Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help, Please...removing File-Restore scareware


  • Please log in to reply
13 replies to this topic

#1 beleepit

beleepit

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 03 November 2012 - 04:03 PM

Hello,

I am trying to remove the File Restore scareware from a dell inspiron17 laptop, running windows 7 home premium.

I have read the guide but can't get past the step of running Rkill.

When I try to run Rkill either by double click or via start button search field, it will not run. In the DOS window it says, "appdata doesn't exist! Rkill terminated!"

Also, a pop-up window with the title 'Rkill error' states: "there was a problem retrieving the necessary environment variable: appdata. Rkill has terminated."

Any help would be greatly appreciated.

Thank you :)

Edited by hamluis, 03 November 2012 - 04:06 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 03 November 2012 - 04:06 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 beleepit

beleepit
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 07 November 2012 - 05:47 PM

greetings,

Thanks so much for your assistance.

The infected user account on the computer is a non-admin account. It is under this account that I see the screens of the file-restore scareware

(where it pretends to be a disk utility and wants you to buy it).

If I log on with the administrator account, I dont see any of those screens. Applications behave oddly and dont seem to run right under but the

scare screens of the file-restore virus dont come up.

Anyway, I followed all of your instructions...I ran the three programs and am including logs.

Please note...I did this under the administrator account, not the account where the screens of the file-restore attack come up.

I ran all three in normal mode. Log follow below.

***** TDSS log is as follows:

20:24:31.0691 4844 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:24:32.0705 4844 ============================================================
20:24:32.0705 4844 Current date / time: 2012/11/05 20:24:32.0705
20:24:32.0705 4844 SystemInfo:
20:24:32.0705 4844
20:24:32.0705 4844 OS Version: 6.1.7601 ServicePack: 1.0
20:24:32.0705 4844 Product type: Workstation
20:24:32.0705 4844 ComputerName: HUNK-O-JUNK
20:24:32.0705 4844 UserName: 1
20:24:32.0705 4844 Windows directory: C:\Windows
20:24:32.0705 4844 System windows directory: C:\Windows
20:24:32.0705 4844 Running under WOW64
20:24:32.0705 4844 Processor architecture: Intel x64
20:24:32.0705 4844 Number of processors: 2
20:24:32.0705 4844 Page size: 0x1000
20:24:32.0705 4844 Boot type: Normal boot
20:24:32.0705 4844 ============================================================
20:24:34.0358 4844 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F,

TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:24:34.0358 4844 Drive \Device\Harddisk1\DR2 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F,

TracksPerCylinder: 0xFF, Type 'W'
20:24:34.0374 4844 ============================================================
20:24:34.0374 4844 \Device\Harddisk0\DR0:
20:24:34.0374 4844 MBR partitions:
20:24:34.0374 4844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
20:24:34.0374 4844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
20:24:34.0374 4844 \Device\Harddisk1\DR2:
20:24:34.0374 4844 MBR partitions:
20:24:34.0374 4844 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
20:24:34.0374 4844 ============================================================
20:24:34.0405 4844 C: <-> \Device\Harddisk0\DR0\Partition2
20:24:34.0452 4844 E: <-> \Device\Harddisk0\DR0\Partition1
20:24:34.0452 4844 ============================================================
20:24:34.0452 4844 Initialize success
20:24:34.0452 4844 ============================================================
20:24:46.0074 0712 ============================================================
20:24:46.0074 0712 Scan started
20:24:46.0074 0712 Mode: Manual; TDLFS;
20:24:46.0074 0712 ============================================================
20:24:46.0402 0712 ================ Scan system memory ========================
20:24:46.0402 0712 System memory - ok
20:24:46.0402 0712 ================ Scan services =============================
20:24:46.0636 0712 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:24:46.0714 0712 1394ohci - ok
20:24:46.0760 0712 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:24:46.0760 0712 ACPI - ok
20:24:46.0792 0712 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:24:46.0870 0712 AcpiPmi - ok
20:24:47.0041 0712 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:47.0041 0712 AdobeFlashPlayerUpdateSvc - ok
20:24:47.0135 0712 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:24:47.0166 0712 adp94xx - ok
20:24:47.0197 0712 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:24:47.0197 0712 adpahci - ok
20:24:47.0244 0712 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:24:47.0244 0712 adpu320 - ok
20:24:47.0291 0712 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:24:47.0291 0712 AeLookupSvc - ok
20:24:47.0431 0712 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\AESTSr64.exe
20:24:47.0509 0712 AESTFilters - ok
20:24:47.0587 0712 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:24:47.0603 0712 AFD - ok
20:24:47.0634 0712 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:24:47.0634 0712 agp440 - ok
20:24:47.0696 0712 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:24:47.0712 0712 ALG - ok
20:24:47.0743 0712 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:24:47.0743 0712 aliide - ok
20:24:47.0759 0712 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:24:47.0759 0712 amdide - ok
20:24:47.0837 0712 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:24:47.0837 0712 AmdK8 - ok
20:24:47.0884 0712 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:24:47.0899 0712 AmdPPM - ok
20:24:47.0946 0712 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:24:48.0024 0712 amdsata - ok
20:24:48.0087 0712 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:24:48.0102 0712 amdsbs - ok
20:24:48.0133 0712 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:24:48.0133 0712 amdxata - ok
20:24:48.0196 0712 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:24:48.0196 0712 AppID - ok
20:24:48.0274 0712 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:24:48.0274 0712 AppIDSvc - ok
20:24:48.0321 0712 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:24:48.0321 0712 Appinfo - ok
20:24:48.0336 0712 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:24:48.0336 0712 arc - ok
20:24:48.0383 0712 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:24:48.0383 0712 arcsas - ok
20:24:48.0430 0712 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:48.0430 0712 AsyncMac - ok
20:24:48.0477 0712 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:24:48.0492 0712 atapi - ok
20:24:48.0555 0712 [ 195786ED7A26E1913A4F9799FDBC2C71 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:24:48.0633 0712 athr - ok
20:24:48.0711 0712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:48.0742 0712 AudioEndpointBuilder - ok
20:24:48.0757 0712 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:48.0773 0712 AudioSrv - ok
20:24:48.0804 0712 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:48.0882 0712 AxInstSV - ok
20:24:48.0913 0712 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:24:48.0945 0712 b06bdrv - ok
20:24:48.0991 0712 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:49.0007 0712 b57nd60a - ok
20:24:49.0038 0712 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:49.0054 0712 BDESVC - ok
20:24:49.0101 0712 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:49.0116 0712 Beep - ok
20:24:49.0194 0712 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:24:49.0272 0712 BFE - ok
20:24:49.0335 0712 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:24:49.0381 0712 BITS - ok
20:24:49.0413 0712 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:24:49.0413 0712 blbdrive - ok
20:24:49.0459 0712 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:49.0459 0712 bowser - ok
20:24:49.0475 0712 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:24:49.0475 0712 BrFiltLo - ok
20:24:49.0506 0712 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:24:49.0506 0712 BrFiltUp - ok
20:24:49.0553 0712 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:24:49.0615 0712 Browser - ok
20:24:49.0647 0712 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:49.0662 0712 Brserid - ok
20:24:49.0709 0712 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:49.0709 0712 BrSerWdm - ok
20:24:49.0709 0712 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:49.0709 0712 BrUsbMdm - ok
20:24:49.0725 0712 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:49.0740 0712 BrUsbSer - ok
20:24:49.0803 0712 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:24:49.0803 0712 BthEnum - ok
20:24:49.0818 0712 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:24:49.0818 0712 BTHMODEM - ok
20:24:49.0865 0712 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:24:49.0881 0712 BthPan - ok
20:24:49.0912 0712 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:24:49.0927 0712 BTHPORT - ok
20:24:49.0974 0712 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:24:49.0974 0712 bthserv - ok
20:24:49.0990 0712 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:24:49.0990 0712 BTHUSB - ok
20:24:50.0021 0712 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:24:50.0021 0712 btwaudio - ok
20:24:50.0052 0712 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
20:24:50.0052 0712 btwavdt - ok
20:24:50.0146 0712 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:24:50.0255 0712 btwdins - ok
20:24:50.0271 0712 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:24:50.0364 0712 btwl2cap - ok
20:24:50.0395 0712 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:24:50.0395 0712 btwrchid - ok
20:24:50.0427 0712 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:50.0427 0712 cdfs - ok
20:24:50.0473 0712 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:24:50.0473 0712 cdrom - ok
20:24:50.0536 0712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:50.0598 0712 CertPropSvc - ok
20:24:50.0629 0712 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
20:24:50.0629 0712 cfwids - ok
20:24:50.0676 0712 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:24:50.0676 0712 circlass - ok
20:24:50.0707 0712 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:24:50.0723 0712 CLFS - ok
20:24:50.0801 0712 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:50.0817 0712 clr_optimization_v2.0.50727_32 - ok
20:24:50.0895 0712 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:50.0910 0712 clr_optimization_v2.0.50727_64 - ok
20:24:50.0988 0712 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:51.0097 0712 clr_optimization_v4.0.30319_32 - ok
20:24:51.0144 0712 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:51.0238 0712 clr_optimization_v4.0.30319_64 - ok
20:24:51.0285 0712 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:24:51.0285 0712 CmBatt - ok
20:24:51.0316 0712 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:51.0316 0712 cmdide - ok
20:24:51.0347 0712 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:51.0425 0712 CNG - ok
20:24:51.0456 0712 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:24:51.0456 0712 Compbatt - ok
20:24:51.0503 0712 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:51.0503 0712 CompositeBus - ok
20:24:51.0519 0712 COMSysApp - ok
20:24:51.0550 0712 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:24:51.0550 0712 crcdisk - ok
20:24:51.0597 0712 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:51.0659 0712 CryptSvc - ok
20:24:51.0737 0712 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:24:51.0737 0712 CtClsFlt - ok
20:24:51.0784 0712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:51.0815 0712 DcomLaunch - ok
20:24:51.0846 0712 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:51.0862 0712 defragsvc - ok
20:24:51.0909 0712 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:51.0909 0712 DfsC - ok
20:24:51.0971 0712 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:51.0987 0712 Dhcp - ok
20:24:52.0002 0712 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:24:52.0018 0712 discache - ok
20:24:52.0049 0712 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:24:52.0049 0712 Disk - ok
20:24:52.0111 0712 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:52.0189 0712 Dnscache - ok
20:24:52.0252 0712 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
20:24:52.0345 0712 DockLoginService - ok
20:24:52.0392 0712 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:52.0455 0712 dot3svc - ok
20:24:52.0501 0712 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:24:52.0501 0712 DPS - ok
20:24:52.0548 0712 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:52.0548 0712 drmkaud - ok
20:24:52.0642 0712 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:52.0767 0712 DXGKrnl - ok
20:24:52.0829 0712 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:52.0845 0712 EapHost - ok
20:24:52.0969 0712 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:24:53.0063 0712 ebdrv - ok
20:24:53.0125 0712 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:24:53.0203 0712 EFS - ok
20:24:53.0281 0712 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:53.0375 0712 ehRecvr - ok
20:24:53.0406 0712 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:24:53.0422 0712 ehSched - ok
20:24:53.0469 0712 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:24:53.0484 0712 elxstor - ok
20:24:53.0531 0712 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:53.0531 0712 ErrDev - ok
20:24:53.0593 0712 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:24:53.0625 0712 EventSystem - ok
20:24:53.0640 0712 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:53.0656 0712 exfat - ok
20:24:53.0718 0712 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:53.0718 0712 fastfat - ok
20:24:53.0796 0712 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:24:53.0812 0712 Fax - ok
20:24:53.0859 0712 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:24:53.0859 0712 fdc - ok
20:24:53.0874 0712 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:53.0874 0712 fdPHost - ok
20:24:53.0905 0712 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:53.0905 0712 FDResPub - ok
20:24:53.0921 0712 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:53.0937 0712 FileInfo - ok
20:24:53.0952 0712 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:53.0952 0712 Filetrace - ok
20:24:53.0983 0712 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:24:53.0983 0712 flpydisk - ok
20:24:54.0046 0712 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:54.0046 0712 FltMgr - ok
20:24:54.0139 0712 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
20:24:54.0171 0712 FontCache - ok
20:24:54.0217 0712 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:54.0311 0712 FontCache3.0.0.0 - ok
20:24:54.0342 0712 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:54.0342 0712 FsDepends - ok
20:24:54.0373 0712 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:54.0467 0712 Fs_Rec - ok
20:24:54.0514 0712 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:54.0514 0712 fvevol - ok
20:24:54.0545 0712 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:24:54.0545 0712 gagp30kx - ok
20:24:54.0654 0712 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
20:24:54.0763 0712 GoToAssist - ok
20:24:54.0810 0712 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:54.0857 0712 gpsvc - ok
20:24:54.0951 0712 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:54.0951 0712 gupdate - ok
20:24:55.0013 0712 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:55.0029 0712 gupdatem - ok
20:24:55.0107 0712 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google

