Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirect Problems; IRP hook- atapi driver


  • Please log in to reply
11 replies to this topic

#1 jxmjones

jxmjones

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:15 AM

Posted 11 November 2012 - 05:17 PM

Hello,
I've been having an issue when I use a search engine. Sometimes, I click on a link from Google and get redirected to ads. I also have noticed in my AVG scan that an item called IRP hook in the atapi file reappears every scan, no matter how many times I "remove" the infection. Perhaps that is causing the redirects?

Anyways, I have tried running TDSSkiller.exe but it does not open. I tried to "run as administrator" and renaming the file to no avail.
My MBAM and SuperAntiSpyware scans show up clean.
I have flushed my DNS and ran TFC.exe to clean my Temp files.
I have installed RKill and ran it. I have tried GMER however, all of the checkboxes are grayed and unclickable, which prevents me from scanning anything.

At this point I am out of ideas. Please help me address these issues!
Thanks,
MJones



6. Lastly, before hitting that POST button, take the time to read what you are posting from the point of view of someone trying to help and ask yourself, “is this as clear as I can make it?” When your problem is resolved, remember to add a final reply letting everyone know what worked; this effectively closes the thread as well as validates the solution offered.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:15 AM

Posted 11 November 2012 - 05:36 PM

Download Listparts from here

For 32 bit

List parts 32

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#3 jxmjones

jxmjones
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:15 AM

Posted 11 November 2012 - 06:31 PM

ListParts by Farbar Version: 30-10-2012
Ran by Melissa (administrator) on 11-11-2012 at 17:20:57
Windows 7 (X64)
Running From: C:\Users\Melissa\Desktop
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 29%
Total physical RAM: 5943.12 MB
Available physical RAM: 4175.59 MB
Total Pagefile: 11884.43 MB
Available Pagefile: 9732.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:917.65 GB) (Free:831.62 GB) NTFS
2 Drive d: (Sims3) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 13 GB 40 MB
Partition 3 Primary 917 GB 13 GB
Partition 4 Primary 10 MB 931 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 RECOVERY NTFS Partition 13 GB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 917 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes

There is no volume associated with this partition.

======================================================================================================

****** End Of Log ******

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:15 AM

Posted 11 November 2012 - 06:33 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 11 November 2012 - 08:39 PM.


#5 jxmjones

jxmjones
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:15 AM

Posted 11 November 2012 - 08:36 PM

Thanks so much for your time, and quick reply!

TDSSKiller results:

18:00:13.0374 3916 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:00:13.0795 3916 ============================================================
18:00:13.0795 3916 Current date / time: 2012/11/11 18:00:13.0795
18:00:13.0795 3916 SystemInfo:
18:00:13.0795 3916
18:00:13.0795 3916 OS Version: 6.1.7601 ServicePack: 1.0
18:00:13.0795 3916 Product type: Workstation
18:00:13.0795 3916 ComputerName: JONESPC
18:00:13.0795 3916 UserName: Melissa
18:00:13.0795 3916 Windows directory: C:\Windows
18:00:13.0795 3916 System windows directory: C:\Windows
18:00:13.0811 3916 Running under WOW64
18:00:13.0811 3916 Processor architecture: Intel x64
18:00:13.0811 3916 Number of processors: 4
18:00:13.0811 3916 Page size: 0x1000
18:00:13.0811 3916 Boot type: Normal boot
18:00:13.0811 3916 ============================================================
18:00:14.0575 3916 BG loaded
18:00:14.0825 3916 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:00:14.0825 3916 ============================================================
18:00:14.0825 3916 \Device\Harddisk0\DR0:
18:00:14.0825 3916 MBR partitions:
18:00:14.0825 3916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1B9F000
18:00:14.0825 3916 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BB3000, BlocksNum 0x72B4C5B0
18:00:14.0825 3916 ============================================================
18:00:14.0841 3916 C: <-> \Device\Harddisk0\DR0\Partition2
18:00:14.0841 3916 ============================================================
18:00:14.0841 3916 Initialize success
18:00:14.0841 3916 ============================================================
18:00:29.0177 6128 ============================================================
18:00:29.0177 6128 Scan started
18:00:29.0177 6128 Mode: Manual; TDLFS;
18:00:29.0177 6128 ============================================================
18:00:30.0425 6128 ================ Scan system memory ========================
18:00:30.0425 6128 System memory - ok
18:00:30.0425 6128 ================ Scan services =============================
18:00:30.0519 6128 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:00:30.0519 6128 !SASCORE - ok
18:00:30.0690 6128 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:00:30.0706 6128 1394ohci - ok
18:00:30.0721 6128 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:00:30.0737 6128 ACPI - ok
18:00:30.0768 6128 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:00:30.0768 6128 AcpiPmi - ok
18:00:30.0924 6128 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:00:30.0924 6128 AdobeFlashPlayerUpdateSvc - ok
18:00:30.0971 6128 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:00:30.0971 6128 adp94xx - ok
18:00:30.0987 6128 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:00:31.0002 6128 adpahci - ok
18:00:31.0002 6128 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:00:31.0002 6128 adpu320 - ok
18:00:31.0033 6128 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:00:31.0049 6128 AeLookupSvc - ok
18:00:31.0096 6128 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:00:31.0096 6128 AFD - ok
18:00:31.0143 6128 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:00:31.0158 6128 agp440 - ok
18:00:31.0174 6128 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:00:31.0174 6128 ALG - ok
18:00:31.0189 6128 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:00:31.0189 6128 aliide - ok
18:00:31.0205 6128 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:00:31.0205 6128 amdide - ok
18:00:31.0205 6128 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:00:31.0221 6128 AmdK8 - ok
18:00:31.0221 6128 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:00:31.0236 6128 AmdPPM - ok
18:00:31.0236 6128 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:00:31.0252 6128 amdsata - ok
18:00:31.0267 6128 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:00:31.0267 6128 amdsbs - ok
18:00:31.0283 6128 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:00:31.0299 6128 amdxata - ok
18:00:31.0330 6128 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:00:31.0330 6128 AppID - ok
18:00:31.0345 6128 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:00:31.0345 6128 AppIDSvc - ok
18:00:31.0377 6128 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:00:31.0377 6128 Appinfo - ok
18:00:31.0486 6128 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:00:31.0486 6128 Apple Mobile Device - ok
18:00:31.0486 6128 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:00:31.0486 6128 arc - ok
18:00:31.0501 6128 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:00:31.0501 6128 arcsas - ok
18:00:31.0533 6128 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:31.0533 6128 AsyncMac - ok
18:00:31.0564 6128 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:00:31.0564 6128 atapi - ok
18:00:31.0595 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:00:31.0611 6128 AudioEndpointBuilder - ok
18:00:31.0626 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:00:31.0626 6128 AudioSrv - ok
18:00:31.0657 6128 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
18:00:31.0657 6128 Avgfwfd - ok
18:00:31.0751 6128 [ 733D86815BEB34E2982BC7F561C35AE3 ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
18:00:31.0767 6128 avgfws - ok
18:00:32.0001 6128 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:00:32.0032 6128 AVGIDSAgent - ok
18:00:32.0063 6128 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:00:32.0063 6128 AVGIDSDriver - ok
18:00:32.0094 6128 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
18:00:32.0094 6128 AVGIDSHA - ok
18:00:32.0110 6128 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
18:00:32.0110 6128 Avgldx64 - ok
18:00:32.0141 6128 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
18:00:32.0141 6128 Avgloga - ok
18:00:32.0172 6128 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
18:00:32.0172 6128 Avgmfx64 - ok
18:00:32.0203 6128 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
18:00:32.0203 6128 Avgrkx64 - ok
18:00:32.0219 6128 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
18:00:32.0219 6128 Avgtdia - ok
18:00:32.0250 6128 [ BFD698CC6E1DE2E0D23155DECC513D2F ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
18:00:32.0250 6128 avgtp - ok
18:00:32.0297 6128 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:00:32.0297 6128 avgwd - ok
18:00:32.0344 6128 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:00:32.0344 6128 AxInstSV - ok
18:00:32.0375 6128 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:00:32.0375 6128 b06bdrv - ok
18:00:32.0391 6128 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:00:32.0406 6128 b57nd60a - ok
18:00:32.0422 6128 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:00:32.0437 6128 BDESVC - ok
18:00:32.0437 6128 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:00:32.0437 6128 Beep - ok
18:00:32.0500 6128 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:00:32.0500 6128 BFE - ok
18:00:32.0562 6128 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:00:32.0562 6128 BITS - ok
18:00:32.0593 6128 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:00:32.0593 6128 blbdrive - ok
18:00:32.0625 6128 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:00:32.0625 6128 bowser - ok
18:00:32.0625 6128 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:00:32.0625 6128 BrFiltLo - ok
18:00:32.0640 6128 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:00:32.0640 6128 BrFiltUp - ok
18:00:32.0671 6128 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:00:32.0671 6128 Browser - ok
18:00:32.0671 6128 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:00:32.0671 6128 Brserid - ok
18:00:32.0687 6128 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:00:32.0687 6128 BrSerWdm - ok
18:00:32.0687 6128 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:00:32.0687 6128 BrUsbMdm - ok
18:00:32.0703 6128 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:00:32.0703 6128 BrUsbSer - ok
18:00:32.0749 6128 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
18:00:32.0749 6128 BTCFilterService - ok
18:00:32.0765 6128 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:00:32.0765 6128 BTHMODEM - ok
18:00:32.0781 6128 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:00:32.0781 6128 bthserv - ok
18:00:32.0796 6128 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:00:32.0796 6128 cdfs - ok
18:00:32.0827 6128 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:00:32.0827 6128 cdrom - ok
18:00:32.0859 6128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:00:32.0859 6128 CertPropSvc - ok
18:00:32.0859 6128 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:00:32.0859 6128 circlass - ok
18:00:32.0890 6128 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:00:32.0890 6128 CLFS - ok
18:00:32.0937 6128 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:32.0937 6128 clr_optimization_v2.0.50727_32 - ok
18:00:32.0952 6128 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:00:32.0952 6128 clr_optimization_v2.0.50727_64 - ok
18:00:33.0015 6128 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:00:33.0015 6128 clr_optimization_v4.0.30319_32 - ok
18:00:33.0061 6128 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:00:33.0061 6128 clr_optimization_v4.0.30319_64 - ok
18:00:33.0061 6128 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:33.0061 6128 CmBatt - ok
18:00:33.0093 6128 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:00:33.0093 6128 cmdide - ok
18:00:33.0124 6128 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:00:33.0124 6128 CNG - ok
18:00:33.0139 6128 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:00:33.0139 6128 Compbatt - ok
18:00:33.0171 6128 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:00:33.0171 6128 CompositeBus - ok
18:00:33.0171 6128 COMSysApp - ok
18:00:33.0202 6128 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:00:33.0202 6128 crcdisk - ok
18:00:33.0217 6128 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:00:33.0217 6128 CryptSvc - ok
18:00:33.0295 6128 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:00:33.0295 6128 cvhsvc - ok
18:00:33.0342 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:00:33.0342 6128 DcomLaunch - ok
18:00:33.0358 6128 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:00:33.0373 6128 defragsvc - ok
18:00:33.0420 6128 [ 0259948FFE5F7E69CD1D8A8E74E0547C ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
18:00:33.0420 6128 DeviceMonitorService - ok
18:00:33.0451 6128 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:00:33.0451 6128 DfsC - ok
18:00:33.0483 6128 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:00:33.0498 6128 Dhcp - ok
18:00:33.0514 6128 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:00:33.0514 6128 discache - ok
18:00:33.0514 6128 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:00:33.0514 6128 Disk - ok
18:00:33.0561 6128 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:00:33.0561 6128 Dnscache - ok
18:00:33.0576 6128 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:00:33.0592 6128 dot3svc - ok
18:00:33.0607 6128 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:00:33.0607 6128 DPS - ok
18:00:33.0623 6128 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:00:33.0623 6128 drmkaud - ok
18:00:33.0670 6128 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:00:33.0685 6128 DXGKrnl - ok
18:00:33.0701 6128 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:00:33.0701 6128 EapHost - ok
18:00:33.0857 6128 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:00:33.0919 6128 ebdrv - ok
18:00:33.0935 6128 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:00:33.0935 6128 EFS - ok
18:00:33.0966 6128 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:00:33.0982 6128 ehRecvr - ok
18:00:34.0013 6128 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:00:34.0029 6128 ehSched - ok
18:00:34.0060 6128 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:00:34.0060 6128 elxstor - ok
18:00:34.0091 6128 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:00:34.0107 6128 ErrDev - ok
