Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mcafee Realtime scanning wont stay on


  • Please log in to reply
17 replies to this topic

#1 Kevin5120

Kevin5120

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 29 January 2013 - 06:37 PM

I have been having a problem with my Mcafee total protection for the past couple weeks where a little bit after my laptop is turned on the real time scanning shuts off all by itself and turning it back on only lasts for a few minutes before it happens again also i cannot run a scan when i try to do so i get an error stating "an unexpected problem occurred during your scan. please click ok to go back to the homepage, and then try running your scan again." but doing that doesn't help the error just keeps coming up I'm at a loss of what to do and I have used this site in the past with my old laptop so I hope i can get some help here again.

I did just post this in the Windows 7 forum but i think its better suited here, as said in that topic i have already run Malwarebytes in safe mode and deleted 3 infections which have not helps the problem.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 29 January 2013 - 06:46 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 29 January 2013 - 07:38 PM

didnt want you to think i was ignoring your response computer is currently still scanning with aswMBR will post all logs once everything is finished thanks for replying to my issue by the way :)

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 29 January 2013 - 07:41 PM

:thumbup2:

#5 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 29 January 2013 - 10:10 PM

~TDSSKiller log~

19:00:50.0421 3540 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:00:51.0475 3540 ============================================================
19:00:51.0475 3540 Current date / time: 2013/01/29 19:00:51.0475
19:00:51.0475 3540 SystemInfo:
19:00:51.0475 3540
19:00:51.0475 3540 OS Version: 5.1.2600 ServicePack: 2.0
19:00:51.0475 3540 Product type: Workstation
19:00:51.0475 3540 ComputerName: KEVIN5120-PC
19:00:51.0475 3540 UserName: Kevin5120
19:00:51.0475 3540 Windows directory: C:\Windows
19:00:51.0475 3540 System windows directory: C:\Windows
19:00:51.0475 3540 Running under WOW64
19:00:51.0476 3540 Processor architecture: Intel x64
19:00:51.0476 3540 Number of processors: 8
19:00:51.0476 3540 Page size: 0x1000
19:00:51.0476 3540 Boot type: Normal boot
19:00:51.0476 3540 ============================================================
19:00:54.0178 3540 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:00:54.0198 3540 ============================================================
19:00:54.0198 3540 \Device\Harddisk0\DR0:
19:00:54.0199 3540 MBR partitions:
19:00:54.0199 3540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x6A000, BlocksNum 0x1139000
19:00:54.0199 3540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11A3000, BlocksNum 0x2428B000
19:00:54.0199 3540 ============================================================
19:00:54.0659 3540 C: <-> \Device\Harddisk0\DR0\Partition2
19:00:54.0659 3540 ============================================================
19:00:54.0659 3540 Initialize success
19:00:54.0659 3540 ============================================================
19:02:05.0595 1252 ============================================================
19:02:05.0595 1252 Scan started
19:02:05.0595 1252 Mode: Manual; TDLFS;
19:02:05.0595 1252 ============================================================
19:02:08.0777 1252 ================ Scan system memory ========================
19:02:08.0777 1252 System memory - ok
19:02:08.0779 1252 ================ Scan services =============================
19:02:09.0014 1252 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:02:09.0019 1252 1394ohci - ok
19:02:09.0049 1252 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
19:02:09.0227 1252 Acceler - ok
19:02:09.0269 1252 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:02:09.0285 1252 ACPI - ok
19:02:09.0322 1252 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:02:09.0394 1252 AcpiPmi - ok
19:02:09.0483 1252 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:02:09.0622 1252 AdobeARMservice - ok
19:02:09.0756 1252 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:02:09.0762 1252 AdobeFlashPlayerUpdateSvc - ok
19:02:09.0798 1252 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:02:09.0828 1252 adp94xx - ok
19:02:09.0860 1252 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:02:09.0879 1252 adpahci - ok
19:02:09.0887 1252 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:02:09.0895 1252 adpu320 - ok
19:02:09.0910 1252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:02:09.0912 1252 AeLookupSvc - ok
19:02:09.0957 1252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:02:10.0077 1252 AFD - ok
19:02:10.0119 1252 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:02:10.0149 1252 agp440 - ok
19:02:10.0182 1252 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:02:10.0193 1252 ALG - ok
19:02:10.0225 1252 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:02:10.0235 1252 aliide - ok
19:02:10.0281 1252 [ 388E79AF1C9E4D84A8559FA77F804CF6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:02:10.0375 1252 AMD External Events Utility - ok
19:02:10.0395 1252 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:02:10.0398 1252 amdide - ok
19:02:10.0429 1252 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:02:10.0434 1252 AmdK8 - ok
19:02:10.0620 1252 [ 79A11CB10FF02A8425DABBB040249F7D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:02:10.0875 1252 amdkmdag - ok
19:02:10.0901 1252 [ 6F6D47246FBB0CF65619684A0F89179E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:02:11.0003 1252 amdkmdap - ok
19:02:11.0026 1252 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:02:11.0032 1252 AmdPPM - ok
19:02:11.0057 1252 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:02:11.0186 1252 amdsata - ok
19:02:11.0214 1252 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:02:11.0223 1252 amdsbs - ok
19:02:11.0234 1252 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:02:11.0316 1252 amdxata - ok
19:02:11.0360 1252 [ 8B3236C07EF8A2B714A8B64D8EA0F2AB ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
19:02:11.0478 1252 AndNetDiag - ok
19:02:11.0494 1252 [ 1B0A66E7E0432BF03431A1A34B8BEA0E ] AndNetGps C:\Windows\system32\DRIVERS\lgandnetgps64.sys
19:02:11.0610 1252 AndNetGps - ok
19:02:11.0636 1252 [ 17D42F72B6DC32F1DAC96E948E60037E ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
19:02:11.0720 1252 ANDNetModem - ok
19:02:11.0749 1252 [ A1D5155BD93F7F1933C2D91AACC7FA62 ] andnetndis C:\Windows\system32\DRIVERS\lgandnetndis64.sys
19:02:11.0831 1252 andnetndis - ok
19:02:11.0914 1252 [ 375640F39F2D613B6FDCF8C2F956205A ] Apache2.2 C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
19:02:12.0069 1252 Apache2.2 - ok
19:02:12.0121 1252 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:02:12.0224 1252 AppID - ok
19:02:12.0257 1252 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:02:12.0264 1252 AppIDSvc - ok
19:02:12.0275 1252 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:02:12.0338 1252 Appinfo - ok
19:02:12.0376 1252 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:02:12.0382 1252 arc - ok
19:02:12.0399 1252 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:02:12.0414 1252 arcsas - ok
19:02:12.0512 1252 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:02:12.0689 1252 aspnet_state - ok
19:02:12.0722 1252 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:02:12.0733 1252 AsyncMac - ok
19:02:12.0762 1252 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:02:12.0763 1252 atapi - ok
19:02:12.0806 1252 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:02:12.0885 1252 AtiHdmiService - ok
19:02:13.0027 1252 [ 79A11CB10FF02A8425DABBB040249F7D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:02:13.0065 1252 atikmdag - ok
19:02:13.0125 1252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:02:13.0268 1252 AudioEndpointBuilder - ok
19:02:13.0284 1252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:02:13.0292 1252 AudioSrv - ok
19:02:13.0356 1252 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:02:13.0422 1252 AxInstSV - ok
19:02:13.0481 1252 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:02:13.0528 1252 b06bdrv - ok
19:02:13.0589 1252 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:02:13.0611 1252 b57nd60a - ok
19:02:13.0668 1252 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:02:13.0826 1252 BBSvc - ok
19:02:13.0845 1252 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
19:02:13.0936 1252 BCM42RLY - ok
19:02:14.0032 1252 [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:02:14.0129 1252 BCM43XX - ok
19:02:14.0177 1252 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:02:14.0186 1252 BDESVC - ok
19:02:14.0209 1252 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:02:14.0219 1252 Beep - ok
19:02:14.0276 1252 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:02:14.0340 1252 BFE - ok
19:02:14.0385 1252 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:02:14.0545 1252 BITS - ok
19:02:14.0591 1252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:02:14.0603 1252 blbdrive - ok
19:02:14.0641 1252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:02:14.0749 1252 bowser - ok
19:02:14.0768 1252 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:02:14.0774 1252 BrFiltLo - ok
19:02:14.0783 1252 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:02:14.0788 1252 BrFiltUp - ok
19:02:14.0820 1252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:02:14.0888 1252 Browser - ok
19:02:14.0916 1252 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:02:14.0926 1252 Brserid - ok
19:02:14.0936 1252 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:02:14.0946 1252 BrSerWdm - ok
19:02:14.0953 1252 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:02:14.0986 1252 BrUsbMdm - ok
19:02:14.0993 1252 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:02:14.0999 1252 BrUsbSer - ok
19:02:15.0022 1252 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:02:15.0028 1252 BTHMODEM - ok
19:02:15.0061 1252 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:02:15.0087 1252 bthserv - ok
19:02:15.0113 1252 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:02:15.0123 1252 cdfs - ok
19:02:15.0162 1252 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:02:15.0254 1252 cdrom - ok
19:02:15.0298 1252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:02:15.0396 1252 CertPropSvc - ok
19:02:15.0466 1252 [ DF8D07059E7237E0BE9C1421EF5F9482 ] cfwids C:\Windows\system32\drivers\cfwids.sys
19:02:15.0553 1252 cfwids - ok
19:02:15.0576 1252 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:02:15.0580 1252 circlass - ok
19:02:15.0611 1252 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:02:15.0623 1252 CLFS - ok
19:02:15.0669 1252 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:02:15.0679 1252 clr_optimization_v2.0.50727_32 - ok
19:02:15.0711 1252 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:02:15.0722 1252 clr_optimization_v2.0.50727_64 - ok
19:02:15.0802 1252 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:02:15.0899 1252 clr_optimization_v4.0.30319_32 - ok
19:02:15.0930 1252 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:02:16.0020 1252 clr_optimization_v4.0.30319_64 - ok
19:02:16.0074 1252 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:02:16.0082 1252 CmBatt - ok
19:02:16.0119 1252 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:02:16.0126 1252 cmdide - ok
19:02:16.0218 1252 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:02:16.0297 1252 CNG - ok
19:02:16.0332 1252 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:02:16.0338 1252 Compbatt - ok
19:02:16.0388 1252 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:02:16.0492 1252 CompositeBus - ok
19:02:16.0514 1252 COMSysApp - ok
19:02:16.0526 1252 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:02:16.0531 1252 crcdisk - ok
19:02:16.0565 1252 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:02:16.0659 1252 CryptSvc - ok
19:02:16.0727 1252 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:02:16.0810 1252 CtClsFlt - ok
19:02:16.0849 1252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:02:16.0867 1252 DcomLaunch - ok
19:02:16.0897 1252 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:02:16.0907 1252 defragsvc - ok
19:02:16.0947 1252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:02:17.0047 1252 DfsC - ok
19:02:17.0231 1252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:02:17.0436 1252 Dhcp - ok
19:02:17.0474 1252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:02:17.0478 1252 discache - ok
19:02:17.0525 1252 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:02:17.0535 1252 Disk - ok
19:02:17.0570 1252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:02:17.0675 1252 Dnscache - ok
19:02:17.0762 1252 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
19:02:17.0836 1252 DockLoginService - ok
19:02:17.0866 1252 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:02:17.0923 1252 dot3svc - ok
19:02:17.0950 1252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:02:17.0952 1252 DPS - ok
19:02:17.0972 1252 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:02:17.0983 1252 drmkaud - ok
19:02:18.0148 1252 [ 0BB913F9F02677BD4AE96D4967CACFEE ] dsl-db C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
19:02:18.0450 1252 dsl-db - ok
19:02:18.0493 1252 [ 5D0A71316D6BFEA3C88C30AD81FDB606 ] dsl-fs-sync C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