Updater\GoogleUpdaterService.exe
20:24:55.0122 0712 gusvc - ok
20:24:55.0153 0712 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:55.0153 0712 hcw85cir - ok
20:24:55.0200 0712 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:55.0200 0712 HDAudBus - ok
20:24:55.0216 0712 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:24:55.0231 0712 HidBatt - ok
20:24:55.0247 0712 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:24:55.0247 0712 HidBth - ok
20:24:55.0263 0712 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:24:55.0263 0712 HidIr - ok
20:24:55.0309 0712 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:24:55.0309 0712 hidserv - ok
20:24:55.0341 0712 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:24:55.0341 0712 HidUsb - ok
20:24:55.0372 0712 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
20:24:55.0465 0712 HipShieldK - ok
20:24:55.0512 0712 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:55.0575 0712 hkmsvc - ok
20:24:55.0621 0712 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:55.0684 0712 HomeGroupListener - ok
20:24:55.0715 0712 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:55.0777 0712 HomeGroupProvider - ok
20:24:55.0824 0712 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:55.0824 0712 HpSAMD - ok
20:24:55.0887 0712 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:55.0902 0712 HTTP - ok
20:24:55.0933 0712 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:55.0949 0712 hwpolicy - ok
20:24:55.0996 0712 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:56.0011 0712 i8042prt - ok
20:24:56.0105 0712 [ F148C2E931BFC20397EDC0A7B4F8E22B ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:24:56.0292 0712 IAANTMON - ok
20:24:56.0386 0712 [ 0B6C9C8F2E00E8B61C8379E62A9F921B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:24:56.0386 0712 iaStor - ok
20:24:56.0433 0712 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:56.0464 0712 iaStorV - ok
20:24:56.0526 0712 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication

Foundation\infocard.exe
20:24:56.0651 0712 idsvc - ok
20:24:56.0963 0712 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:57.0072 0712 igfx - ok
20:24:57.0103 0712 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:24:57.0103 0712 iirsp - ok
20:24:57.0166 0712 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:57.0259 0712 IKEEXT - ok
20:24:57.0306 0712 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:57.0306 0712 intelide - ok
20:24:57.0322 0712 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:57.0337 0712 intelppm - ok
20:24:57.0369 0712 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:57.0384 0712 IPBusEnum - ok
20:24:57.0447 0712 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:57.0447 0712 IpFilterDriver - ok
20:24:57.0493 0712 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:57.0509 0712 iphlpsvc - ok
20:24:57.0540 0712 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:57.0556 0712 IPMIDRV - ok
20:24:57.0571 0712 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:57.0587 0712 IPNAT - ok
20:24:57.0618 0712 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:57.0634 0712 IRENUM - ok
20:24:57.0649 0712 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:57.0649 0712 isapnp - ok
20:24:57.0681 0712 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:57.0774 0712 iScsiPrt - ok
20:24:57.0790 0712 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:57.0790 0712 kbdclass - ok
20:24:57.0868 0712 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:57.0868 0712 kbdhid - ok
20:24:57.0883 0712 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:24:57.0883 0712 KeyIso - ok
20:24:57.0915 0712 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:57.0930 0712 KSecDD - ok
20:24:57.0946 0712 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:57.0961 0712 KSecPkg - ok
20:24:58.0008 0712 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:58.0008 0712 ksthunk - ok
20:24:58.0039 0712 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:58.0117 0712 KtmRm - ok
20:24:58.0164 0712 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:24:58.0242 0712 LanmanServer - ok
20:24:58.0289 0712 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:58.0351 0712 LanmanWorkstation - ok
20:24:58.0414 0712 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:58.0414 0712 lltdio - ok
20:24:58.0461 0712 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:58.0476 0712 lltdsvc - ok
20:24:58.0507 0712 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:58.0507 0712 lmhosts - ok
20:24:58.0601 0712 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:24:58.0601 0712 LSI_FC - ok
20:24:58.0648 0712 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:24:58.0648 0712 LSI_SAS - ok
20:24:58.0663 0712 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:24:58.0663 0712 LSI_SAS2 - ok
20:24:58.0695 0712 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:24:58.0695 0712 LSI_SCSI - ok
20:24:58.0757 0712 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:58.0773 0712 luafv - ok
20:24:58.0897 0712 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:24:58.0913 0712 McMPFSvc - ok
20:24:58.0944 0712 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:24:58.0944 0712 mcmscsvc - ok
20:24:59.0007 0712 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:24:59.0007 0712 McNaiAnn - ok
20:24:59.0022 0712 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:24:59.0038 0712 McNASvc - ok
20:24:59.0116 0712 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
20:24:59.0116 0712 McODS - ok
20:24:59.0131 0712 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:24:59.0131 0712 McProxy - ok
20:24:59.0194 0712 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:24:59.0287 0712 McShield - ok
20:24:59.0319 0712 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:59.0397 0712 Mcx2Svc - ok
20:24:59.0412 0712 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:24:59.0428 0712 megasas - ok
20:24:59.0475 0712 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:24:59.0475 0712 MegaSR - ok
20:24:59.0521 0712 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:24:59.0521 0712 mfeapfk - ok
20:24:59.0568 0712 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:24:59.0568 0712 mfeavfk - ok
20:24:59.0599 0712 mfeavfk01 - ok
20:24:59.0631 0712 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:24:59.0724 0712 mfefire - ok
20:24:59.0771 0712 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:24:59.0802 0712 mfefirek - ok
20:24:59.0865 0712 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:24:59.0974 0712 mfehidk - ok
20:25:00.0036 0712 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
20:25:00.0052 0712 mferkdet - ok
20:25:00.0130 0712 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
20:25:00.0223 0712 mfevtp - ok
20:25:00.0270 0712 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:25:00.0270 0712 mfewfpk - ok
20:25:00.0317 0712 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:25:00.0317 0712 MMCSS - ok
20:25:00.0348 0712 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:25:00.0348 0712 Modem - ok
20:25:00.0395 0712 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:25:00.0395 0712 monitor - ok
20:25:00.0426 0712 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:25:00.0426 0712 mouclass - ok
20:25:00.0473 0712 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:25:00.0489 0712 mouhid - ok
20:25:00.0520 0712 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:25:00.0520 0712 mountmgr - ok
20:25:00.0551 0712 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:25:00.0551 0712 mpio - ok
20:25:00.0582 0712 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:25:00.0582 0712 mpsdrv - ok
20:25:00.0645 0712 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:25:00.0676 0712 MpsSvc - ok
20:25:00.0707 0712 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:25:00.0723 0712 MRxDAV - ok
20:25:00.0769 0712 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:00.0769 0712 mrxsmb - ok
20:25:00.0816 0712 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:00.0816 0712 mrxsmb10 - ok
20:25:00.0847 0712 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:00.0925 0712 mrxsmb20 - ok
20:25:00.0957 0712 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:25:01.0050 0712 msahci - ok
20:25:01.0113 0712 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:25:01.0113 0712 msdsm - ok
20:25:01.0159 0712 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:25:01.0175 0712 MSDTC - ok
20:25:01.0222 0712 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:25:01.0222 0712 Msfs - ok
20:25:01.0237 0712 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:25:01.0253 0712 mshidkmdf - ok
20:25:01.0269 0712 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:25:01.0269 0712 msisadrv - ok
20:25:01.0331 0712 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:25:01.0331 0712 MSiSCSI - ok
20:25:01.0347 0712 msiserver - ok
20:25:01.0378 0712 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:25:01.0393 0712 MSK80Service - ok
20:25:01.0409 0712 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:25:01.0425 0712 MSKSSRV - ok
20:25:01.0440 0712 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:01.0440 0712 MSPCLOCK - ok
20:25:01.0456 0712 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:25:01.0456 0712 MSPQM - ok
20:25:01.0503 0712 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:25:01.0503 0712 MsRPC - ok
20:25:01.0549 0712 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:25:01.0549 0712 mssmbios - ok
20:25:01.0565 0712 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:25:01.0565 0712 MSTEE - ok
20:25:01.0596 0712 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:25:01.0596 0712 MTConfig - ok
20:25:01.0627 0712 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:25:01.0627 0712 Mup - ok
20:25:01.0690 0712 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:25:01.0705 0712 napagent - ok
20:25:01.0783 0712 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:25:01.0783 0712 NativeWifiP - ok
20:25:01.0815 0712 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:25:01.0861 0712 NDIS - ok
20:25:01.0893 0712 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:25:01.0893 0712 NdisCap - ok
20:25:01.0924 0712 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:01.0939 0712 NdisTapi - ok
20:25:01.0986 0712 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:01.0986 0712 Ndisuio - ok
20:25:02.0033 0712 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:02.0127 0712 NdisWan - ok
20:25:02.0158 0712 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:25:02.0158 0712 NDProxy - ok
20:25:02.0173 0712 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:25:02.0189 0712 NetBIOS - ok
20:25:02.0236 0712 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:25:02.0236 0712 NetBT - ok
20:25:02.0251 0712 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:25:02.0267 0712 Netlogon - ok
20:25:02.0329 0712 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:25:02.0345 0712 Netman - ok
20:25:02.0376 0712 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:25:02.0376 0712 netprofm - ok
20:25:02.0423 0712 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication

Foundation\SMSvcHost.exe
20:25:02.0423 0712 NetTcpPortSharing - ok
20:25:02.0439 0712 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:25:02.0454 0712 nfrd960 - ok
20:25:02.0517 0712 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:25:02.0548 0712 NlaSvc - ok
20:25:02.0563 0712 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:25:02.0563 0712 Npfs - ok
20:25:02.0610 0712 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:25:02.0610 0712 nsi - ok
20:25:02.0641 0712 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:25:02.0641 0712 nsiproxy - ok
20:25:02.0735 0712 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:25:02.0782 0712 Ntfs - ok
20:25:02.0813 0712 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:25:02.0813 0712 Null - ok
20:25:02.0860 0712 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:25:02.0860 0712 nvraid - ok
20:25:02.0875 0712 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:25:02.0891 0712 nvstor - ok
20:25:02.0922 0712 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:25:02.0938 0712 nv_agp - ok
20:25:03.0000 0712 [ 404B0121AE1A75D9A63B6934EB07C258 ] OA013Ufd C:\Windows\system32\DRIVERS\OA013Ufd.sys
20:25:03.0000 0712 OA013Ufd - ok
20:25:03.0016 0712 [ 650BCC8FF8ED939F3F79D1E8A1CF0595 ] OA013Vid C:\Windows\system32\DRIVERS\OA013Vid.sys
20:25:03.0016 0712 OA013Vid - ok
20:25:03.0187 0712 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:25:03.0297 0712 odserv - ok
20:25:03.0421 0712 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:25:03.0421 0712 ohci1394 - ok
20:25:03.0468 0712 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source

