:47:40.0300 5420 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:47:40.0302 5420 PcaSvc - ok
14:47:40.0314 5420 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:47:40.0317 5420 pci - ok
14:47:40.0347 5420 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:47:40.0354 5420 pciide - ok
14:47:40.0386 5420 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:47:40.0390 5420 pcmcia - ok
14:47:40.0406 5420 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:47:40.0409 5420 pcw - ok
14:47:40.0436 5420 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:47:40.0444 5420 PEAUTH - ok
14:47:40.0580 5420 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:47:40.0582 5420 PerfHost - ok
14:47:40.0694 5420 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:47:40.0763 5420 pla - ok
14:47:40.0801 5420 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:47:40.0809 5420 PlugPlay - ok
14:47:40.0861 5420 [ 328B99E25901D314FDFB31F18A7E302E ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
14:47:40.0910 5420 pnarp - ok
14:47:40.0936 5420 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:47:40.0942 5420 PNRPAutoReg - ok
14:47:40.0962 5420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:47:40.0964 5420 PNRPsvc - ok
14:47:41.0008 5420 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:47:41.0016 5420 PolicyAgent - ok
14:47:41.0059 5420 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:47:41.0061 5420 Power - ok
14:47:41.0103 5420 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:47:41.0148 5420 PptpMiniport - ok
14:47:41.0174 5420 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:47:41.0176 5420 Processor - ok
14:47:41.0223 5420 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:47:41.0229 5420 ProfSvc - ok
14:47:41.0245 5420 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:47:41.0248 5420 ProtectedStorage - ok
14:47:41.0289 5420 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:47:41.0291 5420 Psched - ok
14:47:41.0351 5420 [ E33AE01D03EBE68CD6A934BF52702BFD ] purendis C:\Windows\system32\DRIVERS\purendis.sys
14:47:41.0405 5420 purendis - ok
14:47:41.0449 5420 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:47:41.0491 5420 PxHlpa64 - ok
14:47:41.0589 5420 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:47:41.0615 5420 ql2300 - ok
14:47:41.0623 5420 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:47:41.0625 5420 ql40xx - ok
14:47:41.0663 5420 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:47:41.0672 5420 QWAVE - ok
14:47:41.0694 5420 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:47:41.0698 5420 QWAVEdrv - ok
14:47:41.0816 5420 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:47:41.0819 5420 RasAcd - ok
14:47:41.0863 5420 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:47:41.0866 5420 RasAgileVpn - ok
14:47:41.0897 5420 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:47:41.0905 5420 RasAuto - ok
14:47:41.0934 5420 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:47:41.0991 5420 Rasl2tp - ok
14:47:42.0022 5420 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:47:42.0078 5420 RasMan - ok
14:47:42.0111 5420 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:47:42.0117 5420 RasPppoe - ok
14:47:42.0136 5420 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:47:42.0138 5420 RasSstp - ok
14:47:42.0171 5420 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:47:42.0212 5420 rdbss - ok
14:47:42.0223 5420 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:47:42.0227 5420 rdpbus - ok
14:47:42.0241 5420 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:47:42.0243 5420 RDPCDD - ok
14:47:42.0272 5420 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:47:42.0274 5420 RDPENCDD - ok
14:47:42.0292 5420 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:47:42.0294 5420 RDPREFMP - ok
14:47:42.0328 5420 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:47:42.0390 5420 RDPWD - ok
14:47:42.0442 5420 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:47:42.0485 5420 rdyboost - ok
14:47:42.0515 5420 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:47:42.0527 5420 RemoteAccess - ok
14:47:42.0575 5420 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:47:42.0586 5420 RemoteRegistry - ok
14:47:42.0621 5420 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:47:42.0622 5420 RFCOMM - ok
14:47:42.0666 5420 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
14:47:42.0705 5420 rimspci - ok
14:47:42.0720 5420 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
14:47:42.0758 5420 risdpcie - ok
14:47:42.0783 5420 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
14:47:42.0828 5420 rixdpcie - ok
14:47:43.0059 5420 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
14:47:43.0073 5420 RoxMediaDB10 - ok
14:47:43.0119 5420 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:47:43.0121 5420 RpcEptMapper - ok
14:47:43.0164 5420 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:47:43.0170 5420 RpcLocator - ok
14:47:43.0215 5420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:47:43.0225 5420 RpcSs - ok
14:47:43.0269 5420 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:47:43.0275 5420 rspndr - ok
14:47:43.0283 5420 RxFilter - ok
14:47:43.0312 5420 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:47:43.0314 5420 SamSs - ok
14:47:43.0356 5420 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:47:43.0405 5420 sbp2port - ok
14:47:43.0487 5420 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:47:43.0498 5420 SBSDWSCService - ok
14:47:43.0532 5420 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:47:43.0548 5420 SCardSvr - ok
14:47:43.0578 5420 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:47:43.0631 5420 scfilter - ok
14:47:43.0686 5420 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:47:43.0692 5420 Schedule - ok
14:47:43.0725 5420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:47:43.0726 5420 SCPolicySvc - ok
14:47:43.0740 5420 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:47:43.0745 5420 SDRSVC - ok
14:47:43.0816 5420 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:47:43.0819 5420 SeaPort - ok
14:47:43.0858 5420 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:47:43.0861 5420 secdrv - ok
14:47:43.0898 5420 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:47:43.0899 5420 seclogon - ok
14:47:43.0965 5420 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:47:43.0967 5420 SENS - ok
14:47:44.0012 5420 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:47:44.0020 5420 SensrSvc - ok
14:47:44.0079 5420 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:47:44.0084 5420 Serenum - ok
14:47:44.0101 5420 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:47:44.0104 5420 Serial - ok
14:47:44.0119 5420 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:47:44.0122 5420 sermouse - ok
14:47:44.0155 5420 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:47:44.0190 5420 SessionEnv - ok
