Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Just infected to include Strongvault installation


  • Please log in to reply
18 replies to this topic

#1 DGREW

DGREW

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 26 January 2013 - 05:41 PM

I noticed what I thought was an Adobe Flashplayer update and hit install - I noticed that it popped up with a publisher other than ADOBE and I aborted the operation - but apparently not in time.

Strongvault was installed and I attempted to unintall the program but was asked to update the program - so I canelled.

I am now running Malwarebytes scan & getting lots of hits. It might take a while.

Definitely some damage done but it's early in it's infective process. I run Malwarbytes scan every night so I'm pretty sure it just got hit.

Please let me know what I can do to get rid of it.

Thanks for any information & or guidance,

Regards LK

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 26 January 2013 - 05:45 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 27 January 2013 - 12:26 AM

Sorry to get back so late. I had several problems running aswMBR.

I hope that I did not screw up ESET. I thought I checked List found items. I'll run it again if you need it, but wanted to get this in.

Regards,

DRP



14:37:28.0361 5580 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:37:29.0631 5580 ============================================================
14:37:29.0631 5580 Current date / time: 2013/01/26 14:37:29.0631
14:37:29.0631 5580 SystemInfo:
14:37:29.0631 5580
14:37:29.0631 5580 OS Version: 6.1.7601 ServicePack: 1.0
14:37:29.0631 5580 Product type: Workstation
14:37:29.0631 5580 ComputerName: DRP-PC
14:37:29.0631 5580 UserName: DRP
14:37:29.0631 5580 Windows directory: C:\Windows
14:37:29.0631 5580 System windows directory: C:\Windows
14:37:29.0631 5580 Running under WOW64
14:37:29.0631 5580 Processor architecture: Intel x64
14:37:29.0631 5580 Number of processors: 2
14:37:29.0631 5580 Page size: 0x1000
14:37:29.0631 5580 Boot type: Normal boot
14:37:29.0631 5580 ============================================================
14:37:30.0921 5580 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:37:30.0931 5580 Drive \Device\Harddisk1\DR1 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:37:31.0211 5580 ============================================================
14:37:31.0211 5580 \Device\Harddisk0\DR0:
14:37:31.0211 5580 MBR partitions:
14:37:31.0211 5580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x1339000
14:37:31.0211 5580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x137C000, BlocksNum 0x1BE49000
14:37:31.0211 5580 \Device\Harddisk1\DR1:
14:37:31.0211 5580 MBR partitions:
14:37:31.0211 5580 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
14:37:31.0211 5580 ============================================================
14:37:31.0241 5580 C: <-> \Device\Harddisk0\DR0\Partition2
14:37:31.0271 5580 H: <-> \Device\Harddisk1\DR1\Partition1
14:37:31.0271 5580 ============================================================
14:37:31.0271 5580 Initialize success
14:37:31.0271 5580 ============================================================
14:37:44.0744 6468 ============================================================
14:37:44.0744 6468 Scan started
14:37:44.0744 6468 Mode: Manual;
14:37:44.0744 6468 ============================================================
14:37:47.0004 6468 ================ Scan system memory ========================
14:37:47.0004 6468 System memory - ok
14:37:47.0004 6468 ================ Scan services =============================
14:37:47.0854 6468 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:37:47.0864 6468 1394ohci - ok
14:37:48.0434 6468 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Users\DRP\Downloads\EmsisoftEmergencyKit\Run\a2ddax64.sys
14:37:48.0564 6468 A2DDA - ok
14:37:48.0614 6468 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:37:48.0614 6468 ACPI - ok
14:37:48.0634 6468 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:37:48.0714 6468 AcpiPmi - ok
14:37:48.0834 6468 [ 6D182C31ACF16213407F2768F1107FE3 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:37:48.0924 6468 Adobe LM Service - ok
14:37:49.0134 6468 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:37:49.0214 6468 AdobeARMservice - ok
14:37:49.0414 6468 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:37:49.0414 6468 AdobeFlashPlayerUpdateSvc - ok
14:37:49.0494 6468 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:37:49.0524 6468 adp94xx - ok
14:37:49.0554 6468 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:37:49.0584 6468 adpahci - ok
14:37:49.0614 6468 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:37:49.0624 6468 adpu320 - ok
14:37:49.0734 6468 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:37:49.0744 6468 AeLookupSvc - ok
14:37:49.0844 6468 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:37:49.0894 6468 AFD - ok
14:37:49.0944 6468 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:37:49.0944 6468 agp440 - ok
14:37:49.0964 6468 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:37:49.0984 6468 ALG - ok
14:37:50.0004 6468 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:37:50.0014 6468 aliide - ok
14:37:50.0044 6468 [ 9A5495EDEBE7D6B3F7E9A86EBE5EA248 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:37:50.0114 6468 AMD External Events Utility - ok
14:37:50.0124 6468 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:37:50.0124 6468 amdide - ok
14:37:50.0144 6468 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:37:50.0144 6468 AmdK8 - ok
14:37:50.0164 6468 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:37:50.0164 6468 AmdPPM - ok
14:37:50.0194 6468 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:37:50.0274 6468 amdsata - ok
14:37:50.0294 6468 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:37:50.0294 6468 amdsbs - ok
14:37:50.0314 6468 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:37:50.0314 6468 amdxata - ok
14:37:50.0354 6468 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:37:50.0454 6468 AppID - ok
14:37:50.0474 6468 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:37:50.0474 6468 AppIDSvc - ok
14:37:50.0494 6468 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:37:50.0524 6468 Appinfo - ok
14:37:50.0614 6468 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:37:50.0704 6468 Apple Mobile Device - ok
14:37:50.0734 6468 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:37:50.0734 6468 AppMgmt - ok
14:37:50.0744 6468 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:37:50.0754 6468 arc - ok
14:37:50.0774 6468 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:37:50.0794 6468 arcsas - ok
14:37:50.0894 6468 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:37:51.0004 6468 aspnet_state - ok
14:37:51.0024 6468 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:37:51.0024 6468 AsyncMac - ok
14:37:51.0044 6468 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:37:51.0044 6468 atapi - ok
14:37:51.0064 6468 [ 38467FF83C2B4265D51F418812A91E3C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:37:51.0114 6468 AtiHdmiService - ok
14:37:51.0284 6468 [ A08339AE90972E268B9622C668F450E8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:37:51.0364 6468 atikmdag - ok
14:37:51.0434 6468 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:37:51.0434 6468 AudioEndpointBuilder - ok
14:37:51.0454 6468 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:37:51.0464 6468 AudioSrv - ok
14:37:51.0494 6468 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:37:51.0534 6468 AxInstSV - ok
14:37:51.0564 6468 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:37:51.0604 6468 b06bdrv - ok
14:37:51.0654 6468 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:37:51.0664 6468 b57nd60a - ok
14:37:51.0694 6468 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
14:37:51.0784 6468 BCM42RLY - ok
14:37:51.0894 6468 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:37:51.0904 6468 BCM43XX - ok
14:37:51.0964 6468 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:37:51.0964 6468 BDESVC - ok
14:37:51.0994 6468 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:37:51.0994 6468 Beep - ok
14:37:52.0044 6468 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:37:52.0054 6468 BFE - ok
14:37:52.0104 6468 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:37:52.0214 6468 BITS - ok
14:37:52.0274 6468 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:37:52.0284 6468 blbdrive - ok
14:37:52.0374 6468 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:37:52.0384 6468 Bonjour Service - ok
14:37:52.0445 6468 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:37:52.0445 6468 bowser - ok
14:37:52.0485 6468 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:37:52.0485 6468 BrFiltLo - ok
14:37:52.0505 6468 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:37:52.0515 6468 BrFiltUp - ok
14:37:52.0535 6468 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:37:52.0575 6468 Browser - ok
14:37:52.0595 6468 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:37:52.0605 6468 Brserid - ok
14:37:52.0625 6468 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:37:52.0635 6468 BrSerWdm - ok
14:37:52.0645 6468 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:37:52.0645 6468 BrUsbMdm - ok
14:37:52.0655 6468 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:37:52.0655 6468 BrUsbSer - ok
14:37:52.0685 6468 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:37:52.0695 6468 BTHMODEM - ok
14:37:52.0735 6468 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:37:52.0735 6468 bthserv - ok
14:37:52.0745 6468 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:37:52.0755 6468 cdfs - ok
14:37:52.0775 6468 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:37:52.0865 6468 cdrom - ok
14:37:52.0885 6468 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:37:52.0885 6468 CertPropSvc - ok
14:37:52.0945 6468 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
14:37:53.0035 6468 cfwids - ok
14:37:53.0055 6468 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:37:53.0055 6468 circlass - ok
14:37:53.0095 6468 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:37:53.0095 6468 CLFS - ok
14:37:53.0225 6468 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:53.0235 6468 clr_optimization_v2.0.50727_32 - ok
14:37:53.0295 6468 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:37:53.0305 6468 clr_optimization_v2.0.50727_64 - ok
14:37:53.0405 6468 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:37:53.0555 6468 clr_optimization_v4.0.30319_32 - ok
14:37:53.0575 6468 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:37:53.0625 6468 clr_optimization_v4.0.30319_64 - ok
14:37:53.0685 6468 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:37:53.0695 6468 CmBatt - ok
14:37:53.0715 6468 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:37:53.0725 6468 cmdide - ok
14:37:53.0785 6468 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:37:53.0795 6468 CNG - ok
14:37:53.0825 6468 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:37:53.0825 6468 Compbatt - ok
14:37:53.0835 6468 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:37:53.0885 6468 CompositeBus - ok
14:37:53.0895 6468 COMSysApp - ok
14:37:53.0915 6468 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:37:53.0915 6468 crcdisk - ok
14:37:53.0945 6468 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:37:53.0975 6468 CryptSvc - ok
14:37:53.0995 6468 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:37:54.0045 6468 CSC - ok
14:37:54.0265 6468 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:37:54.0275 6468 CscService - ok
14:37:54.0355 6468 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
14:37:54.0445 6468 dc3d - ok
14:37:54.0495 6468 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:37:54.0505 6468 DcomLaunch - ok
14:37:54.0615 6468 DefaultTabUpdate - ok
14:37:54.0625 6468 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:37:54.0635 6468 defragsvc - ok
14:37:54.0665 6468 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:37:54.0775 6468 DfsC - ok
14:37:54.0805 6468 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:37:54.0805 6468 Dhcp - ok
14:37:54.0845 6468 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:37:54.0845 6468 discache - ok
14:37:54.0905 6468 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:37:54.0905 6468 Disk - ok
14:37:54.0955 6468 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:37:54.0955 6468 Dnscache - ok
14:37:54.0985 6468 DockLoginService - ok
14:37:55.0005 6468 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:37:55.0075 6468 dot3svc - ok
14:37:55.0105 6468 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:37:55.0105 6468 Dot4 - ok
14:37:55.0125 6468 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:37:55.0175 6468 Dot4Print - ok
14:37:55.0185 6468 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:37:55.0185 6468 dot4usb - ok
14:37:55.0205 6468 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:37:55.0205 6468 DPS - ok
14:37:55.0225 6468 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:37:55.0235 6468 drmkaud - ok
14:37:55.0265 6468 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:37:55.0315 6468 DXGKrnl - ok
14:37:55.0355 6468 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:37:55.0355 6468 EapHost - ok
14:37:55.0526 6468 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:37:55.0726 6468 ebdrv - ok
14:37:55.0766 6468 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:37:55.0766 6468 EFS - ok