18:00:34.0138 6128 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:00:34.0138 6128 EventSystem - ok
18:00:34.0153 6128 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:00:34.0153 6128 exfat - ok
18:00:34.0169 6128 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:00:34.0169 6128 fastfat - ok
18:00:34.0216 6128 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:00:34.0216 6128 Fax - ok
18:00:34.0231 6128 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:00:34.0231 6128 fdc - ok
18:00:34.0247 6128 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:00:34.0247 6128 fdPHost - ok
18:00:34.0263 6128 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:00:34.0263 6128 FDResPub - ok
18:00:34.0263 6128 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:00:34.0263 6128 FileInfo - ok
18:00:34.0278 6128 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:00:34.0278 6128 Filetrace - ok
18:00:34.0278 6128 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:00:34.0294 6128 flpydisk - ok
18:00:34.0325 6128 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:00:34.0325 6128 FltMgr - ok
18:00:34.0372 6128 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:00:34.0387 6128 FontCache - ok
18:00:34.0419 6128 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:00:34.0419 6128 FontCache3.0.0.0 - ok
18:00:34.0434 6128 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:00:34.0450 6128 FsDepends - ok
18:00:34.0481 6128 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:00:34.0481 6128 Fs_Rec - ok
18:00:34.0528 6128 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:00:34.0528 6128 fvevol - ok
18:00:34.0559 6128 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:00:34.0559 6128 gagp30kx - ok
18:00:34.0606 6128 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:00:34.0637 6128 GEARAspiWDM - ok
18:00:34.0684 6128 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:00:34.0684 6128 gpsvc - ok
18:00:34.0777 6128 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:00:34.0777 6128 gupdate - ok
18:00:34.0777 6128 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:00:34.0777 6128 gupdatem - ok
18:00:34.0793 6128 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:00:34.0793 6128 hcw85cir - ok
18:00:34.0840 6128 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:00:34.0840 6128 HDAudBus - ok
18:00:34.0855 6128 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:00:34.0855 6128 HECIx64 - ok
18:00:34.0887 6128 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:00:34.0887 6128 HidBatt - ok
18:00:34.0902 6128 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:00:34.0902 6128 HidBth - ok
18:00:34.0918 6128 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:00:34.0918 6128 HidIr - ok
18:00:34.0933 6128 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:00:34.0933 6128 hidserv - ok
18:00:34.0949 6128 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:00:34.0949 6128 HidUsb - ok
18:00:34.0965 6128 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:00:34.0980 6128 hkmsvc - ok
18:00:34.0996 6128 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:00:34.0996 6128 HomeGroupListener - ok
18:00:35.0043 6128 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:00:35.0043 6128 HomeGroupProvider - ok
18:00:35.0058 6128 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:00:35.0058 6128 HpSAMD - ok
18:00:35.0121 6128 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
18:00:35.0121 6128 HTCAND64 - ok
18:00:35.0168 6128 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
18:00:35.0183 6128 htcnprot - ok
18:00:35.0230 6128 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:00:35.0230 6128 HTTP - ok
18:00:35.0261 6128 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:00:35.0261 6128 hwpolicy - ok
18:00:35.0292 6128 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:00:35.0308 6128 i8042prt - ok
18:00:35.0355 6128 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:00:35.0386 6128 iaStorV - ok
18:00:35.0417 6128 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:00:35.0448 6128 idsvc - ok
18:00:35.0682 6128 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:00:35.0714 6128 igfx - ok
18:00:35.0745 6128 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:00:35.0745 6128 iirsp - ok
18:00:35.0792 6128 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:00:35.0792 6128 IKEEXT - ok
18:00:35.0823 6128 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
18:00:35.0823 6128 Impcd - ok
18:00:35.0901 6128 [ E9BEFD8C6A1DB3B544B61647DDA35F62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:00:35.0932 6128 IntcAzAudAddService - ok
18:00:35.0979 6128 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:00:35.0979 6128 IntcDAud - ok
18:00:35.0994 6128 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:00:35.0994 6128 intelide - ok
18:00:36.0010 6128 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:00:36.0010 6128 intelppm - ok
18:00:36.0041 6128 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:00:36.0041 6128 IPBusEnum - ok
18:00:36.0057 6128 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:00:36.0072 6128 IpFilterDriver - ok
18:00:36.0119 6128 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:00:36.0119 6128 iphlpsvc - ok
18:00:36.0166 6128 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:00:36.0166 6128 IPMIDRV - ok
18:00:36.0197 6128 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:00:36.0197 6128 IPNAT - ok
18:00:36.0306 6128 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:00:36.0322 6128 iPod Service - ok
18:00:36.0338 6128 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:00:36.0338 6128 IRENUM - ok
18:00:36.0353 6128 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:00:36.0353 6128 isapnp - ok
18:00:36.0384 6128 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:00:36.0384 6128 iScsiPrt - ok
18:00:36.0416 6128 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
18:00:36.0416 6128 k57nd60a - ok
18:00:36.0431 6128 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:00:36.0447 6128 kbdclass - ok
18:00:36.0447 6128 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:00:36.0462 6128 kbdhid - ok
18:00:36.0478 6128 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:00:36.0478 6128 KeyIso - ok
18:00:36.0509 6128 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:00:36.0509 6128 KSecDD - ok
18:00:36.0556 6128 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:00:36.0556 6128 KSecPkg - ok
18:00:36.0556 6128 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:00:36.0556 6128 ksthunk - ok
18:00:36.0587 6128 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:00:36.0587 6128 KtmRm - ok
18:00:36.0603 6128 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:00:36.0603 6128 LanmanServer - ok
18:00:36.0618 6128 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:00:36.0618 6128 LanmanWorkstation - ok
18:00:36.0634 6128 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:00:36.0634 6128 lltdio - ok
18:00:36.0650 6128 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:00:36.0650 6128 lltdsvc - ok
18:00:36.0665 6128 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:00:36.0665 6128 lmhosts - ok
18:00:36.0696 6128 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:00:36.0696 6128 LSI_FC - ok
18:00:36.0696 6128 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:00:36.0696 6128 LSI_SAS - ok
18:00:36.0712 6128 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:00:36.0728 6128 LSI_SAS2 - ok
18:00:36.0728 6128 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:00:36.0728 6128 LSI_SCSI - ok
18:00:36.0743 6128 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:00:36.0759 6128 luafv - ok
18:00:36.0759 6128 MBAMProtector - ok
18:00:36.0790 6128 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:00:36.0806 6128 MBAMScheduler - ok
18:00:36.0821 6128 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:00:36.0837 6128 MBAMService - ok
18:00:36.0899 6128 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
18:00:36.0899 6128 McciCMService - ok
18:00:36.0993 6128 [ BE3D584D7C021EB7D89166EECB83C341 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
18:00:36.0993 6128 McciCMService64 - ok
18:00:37.0008 6128 McciServiceHost - ok
18:00:37.0040 6128 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:00:37.0040 6128 Mcx2Svc - ok
18:00:37.0055 6128 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:00:37.0071 6128 megasas - ok
18:00:37.0071 6128 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:00:37.0086 6128 MegaSR - ok
18:00:37.0102 6128 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:00:37.0102 6128 MMCSS - ok
18:00:37.0102 6128 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:00:37.0118 6128 Modem - ok
18:00:37.0133 6128 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:00:37.0133 6128 monitor - ok
18:00:37.0164 6128 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
18:00:37.0164 6128 motccgp - ok
18:00:37.0180 6128 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
18:00:37.0180 6128 motccgpfl - ok
18:00:37.0211 6128 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
18:00:37.0211 6128 motmodem - ok
18:00:37.0242 6128 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
18:00:37.0242 6128 MotoHelper - ok
18:00:37.0258 6128 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
18:00:37.0258 6128 MotoSwitchService - ok
18:00:37.0258 6128 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
18:00:37.0274 6128 Motousbnet - ok
18:00:37.0289 6128 [ 307727F9829FB46FF4BE0E4D1DAC5002 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
18:00:37.0289 6128 motusbdevice - ok
18:00:37.0336 6128 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:00:37.0336 6128 mouclass - ok
18:00:37.0352 6128 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:00:37.0352 6128 mouhid - ok
18:00:37.0383 6128 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:00:37.0414 6128 mountmgr - ok
18:00:37.0430 6128 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:00:37.0445 6128 mpio - ok
18:00:37.0461 6128 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:00:37.0461 6128 mpsdrv - ok
18:00:37.0508 6128 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:00:37.0508 6128 MpsSvc - ok
18:00:37.0523 6128 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
18:00:37.0523 6128 MREMP50 - ok
18:00:37.0586 6128 [ C2758DF79C83A0D12A5599A040CA1818 ] MREMP50a64 C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
18:00:37.0586 6128 MREMP50a64 - ok
18:00:37.0586 6128 MREMPR5 - ok
18:00:37.0601 6128 MRENDIS5 - ok
18:00:37.0632 6128 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
18:00:37.0632 6128 MRESP50 - ok
18:00:37.0648 6128 [ 38BD5B32E0722752BE8465D2A6DA43D9 ] MRESP50a64 C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
18:00:37.0664 6128 MRESP50a64 - ok
18:00:37.0695 6128 [ 7E997DF71CD2DD5CF0D3D07B8D8E798C ] MRV6X64U C:\Windows\system32\DRIVERS\MRVW24C.sys
18:00:37.0710 6128 MRV6X64U - ok
18:00:37.0710 6128 Mrvleap - ok
18:00:37.0742 6128 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:00:37.0742 6128 MRxDAV - ok
18:00:37.0773 6128 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:00:37.0773 6128 mrxsmb - ok
18:00:37.0820 6128 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:00:37.0820 6128 mrxsmb10 - ok
18:00:37.0835 6128 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:00:37.0835 6128 mrxsmb20 - ok
18:00:37.0898 6128 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:00:37.0898 6128 msahci - ok
18:00:37.0929 6128 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:00:37.0929 6128 msdsm - ok
18:00:37.0944 6128 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:00:37.0960 6128 MSDTC - ok
18:00:37.0976 6128 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:00:37.0976 6128 Msfs - ok
18:00:37.0991 6128 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:00:37.0991 6128 mshidkmdf - ok
18:00:38.0007 6128 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:00:38.0007 6128 msisadrv - ok
18:00:38.0022 6128 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:00:38.0022 6128 MSiSCSI - ok
18:00:38.0022 6128 msiserver - ok