14:47:44.0259 5420 SessionLauncher - ok
14:47:44.0286 5420 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:47:44.0295 5420 sffdisk - ok
14:47:44.0311 5420 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:47:44.0319 5420 sffp_mmc - ok
14:47:44.0326 5420 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:47:44.0395 5420 sffp_sd - ok
14:47:44.0442 5420 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:47:44.0444 5420 sfloppy - ok
14:47:44.0522 5420 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
14:47:44.0542 5420 SftService - ok
14:47:44.0625 5420 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:47:44.0636 5420 SharedAccess - ok
14:47:44.0676 5420 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:47:44.0679 5420 ShellHWDetection - ok
14:47:44.0699 5420 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:47:44.0703 5420 SiSRaid2 - ok
14:47:44.0718 5420 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:47:44.0721 5420 SiSRaid4 - ok
14:47:44.0805 5420 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:47:51.0160 5420 SkypeUpdate - ok
14:47:51.0198 5420 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:47:51.0203 5420 Smb - ok
14:47:51.0260 5420 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:47:51.0273 5420 SNMPTRAP - ok
14:47:51.0329 5420 [ 9B24DCA429F819DB314F30EE4C6C80FD ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
14:47:51.0331 5420 Sound Blaster X-Fi MB Licensing Service - ok
14:47:51.0355 5420 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:47:51.0359 5420 spldr - ok
14:47:51.0396 5420 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:47:51.0400 5420 Spooler - ok
14:47:51.0505 5420 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:47:51.0522 5420 sppsvc - ok
14:47:51.0561 5420 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:47:51.0571 5420 sppuinotify - ok
14:47:51.0619 5420 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:47:51.0665 5420 srv - ok
14:47:51.0685 5420 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:47:51.0725 5420 srv2 - ok
14:47:51.0736 5420 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:47:51.0774 5420 srvnet - ok
14:47:51.0804 5420 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:47:51.0810 5420 SSDPSRV - ok
14:47:51.0852 5420 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:47:51.0861 5420 SstpSvc - ok
14:47:52.0017 5420 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
14:47:52.0021 5420 STacSV - ok
14:47:52.0091 5420 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:47:52.0094 5420 stexstor - ok
14:47:52.0243 5420 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:47:52.0283 5420 STHDA - ok
14:47:52.0336 5420 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:47:52.0346 5420 stisvc - ok
14:47:52.0390 5420 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:47:52.0391 5420 stllssvr - ok
14:47:52.0414 5420 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:47:52.0417 5420 swenum - ok
14:47:52.0458 5420 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:47:52.0461 5420 swprv - ok
14:47:52.0525 5420 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:47:52.0588 5420 SynTP - ok
14:47:52.0650 5420 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:47:52.0680 5420 SysMain - ok
14:47:52.0720 5420 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:47:52.0780 5420 TabletInputService - ok
14:47:52.0793 5420 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:47:52.0829 5420 TapiSrv - ok
14:47:52.0865 5420 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:47:52.0868 5420 TBS - ok
14:47:52.0925 5420 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:47:52.0964 5420 Tcpip - ok
14:47:53.0029 5420 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:47:53.0041 5420 TCPIP6 - ok
14:47:53.0088 5420 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:47:53.0134 5420 tcpipreg - ok
14:47:53.0174 5420 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:47:53.0178 5420 TDPIPE - ok
14:47:53.0209 5420 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:47:53.0283 5420 TDTCP - ok
14:47:53.0375 5420 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:47:53.0419 5420 tdx - ok
14:47:53.0449 5420 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:47:53.0500 5420 TermDD - ok
14:47:53.0535 5420 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:47:53.0539 5420 TermService - ok
14:47:53.0573 5420 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:47:53.0575 5420 Themes - ok
14:47:53.0616 5420 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:47:53.0617 5420 THREADORDER - ok
14:47:53.0642 5420 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:47:53.0644 5420 TrkWks - ok
14:47:53.0709 5420 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:47:53.0712 5420 TrustedInstaller - ok
14:47:53.0756 5420 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:47:53.0814 5420 tssecsrv - ok
14:47:53.0877 5420 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:47:53.0917 5420 TsUsbFlt - ok
14:47:53.0975 5420 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:47:53.0977 5420 tunnel - ok
14:47:54.0011 5420 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
14:47:54.0082 5420 TurboB - ok
14:47:54.0159 5420 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:47:54.0160 5420 TurboBoost - ok
14:47:54.0200 5420 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:47:54.0209 5420 uagp35 - ok
14:47:54.0253 5420 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:47:54.0321 5420 udfs - ok
14:47:54.0484 5420 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:47:54.0491 5420 UI0Detect - ok
14:47:54.0530 5420 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:47:54.0538 5420 uliagpkx - ok
14:47:54.0587 5420 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:47:54.0637 5420 umbus - ok
14:47:54.0672 5420 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:47:54.0674 5420 UmPass - ok
14:47:54.0708 5420 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:47:54.0711 5420 upnphost - ok
14:47:54.0763 5420 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:47:54.0828 5420 usbccgp - ok
14:47:54.0868 5420 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:47:54.0872 5420 usbcir - ok
14:47:54.0905 5420 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:47:54.0906 5420 usbehci - ok
14:47:54.0954 5420 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:47:55.0017 5420 usbhub - ok
14:47:55.0052 5420 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:47:55.0110 5420 usbohci - ok
14:47:55.0166 5420 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:47:55.0168 5420 usbprint - ok
14:47:55.0207 5420 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:47:55.0213 5420 usbscan - ok
14:47:55.0253 5420 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:47:55.0311 5420 USBSTOR - ok