14:37:55.0916 6468 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:37:56.0006 6468 ehRecvr - ok
14:37:56.0026 6468 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:37:56.0026 6468 ehSched - ok
14:37:56.0066 6468 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:37:56.0066 6468 elxstor - ok
14:37:56.0096 6468 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:37:56.0106 6468 ErrDev - ok
14:37:56.0186 6468 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:37:56.0196 6468 EventSystem - ok
14:37:56.0216 6468 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:37:56.0246 6468 exfat - ok
14:37:56.0296 6468 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:37:56.0306 6468 fastfat - ok
14:37:56.0356 6468 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:37:56.0356 6468 Fax - ok
14:37:56.0396 6468 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:37:56.0406 6468 fdc - ok
14:37:56.0476 6468 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:37:56.0476 6468 fdPHost - ok
14:37:56.0506 6468 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:37:56.0506 6468 FDResPub - ok
14:37:56.0516 6468 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:37:56.0526 6468 FileInfo - ok
14:37:56.0536 6468 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:37:56.0546 6468 Filetrace - ok
14:37:56.0556 6468 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:37:56.0556 6468 flpydisk - ok
14:37:56.0586 6468 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:37:56.0616 6468 FltMgr - ok
14:37:56.0686 6468 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:37:56.0766 6468 FontCache - ok
14:37:56.0946 6468 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:37:56.0996 6468 FontCache3.0.0.0 - ok
14:37:57.0026 6468 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:37:57.0026 6468 FsDepends - ok
14:37:57.0096 6468 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
14:37:57.0186 6468 fssfltr - ok
14:37:57.0316 6468 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:37:57.0636 6468 fsssvc - ok
14:37:57.0686 6468 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:37:57.0736 6468 Fs_Rec - ok
14:37:57.0816 6468 [ 35FD2BB5131714E657B7AB3A78642854 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
14:37:57.0906 6468 FTDIBUS - ok
14:37:57.0926 6468 [ 196C9BDDBEF9B6D0973F398BEF5B2EEE ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
14:37:58.0016 6468 FTSER2K - ok
14:37:58.0046 6468 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:37:58.0046 6468 fvevol - ok
14:37:58.0086 6468 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:37:58.0086 6468 gagp30kx - ok
14:37:58.0136 6468 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:37:58.0206 6468 GEARAspiWDM - ok
14:37:58.0316 6468 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
14:37:58.0366 6468 GoToAssist - ok
14:37:58.0426 6468 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:37:58.0446 6468 gpsvc - ok
14:37:58.0467 6468 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
14:37:58.0507 6468 grmnusb - ok
14:37:58.0647 6468 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:37:58.0647 6468 gupdate - ok
14:37:58.0707 6468 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:37:58.0707 6468 gupdatem - ok
14:37:58.0777 6468 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:37:58.0867 6468 gusvc - ok
14:37:58.0937 6468 [ 17D5A13ABBD270B5EC5B8F6A63C4A71C ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
14:37:59.0037 6468 HauppaugeTVServer - ok
14:37:59.0067 6468 [ F531C096D13A9E12B143DB770814DE92 ] hcw72ADFilter C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
14:37:59.0117 6468 hcw72ADFilter - ok
14:37:59.0187 6468 [ 0496F2A26A9B45412C5CC096D451AA22 ] hcw72ATV C:\Windows\system32\DRIVERS\hcw72ATV.sys
14:37:59.0287 6468 hcw72ATV - ok
14:37:59.0367 6468 [ 13D8E1F19E5F461F99C24E50BC987B58 ] hcw72DTV C:\Windows\system32\DRIVERS\hcw72DTV.sys
14:37:59.0528 6468 hcw72DTV - ok
14:37:59.0559 6468 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:37:59.0575 6468 hcw85cir - ok
14:37:59.0622 6468 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:37:59.0700 6468 HdAudAddService - ok
14:37:59.0731 6468 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:37:59.0731 6468 HDAudBus - ok
14:37:59.0756 6468 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:37:59.0756 6468 HidBatt - ok
14:37:59.0776 6468 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:37:59.0776 6468 HidBth - ok
14:37:59.0806 6468 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:37:59.0806 6468 HidIr - ok
14:37:59.0836 6468 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:37:59.0846 6468 hidserv - ok
14:37:59.0876 6468 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:37:59.0986 6468 HidUsb - ok
14:38:00.0026 6468 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
14:38:00.0076 6468 HipShieldK - ok
14:38:00.0116 6468 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:38:00.0126 6468 hkmsvc - ok
14:38:00.0136 6468 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:38:00.0166 6468 HomeGroupListener - ok
14:38:00.0196 6468 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:38:00.0236 6468 HomeGroupProvider - ok
14:38:00.0286 6468 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:38:00.0336 6468 HpSAMD - ok
14:38:00.0366 6468 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:38:00.0416 6468 HTTP - ok
14:38:00.0436 6468 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:38:00.0436 6468 hwpolicy - ok
14:38:00.0477 6468 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:38:00.0477 6468 i8042prt - ok
14:38:00.0527 6468 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:38:00.0607 6468 iaStorV - ok
14:38:00.0927 6468 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:00.0997 6468 idsvc - ok
14:38:01.0027 6468 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:38:01.0337 6468 iirsp - ok
14:38:01.0417 6468 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:38:01.0417 6468 IKEEXT - ok
14:38:01.0437 6468 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:38:01.0437 6468 intelide - ok
14:38:01.0467 6468 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:38:01.0467 6468 intelppm - ok
14:38:01.0487 6468 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:38:01.0487 6468 IPBusEnum - ok
14:38:01.0507 6468 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:01.0557 6468 IpFilterDriver - ok
14:38:01.0607 6468 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:38:01.0647 6468 iphlpsvc - ok
14:38:01.0687 6468 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:38:01.0777 6468 IPMIDRV - ok
14:38:01.0827 6468 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:38:01.0827 6468 IPNAT - ok
14:38:01.0937 6468 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:38:02.0037 6468 iPod Service - ok
14:38:02.0117 6468 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:38:02.0117 6468 IRENUM - ok
14:38:02.0127 6468 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:38:02.0127 6468 isapnp - ok
14:38:02.0177 6468 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:38:02.0277 6468 iScsiPrt - ok
14:38:02.0307 6468 [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
14:38:02.0387 6468 itecir - ok
14:38:02.0427 6468 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
14:38:02.0507 6468 ivusb - ok
14:38:02.0527 6468 [ 08DD34F74D65E1C8F238565570952630 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:38:02.0577 6468 k57nd60a - ok
14:38:02.0597 6468 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:02.0597 6468 kbdclass - ok
14:38:02.0627 6468 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:02.0667 6468 kbdhid - ok
14:38:02.0707 6468 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:38:02.0707 6468 KeyIso - ok
14:38:02.0787 6468 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:38:02.0797 6468 KSecDD - ok
14:38:02.0827 6468 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:38:02.0827 6468 KSecPkg - ok
14:38:02.0857 6468 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:38:02.0867 6468 ksthunk - ok
14:38:02.0917 6468 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:38:02.0947 6468 KtmRm - ok
14:38:02.0987 6468 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:38:03.0097 6468 LanmanServer - ok
14:38:03.0157 6468 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:03.0157 6468 LanmanWorkstation - ok
14:38:03.0187 6468 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:38:03.0197 6468 lltdio - ok
14:38:03.0217 6468 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:38:03.0247 6468 lltdsvc - ok
14:38:03.0317 6468 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:38:03.0327 6468 lmhosts - ok
14:38:03.0367 6468 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:38:03.0377 6468 LSI_FC - ok
14:38:03.0397 6468 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:38:03.0397 6468 LSI_SAS - ok
14:38:03.0407 6468 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:38:03.0407 6468 LSI_SAS2 - ok
14:38:03.0427 6468 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:38:03.0437 6468 LSI_SCSI - ok
14:38:03.0467 6468 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:38:03.0467 6468 luafv - ok
14:38:03.0517 6468 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:38:03.0527 6468 MBAMProtector - ok
14:38:03.0587 6468 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:38:03.0677 6468 MBAMScheduler - ok
14:38:03.0727 6468 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:38:03.0807 6468 MBAMService - ok
14:38:03.0897 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:03.0937 6468 McAfee SiteAdvisor Service - ok
14:38:04.0007 6468 [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
14:38:04.0067 6468 McComponentHostService - ok
14:38:04.0097 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:04.0107 6468 McMPFSvc - ok
14:38:04.0117 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:04.0117 6468 mcmscsvc - ok
14:38:04.0147 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:04.0147 6468 McNaiAnn - ok
14:38:04.0157 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:04.0167 6468 McNASvc - ok
14:38:04.0237 6468 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
14:38:04.0317 6468 McODS - ok
14:38:04.0327 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:04.0327 6468 McProxy - ok
14:38:04.0377 6468 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:38:04.0417 6468 McShield - ok
14:38:04.0457 6468 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:38:04.0538 6468 Mcx2Svc - ok
14:38:04.0538 6468 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:38:04.0548 6468 megasas - ok
14:38:04.0588 6468 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:38:04.0588 6468 MegaSR - ok
14:38:04.0688 6468 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
14:38:04.0748 6468 mfeapfk - ok
14:38:04.0758 6468 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
14:38:04.0808 6468 mfeavfk - ok
14:38:04.0808 6468 mfeavfk01 - ok
14:38:04.0848 6468 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:38:04.0898 6468 mfefire - ok
14:38:04.0938 6468 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
14:38:05.0038 6468 mfefirek - ok
14:38:05.0088 6468 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
14:38:05.0098 6468 mfehidk - ok
14:38:05.0118 6468 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
14:38:05.0158 6468 mferkdet - ok
14:38:05.0218 6468 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
14:38:05.0228 6468 mfevtp - ok
14:38:05.0268 6468 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
14:38:05.0348 6468 mfewfpk - ok
14:38:05.0378 6468 [ E805A347AB28AD569C5CED370A966D80 ] MHIKEY10 C:\Windows\system32\Drivers\MHIKEY10x64.sys
14:38:05.0418 6468 MHIKEY10 - ok
14:38:05.0488 6468 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:38:05.0498 6468 MMCSS - ok
14:38:05.0518 6468 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:38:05.0518 6468 Modem - ok
14:38:05.0548 6468 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:38:05.0548 6468 monitor - ok
14:38:05.0558 6468 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:38:05.0558 6468 mouclass - ok
14:38:05.0578 6468 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:38:05.0578 6468 mouhid - ok
14:38:05.0588 6468 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:38:05.0598 6468 mountmgr - ok
14:38:05.0618 6468 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:38:05.0698 6468 mpio - ok
14:38:05.0718 6468 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:38:05.0718 6468 mpsdrv - ok
14:38:05.0748 6468 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:38:05.0758 6468 MpsSvc - ok
14:38:05.0788 6468 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:38:05.0878 6468 MRxDAV - ok
14:38:05.0978 6468 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:05.0978 6468 mrxsmb - ok
14:38:06.0048 6468 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:06.0058 6468 mrxsmb10 - ok
14:38:06.0088 6468 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:06.0098 6468 mrxsmb20 - ok
14:38:06.0158 6468 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:38:06.0158 6468 msahci - ok
14:38:06.0178 6468 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:38:06.0228 6468 msdsm - ok
14:38:06.0288 6468 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:38:06.0308 6468 MSDTC - ok
14:38:06.0348 6468 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:38:06.0348 6468 Msfs - ok
14:38:06.0368 6468 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:38:06.0388 6468 mshidkmdf - ok