Engine\OSE.EXE
20:25:03.0562 0712 ose - ok
20:25:03.0624 0712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:25:03.0624 0712 p2pimsvc - ok
20:25:03.0671 0712 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:25:03.0702 0712 p2psvc - ok
20:25:03.0765 0712 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:25:03.0765 0712 Parport - ok
20:25:03.0827 0712 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:25:03.0936 0712 partmgr - ok
20:25:03.0967 0712 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:25:03.0983 0712 PcaSvc - ok
20:25:04.0014 0712 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:25:04.0123 0712 pci - ok
20:25:04.0170 0712 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:25:04.0170 0712 pciide - ok
20:25:04.0217 0712 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:25:04.0217 0712 pcmcia - ok
20:25:04.0264 0712 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:25:04.0264 0712 pcw - ok
20:25:04.0311 0712 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:25:04.0326 0712 PEAUTH - ok
20:25:04.0435 0712 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:25:04.0435 0712 PerfHost - ok
20:25:04.0513 0712 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:25:04.0638 0712 pla - ok
20:25:04.0701 0712 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:25:04.0716 0712 PlugPlay - ok
20:25:04.0747 0712 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:25:04.0763 0712 PNRPAutoReg - ok
20:25:04.0779 0712 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:25:04.0810 0712 PNRPsvc - ok
20:25:04.0841 0712 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:25:04.0872 0712 PolicyAgent - ok
20:25:04.0919 0712 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:25:04.0950 0712 Power - ok
20:25:04.0981 0712 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:25:04.0981 0712 PptpMiniport - ok
20:25:05.0028 0712 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:25:05.0028 0712 Processor - ok
20:25:05.0106 0712 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
20:25:05.0169 0712 ProfSvc - ok
20:25:05.0184 0712 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:25:05.0184 0712 ProtectedStorage - ok
20:25:05.0247 0712 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:25:05.0247 0712 Psched - ok
20:25:05.0293 0712 [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:25:05.0293 0712 PxHlpa64 - ok
20:25:05.0371 0712 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:25:05.0418 0712 ql2300 - ok
20:25:05.0434 0712 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:25:05.0434 0712 ql40xx - ok
20:25:05.0496 0712 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:25:05.0496 0712 QWAVE - ok
20:25:05.0527 0712 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:25:05.0527 0712 QWAVEdrv - ok
20:25:05.0543 0712 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:25:05.0543 0712 RasAcd - ok
20:25:05.0605 0712 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:25:05.0605 0712 RasAgileVpn - ok
20:25:05.0621 0712 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:25:05.0637 0712 RasAuto - ok
20:25:05.0683 0712 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:05.0683 0712 Rasl2tp - ok
20:25:05.0761 0712 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:25:05.0808 0712 RasMan - ok
20:25:05.0824 0712 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:05.0824 0712 RasPppoe - ok
20:25:05.0839 0712 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:25:05.0839 0712 RasSstp - ok
20:25:05.0902 0712 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:25:05.0949 0712 rdbss - ok
20:25:05.0980 0712 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:25:05.0980 0712 rdpbus - ok
20:25:06.0011 0712 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:06.0011 0712 RDPCDD - ok
20:25:06.0058 0712 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:25:06.0058 0712 RDPENCDD - ok
20:25:06.0105 0712 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:25:06.0105 0712 RDPREFMP - ok
20:25:06.0136 0712 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:25:06.0151 0712 RDPWD - ok
20:25:06.0183 0712 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:25:06.0245 0712 rdyboost - ok
20:25:06.0292 0712 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:25:06.0307 0712 RemoteAccess - ok
20:25:06.0339 0712 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:25:06.0370 0712 RemoteRegistry - ok
20:25:06.0401 0712 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:25:06.0401 0712 RFCOMM - ok
20:25:06.0526 0712 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 C:\Program Files (x86)\Common Files\Roxio

Shared\10.0\SharedCOM\RoxMediaDB10.exe
20:25:06.0651 0712 RoxMediaDB10 - ok
20:25:06.0713 0712 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:25:06.0713 0712 RpcEptMapper - ok
20:25:06.0760 0712 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:25:06.0775 0712 RpcLocator - ok
20:25:06.0822 0712 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:25:06.0838 0712 RpcSs - ok
20:25:06.0885 0712 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:25:06.0885 0712 rspndr - ok
20:25:06.0931 0712 [ 39E74E264338934DBF11F8DB79A3E116 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
20:25:06.0931 0712 RTSTOR - ok
20:25:06.0947 0712 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:25:06.0947 0712 SamSs - ok
20:25:06.0994 0712 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:25:06.0994 0712 sbp2port - ok
20:25:07.0025 0712 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:25:07.0025 0712 SCardSvr - ok
20:25:07.0103 0712 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:25:07.0119 0712 scfilter - ok
20:25:07.0181 0712 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:25:07.0212 0712 Schedule - ok
20:25:07.0275 0712 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:25:07.0275 0712 SCPolicySvc - ok
20:25:07.0306 0712 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:25:07.0353 0712 SDRSVC - ok
20:25:07.0446 0712 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement

Pack\SeaPort\SeaPort.exe
20:25:07.0446 0712 SeaPort - ok
20:25:07.0493 0712 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:25:07.0493 0712 secdrv - ok
20:25:07.0524 0712 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:25:07.0571 0712 seclogon - ok
20:25:07.0602 0712 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:25:07.0602 0712 SENS - ok
20:25:07.0649 0712 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:25:07.0649 0712 SensrSvc - ok
20:25:07.0665 0712 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:25:07.0680 0712 Serenum - ok
20:25:07.0711 0712 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:25:07.0727 0712 Serial - ok
20:25:07.0743 0712 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:25:07.0758 0712 sermouse - ok
20:25:07.0805 0712 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:25:07.0867 0712 SessionEnv - ok
20:25:07.0899 0712 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:25:07.0899 0712 sffdisk - ok
20:25:07.0914 0712 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:25:07.0930 0712 sffp_mmc - ok
20:25:07.0930 0712 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:25:07.0992 0712 sffp_sd - ok
20:25:08.0008 0712 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:25:08.0008 0712 sfloppy - ok
20:25:08.0055 0712 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:25:08.0086 0712 SharedAccess - ok
20:25:08.0133 0712 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:25:08.0179 0712 ShellHWDetection - ok
20:25:08.0195 0712 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:25:08.0195 0712 SiSRaid2 - ok
20:25:08.0211 0712 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:25:08.0211 0712 SiSRaid4 - ok
20:25:08.0289 0712 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:25:15.0455 0712 SkypeUpdate - ok
20:25:15.0518 0712 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:25:15.0518 0712 Smb - ok
20:25:15.0580 0712 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:25:15.0580 0712 SNMPTRAP - ok
20:25:15.0627 0712 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:25:15.0627 0712 spldr - ok
20:25:15.0674 0712 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:25:15.0767 0712 Spooler - ok
20:25:15.0892 0712 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:25:15.0923 0712 sppsvc - ok
20:25:15.0970 0712 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:25:15.0986 0712 sppuinotify - ok
20:25:16.0048 0712 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
20:25:16.0048 0712 sprtsvc_DellSupportCenter - ok
20:25:16.0126 0712 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:25:16.0126 0712 srv - ok
20:25:16.0157 0712 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:25:16.0173 0712 srv2 - ok
20:25:16.0204 0712 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:25:16.0204 0712 srvnet - ok
20:25:16.0251 0712 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:25:16.0251 0712 SSDPSRV - ok
20:25:16.0282 0712 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:25:16.0298 0712 SstpSvc - ok
20:25:16.0407 0712 [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
20:25:16.0485 0712 STacSV - ok
20:25:16.0532 0712 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:25:16.0532 0712 stexstor - ok
20:25:16.0563 0712 [ 02E784FA49032F84964DB90A3ED81890 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:25:16.0563 0712 STHDA - ok
20:25:16.0625 0712 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:25:16.0703 0712 stisvc - ok
20:25:16.0781 0712 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
20:25:16.0891 0712 stllssvr - ok
20:25:16.0906 0712 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:25:16.0922 0712 swenum - ok
20:25:16.0969 0712 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:25:16.0984 0712 swprv - ok
20:25:17.0047 0712 [ 1657B7442D5CE30533F5C4317716B468 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:25:17.0047 0712 SynTP - ok
20:25:17.0156 0712 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:25:17.0218 0712 SysMain - ok
20:25:17.0265 0712 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:25:17.0327 0712 TabletInputService - ok
20:25:17.0374 0712 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:25:17.0452 0712 TapiSrv - ok
20:25:17.0499 0712 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:25:17.0499 0712 TBS - ok
20:25:17.0593 0712 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:25:17.0655 0712 Tcpip - ok
20:25:17.0717 0712 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:25:17.0733 0712 TCPIP6 - ok
20:25:17.0795 0712 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:25:17.0795 0712 tcpipreg - ok
20:25:17.0858 0712 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:25:17.0858 0712 TDPIPE - ok
20:25:17.0889 0712 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:25:17.0889 0712 TDTCP - ok
20:25:17.0936 0712 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:25:17.0936 0712 tdx - ok
20:25:17.0967 0712 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:25:18.0029 0712 TermDD - ok
20:25:18.0123 0712 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:25:18.0217 0712 TermService - ok
20:25:18.0248 0712 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:25:18.0263 0712 Themes - ok
20:25:18.0295 0712 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:25:18.0295 0712 THREADORDER - ok
20:25:18.0326 0712 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:25:18.0326 0712 TrkWks - ok
20:25:18.0388 0712 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:25:18.0388 0712 TrustedInstaller - ok
20:25:18.0435 0712 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:25:18.0451 0712 tssecsrv - ok
20:25:18.0497 0712 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:25:18.0497 0712 TsUsbFlt - ok
20:25:18.0544 0712 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:25:18.0544 0712 tunnel - ok
20:25:18.0591 0712 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:25:18.0591 0712 uagp35 - ok
20:25:18.0638 0712 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:25:18.0731 0712 udfs - ok
20:25:18.0778 0712 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:25:18.0794 0712 UI0Detect - ok
20:25:18.0825 0712 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:25:18.0825 0712 uliagpkx - ok
20:25:18.0872 0712 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:25:18.0872 0712 umbus - ok
20:25:18.0903 0712 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:25:18.0903 0712 UmPass - ok
20:25:18.0934 0712 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:25:18.0965 0712 upnphost - ok
20:25:18.0997 0712 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:25:18.0997 0712 usbccgp - ok
20:25:19.0043 0712 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:25:19.0043 0712 usbcir - ok
20:25:19.0121 0712 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:25:19.0199 0712 usbehci - ok
20:25:19.0246 0712 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:25:19.0262 0712 usbhub - ok
20:25:19.0277 0712 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:25:19.0277 0712 usbohci - ok
20:25:19.0324 0712 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:25:19.0340 0712 usbprint - ok
20:25:19.0371 0712 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:25:19.0371 0712 usbscan - ok
20:25:19.0402 0712 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:25:19.0402 0712 USBSTOR - ok
20:25:19.0433 0712 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:25:19.0433 0712 usbuhci - ok
20:25:19.0480 0712 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:25:19.0496 0712 UxSms - ok
20:25:19.0511 0712 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:25:19.0511 0712 VaultSvc - ok
20:25:19.0527 0712 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:25:19.0543 0712 vdrvroot - ok
20:25:19.0605 0712 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:25:19.0699 0712 vds - ok
20:25:19.0777 0712 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:19.0777 0712 vga - ok
20:25:19.0808 0712 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:25:19.0823 0712 VgaSave - ok
20:25:19.0870 0712 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:25:19.0886 0712 vhdmp - ok
20:25:19.0917 0712 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:25:19.0917 0712 viaide - ok
20:25:19.0933 0712 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:25:19.0933 0712 volmgr - ok
20:25:19.0979 0712 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:25:19.0995 0712 volmgrx - ok
20:25:20.0026 0712 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:25:20.0026 0712 volsnap - ok
20:25:20.0057 0712 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:25:20.0057 0712 vsmraid - ok
20:25:20.0135 0712 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:25:20.0213 0712 VSS - ok
20:25:20.0245 0712 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:20.0245 0712 vwifibus - ok
20:25:20.0276 0712 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:20.0291 0712 vwififlt - ok
20:25:20.0338 0712 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:25:20.0338 0712 vwifimp - ok
20:25:20.0385 0712 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:25:20.0401 0712 W32Time - ok
20:25:20.0416 0712 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:25:20.0432 0712 WacomPen - ok
20:25:20.0494 0712 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:25:20.0494 0712 WANARP - ok
20:25:20.0510 0712 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:25:20.0525 0712 Wanarpv6 - ok
20:25:20.0603 0712 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:25:20.0759 0712 WatAdminSvc - ok
20:25:20.0837 0712 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:25:20.0962 0712 wbengine - ok
20:25:21.0009 0712 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:25:21.0025 0712 WbioSrvc - ok
20:25:21.0087 0712 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:25:21.0165 0712 wcncsvc - ok
20:25:21.0196 0712 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:25:21.0196 0712 WcsPlugInService - ok
20:25:21.0227 0712 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:25:21.0243 0712 Wd - ok
20:25:21.0274 0712 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:25:21.0305 0712 Wdf01000 - ok
20:25:21.0321 0712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:25:21.0321 0712 WdiServiceHost - ok
20:25:21.0337 0712 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:25:21.0337 0712 WdiSystemHost - ok
20:25:21.0383 0712 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:25:21.0446 0712 WebClient - ok
20:25:21.0477 0712 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:25:21.0493 0712 Wecsvc - ok
20:25:21.0508 0712 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:25:21.0508 0712 wercplsupport - ok
20:25:21.0555 0712 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:25:21.0555 0712 WerSvc - ok
20:25:21.0586 0712 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:25:21.0602 0712 WfpLwf - ok
20:25:21.0617 0712 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:25:21.0617 0712 WIMMount - ok
20:25:21.0649 0712 WinDefend - ok
20:25:21.0664 0712 WinHttpAutoProxySvc - ok
20:25:21.0742 0712 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:25:21.0758 0712 Winmgmt - ok
20:25:21.0851 0712 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:25:22.0007 0712 WinRM - ok
20:25:22.0085 0712 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:25:22.0132 0712 Wlansvc - ok
20:25:22.0288 0712 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:25:22.0444 0712 wlidsvc - ok
20:25:22.0491 0712 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:25:22.0491 0712 WmiAcpi - ok
20:25:22.0538 0712 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:25:22.0553 0712 wmiApSrv - ok
20:25:22.0585 0712 WMPNetworkSvc - ok
20:25:22.0616 0712 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:25:22.0631 0712 WPCSvc - ok
20:25:22.0678 0712 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:25:22.0678 0712 WPDBusEnum - ok
20:25:22.0772 0712 WPFFontCache_v0400 - ok
20:25:22.0819 0712 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:25:22.0819 0712 ws2ifsl - ok
20:25:22.0850 0712 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:25:22.0850 0712 wscsvc - ok
20:25:22.0865 0712 WSearch - ok
20:25:22.0975 0712 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:25:23.0053 0712 wuauserv - ok
20:25:23.0084 0712 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:25:23.0084 0712 WudfPf - ok
20:25:23.0146 0712 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:25:23.0146 0712 WUDFRd - ok
20:25:23.0193 0712 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:25:23.0271 0712 wudfsvc - ok
20:25:23.0318 0712 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:25:23.0333 0712 WwanSvc - ok
20:25:23.0427 0712 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:25:23.0599 0712 YahooAUService - ok
20:25:23.0677 0712 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:25:23.0677 0712 yukonw7 - ok
20:25:23.0739 0712 [ 541CBA0F3F679CC6E5ED4967F3FD4F6C ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
20:25:23.0833 0712 yukonx64 - ok
20:25:23.0942 0712 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD

DX\000.fcl
20:25:23.0942 0712 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
20:25:23.0957 0712 ================ Scan global ===============================
20:25:24.0004 0712 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:25:24.0051 0712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:25:24.0067 0712 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:25:24.0098 0712 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:25:24.0129 0712 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:25:24.0129 0712 [Global] - ok
20:25:24.0145 0712 ================ Scan MBR ==================================
20:25:24.0160 0712 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:25:24.0503 0712 \Device\Harddisk0\DR0 - ok
20:25:24.0519 0712 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
20:25:25.0065 0712 \Device\Harddisk1\DR2 - ok
20:25:25.0065 0712 ================ Scan VBR ==================================
20:25:25.0112 0712 [ BD912BA22F89730C0291A8ECDCC815A4 ] \Device\Harddisk0\DR0\Partition1
20:25:25.0112 0712 \Device\Harddisk0\DR0\Partition1 - ok
20:25:25.0127 0712 [ 2954C4AEA6727B97139902A5F967D805 ] \Device\Harddisk0\DR0\Partition2
20:25:25.0127 0712 \Device\Harddisk0\DR0\Partition2 - ok
20:25:25.0143 0712 [ 895541228D4E1D37B5F914E04335D30C ] \Device\Harddisk1\DR2\Partition1
20:25:25.0143 0712 \Device\Harddisk1\DR2\Partition1 - ok
20:25:25.0143 0712 ============================================================
20:25:25.0143 0712 Scan finished
20:25:25.0143 0712 ============================================================
20:25:25.0159 3512 Detected object count: 0
20:25:25.0159 3512 Actual detected object count: 0