14:47:55.0342 5420 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:47:55.0389 5420 usbuhci - ok
14:47:55.0406 5420 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:47:55.0451 5420 usbvideo - ok
14:47:55.0494 5420 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:47:55.0496 5420 UxSms - ok
14:47:55.0559 5420 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:47:55.0560 5420 VaultSvc - ok
14:47:55.0598 5420 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:47:55.0603 5420 vdrvroot - ok
14:47:55.0650 5420 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:47:55.0654 5420 vds - ok
14:47:55.0690 5420 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:47:55.0693 5420 vga - ok
14:47:55.0724 5420 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:47:55.0732 5420 VgaSave - ok
14:47:55.0770 5420 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:47:55.0829 5420 vhdmp - ok
14:47:55.0863 5420 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:47:55.0867 5420 viaide - ok
14:47:55.0885 5420 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:47:55.0933 5420 volmgr - ok
14:47:55.0980 5420 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:47:55.0986 5420 volmgrx - ok
14:47:56.0004 5420 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:47:56.0068 5420 volsnap - ok
14:47:56.0131 5420 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:47:56.0136 5420 vsmraid - ok
14:47:56.0203 5420 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:47:56.0219 5420 VSS - ok
14:47:56.0228 5420 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:47:56.0230 5420 vwifibus - ok
14:47:56.0252 5420 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:47:56.0256 5420 vwififlt - ok
14:47:56.0273 5420 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:47:56.0277 5420 vwifimp - ok
14:47:56.0318 5420 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:47:56.0326 5420 W32Time - ok
14:47:56.0349 5420 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:47:56.0355 5420 WacomPen - ok
14:47:56.0400 5420 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:47:56.0443 5420 WANARP - ok
14:47:56.0494 5420 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:47:56.0496 5420 Wanarpv6 - ok
14:47:56.0736 5420 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:47:56.0824 5420 WatAdminSvc - ok
14:47:56.0890 5420 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:47:56.0898 5420 wbengine - ok
14:47:56.0942 5420 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:47:56.0960 5420 WbioSrvc - ok
14:47:57.0029 5420 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:47:57.0105 5420 wcncsvc - ok
14:47:57.0131 5420 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:47:57.0136 5420 WcsPlugInService - ok
14:47:57.0165 5420 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:47:57.0169 5420 Wd - ok
14:47:57.0195 5420 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:47:57.0203 5420 Wdf01000 - ok
14:47:57.0217 5420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:47:57.0219 5420 WdiServiceHost - ok
14:47:57.0224 5420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:47:57.0226 5420 WdiSystemHost - ok
14:47:57.0258 5420 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:47:57.0312 5420 WebClient - ok
14:47:57.0338 5420 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:47:57.0348 5420 Wecsvc - ok
14:47:57.0366 5420 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:47:57.0368 5420 wercplsupport - ok
14:47:57.0388 5420 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:47:57.0390 5420 WerSvc - ok
14:47:57.0433 5420 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:47:57.0436 5420 WfpLwf - ok
14:47:57.0473 5420 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:47:57.0534 5420 WimFltr - ok
14:47:57.0552 5420 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:47:57.0554 5420 WIMMount - ok
14:47:57.0575 5420 WinDefend - ok
14:47:57.0580 5420 WinHttpAutoProxySvc - ok
14:47:57.0639 5420 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:47:57.0640 5420 Winmgmt - ok
14:47:57.0861 5420 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:47:57.0973 5420 WinRM - ok
14:47:58.0043 5420 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:47:58.0114 5420 WinUsb - ok
14:47:58.0182 5420 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:47:58.0188 5420 Wlansvc - ok
14:47:58.0336 5420 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:47:58.0353 5420 wlidsvc - ok
14:47:58.0387 5420 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:47:58.0387 5420 WmiAcpi - ok
14:47:58.0420 5420 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:47:58.0428 5420 wmiApSrv - ok
14:47:58.0461 5420 WMPNetworkSvc - ok
14:47:58.0487 5420 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:47:58.0498 5420 WPCSvc - ok
14:47:58.0536 5420 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:47:58.0600 5420 WPDBusEnum - ok
14:47:58.0629 5420 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:47:58.0632 5420 ws2ifsl - ok
14:47:58.0648 5420 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:47:58.0650 5420 wscsvc - ok
14:47:58.0654 5420 WSearch - ok
14:47:58.0737 5420 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:47:58.0749 5420 wuauserv - ok
14:47:58.0767 5420 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:47:58.0807 5420 WudfPf - ok
14:47:58.0975 5420 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:47:59.0020 5420 WUDFRd - ok
14:47:59.0055 5420 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:47:59.0057 5420 wudfsvc - ok
14:47:59.0090 5420 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:47:59.0106 5420 WwanSvc - ok
14:47:59.0129 5420 ================ Scan global ===============================
14:47:59.0154 5420 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:47:59.0201 5420 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:47:59.0208 5420 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:47:59.0234 5420 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:47:59.0269 5420 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:47:59.0276 5420 [Global] - ok
14:47:59.0277 5420 ================ Scan MBR ==================================
14:47:59.0293 5420 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:48:00.0555 5420 \Device\Harddisk0\DR0 - ok
14:48:00.0555 5420 ================ Scan VBR ==================================
14:48:00.0598 5420 [ 3D9D29FB97DC3555F5C5013EE94D2649 ] \Device\Harddisk0\DR0\Partition1
14:48:00.0601 5420 \Device\Harddisk0\DR0\Partition1 - ok
14:48:00.0622 5420 [ 9E188909E32F40C0AE01078D6FB88609 ] \Device\Harddisk0\DR0\Partition2
14:48:00.0626 5420 \Device\Harddisk0\DR0\Partition2 - ok
14:48:00.0626 5420 ============================================================
14:48:00.0626 5420 Scan finished
14:48:00.0626 5420 ============================================================
14:48:00.0636 6652 Detected object count: 0
14:48:00.0636 6652 Actual detected object count: 0