14:38:06.0418 6468 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:38:06.0418 6468 msisadrv - ok
14:38:06.0448 6468 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:38:06.0468 6468 MSiSCSI - ok
14:38:06.0478 6468 msiserver - ok
14:38:06.0538 6468 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:38:06.0548 6468 MSK80Service - ok
14:38:06.0578 6468 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:38:06.0588 6468 MSKSSRV - ok
14:38:06.0628 6468 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:06.0638 6468 MSPCLOCK - ok
14:38:06.0648 6468 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:38:06.0648 6468 MSPQM - ok
14:38:06.0678 6468 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:38:06.0678 6468 MsRPC - ok
14:38:06.0688 6468 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:38:06.0688 6468 mssmbios - ok
14:38:06.0788 6468 MSSQL$SQLEXPRESS - ok
14:38:06.0978 6468 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:38:07.0078 6468 MSSQLServerADHelper100 - ok
14:38:07.0118 6468 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:38:07.0118 6468 MSTEE - ok
14:38:07.0138 6468 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:38:07.0138 6468 MTConfig - ok
14:38:07.0198 6468 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:38:07.0198 6468 Mup - ok
14:38:07.0248 6468 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:38:07.0248 6468 napagent - ok
14:38:07.0308 6468 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:38:07.0318 6468 NativeWifiP - ok
14:38:07.0398 6468 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:38:07.0428 6468 NDIS - ok
14:38:07.0568 6468 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:38:07.0598 6468 NdisCap - ok
14:38:07.0658 6468 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:07.0668 6468 NdisTapi - ok
14:38:07.0678 6468 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:07.0738 6468 Ndisuio - ok
14:38:07.0768 6468 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:07.0818 6468 NdisWan - ok
14:38:07.0848 6468 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:38:07.0898 6468 NDProxy - ok
14:38:07.0968 6468 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:38:08.0038 6468 Net Driver HPZ12 - ok
14:38:08.0058 6468 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:38:08.0058 6468 NetBIOS - ok
14:38:08.0068 6468 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:38:08.0118 6468 NetBT - ok
14:38:08.0138 6468 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:38:08.0138 6468 Netlogon - ok
14:38:08.0208 6468 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:38:08.0218 6468 Netman - ok
14:38:08.0278 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0398 6468 NetMsmqActivator - ok
14:38:08.0408 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0408 6468 NetPipeActivator - ok
14:38:08.0438 6468 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:38:08.0448 6468 netprofm - ok
14:38:08.0458 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0458 6468 NetTcpActivator - ok
14:38:08.0458 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:08.0458 6468 NetTcpPortSharing - ok
14:38:08.0478 6468 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:38:08.0488 6468 nfrd960 - ok
14:38:08.0518 6468 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:38:08.0518 6468 NlaSvc - ok
14:38:08.0528 6468 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:38:08.0538 6468 Npfs - ok
14:38:08.0548 6468 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:38:08.0548 6468 nsi - ok
14:38:08.0558 6468 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:38:08.0558 6468 nsiproxy - ok
14:38:08.0628 6468 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:38:08.0688 6468 Ntfs - ok
14:38:08.0808 6468 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:38:08.0828 6468 Null - ok
14:38:08.0868 6468 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:38:08.0908 6468 nvraid - ok
14:38:08.0928 6468 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:38:08.0978 6468 nvstor - ok
14:38:08.0998 6468 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:38:08.0998 6468 nv_agp - ok
14:38:09.0038 6468 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:38:09.0048 6468 ohci1394 - ok
14:38:09.0098 6468 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:09.0128 6468 ose - ok
14:38:09.0238 6468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:38:09.0258 6468 p2pimsvc - ok
14:38:09.0328 6468 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:38:09.0338 6468 p2psvc - ok
14:38:09.0398 6468 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:38:09.0398 6468 Parport - ok
14:38:09.0438 6468 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:38:09.0488 6468 partmgr - ok
14:38:09.0548 6468 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:38:09.0558 6468 PcaSvc - ok
14:38:09.0608 6468 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
14:38:09.0788 6468 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
14:38:09.0868 6468 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:38:09.0868 6468 pci - ok
14:38:09.0888 6468 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:38:09.0888 6468 pciide - ok
14:38:09.0918 6468 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:38:09.0928 6468 pcmcia - ok
14:38:09.0948 6468 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:38:09.0948 6468 pcw - ok
14:38:09.0968 6468 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:38:09.0978 6468 PEAUTH - ok
14:38:10.0018 6468 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:38:10.0048 6468 PeerDistSvc - ok
14:38:10.0148 6468 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:38:10.0148 6468 PerfHost - ok
14:38:10.0198 6468 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:38:10.0318 6468 pla - ok
14:38:10.0368 6468 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:38:10.0368 6468 PlugPlay - ok
14:38:10.0388 6468 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:38:10.0418 6468 Pml Driver HPZ12 - ok
14:38:10.0448 6468 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:38:10.0448 6468 PNRPAutoReg - ok
14:38:10.0468 6468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:38:10.0468 6468 PNRPsvc - ok
14:38:10.0508 6468 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
14:38:10.0609 6468 Point64 - ok
14:38:10.0659 6468 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:38:10.0689 6468 PolicyAgent - ok
14:38:10.0779 6468 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:38:10.0789 6468 Power - ok
14:38:10.0839 6468 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:38:10.0879 6468 PptpMiniport - ok
14:38:10.0969 6468 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:38:10.0979 6468 Processor - ok
14:38:11.0019 6468 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:38:11.0019 6468 ProfSvc - ok
14:38:11.0029 6468 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:38:11.0039 6468 ProtectedStorage - ok
14:38:11.0059 6468 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:38:11.0099 6468 Psched - ok
14:38:11.0109 6468 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:38:11.0109 6468 PxHlpa64 - ok
14:38:11.0159 6468 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:38:11.0189 6468 ql2300 - ok
14:38:11.0209 6468 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:38:11.0209 6468 ql40xx - ok
14:38:11.0249 6468 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:38:11.0249 6468 QWAVE - ok
14:38:11.0269 6468 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:38:11.0279 6468 QWAVEdrv - ok
14:38:11.0299 6468 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:38:11.0309 6468 RasAcd - ok
14:38:11.0359 6468 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:38:11.0369 6468 RasAgileVpn - ok
14:38:11.0389 6468 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:38:11.0409 6468 RasAuto - ok
14:38:11.0439 6468 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:38:11.0489 6468 Rasl2tp - ok
14:38:11.0529 6468 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:38:11.0569 6468 RasMan - ok
14:38:11.0579 6468 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:38:11.0589 6468 RasPppoe - ok
14:38:11.0599 6468 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:38:11.0599 6468 RasSstp - ok
14:38:11.0609 6468 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:38:11.0619 6468 rdbss - ok
14:38:11.0649 6468 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:38:11.0659 6468 rdpbus - ok
14:38:11.0669 6468 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:38:11.0669 6468 RDPCDD - ok
14:38:11.0679 6468 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:38:11.0799 6468 RDPDR - ok
14:38:11.0829 6468 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:38:11.0839 6468 RDPENCDD - ok
14:38:11.0849 6468 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:38:11.0849 6468 RDPREFMP - ok
14:38:11.0889 6468 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:38:11.0969 6468 RDPWD - ok
14:38:11.0989 6468 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:38:11.0989 6468 rdyboost - ok
14:38:12.0039 6468 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:38:12.0039 6468 RemoteAccess - ok
14:38:12.0059 6468 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:38:12.0069 6468 RemoteRegistry - ok
14:38:12.0089 6468 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
14:38:12.0129 6468 rimmptsk - ok
14:38:12.0159 6468 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
14:38:12.0209 6468 rimsptsk - ok
14:38:12.0319 6468 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
14:38:12.0419 6468 rismxdp - ok
14:38:12.0619 6468 [ 05FC44D32A144925EAE45570029FD6E1 ] RoxMediaDB10 c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
14:38:12.0789 6468 RoxMediaDB10 - ok
14:38:12.0819 6468 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:38:12.0819 6468 RpcEptMapper - ok
14:38:12.0859 6468 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:38:12.0859 6468 RpcLocator - ok
14:38:12.0889 6468 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:38:12.0889 6468 RpcSs - ok
14:38:12.0919 6468 [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
14:38:13.0009 6468 RsFx0150 - ok
14:38:13.0039 6468 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:38:13.0039 6468 rspndr - ok
14:38:13.0079 6468 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:38:13.0119 6468 s3cap - ok
14:38:13.0139 6468 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:38:13.0139 6468 SamSs - ok
14:38:13.0149 6468 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:38:13.0199 6468 sbp2port - ok
14:38:13.0389 6468 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:38:13.0479 6468 SBSDWSCService - ok
14:38:13.0679 6468 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:38:13.0699 6468 SCardSvr - ok
14:38:13.0749 6468 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:38:13.0799 6468 scfilter - ok
14:38:13.0829 6468 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:38:13.0839 6468 Schedule - ok
14:38:13.0909 6468 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:38:13.0909 6468 SCPolicySvc - ok
14:38:13.0999 6468 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:38:14.0049 6468 sdbus - ok
14:38:14.0069 6468 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:38:14.0099 6468 SDRSVC - ok
14:38:14.0149 6468 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:38:14.0149 6468 secdrv - ok
14:38:14.0159 6468 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:38:14.0159 6468 seclogon - ok
14:38:14.0169 6468 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:38:14.0179 6468 SENS - ok
14:38:14.0189 6468 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:38:14.0199 6468 SensrSvc - ok
14:38:14.0249 6468 [ 052D4299E72FFFCCD9A168ADCDF5C450 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
14:38:14.0289 6468 Ser2pl - ok
14:38:14.0299 6468 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:38:14.0299 6468 Serenum - ok
14:38:14.0309 6468 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:38:14.0309 6468 Serial - ok
14:38:14.0359 6468 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:38:14.0359 6468 sermouse - ok
14:38:14.0399 6468 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:38:14.0429 6468 SessionEnv - ok
14:38:14.0449 6468 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:38:14.0449 6468 sffdisk - ok
14:38:14.0469 6468 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:38:14.0469 6468 sffp_mmc - ok
14:38:14.0489 6468 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:38:14.0529 6468 sffp_sd - ok
14:38:14.0539 6468 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:38:14.0549 6468 sfloppy - ok
14:38:14.0609 6468 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:38:14.0629 6468 SharedAccess - ok
14:38:14.0669 6468 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:38:14.0779 6468 ShellHWDetection - ok
14:38:14.0799 6468 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:38:14.0809 6468 SiSRaid2 - ok
14:38:14.0839 6468 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:38:14.0839 6468 SiSRaid4 - ok
14:38:14.0899 6468 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:38:20.0610 6468 SkypeUpdate - ok
14:38:20.0690 6468 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:38:20.0710 6468 Smb - ok
14:38:20.0780 6468 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:38:20.0800 6468 SNMPTRAP - ok
14:38:20.0820 6468 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:38:20.0820 6468 spldr - ok
14:38:20.0870 6468 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:38:20.0920 6468 Spooler - ok
14:38:21.0010 6468 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:38:21.0030 6468 sppsvc - ok