*** awsMDB log is as follows:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-05 20:30:50
-----------------------------
20:30:50.325 OS Version: Windows x64 6.1.7601 Service Pack 1
20:30:50.325 Number of processors: 2 586 0x170A
20:30:50.325 ComputerName: HUNK-O-JUNK UserName: 1
20:30:51.511 Initialize success
20:31:44.176 AVAST engine defs: 12110600
20:31:55.813 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:31:55.829 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
20:31:55.891 Disk 0 MBR read successfully
20:31:55.891 Disk 0 MBR scan
20:31:55.907 Disk 0 Windows 7 default MBR code
20:31:55.907 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
20:31:55.938 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
20:31:55.969 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 290204 MB offset 30801920
20:31:56.016 Disk 0 scanning C:\Windows\system32\drivers
20:32:12.256 Service scanning
20:32:41.833 Modules scanning
20:32:41.849 Disk 0 trace - called modules:
20:32:41.864 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:32:42.379 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031bf060]
20:32:42.379 3 CLASSPNP.SYS[fffff88001aff43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002ed5050]
20:32:43.846 AVAST engine scan C:\Windows
20:32:47.839 AVAST engine scan C:\Windows\system32
20:39:15.172 AVAST engine scan C:\Windows\system32\drivers
20:39:33.206 AVAST engine scan C:\Users\1
20:42:54.649 AVAST engine scan C:\ProgramData
20:53:02.769 File: C:\ProgramData\SynKY7L4dyOBb4.exe **INFECTED** Win32:FakeSysdef-SM [Trj]
20:53:07.247 Scan finished successfully
21:03:25.819 Disk 0 MBR has been saved successfully to "F:\hack this\MBR.dat"
21:03:25.866 The log file has been saved successfully to "F:\hack this\aswMBR.txt"



***** NOTES ABOUT ESET-
NOTE 1: this computer already has Mcafee antivirus. E??? message said that could effect it's function. I didn't change anything or disable mcafee,

I just ran Eset anyway.)

NOTE 2: Eset by default has a box checked for 'remove found threats'. I didnt know if I was supposed to let it remove found threats yet, so I

UN-checked that box before running it.

***** Eset log is as follows:

C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll Win32/Adware.Bandoo application
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll Win32/Adware.Bandoo application
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js Win32/Adware.Bandoo application
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm Win32/Adware.Bandoo application
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul Win32/Adware.Bandoo application
C:\ProgramData\SynKY7L4dyOBb4.exe a variant of Win32/Kryptik.AODR trojan
C:\Users\1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe Win32/Adware.Bandoo application
C:\Users\1\AppData\Local\Temp\GLF5CC9\files.exe multiple threats
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\Bandoo.exe a variant of Win32/Adware.Bandoo.AC application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\BandooGo.exe a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\BandooUI.exe a variant of Win32/Adware.Bandoo.AB application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\BndCore.exe a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\ExtensionsManager.exe a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\FFoxPackage.exe a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\ieplugin.dll a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\InstallerHelper.dll a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\msnplugin.dll a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\YahooPlugin.dll a variant of Win32/Adware.Bandoo.AA application
C:\Users\1\AppData\Local\Temp\GLF5CC9\Static\SetupDataMngr_Searchqu.exe Win32/Adware.Bandoo application
C:\Users\1\AppData\Local\Temp\Searchqu_DM\SearchquMediaBar.exe Win32/Adware.Bandoo application
C:\Users\2\AppData\Local\Temp\9156.tmp a variant of Win32/Kryptik.AOEA trojan
C:\Users\2\AppData\Local\Temp\C003.tmp a variant of Win32/Kryptik.AOEA trojan
C:\Users\2\AppData\Local\Temp\D0F4.tmp a variant of Win32/Kryptik.AOEA trojan
C:\Users\2\AppData\Local\Temp\F4BA.tmp a variant of Win32/Kryptik.AOEA trojan
C:\Users\2\AppData\Local\Temp\sidebar.exe a variant of Win32/Kryptik.AOEA trojan
C:\Users\2\AppData\Local\Temp\is1373634743\IWantThis_US.exe a variant of Win32/Toolbar.CrossRider.A application
C:\Users\2\FoxTabPDFReader\Uninstall\Uninstall.exe a variant of Win32/InstallCore.N application
C:\Users\All Users\SynKY7L4dyOBb4.exe a variant of Win32/Kryptik.AODR trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 07 November 2012 - 05:49 PM

Run ESET again and make sure to checkmark REMOVE THREATS option and post the new log

#5 beleepit

beleepit
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 09 November 2012 - 05:38 PM

greetings...

Here is the new log from ESET run *with* removal.
Thanks again...

C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\files.exe multiple threats deleted - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\Bandoo.exe a variant of Win32/Adware.Bandoo.AC application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\BandooGo.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\BandooUI.exe a variant of Win32/Adware.Bandoo.AB application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\BndCore.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\ExtensionsManager.exe a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\FFoxPackage.exe a variant of Win32/Adware.Bandoo.AA application deleted - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\ieplugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\InstallerHelper.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\msnplugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Bin\YahooPlugin.dll a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\GLF5CC9\Static\SetupDataMngr_Searchqu.exe Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\Searchqu_DM\SearchquMediaBar.exe Win32/Adware.Bandoo application cleaned by deleting - quarantined
C:\Users\2\AppData\Local\Temp\9156.tmp a variant of Win32/Kryptik.AOEA trojan cleaned by deleting - quarantined
C:\Users\2\AppData\Local\Temp\C003.tmp a variant of Win32/Kryptik.AOEA trojan cleaned by deleting - quarantined
C:\Users\2\AppData\Local\Temp\D0F4.tmp a variant of Win32/Kryptik.AOEA trojan cleaned by deleting - quarantined
C:\Users\2\AppData\Local\Temp\F4BA.tmp a variant of Win32/Kryptik.AOEA trojan cleaned by deleting - quarantined
C:\Users\2\AppData\Local\Temp\jar_cache1932010253202513161.tmp a variant of Java/Exploit.CVE-2012-4681.AU trojan deleted - quarantined
C:\Users\2\AppData\Local\Temp\sidebar.exe a variant of Win32/Kryptik.AOEA trojan cleaned by deleting - quarantined
C:\Users\2\AppData\Local\Temp\is1373634743\IWantThis_US.exe a variant of Win32/Toolbar.CrossRider.A application cleaned by deleting - quarantined
C:\Users\2\FoxTabPDFReader\Uninstall\Uninstall.exe a variant of Win32/InstallCore.N application deleted - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 09 November 2012 - 06:39 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 beleepit

beleepit
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 10 November 2012 - 07:58 PM

I can't install Malwarebytes.

A window entitled 'setup' says:
internal error: failed to expand shell folder constant "userappdata"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 10 November 2012 - 09:07 PM

Run the fixit

http://go.microsoft.com/?linkid=9708107

Restart the PC and install malwarebytes

#9 beleepit

beleepit
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 11 November 2012 - 04:53 PM

Greetings,

Thanks again for your help. Here are all the logs.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@MBAM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.11.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
1 :: HUNK-O-JUNK [administrator]

Protection: Enabled

11/11/2012 12:57:59 PM
mbam-log-2012-11-11 (12-57-59).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 432534
Time elapsed: 1 hour(s), 43 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@MINITOOLBOX
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by 1 (administrator) on 11-11-2012 at 15:23:37
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Connected)
Dell Wireless 1515 Wireless-N Adapter = Wireless Network Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : hunk-o-junk
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-03-7F-8F-DC-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 0C-60-76-92-D5-AC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : bcchs.battle-creek.k12.mi.us
Description . . . . . . . . . . . : Dell Wireless 1515 Wireless-N Adapter
Physical Address. . . . . . . . . : 00-03-7F-8F-DC-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-25-64-69-98-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bdc6:d271:adb8:8fd5%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, November 10, 2012 11:28:14 PM
Lease Expires . . . . . . . . . . : Monday, November 12, 2012 11:28:14 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251667812
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-7A-C8-20-00-25-64-69-98-D1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.bcchs.battle-creek.k12.mi.us:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14ff:1616:bc4e:6698(Preferred)
Link-local IPv6 Address . . . . . : fe80::14ff:1616:bc4e:6698%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{76F37578-FDA7-44FD-A7DF-A55F1929E8AA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7A0C07F1-5F5F-440D-9E91-D49778DFD426}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BBC29540-2212-4B32-AC8D-7E76DC33F64B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4009:802::1003
74.125.225.142
74.125.225.130
74.125.225.131
74.125.225.137
74.125.225.132
74.125.225.134
74.125.225.136
74.125.225.129
74.125.225.128
74.125.225.133
74.125.225.135