Avast scan in progress ...

#4 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 03:10 PM

Here's the Avast report:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-02 14:51:39
-----------------------------
14:51:39.035 OS Version: Windows x64 6.1.7601 Service Pack 1
14:51:39.035 Number of processors: 8 586 0x1E05
14:51:39.036 ComputerName: MICHAEL-PC UserName: michaelg
14:51:44.552 Initialize success
14:53:46.040 AVAST engine defs: 12110201
14:53:58.382 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:53:58.387 Disk 0 Vendor: ST9640320AS 0001DEM1 Size: 610480MB BusType: 11
14:53:58.405 Disk 0 MBR read successfully
14:53:58.410 Disk 0 MBR scan
14:53:58.417 Disk 0 Windows VISTA default MBR code
14:53:58.422 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
14:53:58.435 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
14:53:58.459 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595440 MB offset 30800325
14:53:58.492 Disk 0 scanning C:\Windows\system32\drivers
14:54:15.840 Service scanning
14:54:52.517 Modules scanning
14:54:52.542 Disk 0 trace - called modules:
14:54:52.562 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
14:54:52.569 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d2d060]
14:54:52.787 3 CLASSPNP.SYS[fffff8800121c43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80079c0060]
14:54:56.030 AVAST engine scan C:\Windows
14:55:01.075 AVAST engine scan C:\Windows\system32
15:01:20.027 AVAST engine scan C:\Windows\system32\drivers
15:01:46.715 AVAST engine scan C:\Users\michaelg
15:02:07.695 AVAST engine scan C:\ProgramData
15:07:24.800 Scan finished successfully
15:07:58.054 Disk 0 MBR has been saved successfully to "C:\Users\Public\Documents\virus recovery\MBR.dat"
15:07:58.063 The log file has been saved successfully to "C:\Users\Public\Documents\virus recovery\aswMBR.txt"

#5 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 05:05 PM

The Eset scan found no infected files.