14:38:21.0040 6468 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:38:21.0060 6468 sppuinotify - ok
14:38:21.0340 6468 [ BEA7FEA5BB31EB58D78971F821AE6844 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
14:38:21.0390 6468 SQLAgent$SQLEXPRESS - ok
14:38:21.0530 6468 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:38:21.0621 6468 SQLBrowser - ok
14:38:21.0801 6468 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:38:21.0881 6468 SQLWriter - ok
14:38:21.0911 6468 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:38:21.0921 6468 srv - ok
14:38:22.0091 6468 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:38:22.0091 6468 srv2 - ok
14:38:22.0121 6468 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:38:22.0131 6468 srvnet - ok
14:38:22.0191 6468 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:38:22.0201 6468 SSDPSRV - ok
14:38:22.0211 6468 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:38:22.0211 6468 SstpSvc - ok
14:38:22.0361 6468 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:38:22.0371 6468 stexstor - ok
14:38:22.0431 6468 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:38:22.0481 6468 stisvc - ok
14:38:22.0611 6468 [ FF5EB78AF7DFB68C2FB363537AAF753E ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:38:22.0691 6468 stllssvr - ok
14:38:22.0781 6468 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:38:22.0781 6468 storflt - ok
14:38:22.0831 6468 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:38:22.0841 6468 StorSvc - ok
14:38:22.0871 6468 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:38:22.0931 6468 storvsc - ok
14:38:23.0001 6468 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:38:23.0001 6468 swenum - ok
14:38:23.0341 6468 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:38:23.0351 6468 swprv - ok
14:38:23.0421 6468 [ 1657B7442D5CE30533F5C4317716B468 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:38:23.0461 6468 SynTP - ok
14:38:23.0801 6468 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:38:23.0911 6468 SysMain - ok
14:38:23.0931 6468 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:38:23.0971 6468 TabletInputService - ok
14:38:24.0001 6468 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:38:24.0031 6468 TapiSrv - ok
14:38:24.0231 6468 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:38:24.0241 6468 TBS - ok
14:38:24.0321 6468 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:38:24.0371 6468 Tcpip - ok
14:38:24.0431 6468 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:38:24.0441 6468 TCPIP6 - ok
14:38:24.0631 6468 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:38:24.0711 6468 tcpipreg - ok
14:38:24.0761 6468 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:38:24.0761 6468 TDPIPE - ok
14:38:24.0831 6468 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:38:24.0911 6468 TDTCP - ok
14:38:24.0921 6468 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:38:24.0961 6468 tdx - ok
14:38:25.0001 6468 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:38:25.0041 6468 TermDD - ok
14:38:25.0351 6468 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:38:25.0361 6468 TermService - ok
14:38:25.0391 6468 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:38:25.0401 6468 Themes - ok
14:38:25.0461 6468 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:38:25.0461 6468 THREADORDER - ok
14:38:25.0481 6468 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:38:25.0481 6468 TrkWks - ok
14:38:25.0571 6468 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:38:25.0671 6468 TrustedInstaller - ok
14:38:25.0741 6468 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:38:25.0851 6468 tssecsrv - ok
14:38:25.0871 6468 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:38:25.0921 6468 TsUsbFlt - ok
14:38:25.0951 6468 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:38:26.0031 6468 tunnel - ok
14:38:26.0051 6468 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:38:26.0061 6468 uagp35 - ok
14:38:26.0151 6468 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:38:26.0151 6468 udfs - ok
14:38:26.0211 6468 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:38:26.0221 6468 UI0Detect - ok
14:38:26.0241 6468 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:38:26.0241 6468 uliagpkx - ok
14:38:26.0301 6468 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:38:26.0351 6468 umbus - ok
14:38:26.0361 6468 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:38:26.0371 6468 UmPass - ok
14:38:26.0381 6468 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:38:26.0381 6468 UmRdpService - ok
14:38:26.0401 6468 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:38:26.0411 6468 upnphost - ok
14:38:26.0461 6468 [ E68ADC602CD39B28AE844131A3D3762C ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
14:38:26.0561 6468 USB28xxBGA - ok
14:38:26.0631 6468 [ 859A05F09F7D5CAD8B77D4563CE53E51 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
14:38:26.0701 6468 USB28xxOEM - ok
14:38:26.0821 6468 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:38:26.0931 6468 USBAAPL64 - ok
14:38:26.0991 6468 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:38:27.0111 6468 usbaudio - ok
14:38:27.0161 6468 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:38:27.0201 6468 usbccgp - ok
14:38:27.0231 6468 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:38:27.0231 6468 usbcir - ok
14:38:27.0271 6468 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:38:27.0351 6468 usbehci - ok
14:38:27.0391 6468 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:38:27.0441 6468 usbhub - ok
14:38:27.0451 6468 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:38:27.0501 6468 usbohci - ok
14:38:27.0521 6468 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:38:27.0521 6468 usbprint - ok
14:38:27.0531 6468 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:38:27.0531 6468 usbscan - ok
14:38:27.0541 6468 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:38:27.0591 6468 USBSTOR - ok
14:38:27.0651 6468 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:38:27.0761 6468 usbuhci - ok
14:38:27.0861 6468 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:38:27.0911 6468 usbvideo - ok
14:38:27.0951 6468 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:38:27.0951 6468 UxSms - ok
14:38:27.0961 6468 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:38:27.0971 6468 VaultSvc - ok
14:38:27.0971 6468 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:38:27.0971 6468 vdrvroot - ok
14:38:27.0991 6468 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:38:28.0041 6468 vds - ok
14:38:28.0061 6468 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:38:28.0061 6468 vga - ok
14:38:28.0071 6468 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:38:28.0081 6468 VgaSave - ok
14:38:28.0101 6468 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:38:28.0141 6468 vhdmp - ok
14:38:28.0161 6468 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:38:28.0161 6468 viaide - ok
14:38:28.0181 6468 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:38:28.0181 6468 vmbus - ok
14:38:28.0191 6468 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:38:28.0231 6468 VMBusHID - ok
14:38:28.0251 6468 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:38:28.0251 6468 volmgr - ok
14:38:28.0271 6468 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:38:28.0271 6468 volmgrx - ok
14:38:28.0291 6468 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:38:28.0391 6468 volsnap - ok
14:38:28.0411 6468 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:38:28.0421 6468 vsmraid - ok
14:38:28.0461 6468 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:38:28.0511 6468 VSS - ok
14:38:28.0561 6468 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:38:28.0571 6468 vwifibus - ok
14:38:28.0611 6468 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:38:28.0621 6468 vwififlt - ok
14:38:28.0671 6468 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:38:28.0681 6468 W32Time - ok
14:38:28.0731 6468 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:38:28.0741 6468 WacomPen - ok
14:38:28.0761 6468 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:38:28.0841 6468 WANARP - ok
14:38:28.0841 6468 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:38:28.0851 6468 Wanarpv6 - ok
14:38:28.0921 6468 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:38:29.0091 6468 WatAdminSvc - ok
14:38:29.0171 6468 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:38:29.0361 6468 wbengine - ok
14:38:29.0401 6468 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:38:29.0411 6468 WbioSrvc - ok
14:38:29.0501 6468 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:38:29.0571 6468 wcncsvc - ok
14:38:29.0591 6468 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:38:29.0591 6468 WcsPlugInService - ok
14:38:29.0601 6468 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:38:29.0611 6468 Wd - ok
14:38:29.0631 6468 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:38:29.0671 6468 WDC_SAM - ok
14:38:29.0751 6468 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:38:29.0791 6468 Wdf01000 - ok
14:38:29.0811 6468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:38:29.0841 6468 WdiServiceHost - ok
14:38:29.0851 6468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:38:29.0861 6468 WdiSystemHost - ok
14:38:29.0881 6468 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:38:29.0911 6468 WebClient - ok
14:38:29.0931 6468 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:38:29.0941 6468 Wecsvc - ok
14:38:29.0951 6468 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:38:29.0961 6468 wercplsupport - ok
14:38:29.0981 6468 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:38:29.0981 6468 WerSvc - ok
14:38:30.0001 6468 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:38:30.0011 6468 WfpLwf - ok
14:38:30.0031 6468 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:38:30.0031 6468 WIMMount - ok
14:38:30.0061 6468 WinDefend - ok
14:38:30.0091 6468 WinHttpAutoProxySvc - ok
14:38:30.0221 6468 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:38:30.0231 6468 Winmgmt - ok
14:38:30.0331 6468 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:38:30.0501 6468 WinRM - ok
14:38:30.0541 6468 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:38:30.0582 6468 WinUsb - ok
14:38:30.0652 6468 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:38:30.0712 6468 Wlansvc - ok
14:38:31.0042 6468 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:38:31.0102 6468 wlidsvc - ok
14:38:31.0172 6468 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
14:38:31.0262 6468 wltrysvc - ok
14:38:31.0302 6468 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:38:31.0302 6468 WmiAcpi - ok
14:38:31.0332 6468 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:38:31.0342 6468 wmiApSrv - ok
14:38:31.0402 6468 WMPNetworkSvc - ok
14:38:31.0492 6468 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:38:31.0502 6468 WPCSvc - ok
14:38:31.0532 6468 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:38:31.0562 6468 WPDBusEnum - ok
14:38:31.0582 6468 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:38:31.0582 6468 ws2ifsl - ok
14:38:31.0602 6468 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:38:31.0602 6468 wscsvc - ok
14:38:31.0612 6468 WSearch - ok
14:38:31.0762 6468 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:38:31.0782 6468 wuauserv - ok
14:38:31.0982 6468 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:38:32.0092 6468 WudfPf - ok
14:38:32.0112 6468 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:38:32.0222 6468 WUDFRd - ok
14:38:32.0362 6468 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:38:32.0402 6468 wudfsvc - ok
14:38:32.0432 6468 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:38:32.0442 6468 WwanSvc - ok
14:38:32.0522 6468 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:38:32.0604 6468 YahooAUService - ok
14:38:32.0654 6468 ================ Scan global ===============================
14:38:32.0684 6468 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:38:32.0734 6468 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:38:32.0764 6468 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:38:32.0804 6468 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:38:32.0824 6468 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:38:32.0824 6468 [Global] - ok
14:38:32.0824 6468 ================ Scan MBR ==================================
14:38:32.0844 6468 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:38:33.0244 6468 \Device\Harddisk0\DR0 - ok
14:38:33.0254 6468 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:38:33.0264 6468 \Device\Harddisk1\DR1 - ok
14:38:33.0264 6468 ================ Scan VBR ==================================
14:38:33.0274 6468 [ 16DD54555F90995E2D3B4BB028A49EA0 ] \Device\Harddisk0\DR0\Partition1
14:38:33.0284 6468 \Device\Harddisk0\DR0\Partition1 - ok
14:38:33.0304 6468 [ ADAD449361249A4E94AE6F1A5420CD89 ] \Device\Harddisk0\DR0\Partition2
14:38:33.0304 6468 \Device\Harddisk0\DR0\Partition2 - ok
14:38:33.0304 6468 [ 679468958EAF69D7BAF921957BB6C2FA ] \Device\Harddisk1\DR1\Partition1
14:38:33.0304 6468 \Device\Harddisk1\DR1\Partition1 - ok
14:38:33.0304 6468 ============================================================
14:38:33.0304 6468 Scan finished
14:38:33.0304 6468 ============================================================
14:38:33.0324 9360 Detected object count: 0
14:38:33.0324 9360 Actual detected object count: 0


swMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-26 16:03:25
-----------------------------
16:03:25.155 OS Version: Windows x64 6.1.7601 Service Pack 1
16:03:25.155 Number of processors: 2 586 0x170A
16:03:25.155 ComputerName: DRP-PC UserName: DRP
16:03:25.530 Initialze error C0000061 - driver not loaded
16:03:35.514 AVAST engine defs: 13012601
16:03:39.211 Service scanning
16:04:00.770 Modules scanning
16:04:00.770 Disk 0 trace - called modules:
16:04:00.770
16:04:01.675 AVAST engine scan C:\Windows
16:04:04.046 AVAST engine scan C:\Windows\system32
16:07:09.203 AVAST engine scan C:\Windows\system32\drivers
16:07:18.672 AVAST engine scan C:\Users\DRP
16:24:28.570 AVAST engine scan C:\ProgramData
16:27:13.946 Scan finished successfully
16:36:28.340 The log file has been saved successfully to "C:\Users\DRP\Documents\DRP\COMPUTER\1-26-13\aswMBR.txt"
***********************************************************************************

eset

C:\Users\DRP\Downloads\mp3mymp3install.exe multiple threats cleaned by deleting – quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 27 January 2013 - 10:56 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 27 January 2013 - 05:36 PM

Addict,

Hope I am not confusing things – but here is the first malwarebytes log I ran after getting the problem but BEFORE I CONTACTED BLEEPING COMPUTER. The one I completed in your last response is located immediately below this log. I am including this first one as it possibly may include much more information as to the infection. If it does not help – please ignore it.

www.malwarebytes.org

Database version: v2013.01.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DRP :: DRP-PC [administrator]

Protection: Enabled

1/26/2013 11:53:36 AM
mbam-log-2013-01-26 (11-53-36).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 436476
Time elapsed: 1 hour(s), 41 minute(s), 58 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (PUP.Adware.RelevantKnowledge) -> 2812 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 12
HKLM\SYSTEM\CurrentControlSet\Services\RelevantKnowledge (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKCR\CLSID\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7BCF5449-286E-27B4-F9D4-B26439725A44} (PUP.ShopToWin) -> Delete on reboot.
HKCR\Interface\{611BBA16-61FE-D4D3-8DC8-87D0396B18B9} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EE146ACC-D881-1414-2148-B1D008B47ADB} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKCR\CLSID\{F122B94E-0C50-13C4-C9D3-893FAEFAD90B} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1E04D1F8-15C9-DFA4-B131-886A302975E3} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKCR\Interface\{8DD78B0D-BFC4-0951-A445-1985F07F3BAB} (PUP.ShopToWin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{F122B94E-0C50-13C4-C9D3-893FAEFAD90B} (PUP.ShopToWin) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{f122b94e-0c50-13c4-c9d3-893faefad90b} (PUP.ShopToWin) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Program Files (x86)\RelevantKnowledge (PUP.Spyware.MarketScore) -> Delete on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.

Files Detected: 12
C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (PUP.Adware.RelevantKnowledge) -> Delete on reboot.
C:\Program Files (x86)\Shop to Win 27\Shop to Win 27.dll (PUP.ShopToWin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shop to Win 27\Helper.dll (PUP.ShopToWin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RelevantKnowledge\rlls.dll (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RelevantKnowledge\rlls64.dll (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RelevantKnowledge\rloci.bin (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (PUP.Spyware.MarketScore) -> Quarantined and deleted successfully.

(end)




Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.27.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DRP :: DRP-PC [administrator]

Protection: Enabled

1/27/2013 9:35:13 AM
mbam-log-2013-01-27 (09-35-13).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 435257
Time elapsed: 1 hour(s), 43 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version:10-01-2013
Ran by DRP (administrator) on 27-01-2013 at 11:32:04
Running from "C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZL2KJUFS"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DRP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : earthlink.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-B9-24-43-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ed39:a86b:2aab:494a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.114(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 26, 2013 7:31:43 PM
Lease Expires . . . . . . . . . . : Monday, January 28, 2013 7:31:42 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890937
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : C4-17-FE-A3-EA-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::58dc:8e25:76d:c08d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.113(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, January 26, 2013 7:31:47 PM
Lease Expires . . . . . . . . . . : Monday, January 28, 2013 1:52:31 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 230955006
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.earthlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1084:1393:bd7a:2d1(Preferred)
Link-local IPv6 Address . . . . . : fe80::1084:1393:bd7a:2d1%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: google.com
Addresses: 2607:f8b0:4004:801::1003
74.125.228.40
74.125.228.35
74.125.228.37
74.125.228.36
74.125.228.32
74.125.228.46
74.125.228.39
74.125.228.41
74.125.228.34
74.125.228.38
74.125.228.33


Pinging google.com [74.125.228.105] with 32 bytes of data:
Reply from 74.125.228.105: bytes=32 time=742ms TTL=52
Reply from 74.125.228.105: bytes=32 time=136ms TTL=52

Ping statistics for 74.125.228.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 136ms, Maximum = 742ms, Average = 439ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=257ms TTL=49
Reply from 98.138.253.109: bytes=32 time=144ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 144ms, Maximum = 257ms, Average = 200ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 4ms, Average = 4ms
===========================================================================
Interface List
11...00 26 b9 24 43 a5 ......Broadcom NetLink ™ Gigabit Ethernet
10...c4 17 fe a3 ea c3 ......Dell Wireless 1397 WLAN Mini-Card
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.114 10
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.113 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.114 266
192.168.1.0 255.255.255.0 On-link 192.168.1.113 281
192.168.1.113 255.255.255.255 On-link 192.168.1.113 281
192.168.1.114 255.255.255.255 On-link 192.168.1.114 266
192.168.1.255 255.255.255.255 On-link 192.168.1.114 266
192.168.1.255 255.255.255.255 On-link 192.168.1.113 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.114 266
224.0.0.0 240.0.0.0 On-link 192.168.1.113 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.114 266
255.255.255.255 255.255.255.255 On-link 192.168.1.113 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:6ab8:1084:1393:bd7a:2d1/128
On-link
11 266 fe80::/64 On-link
10 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1084:1393:bd7a:2d1/128
On-link
10 281 fe80::58dc:8e25:76d:c08d/128
On-link
11 266 fe80::ed39:a86b:2aab:494a/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/27/2013 08:27:01 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16457 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15ac

Start Time: 01cdfcabf046fb9d

Termination Time: 121

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 1e03a93a-68af-11e2-b4c0-0026b92443a5