Pinging google.com [74.125.225.131] with 32 bytes of data:
Reply from 74.125.225.131: bytes=32 time=666ms TTL=55
Reply from 74.125.225.131: bytes=32 time=27ms TTL=55

Ping statistics for 74.125.225.131:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 666ms, Average = 346ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=481ms TTL=49
Reply from 98.139.183.24: bytes=32 time=364ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 364ms, Maximum = 481ms, Average = 422ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=14ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 14ms, Average = 9ms
===========================================================================
Interface List
15...06 03 7f 8f dc 08 ......Microsoft Virtual WiFi Miniport Adapter
14...0c 60 76 92 d5 ac ......Bluetooth Device (Personal Area Network)
10...00 03 7f 8f dc 08 ......Dell Wireless 1515 Wireless-N Adapter
9...00 25 64 69 98 d1 ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:14ff:1616:bc4e:6698/128
On-link
9 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::14ff:1616:bc4e:6698/128
On-link
9 276 fe80::bdc6:d271:adb8:8fd5/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
9 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/11/2012 02:10:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for

"WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file

"WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line

WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (11/11/2012 02:09:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for

"C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39608717

5ac9ac.manifest1".Error in manifest or policy file

"C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39608717

5ac9ac.manifest2" on line

C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175

ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1:

C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175

ac9ac.manifest.
Component 2:

C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f

2b2.manifest.

Error: (11/11/2012 02:09:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file

"assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element

"assemblyIdentity" is invalid.

Error: (11/10/2012 11:28:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA

"Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2012 11:24:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for

"C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39608717

5ac9ac.manifest1".Error in manifest or policy file

"C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39608717

5ac9ac.manifest2" on line

C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175

ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1:

C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175

ac9ac.manifest.
Component 2:

C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f

2b2.manifest.

Error: (11/10/2012 09:59:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA

"Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2012 08:04:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA

"Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2012 08:03:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for

"C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39608717

5ac9ac.manifest1".Error in manifest or policy file

"C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39608717

5ac9ac.manifest2" on line

C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175

ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1:

C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175

ac9ac.manifest.
Component 2:

C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f

2b2.manifest.

Error: (11/10/2012 07:47:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA

"Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2012 07:38:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for

"WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file

"WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line

WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (11/10/2012 11:23:26 PM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068

Error: (11/10/2012 08:05:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the

following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (02/24/2010 00:00:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office

Version: 12.0.4518.1014. This session lasted 6008 seconds with 5760 seconds of active time. This session ended with

a crash.


CodeIntegrity Errors:
===================================
Date: 2012-11-11 14:40:44.690
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_non

e_4aab2ef0a7c319c5_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:44.332
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_non

e_4aab2ef0a7c319c5_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:43.910
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\Backup\amd64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_non

e_4aab2ef0a7c319c5_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:29.028
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_c

baba9e478a137a8\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:28.654
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_c

baba9e478a137a8\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:28.248
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_c

baba9e478a137a8\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:20.432
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_no

ne_90f9416caa7c6a08\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:20.058
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_no

ne_90f9416caa7c6a08\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:40:19.699
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_no

ne_90f9416caa7c6a08\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-11 14:39:40.574
Description: Code Integrity is unable to verify the image integrity of the file

\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_4aab2

ef0a7c319c5\bcrypt.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Advanced Audio FX Engine (Version: 1.12.05)
Banctec Service Agreement (Version: 2.0.0)
Dell DataSafe Online (Version: 1.1.0029)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Touchpad (Version: 13.2.2.2)
Dell Webcam Central (Version: 1.40.05)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
Google Chrome (Version: 23.0.1271.64)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist 8.0.0.514
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Deskjet 1050 J410 series Product Improvement Study (Version: 22.50.231.0)
HP Photo Creations (Version: 1.0.0.3781)
HP Update (Version: 5.002.006.003)
IDT Audio (Version: 1.0.6217.0)
Integrated Webcam Driver (1.00.04.0310) (Version: 1.00.04.0310)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 16 (64-bit) (Version: 6.0.160)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8117.416)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mavis Beacon Teaches Typing 12 Standard
McAfee SecurityCenter (Version: 11.6.435)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft IntelliType Pro 7.1 (Version: 7.10.344.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft UI Engine (Version: 4.0.0318.1)
MSN Toolbar (Version: 4.0.0379.0)
MSN Toolbar Platform (Version: 4.0.0379.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PowerDVD DX (Version: 8.3.5424)
Quickset (Version: 9.4.7)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Burn (Version: 1.0.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.105)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Sense-Lang Certificate
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Searchqu Toolbar (Version: 2.0.0.94786)
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 3032.36 MB
Available physical RAM: 1468.39 MB
Total Pagefile: 6062.92 MB
Available Pagefile: 4055.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.59 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:229.05 GB) NTFS
3 Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.5 GB) NTFS
4 Drive f: (MONICA) (Removable) (Total:3.69 GB) (Free:1.27 GB) FAT32

========================= Users: ========================================

User accounts for \\HUNK-O-JUNK

1 2 Administrator
Guest

========================= Restore Points ==================================

30-09-2012 15:56:29 Scheduled Checkpoint
07-10-2012 17:03:41 Scheduled Checkpoint
11-10-2012 11:54:56 Windows Update
18-10-2012 16:09:03 Scheduled Checkpoint
26-10-2012 13:50:51 Scheduled Checkpoint
02-11-2012 18:34:32 Scheduled Checkpoint
03-11-2012 03:17:12 Removed Java™ 6 Update 16 (64-bit)
10-11-2012 12:43:50 Scheduled Checkpoint
11-11-2012 04:25:05 Installed Microsoft Fix it 50356

**** End of log ****



*******************FARBAR
Farbar Service Scanner Version: 09-11-2012
Ran by 1 (administrator) on 11-11-2012 at 15:32:37
Running from "F:\hack this"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

@@@@@@@@@@@@@@FARBAR
Farbar Service Scanner Version: 09-11-2012
Ran by 1 (administrator) on 11-11-2012 at 15:32:37
Running from "F:\hack this"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



@@@@@@@@@@adwcleaner
# AdwCleaner v2.007 - Logfile created 11/11/2012 at 16:10:01
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : 1 - HUNK-O-JUNK
# Boot Mode : Normal
# Running from : F:\hack this\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\1\AppData\Local\Temp\Searchqu.ini
Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar
Folder Deleted : C:\Users\1\AppData\LocalLow\SearchquTB
Folder Deleted : C:\Users\2\AppData\LocalLow\SearchquTB
Folder Deleted : C:\Users\2\AppData\Roaming\Bandoo

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet

Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

[{7FF99715-3016-4381-84CE-E4E4C9673020}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\2\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5309 octets] - [11/11/2012 16:10:01]

########## EOF - C:\AdwCleaner[S1].txt - [5369 octets] ##########


@@@@@@@@@@@@@JUNKWARE REMOVAL TOOL
ware Removal Tool (JRT) by Thisisu
Version: 2.9.4 (11.10.2012)
OS: Windows 7 Home Premium x64
Ran by 1 on Sun 11/11/2012 at 16:17:38.37
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/11/2012 at 16:26:32.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 11 November 2012 - 05:36 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#11 beleepit

beleepit
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 12 November 2012 - 09:44 AM

Hello!

Here are the Rkill & Autoruns logs:

Thank you!


@@@@RKILL log:

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/12/2012 06:52:51 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\1\Desktop\rkill\rkill-11-12-2012-06-53-00.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 11/12/2012 06:53:19 AM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)


@@@autoruns log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" ""

"" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files

(x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation"

"c:\windows\system32\igfxtray.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype

pro\itype.exe"
+ "Persistence" "persistence Module" "Intel Corporation"

"c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated"

"c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated"

"c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated"

"c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "Dell Webcam Central" "WebcamDell2.exe" "Creative Technology Ltd" "c:\program files

(x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files

(x86)\dell support center\bin\sprtcmd.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files (x86)\roxio\roxio

burn\roxioburnlauncher.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files

(x86)\hp\hp software update\hpwuschd2.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program

files\mcafee.com\agent\mcagent.exe"
+ "Microsoft Default Manager" "Microsoft Default Manager" "Microsoft Corporation"

"c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "MSN Toolbar" "MSN® Toolbar" "Microsoft Corp." "c:\program files (x86)\msn

toolbar\platform\4.0.0379.0\mswinext.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc."