18:00:38.0038 6128 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:00:38.0038 6128 MSKSSRV - ok
18:00:38.0038 6128 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:00:38.0038 6128 MSPCLOCK - ok
18:00:38.0054 6128 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:00:38.0054 6128 MSPQM - ok
18:00:38.0085 6128 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:00:38.0085 6128 MsRPC - ok
18:00:38.0132 6128 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:00:38.0132 6128 mssmbios - ok
18:00:38.0132 6128 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:00:38.0132 6128 MSTEE - ok
18:00:38.0132 6128 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:00:38.0147 6128 MTConfig - ok
18:00:38.0147 6128 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:00:38.0147 6128 Mup - ok
18:00:38.0178 6128 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:00:38.0194 6128 napagent - ok
18:00:38.0225 6128 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:00:38.0225 6128 NativeWifiP - ok
18:00:38.0256 6128 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:00:38.0272 6128 NDIS - ok
18:00:38.0303 6128 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:00:38.0303 6128 NdisCap - ok
18:00:38.0334 6128 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:00:38.0350 6128 NdisTapi - ok
18:00:38.0381 6128 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:00:38.0381 6128 Ndisuio - ok
18:00:38.0412 6128 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:00:38.0428 6128 NdisWan - ok
18:00:38.0459 6128 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:00:38.0459 6128 NDProxy - ok
18:00:38.0490 6128 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:00:38.0490 6128 NetBIOS - ok
18:00:38.0522 6128 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:00:38.0522 6128 NetBT - ok
18:00:38.0537 6128 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:00:38.0553 6128 Netlogon - ok
18:00:38.0568 6128 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:00:38.0584 6128 Netman - ok
18:00:38.0600 6128 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:00:38.0600 6128 netprofm - ok
18:00:38.0631 6128 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:00:38.0631 6128 NetTcpPortSharing - ok
18:00:38.0646 6128 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:00:38.0646 6128 nfrd960 - ok
18:00:38.0693 6128 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:00:38.0693 6128 NlaSvc - ok
18:00:38.0818 6128 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:00:38.0834 6128 NOBU - ok
18:00:38.0849 6128 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:00:38.0849 6128 Npfs - ok
18:00:38.0865 6128 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:00:38.0865 6128 nsi - ok
18:00:38.0896 6128 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:00:38.0896 6128 nsiproxy - ok
18:00:38.0974 6128 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:00:39.0005 6128 Ntfs - ok
18:00:39.0021 6128 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:00:39.0021 6128 Null - ok
18:00:39.0036 6128 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:00:39.0036 6128 nvraid - ok
18:00:39.0068 6128 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:00:39.0068 6128 nvstor - ok
18:00:39.0083 6128 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:00:39.0083 6128 nv_agp - ok
18:00:39.0114 6128 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:00:39.0114 6128 ohci1394 - ok
18:00:39.0177 6128 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:00:39.0177 6128 ose - ok
18:00:39.0286 6128 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:00:39.0380 6128 osppsvc - ok
18:00:39.0395 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:00:39.0395 6128 p2pimsvc - ok
18:00:39.0426 6128 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:00:39.0426 6128 p2psvc - ok
18:00:39.0442 6128 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:00:39.0442 6128 Parport - ok
18:00:39.0489 6128 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:00:39.0489 6128 partmgr - ok
18:00:39.0567 6128 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:00:39.0582 6128 PassThru Service - ok
18:00:39.0582 6128 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:00:39.0582 6128 PcaSvc - ok
18:00:39.0629 6128 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:00:39.0629 6128 pci - ok
18:00:39.0645 6128 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:00:39.0645 6128 pciide - ok
18:00:39.0660 6128 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:00:39.0660 6128 pcmcia - ok
18:00:39.0676 6128 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:00:39.0692 6128 pcw - ok
18:00:39.0707 6128 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:00:39.0723 6128 PEAUTH - ok
18:00:39.0816 6128 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:00:39.0816 6128 PerfHost - ok
18:00:39.0894 6128 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:00:39.0926 6128 pla - ok
18:00:39.0988 6128 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:00:40.0004 6128 PlugPlay - ok
18:00:40.0019 6128 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:00:40.0019 6128 PNRPAutoReg - ok
18:00:40.0019 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:00:40.0035 6128 PNRPsvc - ok
18:00:40.0050 6128 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:00:40.0050 6128 PolicyAgent - ok
18:00:40.0066 6128 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:00:40.0066 6128 Power - ok
18:00:40.0097 6128 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:00:40.0097 6128 PptpMiniport - ok
18:00:40.0097 6128 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:00:40.0097 6128 Processor - ok
18:00:40.0128 6128 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:00:40.0128 6128 ProfSvc - ok
18:00:40.0144 6128 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:00:40.0144 6128 ProtectedStorage - ok
18:00:40.0175 6128 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:00:40.0175 6128 Psched - ok
18:00:40.0222 6128 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:00:40.0222 6128 PxHlpa64 - ok
18:00:40.0269 6128 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:00:40.0300 6128 ql2300 - ok
18:00:40.0300 6128 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:00:40.0300 6128 ql40xx - ok
18:00:40.0331 6128 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:00:40.0331 6128 QWAVE - ok
18:00:40.0331 6128 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:00:40.0331 6128 QWAVEdrv - ok
18:00:40.0347 6128 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:00:40.0347 6128 RasAcd - ok
18:00:40.0347 6128 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:00:40.0362 6128 RasAgileVpn - ok
18:00:40.0362 6128 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:00:40.0362 6128 RasAuto - ok
18:00:40.0378 6128 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:00:40.0378 6128 Rasl2tp - ok
18:00:40.0440 6128 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:00:40.0440 6128 RasMan - ok
18:00:40.0456 6128 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:00:40.0456 6128 RasPppoe - ok
18:00:40.0472 6128 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:00:40.0472 6128 RasSstp - ok
18:00:40.0487 6128 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:00:40.0487 6128 rdbss - ok
18:00:40.0487 6128 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:00:40.0487 6128 rdpbus - ok
18:00:40.0487 6128 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:00:40.0487 6128 RDPCDD - ok
18:00:40.0503 6128 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:00:40.0503 6128 RDPENCDD - ok
18:00:40.0503 6128 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:00:40.0503 6128 RDPREFMP - ok
18:00:40.0550 6128 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:00:40.0550 6128 RDPWD - ok
18:00:40.0581 6128 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:00:40.0581 6128 rdyboost - ok
18:00:40.0612 6128 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:00:40.0612 6128 RemoteAccess - ok
18:00:40.0643 6128 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:00:40.0659 6128 RemoteRegistry - ok
18:00:40.0721 6128 [ BDDC447AB46625A54619808575D5CB46 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:00:40.0737 6128 RoxMediaDB12OEM - ok
18:00:40.0768 6128 [ CE203243ADF512540249DF9C264F12DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:00:40.0768 6128 RoxWatch12 - ok
18:00:40.0768 6128 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:00:40.0768 6128 RpcEptMapper - ok
18:00:40.0799 6128 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:00:40.0799 6128 RpcLocator - ok
18:00:40.0830 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:00:40.0846 6128 RpcSs - ok
18:00:40.0846 6128 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:00:40.0846 6128 rspndr - ok
18:00:40.0862 6128 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:00:40.0862 6128 SamSs - ok
18:00:40.0877 6128 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:00:40.0877 6128 SASDIFSV - ok
18:00:40.0893 6128 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:00:40.0893 6128 SASKUTIL - ok
18:00:40.0924 6128 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:00:40.0924 6128 sbp2port - ok
18:00:40.0955 6128 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:00:40.0955 6128 SCardSvr - ok
18:00:40.0986 6128 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:00:40.0986 6128 scfilter - ok
18:00:41.0033 6128 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:00:41.0049 6128 Schedule - ok
18:00:41.0080 6128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:00:41.0080 6128 SCPolicySvc - ok
18:00:41.0111 6128 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:00:41.0111 6128 SDRSVC - ok
18:00:41.0111 6128 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:00:41.0111 6128 secdrv - ok
18:00:41.0142 6128 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:00:41.0142 6128 seclogon - ok
18:00:41.0174 6128 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:00:41.0174 6128 SENS - ok
18:00:41.0189 6128 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:00:41.0189 6128 SensrSvc - ok
18:00:41.0205 6128 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:00:41.0205 6128 Serenum - ok
18:00:41.0205 6128 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:00:41.0205 6128 Serial - ok
18:00:41.0220 6128 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:00:41.0220 6128 sermouse - ok
18:00:41.0252 6128 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:00:41.0267 6128 SessionEnv - ok
18:00:41.0298 6128 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:00:41.0298 6128 sffdisk - ok
18:00:41.0314 6128 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:00:41.0314 6128 sffp_mmc - ok
18:00:41.0330 6128 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:00:41.0330 6128 sffp_sd - ok
18:00:41.0330 6128 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:00:41.0345 6128 sfloppy - ok
18:00:41.0392 6128 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:00:41.0392 6128 Sftfs - ok
18:00:41.0454 6128 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:00:41.0470 6128 sftlist - ok
18:00:41.0486 6128 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:00:41.0486 6128 Sftplay - ok
18:00:41.0532 6128 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:00:41.0532 6128 Sftredir - ok
18:00:41.0595 6128 [ 38F88F0DF46C4D42125EF721ABD7F6B9 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:00:41.0610 6128 SftService - ok
18:00:41.0610 6128 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:00:41.0626 6128 Sftvol - ok
18:00:41.0626 6128 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:00:41.0626 6128 sftvsa - ok
18:00:41.0657 6128 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:00:41.0657 6128 SharedAccess - ok
18:00:41.0704 6128 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:00:41.0704 6128 ShellHWDetection - ok
18:00:41.0720 6128 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:00:41.0720 6128 SiSRaid2 - ok
18:00:41.0735 6128 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:00:41.0735 6128 SiSRaid4 - ok