19:02:18.0620 1252 dsl-fs-sync - ok
19:02:18.0669 1252 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:02:18.0796 1252 DXGKrnl - ok
19:02:18.0834 1252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:02:18.0839 1252 EapHost - ok
19:02:18.0928 1252 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:02:19.0012 1252 ebdrv - ok
19:02:19.0044 1252 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:02:19.0129 1252 EFS - ok
19:02:19.0189 1252 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:02:19.0333 1252 ehRecvr - ok
19:02:19.0366 1252 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:02:19.0372 1252 ehSched - ok
19:02:19.0404 1252 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:02:19.0425 1252 elxstor - ok
19:02:19.0459 1252 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:02:19.0468 1252 ErrDev - ok
19:02:19.0511 1252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:02:19.0517 1252 EventSystem - ok
19:02:19.0544 1252 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:02:19.0557 1252 exfat - ok
19:02:19.0579 1252 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:02:19.0586 1252 fastfat - ok
19:02:19.0636 1252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:02:19.0759 1252 Fax - ok
19:02:19.0783 1252 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:02:19.0787 1252 fdc - ok
19:02:19.0814 1252 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:02:19.0817 1252 fdPHost - ok
19:02:19.0840 1252 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:02:19.0846 1252 FDResPub - ok
19:02:19.0862 1252 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:02:19.0867 1252 FileInfo - ok
19:02:19.0884 1252 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:02:19.0890 1252 Filetrace - ok
19:02:19.0904 1252 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:02:19.0912 1252 flpydisk - ok
19:02:19.0947 1252 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:02:19.0954 1252 FltMgr - ok
19:02:20.0023 1252 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:02:20.0212 1252 FontCache - ok
19:02:20.0278 1252 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:02:20.0423 1252 FontCache3.0.0.0 - ok
19:02:20.0444 1252 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:02:20.0448 1252 FsDepends - ok
19:02:20.0476 1252 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:02:20.0523 1252 fssfltr - ok
19:02:20.0589 1252 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:02:20.0712 1252 fsssvc - ok
19:02:20.0740 1252 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:02:20.0869 1252 Fs_Rec - ok
19:02:20.0927 1252 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:02:21.0015 1252 fvevol - ok
19:02:21.0044 1252 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:02:21.0049 1252 gagp30kx - ok
19:02:21.0101 1252 Giraffic - ok
19:02:21.0150 1252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:02:21.0174 1252 gpsvc - ok
19:02:21.0288 1252 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:21.0291 1252 gupdate - ok
19:02:21.0309 1252 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:21.0311 1252 gupdatem - ok
19:02:21.0356 1252 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:02:21.0609 1252 gusvc - ok
19:02:21.0624 1252 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:02:21.0627 1252 hcw85cir - ok
19:02:21.0667 1252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:02:21.0669 1252 HDAudBus - ok
19:02:21.0713 1252 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:02:21.0716 1252 HidBatt - ok
19:02:21.0766 1252 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:02:21.0770 1252 HidBth - ok
19:02:21.0795 1252 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:02:21.0799 1252 HidIr - ok
19:02:21.0821 1252 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:02:21.0825 1252 hidserv - ok
19:02:21.0864 1252 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:02:22.0021 1252 HidUsb - ok
19:02:22.0070 1252 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
19:02:22.0137 1252 HipShieldK - ok
19:02:22.0171 1252 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:02:22.0233 1252 hkmsvc - ok
19:02:22.0282 1252 [ 583431A6989FD8B901D1883C0299C471 ] hnmsvc c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
19:02:22.0429 1252 hnmsvc - ok
19:02:22.0473 1252 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:02:22.0534 1252 HomeGroupListener - ok
19:02:22.0572 1252 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:02:22.0687 1252 HomeGroupProvider - ok
19:02:22.0731 1252 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:02:22.0841 1252 HpSAMD - ok
19:02:22.0903 1252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:02:23.0027 1252 HTTP - ok
19:02:23.0054 1252 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:02:23.0140 1252 hwpolicy - ok
19:02:23.0184 1252 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:02:23.0197 1252 i8042prt - ok
19:02:23.0250 1252 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:02:23.0383 1252 iaStorV - ok
19:02:23.0431 1252 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:02:23.0541 1252 idsvc - ok
19:02:23.0569 1252 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:02:23.0579 1252 iirsp - ok
19:02:23.0618 1252 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:02:23.0735 1252 IKEEXT - ok
19:02:23.0766 1252 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:02:23.0769 1252 intelide - ok
19:02:23.0798 1252 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:02:23.0800 1252 intelppm - ok
19:02:23.0823 1252 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:02:23.0835 1252 IPBusEnum - ok
19:02:23.0873 1252 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:02:23.0949 1252 IpFilterDriver - ok
19:02:24.0249 1252 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:02:24.0366 1252 iphlpsvc - ok
19:02:24.0405 1252 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:02:24.0677 1252 IPMIDRV - ok
19:02:24.0727 1252 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:02:24.0739 1252 IPNAT - ok
19:02:24.0761 1252 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:02:24.0766 1252 IRENUM - ok
19:02:24.0781 1252 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:02:24.0785 1252 isapnp - ok
19:02:24.0836 1252 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:02:24.0910 1252 iScsiPrt - ok
19:02:24.0959 1252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:02:24.0969 1252 kbdclass - ok
19:02:25.0007 1252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:02:25.0098 1252 kbdhid - ok
19:02:25.0118 1252 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:02:25.0120 1252 KeyIso - ok
19:02:25.0155 1252 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:02:25.0262 1252 KSecDD - ok
19:02:25.0285 1252 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:02:25.0381 1252 KSecPkg - ok
19:02:25.0404 1252 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:02:25.0407 1252 ksthunk - ok
19:02:25.0442 1252 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:02:25.0469 1252 KtmRm - ok
19:02:25.0512 1252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:02:25.0572 1252 LanmanServer - ok
19:02:25.0605 1252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:02:25.0683 1252 LanmanWorkstation - ok
19:02:25.0725 1252 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:02:25.0729 1252 lltdio - ok
19:02:25.0756 1252 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:02:25.0767 1252 lltdsvc - ok
19:02:25.0789 1252 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:02:25.0800 1252 lmhosts - ok
19:02:25.0826 1252 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:02:25.0834 1252 LSI_FC - ok
19:02:25.0848 1252 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:02:25.0853 1252 LSI_SAS - ok
19:02:25.0945 1252 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:02:25.0948 1252 LSI_SAS2 - ok
19:02:25.0957 1252 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:02:25.0962 1252 LSI_SCSI - ok
19:02:26.0045 1252 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:02:26.0050 1252 luafv - ok
19:02:26.0177 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:26.0181 1252 McAfee SiteAdvisor Service - ok
19:02:26.0233 1252 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
19:02:26.0381 1252 McciCMService - ok
19:02:26.0432 1252 [ 859E5A32485178DAECA06B52E2BB44B2 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
19:02:26.0553 1252 McciCMService64 - ok
19:02:26.0671 1252 [ C58F15CD4EF79210455512CF0C449F39 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.313\McCHSvc.exe
19:02:26.0786 1252 McComponentHostService - ok
19:02:26.0808 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:26.0809 1252 McMPFSvc - ok
19:02:26.0814 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:26.0816 1252 mcmscsvc - ok
19:02:26.0820 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:26.0821 1252 McNaiAnn - ok
19:02:26.0848 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:26.0849 1252 McNASvc - ok
19:02:26.0924 1252 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
19:02:26.0929 1252 McODS - ok
19:02:26.0943 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:26.0946 1252 McProxy - ok
19:02:26.0985 1252 [ 07ADF390306FC00297EE9B2247C0678E ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
19:02:27.0065 1252 McPvDrv - ok
19:02:27.0140 1252 [ 9BBCECBE3FE5AF5958A770DC512D0473 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:02:27.0222 1252 McShield - ok
19:02:27.0257 1252 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:02:27.0357 1252 Mcx2Svc - ok
19:02:27.0386 1252 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:02:27.0396 1252 megasas - ok
19:02:27.0418 1252 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:02:27.0427 1252 MegaSR - ok
19:02:27.0467 1252 [ 2D53234C24B0103FDE0BE06782AA6F80 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
19:02:27.0547 1252 mfeapfk - ok
19:02:27.0583 1252 [ C0EAF4F2367C44157E1DE4817238FEC2 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
19:02:27.0671 1252 mfeavfk - ok
19:02:27.0698 1252 mfeavfk01 - ok
19:02:27.0775 1252 [ 38D1F23EE031B615A8CA51DD1E523579 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
19:02:27.0787 1252 mfecore - ok
19:02:27.0815 1252 [ 05248F2E6E1AFA6972D058C36199DEB7 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:02:27.0905 1252 mfefire - ok
19:02:27.0941 1252 [ 6856931F9F5B757E9D09369CC35096B9 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
19:02:28.0041 1252 mfefirek - ok
19:02:28.0114 1252 [ 62E4C929A4DB48616B1B90143B48C948 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:02:28.0235 1252 mfehidk - ok
19:02:28.0275 1252 [ 9C9FC3770BD600B2D761D666234C244D ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
19:02:28.0384 1252 mfencbdc - ok
19:02:28.0407 1252 [ 93241CC8509B622B47EEA1B8505CF511 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
19:02:28.0477 1252 mfencrk - ok
19:02:28.0544 1252 [ B5B96149BE124092F577DE54EC7D4D65 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
19:02:28.0669 1252 mferkdet - ok
19:02:28.0724 1252 [ DC5483CAD90D95D65B618E35C66E28DF ] mfevtp C:\Windows\system32\mfevtps.exe
19:02:28.0865 1252 mfevtp - ok
19:02:28.0922 1252 [ E18162EA85F1531964F8222CC9E25E26 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
19:02:29.0022 1252 mfewfpk - ok
19:02:29.0056 1252 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:02:29.0058 1252 MMCSS - ok
19:02:29.0179 1252 [ 8CC001C65C31633171991FA72A551D43 ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
19:02:29.0268 1252 MOBKbackup - ok
19:02:29.0311 1252 [ 3800C23D0D90C59AAFCDEFDC82B5C4AF ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
19:02:29.0427 1252 MOBKFilter - ok
19:02:29.0461 1252 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:02:29.0464 1252 Modem - ok
19:02:29.0502 1252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:02:29.0504 1252 monitor - ok
19:02:29.0538 1252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:02:29.0548 1252 mouclass - ok
19:02:29.0571 1252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:02:29.0597 1252 mouhid - ok
19:02:29.0648 1252 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:02:29.0775 1252 mountmgr - ok
19:02:29.0846 1252 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:02:29.0971 1252 MozillaMaintenance - ok
19:02:30.0033 1252 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:02:30.0268 1252 mpio - ok
19:02:30.0294 1252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:02:30.0300 1252 mpsdrv - ok
19:02:30.0341 1252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:02:30.0435 1252 MpsSvc - ok
19:02:30.0467 1252 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
19:02:30.0547 1252 MREMP50 - ok
19:02:30.0550 1252 MREMP50a64 - ok
19:02:30.0554 1252 MREMPR5 - ok
19:02:30.0558 1252 MRENDIS5 - ok
19:02:30.0581 1252 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
19:02:30.0674 1252 MRESP50 - ok
19:02:30.0695 1252 MRESP50a64 - ok
19:02:30.0726 1252 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:02:30.0833 1252 MRxDAV - ok
19:02:30.0872 1252 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:02:30.0972 1252 mrxsmb - ok
19:02:31.0008 1252 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:02:31.0125 1252 mrxsmb10 - ok
19:02:31.0151 1252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:02:31.0249 1252 mrxsmb20 - ok
19:02:31.0282 1252 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:02:31.0375 1252 msahci - ok
19:02:31.0408 1252 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:02:31.0487 1252 msdsm - ok