Error: (01/27/2013 01:52:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 01:52:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 01:49:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/27/2013 01:49:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (01/26/2013 07:32:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: SMessaging.exe, version: 5.0.2.34, time stamp: 0x4f7c54ea
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83c8a
Exception code: 0xe0434f4d
Fault offset: 0x0000c41f
Faulting process id: 0x%9
Faulting application start time: 0xSMessaging.exe0
Faulting application path: SMessaging.exe1
Faulting module path: SMessaging.exe2
Report Id: SMessaging.exe3

Error: (01/26/2013 04:44:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/26/2013 03:20:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/26/2013 03:53:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/26/2013 03:53:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (01/27/2013 10:16:32 AM) (Source: DCOM) (User: )
Description: {F4C30BB5-D7FC-4D60-9D49-7C6B67C3592D}

Error: (01/26/2013 07:31:47 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabUpdate service failed to start due to the following error:
%%2

Error: (01/26/2013 07:31:43 PM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (01/26/2013 04:38:10 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabUpdate service failed to start due to the following error:
%%2

Error: (01/26/2013 04:38:09 PM) (Source: Service Control Manager) (User: )
Description: The Dock Login Service service failed to start due to the following error:
%%2

Error: (01/26/2013 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/26/2013 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/26/2013 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/26/2013 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/26/2013 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/27/2013 08:27:01 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1645715ac01cdfcabf046fb9d121C:\Program Files (x86)\Internet Explorer\iexplore.exe1e03a93a-68af-11e2-b4c0-0026b92443a5

Error: (01/27/2013 01:52:46 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\DRP\downloads\esetsmartinstaller_enu.exe

Error: (01/27/2013 01:52:43 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\DRP\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\L676YLUV\esetsmartinstaller_enu.exe

Error: (01/27/2013 01:49:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/27/2013 01:49:50 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/26/2013 07:32:08 PM) (Source: Application Error)(User: )
Description: SMessaging.exe5.0.2.344f7c54eaKERNELBASE.dll6.1.7601.1801550b83c8ae0434f4d0000c41f

Error: (01/26/2013 04:44:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L676YLUV\esetsmartinstaller_enu.exe

Error: (01/26/2013 03:20:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\DRP\Downloads\esetsmartinstaller_enu.exe

Error: (01/26/2013 03:53:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/26/2013 03:53:25 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


CodeIntegrity Errors:
===================================
Date: 2013-01-27 09:40:35.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 09:40:35.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 09:40:35.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 07:15:58.324
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 07:15:58.320
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 07:15:58.318
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-26 23:34:39.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-26 23:34:39.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-26 23:34:39.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-26 11:58:54.132
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
7-zip v9.20 (Version: v9.20)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe Acrobat 7.0 Professional (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional (Version: 7.1.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.14.0)
Ask Toolbar Updater (Version: 1.2.3.29495)
ATI Catalyst Control Center (Version: 2.009.0625.1811)
AutoUpdate (Version: 1.1)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Canon MP Navigator 3.0
Canon MP510
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Common (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0625.1812.30825)
Catalyst Control Center InstallProxy (Version: 2009.0625.1812.30825)
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825)
ccc-core-static (Version: 2009.0625.1812.30825)
ccc-utility64 (Version: 2009.0625.1812.30825)
CCC Help Chinese Standard (Version: 2009.0625.1811.30825)
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825)
CCC Help Danish (Version: 2009.0625.1811.30825)
CCC Help Dutch (Version: 2009.0625.1811.30825)
CCC Help English (Version: 2009.0625.1811.30825)
CCC Help Finnish (Version: 2009.0625.1811.30825)
CCC Help French (Version: 2009.0625.1811.30825)
CCC Help German (Version: 2009.0625.1811.30825)
CCC Help Italian (Version: 2009.0625.1811.30825)
CCC Help Japanese (Version: 2009.0625.1811.30825)
CCC Help Korean (Version: 2009.0625.1811.30825)
CCC Help Norwegian (Version: 2009.0625.1811.30825)
CCC Help Portuguese (Version: 2009.0625.1811.30825)
CCC Help Russian (Version: 2009.0625.1811.30825)
CCC Help Spanish (Version: 2009.0625.1811.30825)
CCC Help Swedish (Version: 2009.0625.1811.30825)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Companion Plugin (Version: 1.26.152.152)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.2.6032.102)
Dell Touchpad (Version: 13.2.2.2)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
DirectXInstallService (Version: 9.0.2)
DivX Codec (Version: 6.6.1)
DVD-Cloner V8.40 Build 1010 (Version: 8.40.0.1010)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
File Type Assistant
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Training Center (Version: 3.6.5)
Garmin USB Drivers (Version: 2.3.0.0)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
GoToAssist Corporate (Version: 9.1.0.615)
Hauppauge WinTV 7 (Version: v7.0.30151 (CD 2.5d))
i-Sound Recorder Pro 7.1.5.0 (Version: 7.1.5.0)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.0.1.12)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 16.4.3505.0912)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Security Scan Plus (Version: 2.1.121.2)
McAfee SecurityCenter (Version: 11.6.443)
McAfee Virtual Technician (Version: 6.5.0.2101)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Camera Codec Pack (Version: 16.4.1734.1104)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Platform Installer 2.0 (Version: 2.1.1)
Movie Maker (Version: 16.4.3505.0912)
MP3MyMP3 3.1
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Photo Gallery (Version: 16.4.3505.0912)
PL-2303 USB-to-Serial (Version: 1.2.10)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerDVD DX (Version: 8.3.6029)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.73.80.64)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop To Win (Version: 1.2.0.0)
Skins (Version: 2009.0625.1812.30825)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spybot - Search & Destroy (Version: 1.6.2)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Strongvault Online Backup (Version: 5.0.2.34)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VD64Inst (Version: 1.00.0000)
Web Deployment Tool (Version: 1.1.0618)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8156.86 MB
Available physical RAM: 5471.9 MB
Total Pagefile: 16311.9 MB
Available Pagefile: 12879.45 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.16 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.14 GB) (Free:136.99 GB) NTFS

========================= Users: ========================================

User accounts for \\DRP-PC

Administrator DRP Guest

========================= Restore Points ==================================

16-01-2013 00:41:16 Installed Java 7 Update 11
23-01-2013 10:00:08 Scheduled Checkpoint

**** End of log ****


Farbar Service Scanner Version: 16-01-2013
Ran by DRP (administrator) on 27-01-2013 at 11:35:45
Running from "C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6Z77V3F4"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.109 - Logfile created 01/27/2013 at 11:38:57
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : DRP - DRP-PC
# Boot Mode : Normal
# Running from : C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJ4P6QDB\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : DefaultTabUpdate

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\DRP\AppData\Local\Temp\Iminent
Folder Found : C:\Users\DRP\AppData\LocalLow\AskToolbar
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [5529 octets] - [27/09/2012 14:48:31]
AdwCleaner[R2].txt - [928 octets] - [27/09/2012 15:06:47]
AdwCleaner[R3].txt - [1046 octets] - [27/09/2012 15:27:57]
AdwCleaner[R4].txt - [1168 octets] - [28/09/2012 04:03:08]
AdwCleaner[R5].txt - [5776 octets] - [27/01/2013 11:38:57]
AdwCleaner[S1].txt - [6344 octets] - [27/09/2012 14:49:22]
AdwCleaner[S2].txt - [987 octets] - [27/09/2012 15:07:15]
AdwCleaner[S3].txt - [1107 octets] - [27/09/2012 15:28:37]
AdwCleaner[S4].txt - [1287 octets] - [28/09/2012 04:03:51]

########## EOF - C:\AdwCleaner[R5].txt - [6075 octets] ##########


Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.2 (01.26.2013:2)
OS: Windows 7 Professional x64
Ran by DRP on Sun 01/27/2013 at 11:44:03.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] defaulttabupdate
Successfully deleted: [Service] defaulttabupdate



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\apnupdater
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\smessaging
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{d4027c7f-154a-4066-a1ad-4243d8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_current_user\software\cr_installer
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\installedbrowserextensions
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\iminent_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\iminent_rasmancs
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0021804.BHO
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0021804.BHO.1
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0021804.Sandbox
Successfully deleted: [Registry Key-Heur] HKEY_CLASSES_ROOT\CrossriderApp0021804.Sandbox.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021804.BHO
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021804.BHO.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021804.Sandbox
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\CrossriderApp0021804.Sandbox.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3e7c8b5a-96ab-438f-bf9b-782400655440}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{3e7c8b5a-96ab-438f-bf9b-782400655440}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [Registry Key] "hkey_classes_root\genericasktoolbar.toolbarwnd"
Successfully deleted: [Registry Key] "hkey_classes_root\genericasktoolbar.toolbarwnd.1"
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\genericasktoolbar.dll"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\DRP\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\DRP\appdata\local\coupon companion plugin"
Successfully deleted: [Folder] "C:\Users\DRP\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Users\DRP\appdata\local\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\DRP\appdata\local\updater21804"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupon companion plugin"
Successfully deleted: [Folder] "C:\Program Files (x86)\smart pc cleaner"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\DRP\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/27/2013 at 11:56:22.68
End of JRT log


Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/27/2013 12:03:29 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe (PID: 2144) [FI]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

Program finished at: 01/27/2013 12:03:54 PM
Execution time: 0 hours(s), 0 minute(s), and 25 seconds(s)


MiniToolBox by Farbar Version: 23-07-2012
Ran by DRP (administrator) on 28-09-2012 at 03:54:36
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DRP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : earthlink.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-B9-24-43-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ed39:a86b:2aab:494a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 66.133.242.176(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.128
Lease Obtained. . . . . . . . . . : Friday, September 28, 2012 1:37:20 AM
Lease Expires . . . . . . . . . . : Friday, September 28, 2012 1:37:20 PM
Default Gateway . . . . . . . . . : 66.133.242.129
DHCP Server . . . . . . . . . . . : 24.25.227.132
DHCPv6 IAID . . . . . . . . . . . : 234890937
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : earthlink.com
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : C4-17-FE-A3-EA-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::58dc:8e25:76d:c08d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.113(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 28, 2012 1:37:19 AM
Lease Expires . . . . . . . . . . : Saturday, September 29, 2012 1:37:18 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 230955006
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-74-E2-4A-00-26-B9-24-43-A5
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.earthlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: google.com
Addresses: 2001:4860:4001:801::1001
74.125.224.128
74.125.224.132
74.125.224.134
74.125.224.136
74.125.224.130
74.125.224.131
74.125.224.133
74.125.224.129
74.125.224.135
74.125.224.137
74.125.224.142