Looking at your instructions in the other thread, I have run Malwarebytes many times in safe and normal modes and after the initial scan/detection, it has found no other infections. Should I run it again for a report or proceed with the next step?

Also, should I click the Fix MBR button in the Avast window before I close it?

Edited by thermality, 02 November 2012 - 05:34 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:30 AM

Posted 02 November 2012 - 05:37 PM

Do not click on FIXMBR

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 08:12 PM

Here's the Malwarebytes log:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.02.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
michaelg :: MICHAEL-PC [administrator]

Protection: Enabled

11/2/2012 6:35:43 PM
mbam-log-2012-11-02 (18-35-43).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 445946
Time elapsed: 1 hour(s), 19 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


One thing I noticed during the scan -- the scan and windows sort of timed out for about 2 minutes when it hit the apisetschema.dll file. Don't know if that means anything or not. The scan time was also about 15 minutes faster than any previous scan.

Here's the Minitoolbox report:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Michael (ATTENTION: The logged in user is not administrator) on 02-11-2012 at 19:59:57
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 5300 AGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.2 metric=1 publish=Yes


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Michael-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-21-6A-BF-EA-2D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 70-F1-A1-B7-82-2C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-AC-6F-78-C1-B5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5300 AGN
Physical Address. . . . . . . . . : 00-21-6A-BF-EA-2C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4c29:d332:61c6:d0da%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 02, 2012 11:07:13 AM
Lease Expires . . . . . . . . . . : Saturday, November 03, 2012 6:27:09 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 184557930
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-C7-7F-82-B8-AC-6F-78-C1-B5
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2D223B2C-F451-48BA-AA4C-61965FFA2110}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c16:1643:4764:d7c9(Preferred)
Link-local IPv6 Address . . . . . : fe80::c16:1643:4764:d7c9%28(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{5E0050D2-5881-4825-AF43-3100D8F6343C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{38202A13-4353-4BA5-B88B-FE263BC74F72}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{38762052-50DC-4D67-B137-6761A858431C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:4002:800::1008
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98


Pinging google.com [74.125.227.110] with 32 bytes of data:
Reply from 74.125.227.110: bytes=32 time=379ms TTL=56
Reply from 74.125.227.110: bytes=32 time=31ms TTL=56

Ping statistics for 74.125.227.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 379ms, Average = 205ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=557ms TTL=45
Reply from 98.139.183.24: bytes=32 time=117ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 117ms, Maximum = 557ms, Average = 337ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 6ms, Maximum = 6ms, Average = 6ms
===========================================================================
Interface List
14...00 21 6a bf ea 2d ......Microsoft Virtual WiFi Miniport Adapter
13...70 f1 a1 b7 82 2c ......Bluetooth Device (Personal Area Network)
11...b8 ac 6f 78 c1 b5 ......Broadcom NetLink ™ Gigabit Ethernet
10...00 21 6a bf ea 2c ......Intel® WiFi Link 5300 AGN
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
28...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
42...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
43...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.2 26
169.254.255.255 255.255.255.255 On-link 192.168.1.2 281
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.2 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
28 58 ::/0 On-link
1 306 ::1/128 On-link
28 58 2001::/32 On-link
28 306 2001:0:4137:9e76:c16:1643:4764:d7c9/128
On-link
10 281 fe80::/64 On-link
28 306 fe80::/64 On-link
28 306 fe80::c16:1643:4764:d7c9/128
On-link
10 281 fe80::4c29:d332:61c6:d0da/128
On-link
1 306 ff00::/8 On-link
28 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ================================

Could not start eventlog service, could not read events.

System error 5 has occurred.

Access is denied.