19:02:31.0514 1252 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:02:31.0520 1252 MSDTC - ok
19:02:31.0559 1252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:02:31.0562 1252 Msfs - ok
19:02:31.0588 1252 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:02:31.0599 1252 mshidkmdf - ok
19:02:31.0635 1252 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:02:31.0638 1252 msisadrv - ok
19:02:31.0660 1252 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:02:31.0672 1252 MSiSCSI - ok
19:02:31.0680 1252 msiserver - ok
19:02:31.0700 1252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:02:31.0703 1252 MSK80Service - ok
19:02:31.0717 1252 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:02:31.0722 1252 MSKSSRV - ok
19:02:31.0736 1252 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:02:31.0743 1252 MSPCLOCK - ok
19:02:31.0750 1252 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:02:31.0754 1252 MSPQM - ok
19:02:31.0793 1252 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:02:31.0875 1252 MsRPC - ok
19:02:31.0912 1252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:02:31.0914 1252 mssmbios - ok
19:02:31.0933 1252 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:02:31.0940 1252 MSTEE - ok
19:02:31.0956 1252 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:02:31.0962 1252 MTConfig - ok
19:02:31.0975 1252 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:02:31.0982 1252 Mup - ok
19:02:32.0039 1252 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:02:32.0056 1252 napagent - ok
19:02:32.0091 1252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:02:32.0107 1252 NativeWifiP - ok
19:02:32.0422 1252 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:02:32.0465 1252 NDIS - ok
19:02:32.0516 1252 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:02:32.0528 1252 NdisCap - ok
19:02:32.0550 1252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:02:32.0557 1252 NdisTapi - ok
19:02:32.0597 1252 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:02:32.0685 1252 Ndisuio - ok
19:02:32.0715 1252 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:02:32.0813 1252 NdisWan - ok
19:02:32.0845 1252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:02:32.0930 1252 NDProxy - ok
19:02:32.0962 1252 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:02:32.0972 1252 NetBIOS - ok
19:02:33.0008 1252 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:02:33.0089 1252 NetBT - ok
19:02:33.0122 1252 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:02:33.0124 1252 Netlogon - ok
19:02:33.0169 1252 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:02:33.0223 1252 Netman - ok
19:02:33.0259 1252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:33.0375 1252 NetMsmqActivator - ok
19:02:33.0405 1252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:33.0406 1252 NetPipeActivator - ok
19:02:33.0430 1252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:02:33.0458 1252 netprofm - ok
19:02:33.0473 1252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:33.0475 1252 NetTcpActivator - ok
19:02:33.0482 1252 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:02:33.0485 1252 NetTcpPortSharing - ok
19:02:33.0538 1252 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:02:33.0546 1252 nfrd960 - ok
19:02:33.0576 1252 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:02:33.0665 1252 NlaSvc - ok
19:02:33.0698 1252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:02:33.0701 1252 Npfs - ok
19:02:33.0725 1252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:02:33.0733 1252 nsi - ok
19:02:33.0747 1252 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:02:33.0755 1252 nsiproxy - ok
19:02:33.0828 1252 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:02:33.0940 1252 Ntfs - ok
19:02:33.0955 1252 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:02:33.0960 1252 Null - ok
19:02:34.0001 1252 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:02:34.0129 1252 nvraid - ok
19:02:34.0159 1252 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:02:34.0252 1252 nvstor - ok
19:02:34.0315 1252 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:02:34.0363 1252 nv_agp - ok
19:02:34.0554 1252 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:02:34.0634 1252 odserv - ok
19:02:34.0661 1252 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:02:34.0667 1252 ohci1394 - ok
19:02:34.0725 1252 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:02:34.0817 1252 ose - ok
19:02:34.0853 1252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:02:34.0861 1252 p2pimsvc - ok
19:02:34.0897 1252 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:02:34.0927 1252 p2psvc - ok
19:02:34.0951 1252 [ 99E6AA0AE2D05389BA7F7DFF6866B569 ] Packet C:\Windows\system32\DRIVERS\packet.sys
19:02:35.0030 1252 Packet - ok
19:02:35.0058 1252 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:02:35.0066 1252 Parport - ok
19:02:35.0095 1252 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:02:35.0184 1252 partmgr - ok
19:02:35.0215 1252 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:02:35.0228 1252 PcaSvc - ok
19:02:35.0273 1252 [ 81B5E63131090879AD6EF9F32109B88D ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:02:35.0382 1252 pccsmcfd - ok
19:02:35.0418 1252 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:02:35.0422 1252 pci - ok
19:02:35.0453 1252 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:02:35.0461 1252 pciide - ok
19:02:35.0474 1252 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:02:35.0483 1252 pcmcia - ok
19:02:35.0498 1252 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:02:35.0503 1252 pcw - ok
19:02:35.0529 1252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:02:35.0549 1252 PEAUTH - ok
19:02:35.0624 1252 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:02:35.0629 1252 PerfHost - ok
19:02:35.0701 1252 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:02:35.0783 1252 pla - ok
19:02:35.0832 1252 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:02:35.0849 1252 PlugPlay - ok
19:02:35.0861 1252 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:02:35.0873 1252 PNRPAutoReg - ok
19:02:35.0895 1252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:02:35.0900 1252 PNRPsvc - ok
19:02:35.0935 1252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:02:36.0138 1252 PolicyAgent - ok
19:02:36.0201 1252 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:02:36.0213 1252 Power - ok
19:02:36.0292 1252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:02:36.0385 1252 PptpMiniport - ok
19:02:36.0412 1252 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:02:36.0415 1252 Processor - ok
19:02:36.0448 1252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:02:36.0455 1252 ProfSvc - ok
19:02:36.0492 1252 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:02:36.0495 1252 ProtectedStorage - ok
19:02:36.0537 1252 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:02:36.0617 1252 Psched - ok
19:02:36.0646 1252 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:02:36.0728 1252 PxHlpa64 - ok
19:02:36.0801 1252 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:02:36.0866 1252 ql2300 - ok
19:02:36.0884 1252 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:02:36.0888 1252 ql40xx - ok
19:02:36.0908 1252 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:02:36.0915 1252 QWAVE - ok
19:02:36.0928 1252 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:02:36.0932 1252 QWAVEdrv - ok
19:02:36.0942 1252 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:02:36.0945 1252 RasAcd - ok
19:02:36.0971 1252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:02:36.0975 1252 RasAgileVpn - ok
19:02:36.0991 1252 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:02:36.0997 1252 RasAuto - ok
19:02:37.0025 1252 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:02:37.0070 1252 Rasl2tp - ok
19:02:37.0109 1252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:02:37.0184 1252 RasMan - ok
19:02:37.0216 1252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:02:37.0224 1252 RasPppoe - ok
19:02:37.0253 1252 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:02:37.0260 1252 RasSstp - ok
19:02:37.0297 1252 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:02:37.0453 1252 rdbss - ok
19:02:37.0506 1252 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:02:37.0534 1252 rdpbus - ok
19:02:37.0627 1252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:02:37.0630 1252 RDPCDD - ok
19:02:37.0803 1252 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:02:37.0808 1252 RDPENCDD - ok
19:02:37.0818 1252 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:02:37.0821 1252 RDPREFMP - ok
19:02:37.0848 1252 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:02:37.0937 1252 RDPWD - ok
19:02:37.0972 1252 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:02:38.0062 1252 rdyboost - ok
19:02:38.0092 1252 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:02:38.0103 1252 RemoteAccess - ok
19:02:38.0135 1252 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:02:38.0141 1252 RemoteRegistry - ok
19:02:38.0162 1252 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
19:02:38.0261 1252 rimmptsk - ok
19:02:38.0293 1252 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
19:02:38.0418 1252 rimspci - ok
19:02:38.0438 1252 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
19:02:38.0510 1252 rimsptsk - ok
19:02:38.0514 1252 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
19:02:38.0587 1252 risdpcie - ok
19:02:38.0609 1252 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
19:02:38.0684 1252 rismxdp - ok
19:02:38.0705 1252 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
19:02:38.0832 1252 rixdpcie - ok
19:02:38.0858 1252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:02:38.0864 1252 RpcEptMapper - ok
19:02:38.0875 1252 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:02:38.0881 1252 RpcLocator - ok
19:02:38.0916 1252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:02:38.0921 1252 RpcSs - ok
19:02:38.0951 1252 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:02:38.0955 1252 rspndr - ok
19:02:38.0991 1252 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:02:39.0009 1252 RTL8167 - ok
19:02:39.0022 1252 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:02:39.0025 1252 SamSs - ok
19:02:39.0058 1252 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:02:39.0147 1252 sbp2port - ok
19:02:39.0168 1252 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:02:39.0180 1252 SCardSvr - ok
19:02:39.0237 1252 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:02:39.0327 1252 scfilter - ok
19:02:39.0376 1252 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:02:39.0486 1252 Schedule - ok
19:02:39.0519 1252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:02:39.0520 1252 SCPolicySvc - ok
19:02:39.0560 1252 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:02:39.0665 1252 SDRSVC - ok
19:02:39.0746 1252 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:02:39.0833 1252 SeaPort - ok
19:02:39.0867 1252 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:02:39.0873 1252 secdrv - ok
19:02:39.0912 1252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:02:39.0999 1252 seclogon - ok
19:02:40.0081 1252 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:02:40.0083 1252 SENS - ok
19:02:40.0098 1252 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:02:40.0102 1252 SensrSvc - ok
19:02:40.0111 1252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:02:40.0114 1252 Serenum - ok
19:02:40.0137 1252 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:02:40.0140 1252 Serial - ok
19:02:40.0176 1252 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:02:40.0182 1252 sermouse - ok
19:02:40.0293 1252 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:02:40.0680 1252 ServiceLayer - ok
19:02:40.0718 1252 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:02:40.0804 1252 SessionEnv - ok
19:02:40.0836 1252 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:02:40.0841 1252 sffdisk - ok
19:02:40.0849 1252 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:02:40.0853 1252 sffp_mmc - ok
19:02:40.0863 1252 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:02:40.0937 1252 sffp_sd - ok
19:02:40.0961 1252 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:02:40.0965 1252 sfloppy - ok
19:02:41.0003 1252 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:02:41.0028 1252 SharedAccess - ok
19:02:41.0068 1252 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:02:41.0150 1252 ShellHWDetection - ok
19:02:41.0183 1252 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:02:41.0188 1252 SiSRaid2 - ok
19:02:41.0199 1252 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:02:41.0205 1252 SiSRaid4 - ok
19:02:41.0256 1252 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:02:47.0761 1252 SkypeUpdate - ok
19:02:47.0789 1252 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:02:47.0804 1252 Smb - ok
19:02:47.0846 1252 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:02:47.0859 1252 SNMPTRAP - ok
19:02:47.0878 1252 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:02:47.0886 1252 spldr - ok
19:02:47.0931 1252 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:02:48.0076 1252 Spooler - ok
19:02:48.0198 1252 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:02:48.0294 1252 sppsvc - ok
19:02:48.0333 1252 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:02:48.0340 1252 sppuinotify - ok
19:02:48.0404 1252 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