Pinging google.com [74.125.224.104] with 32 bytes of data:
Reply from 74.125.224.104: bytes=32 time=481ms TTL=53
Reply from 74.125.224.104: bytes=32 time=74ms TTL=53

Ping statistics for 74.125.224.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 74ms, Maximum = 481ms, Average = 277ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=148ms TTL=49
Reply from 98.138.253.109: bytes=32 time=153ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 148ms, Maximum = 153ms, Average = 150ms
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 b9 24 43 a5 ......Broadcom NetLink ™ Gigabit Ethernet
10...c4 17 fe a3 ea c3 ......Dell Wireless 1397 WLAN Mini-Card
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.113 30
0.0.0.0 0.0.0.0 66.133.242.129 66.133.242.176 20
66.133.242.128 255.255.255.128 On-link 66.133.242.176 276
66.133.242.176 255.255.255.255 On-link 66.133.242.176 276
66.133.242.255 255.255.255.255 On-link 66.133.242.176 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.113 286
192.168.1.113 255.255.255.255 On-link 192.168.1.113 286
192.168.1.255 255.255.255.255 On-link 192.168.1.113 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 66.133.242.176 276
224.0.0.0 240.0.0.0 On-link 192.168.1.113 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 66.133.242.176 276
255.255.255.255 255.255.255.255 On-link 192.168.1.113 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
10 286 fe80::/64 On-link
10 286 fe80::58dc:8e25:76d:c08d/128
On-link
11 276 fe80::ed39:a86b:2aab:494a/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/28/2012 01:57:07 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/28/2012 01:49:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/28/2012 01:31:59 AM) (Source: Application Error) (User: )
Description: Faulting application name: c6rzt26.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1374
Faulting application start time: 0xc6rzt26.exe0
Faulting application path: c6rzt26.exe1
Faulting module path: c6rzt26.exe2
Report Id: c6rzt26.exe3

Error: (09/27/2012 05:40:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/27/2012 05:40:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (09/28/2012 03:08:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:08:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:08:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:08:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:08:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:08:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:04:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:04:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:04:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/28/2012 03:04:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/28/2012 01:57:07 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\DRP\Downloads\esetsmartinstaller_enu.exe

Error: (09/28/2012 01:49:06 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\DRP\Downloads\esetsmartinstaller_enu.exe

Error: (09/28/2012 01:31:59 AM) (Source: Application Error)(User: )
Description: c6rzt26.exe0.0.0.02a425e19unknown0.0.0.000000000c000000500000000137401cd9d6cde78d7bbC:\Users\DRP\AppData\Local\Temp\c6rzt26.exeunknown1d136c37-0960-11e2-a3c8-0026b92443a5

Error: (09/27/2012 05:40:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/27/2012 05:40:16 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
7-zip v9.20 (Version: v9.20)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe Acrobat 7.0 Professional (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional (Version: 7.1.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.0625.1811)
AutoUpdate (Version: 1.1)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Canon MP Navigator 3.0
Canon MP510
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Common (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0625.1812.30825)
Catalyst Control Center InstallProxy (Version: 2009.0625.1812.30825)
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825)
ccc-core-static (Version: 2009.0625.1812.30825)
ccc-utility64 (Version: 2009.0625.1812.30825)
CCC Help Chinese Standard (Version: 2009.0625.1811.30825)
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825)
CCC Help Danish (Version: 2009.0625.1811.30825)
CCC Help Dutch (Version: 2009.0625.1811.30825)
CCC Help English (Version: 2009.0625.1811.30825)
CCC Help Finnish (Version: 2009.0625.1811.30825)
CCC Help French (Version: 2009.0625.1811.30825)
CCC Help German (Version: 2009.0625.1811.30825)
CCC Help Italian (Version: 2009.0625.1811.30825)
CCC Help Japanese (Version: 2009.0625.1811.30825)
CCC Help Korean (Version: 2009.0625.1811.30825)
CCC Help Norwegian (Version: 2009.0625.1811.30825)
CCC Help Portuguese (Version: 2009.0625.1811.30825)
CCC Help Russian (Version: 2009.0625.1811.30825)
CCC Help Spanish (Version: 2009.0625.1811.30825)
CCC Help Swedish (Version: 2009.0625.1811.30825)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.2.6032.55)
Dell Touchpad (Version: 13.2.2.2)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
DirectXInstallService (Version: 9.0.2)
DivX Codec (Version: 6.6.1)
DVD-Cloner V8.40 Build 1010 (Version: 8.40.0.1010)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
File Type Assistant
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Training Center (Version: 3.6.5)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 22.0.1229.79)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToAssist Corporate (Version: 9.1.0.615)
Hauppauge WinTV 7 (Version: v7.0.30151 (CD 2.5d))
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Security Scan Plus (Version: 2.1.121.2)
McAfee SecurityCenter (Version: 11.6.434)
McAfee Virtual Technician (Version: 6.5.0.2101)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.468.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft Visual Web Developer 2010 Express - ENU (Version: 10.0.40219)
Microsoft Web Platform Installer 2.0 (Version: 2.1.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PL-2303 USB-to-Serial (Version: 1.2.10)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerDVD DX (Version: 8.3.6029)
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.72.80.56)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop To Win (Version: 1.2.0.0)
Skins (Version: 2009.0625.1812.30825)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spybot - Search & Destroy (Version: 1.6.2)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VD64Inst (Version: 1.00.0000)
Web Deployment Tool (Version: 1.1.0618)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8156.86 MB
Available physical RAM: 6128.61 MB
Total Pagefile: 16311.9 MB
Available Pagefile: 14574.78 MB
Total Virtual: 4095.88 MB
Available Virtual: 3984.3 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:223.14 GB) (Free:131.36 GB) NTFS

========================= Users: ========================================

User accounts for \\DRP-PC

Administrator DRP Guest

========================= Restore Points ==================================

12-09-2012 18:24:59 Scheduled Checkpoint
13-09-2012 13:00:15 Windows Update
21-09-2012 02:05:25 Scheduled Checkpoint
22-09-2012 13:00:25 Windows Update
23-09-2012 16:17:26 Removed MaxiLink.
26-09-2012 13:00:20 Windows Update
26-09-2012 23:55:45 Restore Operation

**** End of log ****

Thanks very much for your help on this.

Regards,
DRP

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 27 January 2013 - 05:42 PM

Autoruns log?

Launch Adware cleaner and click on DELETE,post the new log

#7 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 27 January 2013 - 06:52 PM

OOPs, Sorry I missed it - I ran it & didn't get in the post - will do it immediaterly

DRP

#8 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 27 January 2013 - 07:00 PM

Addict,

Sorry about ommision - here it is:

# AdwCleaner v2.109 - Logfile created 01/27/2013 at 13:53:07
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : DRP - DRP-PC
# Boot Mode : Normal
# Running from : C:\Users\DRP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZL2KJUFS\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\DRP\AppData\Local\Temp\Iminent

***** [Registry] *****

Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [5529 octets] - [27/09/2012 14:48:31]
AdwCleaner[R2].txt - [928 octets] - [27/09/2012 15:06:47]
AdwCleaner[R3].txt - [1046 octets] - [27/09/2012 15:27:57]
AdwCleaner[R4].txt - [1168 octets] - [28/09/2012 04:03:08]
AdwCleaner[R5].txt - [6136 octets] - [27/01/2013 11:38:57]
AdwCleaner[R6].txt - [3018 octets] - [27/01/2013 13:52:41]
AdwCleaner[S1].txt - [6344 octets] - [27/09/2012 14:49:22]
AdwCleaner[S2].txt - [987 octets] - [27/09/2012 15:07:15]
AdwCleaner[S3].txt - [1107 octets] - [27/09/2012 15:28:37]
AdwCleaner[S4].txt - [1287 octets] - [28/09/2012 04:03:51]
AdwCleaner[S5].txt - [2993 octets] - [27/01/2013 13:53:07]

########## EOF - C:\AdwCleaner[S5].txt - [3053 octets] ##########


Thanks for all of the help -

Regards DRP

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 28 January 2013 - 01:10 AM

Autoruns log?

#10 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 28 January 2013 - 10:06 AM

ADDICT,

I hope that this is what yuo need. It came out out as something called Autoruns.arn - so changed it to txt -had the same difficulty last night but screwed up - thought I had pasted it in - apparently not.