18:00:41.0751 6128 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:00:41.0751 6128 Smb - ok
18:00:41.0766 6128 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:00:41.0766 6128 SNMPTRAP - ok
18:00:41.0798 6128 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:00:41.0798 6128 spldr - ok
18:00:41.0829 6128 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:00:41.0844 6128 Spooler - ok
18:00:41.0922 6128 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:00:41.0938 6128 sppsvc - ok
18:00:41.0938 6128 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:00:41.0938 6128 sppuinotify - ok
18:00:41.0969 6128 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:00:41.0969 6128 srv - ok
18:00:41.0985 6128 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:00:41.0985 6128 srv2 - ok
18:00:42.0016 6128 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:00:42.0016 6128 srvnet - ok
18:00:42.0032 6128 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:00:42.0032 6128 SSDPSRV - ok
18:00:42.0047 6128 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:00:42.0047 6128 SstpSvc - ok
18:00:42.0063 6128 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:00:42.0063 6128 stexstor - ok
18:00:42.0110 6128 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:00:42.0110 6128 stisvc - ok
18:00:42.0156 6128 [ 9E182DD94496550A22A392CC1A8E0F52 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:00:42.0156 6128 stllssvr - ok
18:00:42.0172 6128 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:00:42.0172 6128 swenum - ok
18:00:42.0188 6128 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:00:42.0203 6128 swprv - ok
18:00:42.0266 6128 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:00:42.0281 6128 SysMain - ok
18:00:42.0297 6128 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:00:42.0297 6128 TabletInputService - ok
18:00:42.0312 6128 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:00:42.0312 6128 TapiSrv - ok
18:00:42.0328 6128 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:00:42.0328 6128 TBS - ok
18:00:42.0390 6128 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:00:42.0422 6128 Tcpip - ok
18:00:42.0437 6128 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:00:42.0453 6128 TCPIP6 - ok
18:00:42.0484 6128 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:00:42.0484 6128 tcpipreg - ok
18:00:42.0500 6128 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:00:42.0500 6128 TDPIPE - ok
18:00:42.0531 6128 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:00:42.0531 6128 TDTCP - ok
18:00:42.0578 6128 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:00:42.0578 6128 tdx - ok
18:00:42.0578 6128 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:00:42.0578 6128 TermDD - ok
18:00:42.0734 6128 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:00:42.0749 6128 TermService - ok
18:00:42.0765 6128 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:00:42.0765 6128 Themes - ok
18:00:42.0780 6128 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:00:42.0780 6128 THREADORDER - ok
18:00:42.0796 6128 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:00:42.0812 6128 TrkWks - ok
18:00:42.0858 6128 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:00:42.0858 6128 TrustedInstaller - ok
18:00:42.0890 6128 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:00:42.0890 6128 tssecsrv - ok
18:00:42.0921 6128 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:00:42.0921 6128 TsUsbFlt - ok
18:00:42.0968 6128 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:00:42.0968 6128 tunnel - ok
18:00:42.0983 6128 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:00:42.0983 6128 uagp35 - ok
18:00:42.0999 6128 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:00:43.0014 6128 udfs - ok
18:00:43.0014 6128 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:00:43.0014 6128 UI0Detect - ok
18:00:43.0030 6128 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:00:43.0046 6128 uliagpkx - ok
18:00:43.0077 6128 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:00:43.0077 6128 umbus - ok
18:00:43.0092 6128 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:00:43.0108 6128 UmPass - ok
18:00:43.0124 6128 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:00:43.0124 6128 upnphost - ok
18:00:43.0170 6128 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:00:43.0170 6128 USBAAPL64 - ok
18:00:43.0186 6128 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:00:43.0186 6128 usbccgp - ok
18:00:43.0233 6128 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:00:43.0233 6128 usbcir - ok
18:00:43.0248 6128 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:00:43.0248 6128 usbehci - ok
18:00:43.0264 6128 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:00:43.0280 6128 usbhub - ok
18:00:43.0295 6128 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:00:43.0295 6128 usbohci - ok
18:00:43.0326 6128 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:00:43.0326 6128 usbprint - ok
18:00:43.0373 6128 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:00:43.0373 6128 usbscan - ok
18:00:43.0389 6128 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:00:43.0389 6128 USBSTOR - ok
18:00:43.0404 6128 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:00:43.0404 6128 usbuhci - ok
18:00:43.0420 6128 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:00:43.0420 6128 UxSms - ok
18:00:43.0420 6128 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:00:43.0436 6128 VaultSvc - ok
18:00:43.0436 6128 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:00:43.0436 6128 vdrvroot - ok
18:00:43.0482 6128 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:00:43.0482 6128 vds - ok
18:00:43.0498 6128 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:00:43.0498 6128 vga - ok
18:00:43.0514 6128 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:00:43.0514 6128 VgaSave - ok
18:00:43.0529 6128 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:00:43.0529 6128 vhdmp - ok
18:00:43.0545 6128 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:00:43.0545 6128 viaide - ok
18:00:43.0560 6128 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:00:43.0560 6128 volmgr - ok
18:00:43.0623 6128 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:00:43.0623 6128 volmgrx - ok
18:00:43.0654 6128 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:00:43.0670 6128 volsnap - ok
18:00:43.0685 6128 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:00:43.0685 6128 vsmraid - ok
18:00:43.0748 6128 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:00:43.0779 6128 VSS - ok
18:00:43.0857 6128 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
18:00:43.0857 6128 vToolbarUpdater13.2.0 - ok
18:00:43.0888 6128 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:00:43.0888 6128 vwifibus - ok
18:00:43.0919 6128 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:00:43.0919 6128 W32Time - ok
18:00:43.0935 6128 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:00:43.0935 6128 WacomPen - ok
18:00:43.0950 6128 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:00:43.0950 6128 WANARP - ok
18:00:43.0966 6128 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:00:43.0966 6128 Wanarpv6 - ok
18:00:44.0028 6128 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:00:44.0060 6128 WatAdminSvc - ok
18:00:44.0106 6128 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:00:44.0138 6128 wbengine - ok
18:00:44.0153 6128 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:00:44.0153 6128 WbioSrvc - ok
18:00:44.0216 6128 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:00:44.0216 6128 wcncsvc - ok
18:00:44.0231 6128 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:00:44.0231 6128 WcsPlugInService - ok
18:00:44.0231 6128 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:00:44.0231 6128 Wd - ok
18:00:44.0247 6128 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:00:44.0262 6128 Wdf01000 - ok
18:00:44.0262 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:00:44.0262 6128 WdiServiceHost - ok
18:00:44.0262 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:00:44.0262 6128 WdiSystemHost - ok
18:00:44.0325 6128 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:00:44.0325 6128 WebClient - ok
18:00:44.0340 6128 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:00:44.0340 6128 Wecsvc - ok
18:00:44.0356 6128 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:00:44.0356 6128 wercplsupport - ok
18:00:44.0372 6128 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:00:44.0372 6128 WerSvc - ok
18:00:44.0372 6128 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:00:44.0372 6128 WfpLwf - ok
18:00:44.0434 6128 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
18:00:44.0434 6128 WimFltr - ok
18:00:44.0434 6128 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:00:44.0434 6128 WIMMount - ok
18:00:44.0465 6128 WinDefend - ok
18:00:44.0465 6128 WinHttpAutoProxySvc - ok
18:00:44.0512 6128 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:00:44.0512 6128 Winmgmt - ok
18:00:44.0574 6128 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:00:44.0606 6128 WinRM - ok
18:00:44.0668 6128 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:00:44.0668 6128 WinUsb - ok
18:00:44.0699 6128 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:00:44.0715 6128 Wlansvc - ok
18:00:44.0746 6128 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:00:44.0746 6128 wlcrasvc - ok
18:00:44.0855 6128 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:00:44.0855 6128 wlidsvc - ok
18:00:44.0871 6128 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:00:44.0871 6128 WmiAcpi - ok
18:00:44.0886 6128 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:00:44.0902 6128 wmiApSrv - ok
18:00:44.0902 6128 WMPNetworkSvc - ok
18:00:44.0902 6128 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:00:44.0902 6128 WPCSvc - ok
18:00:44.0918 6128 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:00:44.0918 6128 WPDBusEnum - ok
18:00:44.0933 6128 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:00:44.0933 6128 ws2ifsl - ok
18:00:44.0964 6128 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:00:44.0964 6128 wscsvc - ok
18:00:44.0964 6128 WSearch - ok
18:00:45.0027 6128 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:00:45.0042 6128 wuauserv - ok
18:00:45.0058 6128 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:00:45.0058 6128 WudfPf - ok
18:00:45.0105 6128 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:00:45.0105 6128 WUDFRd - ok
18:00:45.0152 6128 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:00:45.0152 6128 wudfsvc - ok
18:00:45.0167 6128 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:00:45.0167 6128 WwanSvc - ok
18:00:45.0183 6128 ================ Scan global ===============================
18:00:45.0214 6128 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:00:45.0245 6128 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:00:45.0245 6128 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:00:45.0276 6128 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:00:45.0292 6128 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:00:45.0292 6128 [Global] - ok
18:00:45.0292 6128 ================ Scan MBR ==================================
18:00:45.0308 6128 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
18:00:45.0651 6128 \Device\Harddisk0\DR0 - ok
18:00:45.0651 6128 ================ Scan VBR ==================================
18:00:45.0651 6128 [ 437E3B5DDBAFE97CD87510C54B5E6147 ] \Device\Harddisk0\DR0\Partition1
18:00:45.0651 6128 \Device\Harddisk0\DR0\Partition1 - ok
18:00:45.0682 6128 [ 641328AEC44FE69CE8671F82E3B31232 ] \Device\Harddisk0\DR0\Partition2
18:00:45.0682 6128 \Device\Harddisk0\DR0\Partition2 - ok
18:00:45.0682 6128 ============================================================
18:00:45.0682 6128 Scan finished
18:00:45.0682 6128 ============================================================
18:00:45.0698 6108 Detected object count: 0
18:00:45.0698 6108 Actual detected object count: 0