19:02:48.0540 1252 sprtsvc_DellSupportCenter - ok
19:02:48.0576 1252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:02:48.0697 1252 srv - ok
19:02:48.0742 1252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:02:48.0880 1252 srv2 - ok
19:02:48.0895 1252 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:02:48.0986 1252 srvnet - ok
19:02:49.0018 1252 [ B165001BA2CB1E56C70084CEEC53D7AB ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
19:02:49.0134 1252 sscdbus - ok
19:02:49.0183 1252 [ F431653836C02870F93254BF5C9CA23E ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:02:49.0315 1252 sscdmdfl - ok
19:02:49.0351 1252 [ B57F56218759D08CA3BCE765A18D398B ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
19:02:49.0426 1252 sscdmdm - ok
19:02:49.0481 1252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:02:49.0494 1252 SSDPSRV - ok
19:02:49.0545 1252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:02:49.0556 1252 SstpSvc - ok
19:02:49.0672 1252 [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
19:02:49.0777 1252 STacSV - ok
19:02:49.0845 1252 StarOpen - ok
19:02:49.0873 1252 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:02:49.0881 1252 stexstor - ok
19:02:49.0915 1252 [ 02E784FA49032F84964DB90A3ED81890 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
19:02:50.0025 1252 STHDA - ok
19:02:50.0074 1252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:02:50.0200 1252 stisvc - ok
19:02:50.0246 1252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:02:50.0256 1252 swenum - ok
19:02:50.0300 1252 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:02:50.0323 1252 swprv - ok
19:02:50.0352 1252 [ 1657B7442D5CE30533F5C4317716B468 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:02:50.0458 1252 SynTP - ok
19:02:50.0531 1252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:02:50.0616 1252 SysMain - ok
19:02:50.0648 1252 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:02:50.0744 1252 TabletInputService - ok
19:02:50.0773 1252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:02:50.0892 1252 TapiSrv - ok
19:02:50.0926 1252 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:02:50.0930 1252 TBS - ok
19:02:51.0003 1252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:02:51.0119 1252 Tcpip - ok
19:02:51.0157 1252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:02:51.0166 1252 TCPIP6 - ok
19:02:51.0215 1252 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:02:51.0406 1252 tcpipreg - ok
19:02:51.0471 1252 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:02:51.0502 1252 TDPIPE - ok
19:02:51.0535 1252 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:02:51.0616 1252 TDTCP - ok
19:02:51.0648 1252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:02:51.0730 1252 tdx - ok
19:02:51.0763 1252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:02:51.0878 1252 TermDD - ok
19:02:51.0916 1252 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:02:52.0010 1252 TermService - ok
19:02:52.0050 1252 TFsExDisk - ok
19:02:52.0065 1252 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:02:52.0072 1252 Themes - ok
19:02:52.0113 1252 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:02:52.0116 1252 THREADORDER - ok
19:02:52.0159 1252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:02:52.0171 1252 TrkWks - ok
19:02:52.0260 1252 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:02:52.0265 1252 TrustedInstaller - ok
19:02:52.0314 1252 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:02:52.0423 1252 tssecsrv - ok
19:02:52.0474 1252 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:02:52.0564 1252 TsUsbFlt - ok
19:02:52.0658 1252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:02:52.0833 1252 tunnel - ok
19:02:52.0862 1252 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:02:52.0867 1252 uagp35 - ok
19:02:52.0945 1252 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:02:53.0078 1252 udfs - ok
19:02:53.0101 1252 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:02:53.0107 1252 UI0Detect - ok
19:02:53.0140 1252 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:02:53.0145 1252 uliagpkx - ok
19:02:53.0185 1252 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:02:53.0244 1252 umbus - ok
19:02:53.0260 1252 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:02:53.0263 1252 UmPass - ok
19:02:53.0303 1252 [ 1E9993AC255B3220BCE71FE9E056BBC9 ] Updater Service for StartNow Toolbar C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
19:02:53.0420 1252 Updater Service for StartNow Toolbar - ok
19:02:53.0540 1252 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:02:53.0550 1252 upnphost - ok
19:02:53.0587 1252 [ C85B8247FADD432FA54FE11667C8D97D ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
19:02:53.0659 1252 usbbus - ok
19:02:53.0698 1252 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:02:53.0782 1252 usbccgp - ok
19:02:53.0830 1252 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:02:53.0840 1252 usbcir - ok
19:02:53.0866 1252 [ D8CDC12F5429878F23DDB3785A0FDF95 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
19:02:53.0986 1252 UsbDiag - ok
19:02:54.0023 1252 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:02:54.0130 1252 usbehci - ok
19:02:54.0164 1252 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:02:54.0257 1252 usbhub - ok
19:02:54.0304 1252 [ 79FA7A22B0F6F0082F640CBC82A00FCE ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
19:02:54.0467 1252 USBModem - ok
19:02:54.0581 1252 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:02:54.0677 1252 usbohci - ok
19:02:54.0705 1252 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:02:54.0709 1252 usbprint - ok
19:02:54.0743 1252 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:02:54.0827 1252 USBSTOR - ok
19:02:54.0854 1252 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:02:54.0998 1252 usbuhci - ok
19:02:55.0044 1252 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:02:55.0147 1252 usbvideo - ok
19:02:55.0227 1252 [ 659BA43F61FC37609288A5340A8D37D4 ] usj C:\AeriaGames\EdenEternal\avital\ussjcs64.sys
19:02:55.0334 1252 usj - ok
19:02:55.0367 1252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:02:55.0372 1252 UxSms - ok
19:02:55.0380 1252 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:02:55.0383 1252 VaultSvc - ok
19:02:55.0416 1252 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:02:55.0421 1252 vdrvroot - ok
19:02:55.0466 1252 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:02:55.0583 1252 vds - ok
19:02:55.0622 1252 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:02:55.0627 1252 vga - ok
19:02:55.0649 1252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:02:55.0654 1252 VgaSave - ok
19:02:55.0685 1252 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:02:55.0758 1252 vhdmp - ok
19:02:55.0788 1252 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:02:55.0796 1252 viaide - ok
19:02:55.0830 1252 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:02:55.0938 1252 volmgr - ok
19:02:56.0031 1252 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:02:56.0127 1252 volmgrx - ok
19:02:56.0173 1252 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:02:56.0284 1252 volsnap - ok
19:02:56.0324 1252 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:02:56.0332 1252 vsmraid - ok
19:02:56.0385 1252 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:02:56.0539 1252 VSS - ok
19:02:56.0566 1252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:02:56.0572 1252 vwifibus - ok
19:02:56.0600 1252 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:02:56.0611 1252 vwififlt - ok
19:02:56.0634 1252 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:02:56.0636 1252 vwifimp - ok
19:02:56.0670 1252 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:02:56.0697 1252 W32Time - ok
19:02:56.0717 1252 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:02:56.0725 1252 WacomPen - ok
19:02:56.0767 1252 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:02:56.0869 1252 WANARP - ok
19:02:56.0892 1252 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:02:56.0893 1252 Wanarpv6 - ok
19:02:57.0035 1252 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:02:57.0277 1252 WatAdminSvc - ok
19:02:57.0342 1252 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:02:57.0468 1252 wbengine - ok
19:02:57.0499 1252 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:02:57.0513 1252 WbioSrvc - ok
19:02:57.0556 1252 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:02:57.0668 1252 wcncsvc - ok
19:02:57.0692 1252 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:02:57.0696 1252 WcsPlugInService - ok
19:02:57.0714 1252 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:02:57.0765 1252 Wd - ok
19:02:57.0817 1252 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:02:57.0952 1252 Wdf01000 - ok
19:02:57.0984 1252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:02:57.0986 1252 WdiServiceHost - ok
19:02:57.0991 1252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:02:57.0993 1252 WdiSystemHost - ok
19:02:58.0027 1252 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:02:58.0118 1252 WebClient - ok
19:02:58.0163 1252 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:02:58.0180 1252 Wecsvc - ok
19:02:58.0207 1252 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:02:58.0211 1252 wercplsupport - ok
19:02:58.0240 1252 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:02:58.0252 1252 WerSvc - ok
19:02:58.0277 1252 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:02:58.0282 1252 WfpLwf - ok
19:02:58.0298 1252 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:02:58.0303 1252 WIMMount - ok
19:02:58.0315 1252 WinDefend - ok
19:02:58.0322 1252 WinHttpAutoProxySvc - ok
19:02:58.0358 1252 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:02:58.0364 1252 Winmgmt - ok
19:02:58.0435 1252 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:02:58.0546 1252 WinRM - ok
19:02:58.0601 1252 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
19:02:58.0673 1252 WinUsb - ok
19:02:58.0716 1252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:02:58.0743 1252 Wlansvc - ok
19:02:58.0796 1252 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:02:58.0882 1252 wlcrasvc - ok
19:02:58.0996 1252 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:02:59.0158 1252 wlidsvc - ok
19:02:59.0193 1252 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
19:02:59.0270 1252 wltrysvc - ok
19:02:59.0298 1252 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
19:02:59.0389 1252 WmBEnum - ok
19:02:59.0440 1252 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
19:02:59.0568 1252 WmFilter - ok
19:02:59.0642 1252 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:02:59.0644 1252 WmiAcpi - ok
19:02:59.0675 1252 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:02:59.0688 1252 wmiApSrv - ok
19:02:59.0722 1252 WMPNetworkSvc - ok
19:02:59.0736 1252 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
19:02:59.0871 1252 WmVirHid - ok
19:02:59.0885 1252 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
19:02:59.0990 1252 WmXlCore - ok
19:03:00.0025 1252 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:03:00.0030 1252 WPCSvc - ok
19:03:00.0062 1252 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:03:00.0127 1252 WPDBusEnum - ok
19:03:00.0178 1252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:03:00.0183 1252 ws2ifsl - ok
19:03:00.0242 1252 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:03:00.0246 1252 wscsvc - ok
19:03:00.0250 1252 WSearch - ok
19:03:00.0351 1252 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:03:00.0460 1252 wuauserv - ok
19:03:00.0491 1252 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:03:00.0585 1252 WudfPf - ok
19:03:00.0636 1252 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:03:00.0719 1252 WUDFRd - ok
19:03:00.0749 1252 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:03:00.0869 1252 wudfsvc - ok
19:03:00.0903 1252 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:03:00.0911 1252 WwanSvc - ok
19:03:00.0970 1252 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:03:01.0075 1252 xusb21 - ok
19:03:01.0132 1252 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:03:01.0256 1252 YahooAUService - ok
19:03:01.0280 1252 ================ Scan global ===============================
19:03:01.0306 1252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:03:01.0352 1252 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:03:01.0430 1252 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:03:01.0466 1252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:03:01.0509 1252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:03:01.0526 1252 [Global] - ok
19:03:01.0530 1252 ================ Scan MBR ==================================
19:03:01.0541 1252 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:03:02.0027 1252 \Device\Harddisk0\DR0 - ok
19:03:02.0028 1252 ================ Scan VBR ==================================
19:03:02.0032 1252 [ 019ECD317CF750E0916D15201B35284A ] \Device\Harddisk0\DR0\Partition1
19:03:02.0033 1252 \Device\Harddisk0\DR0\Partition1 - ok
19:03:02.0064 1252 [ D243C846FC4D4BD53F7CDB36B903219D ] \Device\Harddisk0\DR0\Partition2
19:03:02.0066 1252 \Device\Harddisk0\DR0\Partition2 - ok
19:03:02.0067 1252 ============================================================
19:03:02.0067 1252 Scan finished
19:03:02.0067 1252 ============================================================
19:03:02.0078 8428 Detected object count: 0
19:03:02.0078 8428 Actual detected object count: 0