=========================== Installed Programs ============================

Accidental Damage Services Agreement (Version: 2.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Illustrator 10 (Version: 10)
Adobe InDesign 2.0.2 (Version: 2.0.200)
Adobe Photoshop 7.0.1 (Version: 7.0.1)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe SVG Viewer 3.0 (Version: 3.0)
Advanced Audio FX Engine (Version: 1.12.05)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 3.3.0.69)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.010.0122.0857)
Audacity 1.3.13 (Unicode)
Banctec Service Agreement (Version: 2.0.0)
Bonjour (Version: 3.0.0.10)
Bonjour Print Services (Version: 2.0.2.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MG5200 series MP Drivers
Canon MG5200 series User Registration
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full Existing (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Full New (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Light (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Common (Version: 2010.0122.858.16002)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (Version: 2010.0122.858.16002)
Catalyst Control Center Localization All (Version: 2010.0122.858.16002)
ccc-core-static (Version: 2010.0122.858.16002)
ccc-utility64 (Version: 2010.0122.858.16002)
CCC Help Chinese Standard (Version: 2010.0122.0857.16002)
CCC Help Chinese Traditional (Version: 2010.0122.0857.16002)
CCC Help Danish (Version: 2010.0122.0857.16002)
CCC Help Dutch (Version: 2010.0122.0857.16002)
CCC Help English (Version: 2010.0122.0857.16002)
CCC Help Finnish (Version: 2010.0122.0857.16002)
CCC Help French (Version: 2010.0122.0857.16002)
CCC Help German (Version: 2010.0122.0857.16002)
CCC Help Italian (Version: 2010.0122.0857.16002)
CCC Help Japanese (Version: 2010.0122.0857.16002)
CCC Help Korean (Version: 2010.0122.0857.16002)
CCC Help Norwegian (Version: 2010.0122.0857.16002)
CCC Help Portuguese (Version: 2010.0122.0857.16002)
CCC Help Russian (Version: 2010.0122.0857.16002)
CCC Help Spanish (Version: 2010.0122.0857.16002)
CCC Help Swedish (Version: 2010.0122.0857.16002)
CCleaner (Version: 3.24)
CDDRV_Installer (Version: 4.60)
Creative Karaoke Player (Version: 2.11)
Creative MediaSource 5 (Version: 5.26)
Creative WaveStudio 7 (Version: 7.12)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Touchpad (Version: 14.0.2.0)
Dell Webcam Central (Version: 1.40.05)
DHTML Editing Component (Version: 6.02.0001)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
erLT (Version: 1.20.0137)
FastAccess (Version: 2.4.97.1)
FinePixViewer Ver.5.5 (Version: 5.5)
Free Window Registry Repair
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.4.2)
GimpShop 2.8 (Version: 2.8)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
IDT Audio (Version: 1.0.6267.0)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 21 (Version: 6.0.210)
Java™ 6 Update 3 (Version: 1.6.0.30)
Junk Mail filter update (Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 2.00.0000)
Linksys EasyLink Advisor
Linksys EasyLink Advisor (Version: 3.1.8347.79)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Logitech SetPoint (Version: 4.80)
LoJack Factory Installer (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Security Scan Plus (Version: 3.0.207.4)
McAfee SecurityCenter (Version: 11.6.435)
McAfee Virtual Technician (Version: 6.5.0.2101)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Notepad++ (Version: 5.9)
Power Tab Editor 1.7 (Version: 1.7.0)
PowerDVD DX (Version: 8.3.6029)
Pure Networks Platform (Version: 11.0.8322.1)
Quicken 2010 (Version: 19.1.2.22)
Quickset64 (Version: 9.6.8)
QuickTime (Version: 7.72.80.56)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.57.2)
Security Task Manager 1.8d (Version: 1.8d)
Shared C Run-time for x64 (Version: 10.0.0)
Skins (Version: 2010.0122.858.16002)
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Sound Blaster X-Fi MB (Version: 1.0)
Spybot - Search & Destroy (Version: 1.6.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VD64Inst (Version: 1.00.0000)
VLC media player 2.0.2 (Version: 2.0.2)
WIDCOMM Bluetooth Software (Version: 6.2.0.9603)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 8180.5 MB
Available physical RAM: 4939.46 MB
Total Pagefile: 16359.19 MB
Available Pagefile: 12939.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.17 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:509.04 GB) NTFS

========================= Users: ========================================

User accounts for \\MICHAEL-PC

Administrator Guest Michael
michaelg


**** End of log ****

And the Farbar report:

Farbar Service Scanner Version: 27-10-2012
Ran by Michael (ATTENTION: The logged in user is not administrator) on 02-11-2012 at 20:08:37
Running from "C:\Users\Michael\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 08:26 PM

When I clicked on the Adware Cleaner link I got a strong McAfee Site Advisor warning, so I backed out. The link appears to be to a French site. Is this anything to worry about?

Went ahead with the download and run. It wants to reboot prior to a report. This is making me nervous.

Edited by thermality, 02 November 2012 - 08:44 PM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:30 AM

Posted 02 November 2012 - 08:34 PM

It is false positive.Go ahead and run the scans.

#10 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 08:57 PM

I let it do its thing and it rebooted the computer but I'm not seeing any report before or after the reboot. I reopened the app but no sign of a log or report. What am I missing? Should I click search?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:30 AM

Posted 02 November 2012 - 09:02 PM

If you have clicked on DELETE option then ignore the log.Go to next scan.