aswMBR results (NOTE: default AV Scan option was set to "quickscan"):
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-11 18:01:45
-----------------------------
18:01:45.020 OS Version: Windows x64 6.1.7601 Service Pack 1
18:01:45.020 Number of processors: 4 586 0x2505
18:01:45.020 ComputerName: JONESPC UserName: Melissa
18:01:47.141 Initialize success
18:05:46.956 AVAST engine defs: 12111101
18:06:01.856 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:06:01.856 Disk 0 Vendor: WDC_WD1001FAES-75W7A0 05.01D05 Size: 953869MB BusType: 3
18:06:01.872 Disk 0 MBR read successfully
18:06:01.872 Disk 0 MBR scan
18:06:01.887 Disk 0 Windows VISTA default MBR code
18:06:01.887 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
18:06:01.887 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14142 MB offset 81920
18:06:01.903 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939672 MB offset 29044736
18:06:01.918 Disk 0 scanning C:\Windows\system32\drivers
18:06:09.859 Service scanning
18:06:26.353 Modules scanning
18:06:26.353 Disk 0 trace - called modules:
18:06:26.384 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:06:26.883 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064b2060]
18:06:26.883 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80061dc500]
18:06:26.899 5 ACPI.sys[fffff88000efa7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80061d9060]
18:06:28.475 AVAST engine scan C:\Windows
18:06:31.064 AVAST engine scan C:\Windows\system32
18:08:45.042 AVAST engine scan C:\Windows\system32\drivers
18:08:55.898 AVAST engine scan C:\Users\Melissa
18:10:20.468 Disk 0 MBR has been saved successfully to "C:\Users\Melissa\Desktop\MBR.dat"
18:10:20.484 The log file has been saved successfully to "C:\Users\Melissa\Desktop\aswMBR.txt"