"c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program

files\widcomm\bluetooth software\bttray.exe"
+ "MiniMavis.lnk" "Mavis Beacon Personal Coach v 2.0" "TLC Education Properties LLC"

"c:\program files (x86)\broderbund\mavis beacon teaches typing 12 standard\minimavis.exe"
"C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" ""

""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program

files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows

mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows

mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files

(x86)\windows live\messenger\msnmsgr.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows

sidebar\sidebar.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files

(x86)\skype\phone\skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program

files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program

files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program

files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" ""

""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files

(x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program

files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" ""

""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows

sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" ""

"" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows

sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files

(x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files

(x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program

files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" ""

"" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files

(x86)\google\google toolbar\googletoolbar_64.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program

files\google\googletoolbarnotifier\5.7.7529.1424\swg64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc."

"c:\program files\java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found:

c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper"

"Microsoft Corporation" "c:\program files\common files\microsoft shared\windows

live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"

"" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems

Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files

(x86)\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files

(x86)\google\googletoolbarnotifier\5.7.7529.1424\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc."

"c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc."

"c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "MSN Toolbar BHO" "MSN® Toolbar" "Microsoft Corporation" "c:\program files (x86)\msn

toolbar\platform\4.0.0379.0\npwinext.dll"
+ "Search Helper" "Search Helper for Internet Explorer" "Microsoft Corporation"

"c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc"

"c:\program files (x86)\yahoo!\companion\installs\cpn\ytsingleinstance.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper"

"Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows

live\windowslivelogin.dll"
+ "Windows Live Toolbar Helper" "Windows Live Toolbar Core" "Microsoft Corporation"

"c:\program files (x86)\windows live\toolbar\wltcore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files

(x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Windows Live Toolbar" "Windows Live Toolbar Core" "Microsoft Corporation"

"c:\program files (x86)\windows live\toolbar\wltcore.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files

(x86)\google\google toolbar\googletoolbar_32.dll"
+ "MSN Toolbar" "MSN® Toolbar" "Microsoft Corporation" "c:\program files (x86)\msn

toolbar\platform\4.0.0379.0\npwinext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth

software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension"

"Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "PalTalk" "Paltalk Messenger" "AVM Software Inc." "c:\program files (x86)\paltalk

messenger\paltalk.exe"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft

Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth

software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\HPCustParticipation HP Deskjet 1050 J410 series" "HP Customer Participation."

"Hewlett-Packard Co." "c:\program files\hp\hp deskjet 1050 j410 series\bin\hpcustpartic.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" ""

"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network

Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows

media player\wmpnscfg.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "File not found:

C:\Windows\system32\gatherWiredInfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "File not found:

C:\Windows\system32\gatherWirelessInfo.vbs"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "Microsoft Corporation"

"c:\program files\microsoft intellitype pro\itype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to

date with the latest enhancements and security fixes." "Adobe Systems Incorporated"

"c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation"

"c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\aestsr

64.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom

Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program

files\dell\delldock\docklogin.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a

division of Citrix Systems, Inc." "c:\program files

(x86)\citrix\gotoassist\514\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped,

your Google software will not be kept up to date, meaning security vulnerabilities that may arise

cannot be fixed and features may not work. This service uninstalls itself when there is no Google

software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped,

your Google software will not be kept up to date, meaning security vulnerabilities that may arise

cannot be fixed and features may not work. This service uninstalls itself when there is no Google

software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service

is disabled or stopped, your Google software will not be kept up to date, meaning security

vulnerabilities that may arise cannot be fixed and features may not work." "Google"

"c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel

matrix storage manager\iaantmon.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation"

"c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation"

"c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's

trusted programs." "McAfee, Inc." "c:\program files\common

files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common

files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common

files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common

files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program

files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common

files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common

files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program

files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc."

"c:\windows\system32\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc."

"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation"

"c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the

downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files

(x86)\common files\microsoft shared\source engine\ose.exe"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration

files for Microsoft Search Enhancement applications. Also provides server communication for the

customer experience improvement program. If this service is disabled, search enhancement features

such as search history may not work correctly." "Microsoft Corporation" "c:\program files

(x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype."

"Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)"

"SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc."

"c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv

64.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development,

Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft

Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation"

"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and

media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows

media player\wmpnetwk.exe"
+ "WPFFontCache_v0400"

"@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-101" ""

"File not found: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features,

tools, and enhancements." "Yahoo! Inc." "c:\program files

(x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc."

"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc."

"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc."

"c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc."

"c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices"

"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"

"AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices"

"c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc."

"c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc."

"c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation"

"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom

Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother

Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother

Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd."

"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd."

"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd."

"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd."

"c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation."

"c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation."

"c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation."

"c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation."

"c:\windows\system32\drivers\btwrchid.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc."

"c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc."

"c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd."

"c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation"

"c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex"

"c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer

Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc."

"c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company"

"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation"

"c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation"

"c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation"

"c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH"

"c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation"

"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation"

"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation"

"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation"

"c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation"

"c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI

Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc."

"c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc."

"c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc."

"c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc."

"c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc."

"c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc."

"c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation"

"c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation"

"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation"

"c:\windows\system32\drivers\nvstor.sys"
+ "OA013Ufd" "Provides a software interface to control effects of Integrated Webcam."

"Creative Technology Ltd." "c:\windows\system32\drivers\oa013ufd.sys"
+ "OA013Vid" "Provides a software interface to control Integrated Webcam." "Creative

Technology Ltd." "c:\windows\system32\drivers\oa013vid.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions"

"c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation"

"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation"

"c:\windows\system32\drivers\ql40xx.sys"
+ "RTSTOR" "Realtek USB Mass Storage Driver for Vista x64" "Realtek Semiconductor Corp."

"c:\windows\system32\drivers\rtstor64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe

Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp."

"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems"

"c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology"

"c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated"

"c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc."

"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd"

"c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "" "" "c:\windows\system32\drivers\yk62x64.sys"
+ "yukonx64" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell"

"c:\windows\system32\drivers\yk60x64.sys"
+ "{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}" "" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\000.fcl"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte

Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" ""

""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte

Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"

"" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation"

"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files

(x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative

Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation"

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\bd\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clnavx.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\bd\clline21.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\bd\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\bd\cltzan.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files

(x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp."

"c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore

10\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\mediaanalyser.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation"

"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection"

"Sonic Solutions" "c:\program files (x86)\common files\roxio

shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic

Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic

Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic

Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection"

"Sonic Solutions" "c:\program files (x86)\common files\roxio

shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection"

"Sonic Solutions" "c:\program files (x86)\common files\roxio

shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic

Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic

Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\sharedcom\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common

files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions"

"c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\videocore

10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files

(x86)\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3" "CinemasterVideo" "Sonic Solutions"

"c:\program files (x86)\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files

(x86)\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files (x86)\common files\sonic

shared\sonichdnav.dll"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files

(x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files

(x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions"

"c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files

(x86)\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation"

"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation"

"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft

Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation"

"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" ""

"" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program

files\widcomm\bluetooth software\btwcp.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "" "" "File not found: C:\Program Files

(x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 8911 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co."

"c:\windows\system32\hpinksts8911lm.dll"
"C:\Users\1\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program

Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Clock" "Watch the clock in your own time zone or any city in the world."

"Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines."

"Microsoft Corporation" "C:\Program Files\Windows

Sidebar\Gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation"

"C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation"

"C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 12 November 2012 - 10:10 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 beleepit

beleepit
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 12 November 2012 - 08:01 PM

All appears well now. I want to thank you for your help. I really appreciate it!!!!

Thank you VERY much, Sir. :thumbup2:

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:03 PM

Posted 12 November 2012 - 08:47 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users