~aswMBR log~

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-29 19:07:51
-----------------------------
19:07:51.878 OS Version: Windows x64 5.1.2600 Service Pack 2
19:07:51.878 Number of processors: 8 586 0x1E05
19:07:51.880 ComputerName: KEVIN5120-PC UserName: Kevin5120
19:07:53.082 Initialize success
19:09:51.450 AVAST engine defs: 13012903
19:10:09.675 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:10:09.680 Disk 0 Vendor: WDC_WD3200BEKT-75F3T0 11.01A11 Size: 305245MB BusType: 11
19:10:09.709 Disk 0 MBR read successfully
19:10:09.718 Disk 0 MBR scan
19:10:09.794 Disk 0 Windows 7 default MBR code
19:10:09.804 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 211 MB offset 63
19:10:09.826 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8818 MB offset 434176
19:10:09.849 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 296214 MB offset 18493440
19:10:09.906 Disk 0 scanning C:\Windows\system32\drivers
19:10:25.572 Service scanning
19:10:51.692 Modules scanning
19:10:51.712 Disk 0 trace - called modules:
19:10:51.768 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:10:52.113 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ca9060]
19:10:52.124 3 CLASSPNP.SYS[fffff880018be43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004989060]
19:10:54.136 AVAST engine scan C:\Windows
19:10:58.250 AVAST engine scan C:\Windows\system32
19:17:00.269 AVAST engine scan C:\Windows\system32\drivers
19:17:16.988 AVAST engine scan C:\Users\Kevin5120
19:48:28.375 AVAST engine scan C:\ProgramData
19:53:42.577 Scan finished successfully
19:54:30.800 Disk 0 MBR has been saved successfully to "C:\Users\Kevin5120\Documents\MBR.dat"
19:54:30.811 The log file has been saved successfully to "C:\Users\Kevin5120\Documents\aswMBR log.txt"


~ESET list of found threats~


C:\Users\All Users\wxDownload\50e9bac610eba.dll Win32/Adware.MultiPlug.G application
C:\ProgramData\wxDownload\50e9bac610eba.dll Win32/Adware.MultiPlug.G application cleaned by deleting - quarantined
C:\Users\Alicia\AppData\Local\Google\Chrome\User Data\Default\Extensions\combpcbfccfnildjidjcibadabhpelkf\1\50e9ba88ec5a18.50175052.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\t1g3rz08.default\extensions\50e9ba88ec638@50e9ba88ec667.com\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined




It seems that the first threat found was not removed as it is highlighted red in the ESET application and it said that only 3/4 infections were cleaned

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 29 January 2013 - 11:40 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 29 January 2013 - 11:46 PM

I already have malwarebytes on my computer and ran a scan earlier before i even made this topic and deleted 3 infections did you want me to scan it again anyway or just post the log from the earlier scan instead?

will also get started on all other steps you provided.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 29 January 2013 - 11:55 PM

Yes,I need to see the clean log

#9 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 30 January 2013 - 03:24 AM

Here are the logs you requested.




Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.29.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kevin5120 :: KEVIN5120-PC [administrator]

1/29/2013 11:58:05 PM
mbam-log-2013-01-29 (23-58-05).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 506486
Time elapsed: 2 hour(s), 22 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version:10-01-2013
Ran by Kevin5120 (administrator) on 30-01-2013 at 02:25:02
Running from "C:\Users\Kevin5120\Documents\Downloads"
Microsoft Windows XP Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:8123;https=127.0.0.1:8123;socks=127.0.0.1:1080

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Dell Wireless 1520 Wireless-N WLAN Mini-Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kevin5120-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C4-17-FE-94-44-AC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1520 Wireless-N WLAN Mini-Card
Physical Address. . . . . . . . . : C4-17-FE-94-44-AC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d03f:1e06:961b:86cc%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.49(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 29, 2013 5:40:27 PM
Lease Expires . . . . . . . . . . : Wednesday, January 30, 2013 5:40:27 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 247732222
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-89-EE-49-00-26-B9-05-23-EF
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-26-B9-05-23-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3c00:3849:e710:d81a(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c00:3849:e710:d81a%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{57CD3A16-A35C-499E-AD4E-8707460F4FC7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{947FAAF1-E9DE-40C9-9E72-6D1709686C15}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{92E2055C-E23D-400D-BB0A-6B66402095B9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4009:802::1004
74.125.225.100
74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.110
74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99


Pinging google.com [74.125.225.101] with 32 bytes of data:
Reply from 74.125.225.101: bytes=32 time=1077ms TTL=53
Reply from 74.125.225.101: bytes=32 time=36ms TTL=53

Ping statistics for 74.125.225.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 1077ms, Average = 556ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=82ms TTL=48
Reply from 98.139.183.24: bytes=32 time=95ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 82ms, Maximum = 95ms, Average = 88ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...c4 17 fe 94 44 ac ......Microsoft Virtual WiFi Miniport Adapter
12...c4 17 fe 94 44 ac ......Dell Wireless 1520 Wireless-N WLAN Mini-Card
10...00 26 b9 05 23 ef ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.49 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.49 281
192.168.1.49 255.255.255.255 On-link 192.168.1.49 281
192.168.1.255 255.255.255.255 On-link 192.168.1.49 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.49 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.49 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:6ab8:3c00:3849:e710:d81a/128
On-link
12 281 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::3c00:3849:e710:d81a/128
On-link
12 281 fe80::d03f:1e06:961b:86cc/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/29/2013 11:58:45 PM) (Source: Application Hang) (User: )
Description: The program mcagent.exe version 11.6.434.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1efc

Start Time: 01cdfe8a07b34cf0

Termination Time: 67

Application Path: C:\Program Files\McAfee.com\Agent\mcagent.exe

Report Id: b42d8adb-6a99-11e2-9de9-0026b90523ef

Error: (01/29/2013 07:56:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/29/2013 05:42:52 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {145b3f5a-f455-4e75-838e-37f66c0a6d55}

Error: (01/29/2013 05:40:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: bcmwltry.exe, version: 5.30.21.0, time stamp: 0x4a53eb54
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007ff00351db8
Faulting process id: 0x67c
Faulting application start time: 0xbcmwltry.exe0
Faulting application path: bcmwltry.exe1
Faulting module path: bcmwltry.exe2
Report Id: bcmwltry.exe3

Error: (01/29/2013 02:21:20 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (01/29/2013 01:58:46 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {e0d7a663-e701-4746-8a7e-1df4a4a2e2b8}

Error: (01/29/2013 00:09:12 AM) (Source: Google Update) (User: Kevin5120-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (01/28/2013 09:02:05 PM) (Source: Google Update) (User: Kevin5120-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (01/28/2013 06:02:05 PM) (Source: Google Update) (User: Kevin5120-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80

Error: (01/28/2013 03:57:48 PM) (Source: Google Update) (User: Kevin5120-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80


System errors:
=============
Error: (01/29/2013 11:04:09 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 10:54:05 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 10:44:05 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 10:34:01 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 10:24:02 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 10:14:00 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 06:32:48 PM) (Source: DCOM) (User: )
Description: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}

Error: (01/29/2013 06:31:48 PM) (Source: DCOM) (User: )
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (01/29/2013 06:23:13 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.

Error: (01/29/2013 06:13:09 PM) (Source: NetBT) (User: )
Description: The name "WCE-PC :0" could not be registered on the interface with IP address 192.168.1.49.
The computer with the IP address 192.168.1.45 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader XI (Version: 11.0.00)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced Audio FX Engine (Version: 1.12.05)
Aeria Ignite (Version: 1.11.2111)
AIM 7
Akamai NetSession Interface
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
ATI AVIVO64 Codecs (Version: 11.6.0.50601)
ATI Catalyst Control Center (Version: 2.009.0729.2226)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Bing Bar (Version: 7.0.609.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Light (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Previews Common (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Previews Common (Version: 2010.0601.2152.37421)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0601.2152.37421)
Catalyst Control Center InstallProxy (Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (Version: 2010.0601.2152.37421)
Catalyst Control Center Localization All (Version: 2009.0729.2227.38498)
Catalyst Control Center Localization All (Version: 2010.0601.2152.37421)
ccc-core-static (Version: 2009.0729.2227.38498)
ccc-core-static (Version: 2010.0601.2152.37421)
ccc-utility64 (Version: 2009.0729.2227.38498)
ccc-utility64 (Version: 2010.0601.2152.37421)
CCC Help Chinese Standard (Version: 2009.0729.2226.38498)
CCC Help Chinese Standard (Version: 2010.0601.2151.37421)
CCC Help Chinese Traditional (Version: 2009.0729.2226.38498)
CCC Help Chinese Traditional (Version: 2010.0601.2151.37421)
CCC Help Danish (Version: 2009.0729.2226.38498)
CCC Help Danish (Version: 2010.0601.2151.37421)
CCC Help Dutch (Version: 2009.0729.2226.38498)
CCC Help Dutch (Version: 2010.0601.2151.37421)
CCC Help English (Version: 2009.0729.2226.38498)
CCC Help English (Version: 2010.0601.2151.37421)
CCC Help Finnish (Version: 2009.0729.2226.38498)
CCC Help Finnish (Version: 2010.0601.2151.37421)
CCC Help French (Version: 2009.0729.2226.38498)
CCC Help French (Version: 2010.0601.2151.37421)
CCC Help German (Version: 2009.0729.2226.38498)
CCC Help German (Version: 2010.0601.2151.37421)
CCC Help Italian (Version: 2009.0729.2226.38498)
CCC Help Italian (Version: 2010.0601.2151.37421)
CCC Help Japanese (Version: 2009.0729.2226.38498)
CCC Help Japanese (Version: 2010.0601.2151.37421)
CCC Help Korean (Version: 2009.0729.2226.38498)
CCC Help Korean (Version: 2010.0601.2151.37421)
CCC Help Norwegian (Version: 2009.0729.2226.38498)
CCC Help Norwegian (Version: 2010.0601.2151.37421)
CCC Help Portuguese (Version: 2009.0729.2226.38498)
CCC Help Portuguese (Version: 2010.0601.2151.37421)
CCC Help Russian (Version: 2009.0729.2226.38498)
CCC Help Russian (Version: 2010.0601.2151.37421)
CCC Help Spanish (Version: 2009.0729.2226.38498)
CCC Help Spanish (Version: 2010.0601.2151.37421)
CCC Help Swedish (Version: 2009.0729.2226.38498)
CCC Help Swedish (Version: 2010.0601.2151.37421)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Remote Access (Version: 1.3.0.0)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Touchpad (Version: 13.2.2.2)
Dell Webcam Central (Version: 1.40.05)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
Download Updater (AOL LLC)
Eden Eternal
ESET Online Scanner v3
Express Burn
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FormatFactory 2.30 (Version: 2.30)
Google Chrome (Version: 24.0.1312.56)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Java 7 Update 10 (Version: 7.0.100)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 35 (Version: 6.0.350)
Junk Mail filter update (Version: 15.4.3502.0922)
jZip
LG United Mobile Driver (Version: 3.7.2.0)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Macromedia Extension Manager (Version: 1.7.240)
Macromedia Flash 8 (Version: 8.00.0000)
Macromedia Flash 8 Video Encoder (Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Security Scan Plus (Version: 3.0.313.1)
McAfee Total Protection (Version: 11.6.443)
McAfee Virtual Technician (Version: 7.0.0.2358)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nintendo_Zelda_Countdown_screensaver
PakkISO 0.4 (Version: PakkISO 0.4 by zorted, installer by BitLooter)
PC Connectivity Solution (Version: 8.15.0.0)
PowerDVD DX (Version: 8.3.5424)
Prism Video Converter
Project64 1.7
Quickset64 (Version: 9.6.6)
QuickTime (Version: 7.69.80.9)
Roxio Burn (Version: 1.01)
RuneScape Launcher 1.0.1 (Version: 1.0.1)
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (Version: 1.00.0000)
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
SaveVid Plug-in (Version: 2.0.0.107556)
Shared C Run-time for x64 (Version: 10.0.0)
Skins (Version: 2009.0729.2227.38498)
Skype™ 6.0 (Version: 6.0.126)
SpywareBlaster 4.6 (Version: 4.6.0)
StartNow Toolbar (Version: 2.5.0)
The Weather Channel App
The Weather Channel Desktop 6
The Weather Channel Toolbar
THE_LEGEND_OF_ZELDA_25th_ANNIVERSARY
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Veoh Giraffic Video Accelerator (Version: 0.86.246.230)
Veoh Web Player (Version: 1.1.2.0000)
Vizzed Retro Game Room (Version: 1.0.10)
Vuze (Version: 4.7)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Movie Maker 6.0.6000.16386
WinRAR 4.00 (64-bit) (Version: 4.00.0)
WinZip 14.5 (Version: 14.5.9095)
WxDownload Expansion (Version: 1.0)
wxDownload Fast 0.6.0
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 4084.5 MB
Available physical RAM: 1394.79 MB
Total Pagefile: 8167.19 MB
Available Pagefile: 4031.45 MB
Total Virtual: 4095.88 MB
Available Virtual: 3933.55 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:289.27 GB) (Free:120.9 GB) NTFS