#12 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 09:20 PM

Yes I definitely clicked delete and it said it would generate a log after reboot, but apparently did not. The JRT appears to have hung up at Checking CLSID Keys following Checking Toolbar Values.

Edited by thermality, 02 November 2012 - 09:22 PM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:30 AM

Posted 02 November 2012 - 09:23 PM

Let us wait for the scan to finish.After the scan ,run these two scans

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 09:42 PM

Here's the JRT report:

Junkware Removal Tool (JRT) by Thisisu
Version: 2.5.3 (11.02.2012)
OS: Windows 7 Home Premium x64
Ran by michaelg on Fri 11/02/2012 at 21:05:41.91
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 11/02/2012 at 21:29:45.62
End of Report

_____________________________________________

And the RKill report:

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/02/2012 09:33:52 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\michaelg\Desktop\rkill\rkill-11-02-2012-09-34-00.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/02/2012 09:34:11 PM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)


____________________________________

Here's the Autorun log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "Kernel and Hardware Abstraction Layer" "Logitech KHAL Main Process" "Logitech, Inc." "c:\windows\khalmnpr.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "CanonSolutionMenuEx" "Canon Solution Menu EX" "CANON INC." "c:\program files (x86)\canon\solution menu ex\cnsemain.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "FATrayAlert" "FATrayMon" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\fatraymon.exe"
+ "IJNetworkScanUtility" "Canon IJ Network Scan Utility" "CANON INC." "c:\program files (x86)\canon\canon ij network scan utility\cnmnsut.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "nmctxth" "Pure Networks Platform Assistant" "Cisco Systems, Inc." "c:\program files (x86)\common files\pure networks shared\platform\nmctxth.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "VolPanel" "VolPanlu.exe" "Creative Technology Ltd" "c:\program files (x86)\creative\sb x-fi mb\volume panel\volpanlu.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Gamma Loader.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "ExifLauncher2.lnk" "Exif Launcher 2" "FUJIFILM Corporation" "c:\program files (x86)\finepixviewer\quickdcf2.exe"
+ "Logitech SetPoint.lnk" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpoint\setpoint.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe"
"C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "pure-go" "Pure Service Provider DLL (64-bit)" "Cisco Systems, Inc." "c:\program files (x86)\common files\pure networks shared\platform\amd64\puresp4.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Face recognition web login for FastAccess" "Face recognition web login for FastAccess" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\x64\faiesso.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Canon Easy-WebPrint EX BHO" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexbho.dll"
+ "Face recognition web login for FastAccess" "Face recognition web login for FastAccess" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faiesso.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn0\ytsingleinstance.dll"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Canon Easy-WebPrint EX" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Skype Plug-In" "Skype add-on for IE" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "" "" "File not found: C:\Program Files\Dell Support Center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "" "" "File not found: C:\Program Files\Dell Support Center\uaclauncher.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: C:\Program Files\Dell Support Center\uaclauncher.exe"
+ "\{DBE8A2F6-C0EB-40B7-AD4F-CACF76B23143}" "Adobe Illustrator" "Adobe Systems, Inc." "c:\program files (x86)\adobe\illustrator 10\support files\contents\windows\illustrator.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\aestsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "Creative ALchemy AL6 Licensing Service" "Provides licensing services for Creative ALchemy." "Creative Labs" "c:\program files (x86)\common files\creative labs shared\service\al6licensing.exe"
+ "Creative Audio Engine Licensing Service" "Provides licensing services for Creative Audio Engine." "Creative Labs" "c:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe"
+ "CTAudSvcService" "Creative Audio Service" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\ctaudsvc.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "FAService" "FAService" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faservice.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LinksysUpdater" "Updater for Linksys EasyLink Advisor" "" "c:\program files (x86)\linksys\linksys updater\bin\linksysupdater.exe"
+ "Macromedia Licensing Service" "Provides authentication services for Macromedia applications." "" "c:\program files (x86)\common files\macromedia shared\service\macromedia licensing.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.207\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "nmservice" "Enables Pure Networks Platform services such as file sharing, printer sharing, and network monitoring." "Cisco Systems, Inc." "c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SessionLauncher" "Sonic" "" "File not found: c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Sound Blaster X-Fi MB Licensing Service" "Provides licensing services for Sound Blaster X-Fi MB" "Creative Labs" "c:\program files (x86)\common files\creative labs shared\service\xmblicensing.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "TurboBoost" "Turbo Boost Monitor Service" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atipmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrSerIb" "Brother MFC Serial Interface Driver(WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserib.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BrUsbSIb" "Brother MFC Serial USB Driver(WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbsib.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "FACAP" "faCap WebCam Capture" "Sensible Vision " "c:\windows\system32\drivers\facap.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "itecir" "ITE Consumer IR Driver for eHome" "ITE Tech. Inc. " "c:\windows\system32\drivers\itecir.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LEqdUsb" "Logitech Equad USB Driver." "Logitech, Inc." "c:\windows\system32\drivers\leqdusb.sys"