Really appreciate all the work,
Regards,
DRP

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dell wireless wlan card\wltray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 7.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 7.0\distillr\acrotray.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "DellSupportCenter" "" "" "File not found: C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Microsoft Default Manager" "Microsoft Default Manager" "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "gStart" "gStart Application" "GARMIN Corp." "c:\program files (x86)\garmin\training center\gstart.exe"
+ "Microsoft Updat" "" "" "File not found: C:\Windows\Tasks\sqlservr.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "updateMgr" "Adobe Update Manager" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\adobeupdatemanager.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 7.0\acrobat elements\contextmenu.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\drp\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\drp\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\drp\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\drp\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\drp\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\drp\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe IE plugin" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "Coupon Companion Plugin" "" "" "File not found: C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe IE plugin" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acroiefavclient.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\ALARMS\OTTMAR" "" "" "c:\users\drp\music\ottmar liebert\nouveau flamenco [1990-2000 special tenth anniversary edition]\02 santa fe.wma"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
+ "\Updater21804.exe" "" "" "File not found: C:\Users\DRP\AppData\Local\Updater21804\Updater21804.exe"
+ "\{09EA5C68-79BC-49E6-8B36-C4B69FEB3CE5}" "Adobe Acrobat 7.0" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acrobat.exe"
+ "\{111A2978-36F2-4102-992A-7E6982E736B5}" "" "" "File not found: D:\SETUP.EXE"
+ "\{25B42679-CA50-4DE8-9631-6680CC628087}" "" "" "File not found: D:\SETUP.EXE"
+ "\{4858E63D-7BF6-454E-8988-B15FBF1EF92F}" "" "" "File not found: D:\SETUP.EXE"
+ "\{4AFDAEF8-8AC9-433C-8C83-C4EAD0746348}" "" "" "File not found: D:\AutoRun.exe"
+ "\{5D4EAB0F-8BC7-4CC9-A749-0C926335174F}" "" "" "File not found: C:\Users\DRP\Documents\OFFICE\AutoRun.exe"
+ "\{6F1DA906-85D9-41AC-B50C-CCFB9C3BC58E}" "Adobe Acrobat 7.0" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 7.0\acrobat\acrobat.exe"
+ "\{7FC6EA66-8F3E-4D60-9709-DE02E78D7000}" "" "" "File not found: D:\AutoRun.exe"
+ "\{AD8830D5-713E-485B-837B-FDB532ACB62A}" "" "" "File not found: D:\AutoRun.exe"
+ "\{ADDC804D-3583-4837-A3FC-CE3F3BABDAF9}" "" "" "File not found: D:\AutoRun.exe"
+ "\{B4C1C79D-C789-4291-98E5-5048BEEDF7F7}" "E-Train Data" "CATEYE" "c:\cateye\cateye\e-train data\etrain.exe"
+ "\{C83B8C4E-989E-4904-8D6B-1BD863FC76D7}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{DC7B767C-DE47-4D8F-8E58-C6C69359A1E6}" "" "" "File not found: D:\AutoRun.exe"
+ "\{E0669F8A-C9F8-4CA3-8EDC-998103E1E95E}" "" "" "File not found: C:\Users\DRP\Downloads\dicomworks_135b.exe"
+ "\{EA8B4FA7-C9F0-461F-999A-2F9854FFBE10}" "WinTV7" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\wintv7.exe"
+ "\{F9E84776-97B5-405B-A214-9D9C85FCC06B}" "" "" "File not found: C:\Users\DRP\Documents\OFFICE\AutoRun.exe"
+ "\{FF0475FB-E12B-4A8E-B388-10B7C13F3DC4}" "Adobe Photoshop" "Adobe Systems, Incorporated" "c:\program files (x86)\adobe\photoshop 7.0\photoshop.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Adobe LM Service" "AdobeLM Service" "Adobe Systems" "c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DockLoginService" "Dock Login Service" "" "File not found: C:\Program Files\Dell\DellDock\DockLogin.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "GoToAssist" "Citrix GoToAssist provides remote help to this PC." "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\615\g2aservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HauppaugeTVServer" "Hauppauge TV Server" "Hauppauge Computer Works" "c:\program files (x86)\wintv\tvserver\hauppaugetvserver.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.1.121\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.sqlexpress\mssql\binn\sqlservr.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\program files\dell\dell wireless wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "A2DDA" "Emsisoft Direct Disk Access Support Driver" "Emsi Software GmbH" "c:\users\drp\downloads\emsisoftemergencykit\run\a2ddax64.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "Ati High Definition Audio Function Driver" "ATI Research Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FTDIBUS" "FTDIBUS USB Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftdibus.sys"
+ "FTSER2K" "FTDIBUS Serial Device Driver" "FTDI Ltd." "c:\windows\system32\drivers\ftser2k.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw72ADFilter" "WinTV HVR-950 USB Audio Filter Service" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72adfilter.sys"
+ "hcw72ATV" "WinTV HVR-950 AVStream Driver" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72atv.sys"
+ "hcw72DTV" "WinTV HVR-950 BDA Driver" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72dtv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "itecir" "ITE Consumer IR Driver for eHome" "ITE Tech. Inc. " "c:\windows\system32\drivers\itecir.sys"
+ "ivusb" "Initio Default Vendor Specific Device Driver" "Initio Corporation" "c:\windows\system32\drivers\ivusb.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MHIKEY10" "MultiCard reader 1.0" "Generic USB smartcard reader" "c:\windows\system32\drivers\mhikey10x64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{1E208CE0-FB7451FF-06020200}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\dell support center\pcdsrvc_x64.pkms"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH MMC Driver" "REDC" "c:\windows\system32\drivers\rimmpx64.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspx64.sys"
+ "rismxdp" "RICOH xD SM Driver" "REDC" "c:\windows\system32\drivers\rixdpx64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2pl" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl64.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USB28xxBGA" "USB 28xx BDA Driver" "eMPIA Technology, Inc." "c:\windows\system32\drivers\embda64.sys"
+ "USB28xxOEM" "USB 28xx BDA Lower filter" "eMPIA Technology, Inc." "c:\windows\system32\drivers\emoem64.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MainConcept (MCE) MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\windows\system32\hauppauge\softmce\mceesmpeg.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ArcSoft Mpeg Mplex Filter" "MplexFilter" "ArcSoft Inc." "c:\program files (x86)\wintv\wintv7\codecs\mpeg-2 ps mux\arcmplexfilter.ax"
+ "ArcSoft TS Stream" "ArcSoft Mpeg Demux" "ArcSoft Inc." "c:\program files (x86)\wintv\wintv7\codecs\encoders\arcdemux.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DivX Decoder Filter" "DivX® Decoder Filter" "DivX, Inc." "c:\windows\syswow64\divxdec.ax"
+ "DivX Demux" "DivX® Media Filter" "DivXNetworks" "c:\windows\syswow64\divxmedia.ax"
+ "DivX Subtitle Decoder" "DivX® Media Filter" "DivXNetworks" "c:\windows\syswow64\divxmedia.ax"
+ "Dump" "hcwTSSub Dynamic Link Library" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\hcwtssubtitles.ax"
+ "Dump" "hcwTSTel Dynamic Link Library" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\hcwtsteletext.dll"
+ "Hauppauge AC3 Decoder" "Hauppauge AC3 Decoder -" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\codecs\ac3\haupac3decoder.ax"
+ "Hauppauge CC Dump" "hcwCCDump" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwccdump.ax"
+ "Hauppauge CC Inserter" "HCW CC Inserter" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwccinserter.ax"
+ "HAUPPAUGE E-AC3 Decoder" "Hauppauge E-AC3 Decoder -" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\codecs\eac3\haupeac3codec.ax"
+ "Hauppauge MPEG Layer-1/2 Audio Decoder" "Hauppauge MPEG Audio Decoder - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\codecs\mpeg-1 layer 2 audio\haupmpegbox.ax"
+ "Hauppauge Net Push Source" "" "" "c:\program files (x86)\wintv\wintv7\hcwnetpushsource.ax"
+ "Hauppauge PSI Parser" "Hauppauge WinTV MPEG PSI Parser" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\psiparser.ax"
+ "Hauppauge Raw Sink" "" "" "c:\program files (x86)\wintv\wintv7\hcwrawsink.ax"
+ "Hauppauge Raw Source" "" "" "c:\program files (x86)\wintv\wintv7\hcwrawsource.ax"
+ "Hauppauge Transport Analog Teletext" "Hauppauge WinTV Analog Teletext Filter" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwtsanalogtxt.ax"
+ "Hauppauge Transport Filter" "HCW TS Statistics" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwtsfilter.ax"
+ "Hauppauge Transport Reader" "Hauppauge WinTV Transport File Reader" "Hauppauge Computer Works, Inc." "c:\program files (x86)\wintv\wintv7\hcwtsreader.ax"
+ "Hauppauge Transport Writer" "HCW Transport Writer" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwtswriter.ax"
+ "Hauppauge VBI Slicer" "HCW VBI Slicer" "Hauppauge Computer Works" "c:\program files (x86)\wintv\wintv7\hcwvbislicer.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmwriter.ax"
+ "MainConcept (HCW) Layer II Audio Encoder" "Layer-II Audio Encoder" "MainConcept GmbH" "c:\program files (x86)\wintv\wintv7\softpvr\hcw_mcl2ae.ax"
+ "MainConcept (HCW) MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\wintv\wintv7\softpvr\hcw_mcmpeg2mux.ax"
+ "MainConcept (HCW) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files (x86)\wintv\wintv7\codecs\mpeg-2 video\hcw_mcm2vd.ax"
+ "MainConcept (HCW) MPEG-2 Video Encoder" "MPEG-2 Video Encoder" "MainConcept GmbH" "c:\program files (x86)\wintv\wintv7\softpvr\hcw_mcm2ve.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Pinnacle CSC" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Image Converter" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Image Scaler" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Video AntiJitter" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Video Block Filter" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "Pinnacle Video Deinterlacer" "Color Space Converter - DirectX Filter" "PCTV Systems S.à r.l." "c:\program files (x86)\wintv\wintv7\pclecsc.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Record Queue" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic Cinemaster® Audio Decoder 4.3" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files (x86)\common files\sonic shared\sonichdnav.dll"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "WM VIH2 Fix" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{42553C8F-FF8C-45C9-A37A-C3939F7C016B}" "Microsoft Raw Codec" "Microsoft Corporation" "c:\program files\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{42553C8F-FF8C-45C9-A37A-C3939F7C016B}" "Microsoft Raw Codec" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "GoToAssist" "Citrix Online GoToAssist Corporate" "Citrix Online, a division of Citrix Systems, Inc." "c:\program files (x86)\citrix\gotoassist\615\g2awinlogon_x64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP510" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm85.dll"
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
+ "LIDIL hpzllwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzllwn7.dll"

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 28 January 2013 - 10:25 AM

Browse to

C:\program files folder and delete any folder related to strongvault

Press Windows+R key and type

%appdata% and click ok

Delete the strongvault folder

From your Autoruns log it seems you dont have any startup related to strongvault.

Current issues?

Edited by narenxp, 28 January 2013 - 10:25 AM.


#12 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 28 January 2013 - 10:49 AM

Browse to

C:\program files folder and delete any folder related to strongvault

Press Windows+R key and type

%appdata% and click ok

Delete the strongvault folder

From your Autoruns log it seems you dont have any startup related to strongvault.

Current issues


Narexp,
Completed all above and found NO references to Strongvault.
Computer appears to be operating fine ~ no pop ups from strongvault or anything else.
Thanks so much for your incredible guidance and sorry for my omissions.
Going to donate to your great cause now.

Regards,
DRP

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 28 January 2013 - 11:17 AM

You're welcome :)

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#14 DGREW

DGREW
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:08:56 PM

Posted 29 January 2013 - 12:51 PM

Narexp,

I ran TFC succesfuly, however, I noticed that some Google searches were giving me some odd results. Even Bleeping computer search redirected me to some Blue Ridge Mountan site? I am not sure if this is related to my earlier problems. I wanted to make sure things were sorted out before I created a new restore point.

Now nearly everything I submit to goole search is a redirect. Even tried Yahoo and it did the same thing. If you want me to post this under a different topic, please let me know.

Thanks,

DRP

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:56 AM

Posted 29 January 2013 - 01:38 PM

Which browser?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users