========================= Users: ========================================

User accounts for \\KEVIN5120-PC

Administrator Alicia Guest
Kevin5120 RA Media Server

========================= Restore Points ==================================

18-01-2013 06:09:26 Scheduled Checkpoint
25-01-2013 19:34:35 Scheduled Checkpoint
29-01-2013 19:20:12 Windows Update

**** End of log ****




Farbar Service Scanner Version: 16-01-2013
Ran by Kevin5120 (administrator) on 30-01-2013 at 02:34:37
Running from "C:\Users\Kevin5120\Documents\Downloads"
Microsoft Windows XP Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
IpSec Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open IpSec registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open IpSec registry key. The service key does not exist.
Checking LEGACY_IpSec: ATTENTION!=====> Unable to open LEGACY_IpSec\0000 registry key. The key does not exist.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand. The default start type is Auto.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.
Checking LEGACY_sharedaccess: ATTENTION!=====> Unable to open LEGACY_sharedaccess\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open Srservice registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open Srservice registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open Srservice registry key. The service key does not exist.
Checking LEGACY_Srservice: ATTENTION!=====> Unable to open LEGACY_Srservice\0000 registry key. The key does not exist.

sr Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open sr registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open sr registry key. The service key does not exist.
Checking LEGACY_sr: ATTENTION!=====> Unable to open LEGACY_sr\0000 registry key. The key does not exist.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\Windows\SysWOW64\dhcpcsvc.dll
[2009-07-13 18:12] - [2009-07-13 20:15] - 0061952 ____A (Microsoft Corporation) 9A85ABCE0FDD1AF8E79E731EB0B679F3

C:\Windows\System32\drivers\afd.sys => MD5 is legit

ATTENTION!=====> C:\Windows\SysWOW64\Drivers\netbt.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

ATTENTION!=====> C:\Windows\SysWOW64\Drivers\ipsec.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

ATTENTION!=====> C:\Windows\SysWOW64\ipnathlp.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\SysWOW64\netman.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\SysWOW64\wbem\WMIsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\SysWOW64\srsvc.dll FILE IS MISSING AND SHOULD BE RESTORED.


ATTENTION!=====> C:\Windows\SysWOW64\Drivers\sr.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

ATTENTION!=====> C:\Windows\SysWOW64\wuauserv.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

ATTENTION!=====> C:\Windows\SysWOW64\services.exe FILE IS MISSING AND SHOULD BE RESTORED.


Extra List:
=======
mfewfpk(10) NetBT(11) Packet(9) Smb(8) Tcpip(3) tdx(4)
0x0B000000050000000100000002000000030000000A00000004000000060000000700000008000000090000000B000000
ATTENTION!=====> IpSec Tag value should be 5. ATTENTION!=====> IpSec Tag value is missing and it should be 5.

**** End of log ****




# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kevin5120 - KEVIN5120-PC
# Boot Mode : Normal
# Running from : C:\Users\Kevin5120\Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Updater Service for StartNow Toolbar

***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\KEVIN5~1\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\KEVIN5~1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\KEVIN5~1\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\2jy88rep.Kevin5120\CT2680363
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\2jy88rep.Kevin5120\extensions\{a8864317-e18b-4292-99d9-e6e65ab905d3}
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\2jy88rep.Kevin5120\Smartbar
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\Conduit
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\ConduitCommon
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\CT2680363
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\extensions\{a8864317-e18b-4292-99d9-e6e65ab905d3}
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\x6qz3mzk.Kevin Profile\ConduitCommon
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\x6qz3mzk.Kevin Profile\CT2680363
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\x6qz3mzk.Kevin Profile\extensions\{a8864317-e18b-4292-99d9-e6e65ab905d3}
Folder Deleted : C:\Users\Kevin5120\AppData\Roaming\PerformerSoft

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\2jy88rep.Kevin5120\prefs.js

Deleted : user_pref("CT2680363.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2680363.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2680363.FirstTime", "true");
Deleted : user_pref("CT2680363.FirstTimeFF3", "true");
Deleted : user_pref("CT2680363.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT2680363.RevertSettingsEnabled", true);
Deleted : user_pref("CT2680363.UserID", "UN62648643944272552");
Deleted : user_pref("CT2680363.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2680363.embeddedsData", "[{\"appId\":\"129217750664239616\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2680363.enableAlerts", "always");
Deleted : user_pref("CT2680363.enableFix404ByUser", "TRUE");
Deleted : user_pref("CT2680363.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2680363.fixPageNotFoundError", "true");
Deleted : user_pref("CT2680363.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT2680363.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2680363.fixUrls", true);
Deleted : user_pref("CT2680363.isCheckedStartAsHidden", true);
Deleted : user_pref("CT2680363.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2680363.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT2680363.isNewTabEnabled", true);
Deleted : user_pref("CT2680363.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2680363.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2680363.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2680363.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT2680363.lastVersion", "10.14.42.7");
Deleted : user_pref("CT2680363.migrateAppsAndComponents", true);
Deleted : user_pref("CT2680363.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT2680363.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2680363.search.searchAppId", "129217750664239616");
Deleted : user_pref("CT2680363.search.searchCount", "0");
Deleted : user_pref("CT2680363.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT2680363.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2680363.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2680363.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2680363.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2680363.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2680363.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2680363.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2680363.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2680363.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2680363.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT2680363.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359486450485");
Deleted : user_pref("CT2680363.serviceLayer_services_appTracking_lastUpdate", "1354639351845");
Deleted : user_pref("CT2680363.serviceLayer_services_appsMetadata_lastUpdate", "1359487880387");
Deleted : user_pref("CT2680363.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1358528367863");
Deleted : user_pref("CT2680363.serviceLayer_services_login_10.10.20.14_lastUpdate", "1347395079039");
Deleted : user_pref("CT2680363.serviceLayer_services_login_10.10.27.6_lastUpdate", "1352652735462");
Deleted : user_pref("CT2680363.serviceLayer_services_login_10.13.40.15_lastUpdate", "1359487860178");
Deleted : user_pref("CT2680363.serviceLayer_services_login_10.14.42.7_lastUpdate", "1359500064565");
Deleted : user_pref("CT2680363.serviceLayer_services_menu_6759b98c5c41e5adf06c33270b62c6e6_lastUpdate", "13595[...]
Deleted : user_pref("CT2680363.serviceLayer_services_menu_80d353221b1bca0ea09b0ca31fc56984_lastUpdate", "13595[...]
Deleted : user_pref("CT2680363.serviceLayer_services_menu_881468d8e0b6e916c63be4c8ba637004_lastUpdate", "13595[...]
Deleted : user_pref("CT2680363.serviceLayer_services_menu_a5853dc22a1fdc032e03e2ce648f7391_lastUpdate", "13595[...]
Deleted : user_pref("CT2680363.serviceLayer_services_menu_b1937dfb105ad53b8d49aa02aa266f80_lastUpdate", "13595[...]
Deleted : user_pref("CT2680363.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1358528487895");
Deleted : user_pref("CT2680363.serviceLayer_services_searchAPI_lastUpdate", "1359486451573");
Deleted : user_pref("CT2680363.serviceLayer_services_serviceMap_lastUpdate", "1359486450693");
Deleted : user_pref("CT2680363.serviceLayer_services_toolbarContextMenu_lastUpdate", "1358528487800");
Deleted : user_pref("CT2680363.serviceLayer_services_toolbarSettings_lastUpdate", "1359502280881");
Deleted : user_pref("CT2680363.serviceLayer_services_translation_lastUpdate", "1359486450950");
Deleted : user_pref("CT2680363.settingsINI", true);
Deleted : user_pref("CT2680363.smartbar.CTID", "CT2680363");
Deleted : user_pref("CT2680363.smartbar.Uninstall", "0");
Deleted : user_pref("CT2680363.smartbar.isHidden", false);
Deleted : user_pref("CT2680363.smartbar.toolbarName", "RuneScape ");
Deleted : user_pref("CT2680363.toolbarBornServerTime", "10-7-2012");
Deleted : user_pref("CT2680363.toolbarCurrentServerTime", "30-1-2013");
Deleted : user_pref("CT2680363.upgradeFromClearSBVersion", true);
Deleted : user_pref("CT2680363_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

File : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\prefs.js

C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\k2qbvmo2.default\user.js ... Deleted !