ESET scan results

C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmasco.Y trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0009.dta probably a variant of Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0012.dta Win64/Olmasco.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0014.dta Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0015.dta Win64/Olmasco.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0021.dta a variant of Win32/Olmarik.AYN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0022.dta a variant of Win64/Olmasco.AB trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0024.dta Win32/Olmasco.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\11.11.2012_17.51.21\mbr0000\tdlfs0000\tsk0025.dta Win64/Olmasco.AB trojan cleaned by deleting - quarantined
C:\Users\Melissa\Desktop\cbsidlm-tr1_7-MbrFix-ORG2-10485990.exe Win32/DownloadAdmin.D application cleaned by deleting - quarantined
C:\Users\Melissa\Desktop\backups\backup-20121110-201043-342.dll a variant of Win32/Toolbar.CrossRider.A application cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:15 AM

Posted 11 November 2012 - 08:39 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#7 jxmjones

jxmjones
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:15 AM

Posted 11 November 2012 - 10:44 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Melissa :: JONESPC [administrator]

Protection: Disabled

11/11/2012 7:47:13 PM
mbam-log-2012-11-11 (21-04-00).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 394525
Time elapsed: 43 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Melissa\AppData\Local\Temp\01B68417-44E3-4B05-AFB6-70C608EC581B.exe (Heuristics.Shuriken) -> No action taken.
C:\Users\Melissa\AppData\Local\Temp\4E99E918-DCB3-4C73-BEDF-5331730BE6D4.exe (Heuristics.Shuriken) -> No action taken.
C:\Users\Melissa\Desktop\antivrs\tdssfix.exe (Heuristics.Shuriken) -> No action taken.

(end)
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Melissa (administrator) on 11-11-2012 at 21:06:10
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JonesPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 78-2B-CB-84-15-A8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::99d0:3f06:3431:6de9%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 11, 2012 5:53:32 PM
Lease Expires . . . . . . . . . . : Monday, November 12, 2012 5:53:32 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242756555
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-EC-A4-A1-78-2B-CB-84-15-A8
DNS Servers . . . . . . . . . . . : 68.94.156.1
68.94.157.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{D0719B5A-43C2-41D9-8F5C-FD687D908708}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:de:192a:9c5c:7d60(Preferred)
Link-local IPv6 Address . . . . . : fe80::de:192a:9c5c:7d60%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dnsr1.sbcglobal.net
Address: 68.94.156.1

Name: google.com
Addresses: 2001:4860:4002:802::1009
74.125.227.41
74.125.227.46
74.125.227.32
74.125.227.33
74.125.227.34
74.125.227.35
74.125.227.36
74.125.227.37
74.125.227.38
74.125.227.39
74.125.227.40


Pinging google.com [74.125.227.32] with 32 bytes of data:
Reply from 74.125.227.32: bytes=32 time=58ms TTL=52
Reply from 74.125.227.32: bytes=32 time=89ms TTL=52

Ping statistics for 74.125.227.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 89ms, Average = 73ms
Server: dnsr1.sbcglobal.net
Address: 68.94.156.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Request timed out.
Reply from 72.30.38.140: bytes=32 time=286ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 286ms, Maximum = 286ms, Average = 286ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...78 2b cb 84 15 a8 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:de:192a:9c5c:7d60/128
On-link
10 276 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::de:192a:9c5c:7d60/128
On-link
10 276 fe80::99d0:3f06:3431:6de9/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/11/2012 07:35:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2012 06:11:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2012 06:10:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2012 06:10:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2012 06:10:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2012 01:55:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00c72c28
Faulting process id: 0xeac
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2012 01:54:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00d82c28
Faulting process id: 0x1398
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2012 01:45:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00eb2c28
Faulting process id: 0xaa8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/11/2012 00:28:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000004e4b4
Faulting process id: 0x94c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (11/10/2012 07:40:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000004e4b4
Faulting process id: 0x1a2c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3


System errors:
=============
Error: (11/11/2012 05:53:44 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/11/2012 05:53:34 PM) (Source: Service Control Manager) (User: )
Description: The McciServiceHost service failed to start due to the following error:
%%2

Error: (11/11/2012 05:53:33 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (11/11/2012 05:53:33 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/11/2012 05:53:31 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (11/11/2012 05:52:48 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/11/2012 05:50:22 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (11/11/2012 05:49:25 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume .

Error: (11/11/2012 05:48:45 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (11/11/2012 05:48:42 PM) (Source: Service Control Manager) (User: )
Description: The McciServiceHost service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (11/11/2012 07:35:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/11/2012 06:11:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Melissa\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2012 06:10:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Melissa\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2012 06:10:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Melissa\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2012 06:10:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Melissa\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2012 01:55:28 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6unknown0.0.0.000000000c000040900c72c28eac01cdc0465b28601aC:\Program Files (x86)\Internet Explorer\iexplore.exeunknownbd3b50d7-2c39-11e2-99e3-782bcb8415a8

Error: (11/11/2012 01:54:10 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6unknown0.0.0.000000000c000040900d82c28139801cdc045eea65380C:\Program Files (x86)\Internet Explorer\iexplore.exeunknown8e909049-2c39-11e2-99e3-782bcb8415a8

Error: (11/11/2012 01:45:10 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6unknown0.0.0.000000000c000040900eb2c28aa801cdc0443a90c73bC:\Program Files (x86)\Internet Explorer\iexplore.exeunknown4d399662-2c38-11e2-99e3-782bcb8415a8

Error: (11/11/2012 00:28:26 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec0000005000000000004e4b494c01cdc03377f14601C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll9506a9d1-2c2d-11e2-9f13-782bcb8415a8

Error: (11/10/2012 07:40:10 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec0000005000000000004e4b41a2c01cdbf99cbb7a082C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllba5cab55-2ba0-11e2-a7fc-782bcb8415a8


=========================== Installed Programs ============================

Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2624)
AVG 2013 (Version: 13.0.2742)
AVG 2013 (Version: 13.0.2793)
AVG 2013 (Version: 2013.0.2793)
AVG Security Toolbar
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.51)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.4.156.0)
Dell PhotoStage (Version: 1.5.0.19)
Dell Stage (Version: 1.4.173.0)
Dell Support Center (Version: 3.1.5830.12)
Dell VideoStage (Version: 1.1.0.1011)
DirectX 9 Runtime (Version: 1.00.0000)
EA Download Manager (Version: 7.3.7.4)
ESET Online Scanner v3
Free WMA to MP3 Converter 1.16
Google Chrome (Version: 23.0.1271.64)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)
HP Deskjet 1000 J110 series Product Improvement Study (Version: 22.50.231.0)
HP Photo Creations (Version: 1.0.0.${CAB_VERSION})
HP Update (Version: 5.002.006.003)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HTC Sync (Version: 3.2.20)
iCloud (Version: 1.0.2.17)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Internet Explorer (Version: 8)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.3)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.8.0)
MotoHelper 2.0.51 Driver 5.1.0 (Version: 2.0.51)
MotoHelper MergeModules (Version: 1.2.0)
MOTOROLA MEDIA LINK (Version: 1.5.2060.2)
Motorola Mobile Drivers Installation 5.1.0 (Version: 5.1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Multimedia Card Reader (Version: 1.6.915.87)
Netflix in Windows Media Center (Version: 3.3.101.0)
NETGEAR WN111 wireless USB 2.0 adapter (Version: 1.00)
OpenOffice.org 3.1 (Version: 3.1.9399)
PhotoShowExpress (Version: 2.0.028)
QuickTime (Version: 7.71.80.42)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Return of Arcade Anniversary Edition
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.6)
Roxio Creator Starter (Version: 1.0.311)
Roxio Creator Starter (Version: 12.1.40.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Safari (Version: 5.34.52.7)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SUPERAntiSpyware (Version: 5.6.1014)
swMSM (Version: 12.0.0.1)
The Sims™ 3 (Version: 1.0.631)
TrustedID (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Ventrilo Client (Version: 3.0.8)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 5943.12 MB
Available physical RAM: 3850.91 MB
Total Pagefile: 11884.43 MB
Available Pagefile: 9437.58 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.8 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:917.65 GB) (Free:831.15 GB) NTFS
2 Drive d: (Sims3) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\JONESPC