+ "LHidEqd" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhideqd.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pnarp" "Provides support for Pure Networks Platform device discovery." "Pure Networks, Inc." "c:\windows\system32\drivers\pnarp.sys"
+ "purendis" "Provides support for Pure Networks Platform wireless adapter configuration." "Pure Networks, Inc." "c:\windows\system32\drivers\purendis.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspe64.sys"
+ "risdpcie" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\risdpe64.sys"
+ "rixdpcie" "RICOH PCIe XD Driver" "REDC" "c:\windows\system32\drivers\rixdpe64.sys"
+ "RxFilter" "RxFilter mini-filter driver" "" "File not found: system32\DRIVERS\RxFilter.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "" "c:\windows\system32\drivers\turbob.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "BPM Metadata" "Creative BPM Metadata Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\metabpmu.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\ac3srcu.ax"
+ "Creative Audio Gain Filter" "Audio Gain Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\audgain.ax"
+ "Creative CDDA Source Filter" "CDDA Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\cdda.ax"
+ "Creative File Reader Filter" "Creative File Reader Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\filreadu.ax"
+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\flacsrcu.ax"
+ "Creative Internet Source Filter" "Creative Internet Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\inetsrcu.ax"
+ "Creative LiveRecording Filter_SxS" "Live Recording Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\liverecu.ax"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative MLP Source Filter" "Creative MLP Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\mlpsrcu.ax"
+ "Creative NVF Filter" "Creative Nomad Voice File Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\nvfsrcu.ax"
+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\oggsrcu.ax"
+ "Creative PCM Raw Writer" "Creative Raw Writer" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\rawwritu.ax"
+ "Creative Recording Wav_Asio Filter" "Audio Recording Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\audiorec.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "Creative Wave Writer" "Wave Writer" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\wavwrite.ax"
+ "Creative WMA Source Filter" "Creative WMA Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\wmasrc.ax"
+ "Creative WMA Writer" "WMA Writer" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\wmawrite.ax"
+ "CT CMSS3 filter" "Sample" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\cmss3.ax"
+ "CT HPVirtualizer filter" "Creative Headphone Virtualizer Filter" "Creative Technology, Ltd." "c:\program files (x86)\creative\shared files\virtual.ax"
+ "CT Karaoke filter" "Creative Karaoke Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\karaoke.ax"
+ "CT PDP filter" "Creative Crystalizer Filter" "Creative Technology, Ltd." "c:\program files (x86)\creative\shared files\pdp.ax"
+ "CT SmartVolumeManagement filter" "Creative Compressor Plugin" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\dscompr.ax"
+ "CT Time-Scaling filter" "Sample" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\timescal.ax"
+ "CT Upsampler filter" "Sample" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\upsample.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Noise Reduction" "Creative Noise Reduction Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\noisredu.ax"
+ "PCM to EXT" "Creative Pcm2Ext" "Creative Technology Ltd." "c:\program files (x86)\creative\wavestudio 7\pcm2ext.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files (x86)\common files\sonic shared\sonichdnav.dll"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "SVM Metadata" "Creative SVM Metadata Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\metasvmu.ax"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "FACredProv" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
+ "FACredProv2" "FACredProv2 Application" "Sensible Vision " "c:\windows\system32\facredprov2.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "FACredProvFilter" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MG5200 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmae.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "FAPassSync" "FAPassSync" "Sensible Vision " "c:\windows\system32\fapasssync.dll"

#15 thermality

thermality
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 02 November 2012 - 09:45 PM

Btw, there were two exe files in the Autoruns unzip -- autoruns.exe and autorunsc.exe. I ran the first one.

While I'm waiting to hear back from you, thought I might add that in my initial post, in my list of worrisome indicators I forgot to mention that once I got the computer running again, it occurred to me to check Quicken. When I opened it, instead of getting the usual prompt for a password, Quicken behaved as if I were a new user. A quick check revealed that all my Quicken user files had disappeared. After a moment of panic, I was able to restore the files with a right click/restore on the Quicken folder. When I opened and logged into Quicken it looks like everything is in order. I assume this means that the trojan or someone accessing my computer externally had stolen the files. Fortunately, I only use Quicken as a check register/statement balancing and have never stored bank account or credit card ID info in it. This probably doesn't make any difference in your analysis, but thought I'd mention it just in case.

Edited by thermality, 03 November 2012 - 08:17 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users