Administrator Guest Melissa

========================= Restore Points ==================================

29-10-2012 00:24:38 Installed AVG PC TuneUp
02-11-2012 15:15:08 Removed Skype Toolbars
04-11-2012 02:11:34 Removed AVG PC TuneUp
04-11-2012 02:12:48 Removed AVG PC TuneUp Language Pack (en-US)
05-11-2012 04:02:16 Removed Skype™ 5.10
05-11-2012 04:04:15 Removed Bonjour
05-11-2012 04:16:24 Removed Skype Toolbars
05-11-2012 15:14:10 Removed Google Earth Plug-in.

**** End of log ****
Farbar Service Scanner Version: 09-11-2012
Ran by Melissa (administrator) on 11-11-2012 at 21:06:51
Running from "C:\Users\Melissa\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
# AdwCleaner v2.007 - Logfile created 11/11/2012 at 21:07:36
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Melissa - JONESPC
# Boot Mode : Normal
# Running from : C:\Users\Melissa\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Melissa\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Melissa\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004493.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5428 octets] - [11/11/2012 21:07:36]

########## EOF - C:\AdwCleaner[S1].txt - [5488 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 2.9.9 (11.11.2012)
OS: Windows 7 Home Premium x64
Ran by Melissa on Sun 11/11/2012 at 21:40:31.87
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Melissa\appdata\locallow\playready"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/11/2012 at 21:43:34.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:15 AM

Posted 12 November 2012 - 06:59 AM

Run a scan with malwarebytes again and post the new log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 jxmjones

jxmjones
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:15 AM

Posted 12 November 2012 - 03:48 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Melissa :: JONESPC [administrator]

Protection: Disabled

11/12/2012 9:22:16 AM
mbam-log-2012-11-12 (09-22-16).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 394296
Time elapsed: 38 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/12/2012 02:44:20 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/12/2012 02:44:29 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)



"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "Dell DataSafe Online" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuclient.exe"
+ "Desktop Disc Tool" "Roxio Burn Launcher" "" "c:\program files (x86)\roxio\oem\roxio burn\roxioburnlauncher.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatchtray12oem.exe"
+ "ShwiconXP9106" "IconUtility ShwiconXP Application" "Alcor Micro Corp." "c:\program files (x86)\multimedia card reader(9106)\shwiconxp9106.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ ""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"" "Update Client for Dell DataSafe Local Backup" "Dell" "c:\program files (x86)\dell datasafe local backup\components\dsupdate\dsupdate.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "NETGEAR WN111 Smart Wizard.lnk" "NetgearCUv2 MFC Application" "" "c:\program files (x86)\netgear\wn111\wn111.exe"
"C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.1.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EA Core" "" "" "File not found: C:\Program Files (x86)\Electronic Arts\EADM\Core.exe"
+ "EADM" "EADMUI" "Electronic Arts" "c:\program files (x86)\electronic arts\eadm\eadmui\eadmui.exe"
+ "HijackThis startup scan" "" "" "File not found: C:\Users\Melissa\Desktop\HijackThis.exe /startupscan"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Adobe online update program" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\HP online update program" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "\HPCustParticipation HP Deskjet 1000 J110 series" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 1000 j110 series\bin\hpcustpartic.exe"
+ "\IHUninstallTrackingTASK" "" "" "File not found: DEL"
+ "\Launch HTC Sync Loader" "HTC UPCT Loader" "" "c:\program files (x86)\htc\htc sync 3.0\htcupctloader.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\MotoHelper Initial Update" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\MotoHelper MUM" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\MotoHelper Routing" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\MotoHelper Update" "MotoHelperUpdate" "" "c:\program files (x86)\motorola\motohelper\motohelperupdate.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\SystemToolsDailyTest" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\{7CB86971-AD3F-4FB8-8343-71C68ECCC36D}" "" "" "c:\riot games\league of legends\lol.launcher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avgfws" "AVG Firewall Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgfws.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "McciServiceHost" "" "" "File not found: C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe"
+ "MotoHelper" "MotoHelper Service" "" "c:\program files (x86)\motorola\motohelper\motohelperservice.exe"
+ "NOBU" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuagent.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PassThru Service" "Detect HTC Android device for internet pass-through function." "" "c:\program files (x86)\htc\internet pass-through\passthrusvr.exe"
+ "RoxMediaDB12OEM" "Roxio RoxMediaDB12OEM Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "vToolbarUpdater13.2.0" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "Avgfwfd" "AVG network filter driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgfwd6a.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTCFilterService" "Motorola Unsafe Removal Filter Driver" "Motorola Inc" "c:\windows\system32\drivers\motfilt.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HTCAND64" "ADB Interface" "HTC, Corporation" "c:\windows\system32\drivers\androidusb.sys"
+ "htcnprot" "HTC NDIS Protocol Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\htcnprot.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "" "" "File not found: C:\Windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "motccgp" "Motorola USB Composite Device Driver" "Motorola" "c:\windows\system32\drivers\motccgp.sys"
+ "motccgpfl" "Motorola USB Composite Filter Driver" "Motorola" "c:\windows\system32\drivers\motccgpfl.sys"
+ "motmodem" "Motorola USB Modem and Ports Driver" "Motorola" "c:\windows\system32\drivers\motmodem.sys"
+ "MotoSwitchService" "" "Motorola" "c:\windows\system32\drivers\motswch.sys"
+ "Motousbnet" "Motorola USB Networking Driver" "Motorola" "c:\windows\system32\drivers\motousbnet.sys"
+ "motusbdevice" "Motorola USB Device Driver" "Motorola Inc" "c:\windows\system32\drivers\motusbdevice.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys"
+ "MREMP50a64" "PCAUSA NDIS 5.0 MPR Protocol Driver (AMD64)" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mremp50a64.sys"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys"
+ "MRESP50a64" "PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64)" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mresp50a64.sys"
+ "MRV6X64U" "ExtSta NDIS 6.0 driver" "Marvell Semiconductor, Inc" "c:\windows\system32\drivers\mrvw24c.sys"
+ "Mrvleap" "MARVELL EAP Driver" "" "File not found: system32\DRIVERS\mrv64drv.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 8811 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8811lm.dll"
+ "SSP4M Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\ssp4ml6.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:15 AM

Posted 12 November 2012 - 08:50 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 jxmjones

jxmjones
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:15 AM

Posted 13 November 2012 - 11:25 AM

Done, everything looks great! Thank you so much for your help!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:15 AM

Posted 13 November 2012 - 11:32 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users