Deleted : user_pref("CT2680363..clientLogIsEnabled", false);
Deleted : user_pref("CT2680363..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2680363..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2680363.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2680363.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2680363.AppTrackingLastCheckTime", "Fri Sep 09 2011 13:27:58 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2680363.CTID", "CT2680363");
Deleted : user_pref("CT2680363.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2680363.CurrentServerDate", "10-7-2012");
Deleted : user_pref("CT2680363.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2680363.DialogsGetterLastCheckTime", "Tue Jul 10 2012 01:20:21 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2680363.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129221960058849484", "Tue Jul 10 2012 01:20:20 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129222078068706850", "Tue Jul 10 2012 01:30:21 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129228979092089554", "Tue Jul 10 2012 01:20:20 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129243777123493394", "Tue Jul 10 2012 01:20:20 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129308349891594152", "Tue Jul 10 2012 01:30:21 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129362183886169315", "Tue Jul 10 2012 01:20:20 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129688842010768035", "Tue Jul 10 2012 01:20:21 GMT-040[...]
Deleted : user_pref("CT2680363.FirstServerDate", "31-8-2010");
Deleted : user_pref("CT2680363.FirstTime", true);
Deleted : user_pref("CT2680363.FirstTimeFF3", true);
Deleted : user_pref("CT2680363.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2680363.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2680363.GroupingInvalidateCache", false);
Deleted : user_pref("CT2680363.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2680363.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2680363.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2680363.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2680363.HasUserGlobalKeys", true);
Deleted : user_pref("CT2680363.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2680363.Initialize", true);
Deleted : user_pref("CT2680363.InitializeCommonPrefs", true);
Deleted : user_pref("CT2680363.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2680363.InstalledDate", "Sat Aug 28 2010 00:10:41 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2680363.InvalidateCache", false);
Deleted : user_pref("CT2680363.IsAlertDBUpdated", true);
Deleted : user_pref("CT2680363.IsGrouping", false);
Deleted : user_pref("CT2680363.IsMulticommunity", false);
Deleted : user_pref("CT2680363.IsOpenThankYouPage", true);
Deleted : user_pref("CT2680363.IsOpenUninstallPage", true);
Deleted : user_pref("CT2680363.LanguagePackLastCheckTime", "Tue Jul 10 2012 01:20:21 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2680363.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2680363.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2680363.LastLogin_2.7.2.0", "Sat Jan 08 2011 17:58:46 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.13.0.6", "Tue Jul 10 2012 01:20:20 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2680363.LastLogin_3.2.5.2", "Tue Apr 12 2011 12:40:01 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.3.3.2", "Thu Sep 08 2011 13:17:44 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.6.0.10", "Fri Sep 09 2011 13:27:43 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2680363.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2680363.Locale", "en");
Deleted : user_pref("CT2680363.LoginCache", 4);
Deleted : user_pref("CT2680363.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2680363.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2680363.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2680363.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT2680363.RadioLastCheckTime", "0");
Deleted : user_pref("CT2680363.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2680363.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2680363.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2680363.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2680363.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2680363.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2680363.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Deleted : user_pref("CT2680363.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2680363.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2680363.SearchInNewTabLastCheckTime", "Tue Jul 10 2012 01:20:22 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2680363.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2680363.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2680363.SearchProtectorEnabled", false);
Deleted : user_pref("CT2680363.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2680363.ServiceMapLastCheckTime", "Tue Jul 10 2012 01:20:19 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2680363.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2680363.SettingsLastCheckTime", "Tue Jul 10 2012 01:20:20 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2680363.SettingsLastUpdate", "1337169810");
Deleted : user_pref("CT2680363.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2680363.ThirdPartyComponentsLastCheck", "Tue Jul 10 2012 01:20:20 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2680363.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2680363.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2680363");
Deleted : user_pref("CT2680363.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2680363.UserID", "UN08090389786669339");
Deleted : user_pref("CT2680363.ValidationData_Search", 2);
Deleted : user_pref("CT2680363.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2680363.alertChannelId", "1072794");
Deleted : user_pref("CT2680363.clientLogIsEnabled", true);
Deleted : user_pref("CT2680363.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2680363.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2680363.globalFirstTimeInfoLastCheckTime", "Tue Jul 10 2012 01:20:21 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2680363.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2680363.initDone", true);
Deleted : user_pref("CT2680363.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2680363.myStuffEnabled", true);
Deleted : user_pref("CT2680363.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2680363.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2680363.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2680363.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2680363.oldAppsList", "129217750664239615,129217750664239616,111,129240097234456939,129[...]
Deleted : user_pref("CT2680363.revertSettingsEnabled", false);
Deleted : user_pref("CT2680363.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2680363.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2680363.testingCtid", "");
Deleted : user_pref("CT2680363.toolbarAppMetaDataLastCheckTime", "Tue Jul 10 2012 01:20:21 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2680363.toolbarContextMenuLastCheckTime", "Tue Jul 10 2012 01:20:21 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2680363.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2680363.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2680363");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2680363/CT2680363[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1072794/1068498/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2680363", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2680363",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63438026930213[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2680363&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2680363/CT2680363[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"21b[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kevin5120\\AppData\\Roaming\\Mozill[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?&q=");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2680363");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2680363");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 13 2011 18:55:03 GMT-04[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Sep 08 2011 13:17:38 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Sep 08 2011 13:17:30 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{5b031f0c-ecbd-4270-9904-e32436f3ae16}");
Deleted : user_pref("CommunityToolbar.globalUserId", "e0a64e03-103d-4124-867c-63a84587cb70");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Sep 08 2011 13:58:1[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Sep 08 2011 13:57:59 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "b9c97e6f-8c35-41ed-aeae-56bf6d08ba27");
Deleted : user_pref("extensions.facemoods.first_time", false);
Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\Program Files (x86)\StartNow [...]

File : C:\Users\Kevin5120\AppData\Roaming\Mozilla\Firefox\Profiles\x6qz3mzk.Kevin Profile\prefs.js

Deleted : user_pref("CT2680363..clientLogIsEnabled", false);
Deleted : user_pref("CT2680363..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2680363..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2680363.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2680363.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2680363.AppTrackingLastCheckTime", "Sun Mar 04 2012 12:26:05 GMT-0500 (Eastern Standard[...]
Deleted : user_pref("CT2680363.CT2680363", "CT2680363");
Deleted : user_pref("CT2680363.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2680363.CurrentServerDate", "8-5-2012");
Deleted : user_pref("CT2680363.DSInstall", false);
Deleted : user_pref("CT2680363.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2680363.DialogsGetterLastCheckTime", "Tue May 08 2012 11:40:11 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2680363.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129221960058849484", "Sun Dec 25 2011 14:12:29 GMT-050[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129222078068706850", "Thu May 10 2012 14:28:31 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129228979092089554", "Thu May 10 2012 13:38:27 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129243777123493394", "Thu May 10 2012 14:08:27 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129308349891594152", "Thu May 10 2012 14:28:33 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129362183886169315", "Mon Dec 12 2011 17:28:00 GMT-050[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129688842010768035", "Thu May 10 2012 13:38:27 GMT-040[...]
Deleted : user_pref("CT2680363.FirstServerDate", "7-10-2011");
Deleted : user_pref("CT2680363.FirstTime", true);
Deleted : user_pref("CT2680363.FirstTimeFF3", true);
Deleted : user_pref("CT2680363.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2680363.GroupingInvalidateCache", false);
Deleted : user_pref("CT2680363.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2680363.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2680363.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2680363.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2680363.HPInstall", false);
Deleted : user_pref("CT2680363.HasUserGlobalKeys", true);
Deleted : user_pref("CT2680363.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2680363.HomepageBeforeUnload", "hxxp://dell.msn.com/?pc=MDDC");
Deleted : user_pref("CT2680363.Initialize", true);
Deleted : user_pref("CT2680363.InitializeCommonPrefs", true);
Deleted : user_pref("CT2680363.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2680363.InstallationType", "DirectDownload");
Deleted : user_pref("CT2680363.InstalledDate", "Thu Oct 06 2011 17:07:55 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2680363.InvalidateCache", false);
Deleted : user_pref("CT2680363.IsAlertDBUpdated", true);
Deleted : user_pref("CT2680363.IsGrouping", false);
Deleted : user_pref("CT2680363.IsInitSetupIni", true);
Deleted : user_pref("CT2680363.IsMulticommunity", false);
Deleted : user_pref("CT2680363.IsOpenThankYouPage", true);
Deleted : user_pref("CT2680363.IsOpenUninstallPage", true);
Deleted : user_pref("CT2680363.IsProtectorsInit", true);
Deleted : user_pref("CT2680363.LanguagePackLastCheckTime", "Wed May 09 2012 22:52:27 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2680363.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2680363.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2680363.LastLogin_3.10.0.1", "Wed Apr 11 2012 12:06:47 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2680363.LastLogin_3.12.2.3", "Thu May 10 2012 13:38:37 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2680363.LastLogin_3.7.0.6", "Mon Nov 07 2011 13:47:36 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.8.0.8", "Tue Nov 22 2011 16:06:00 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.8.1.0", "Thu Jan 12 2012 03:04:02 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.9.0.3", "Thu Mar 08 2012 10:28:39 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2680363.LatestVersion", "3.12.2.3");
Deleted : user_pref("CT2680363.Locale", "en");
Deleted : user_pref("CT2680363.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2680363.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2680363.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2680363.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT2680363.OriginalFirstVersion", "3.7.0.6");
Deleted : user_pref("CT2680363.RadioLastCheckTime", "0");
Deleted : user_pref("CT2680363.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2680363.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2680363.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2680363.SearchCaption", "RuneScape Customized Web Search");
Deleted : user_pref("CT2680363.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2680363.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2680363.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Deleted : user_pref("CT2680363.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2680363.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2680363.SearchInNewTabLastCheckTime", "Wed May 09 2012 22:52:24 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2680363.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2680363.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2680363.SearchProtectorEnabled", false);
Deleted : user_pref("CT2680363.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2680363.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2680363.ServiceMapLastCheckTime", "Wed May 09 2012 22:52:27 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2680363.SettingsLastCheckTime", "Thu May 10 2012 13:39:14 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2680363.SettingsLastUpdate", "1334761737");
Deleted : user_pref("CT2680363.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2680363&SearchSource=13");
Deleted : user_pref("CT2680363.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2680363.ThirdPartyComponentsLastCheck", "Tue May 08 2012 11:40:03 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2680363.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2680363.ToolbarDisabled", false);
Deleted : user_pref("CT2680363.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2680363.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2680363");
Deleted : user_pref("CT2680363.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2680363.UserID", "UN55946587947425426");
Deleted : user_pref("CT2680363.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2680363.alertChannelId", "1072794");
Deleted : user_pref("CT2680363.components.1000034", false);
Deleted : user_pref("CT2680363.components.1000082", false);
Deleted : user_pref("CT2680363.components.1000234", false);
Deleted : user_pref("CT2680363.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2680363.globalFirstTimeInfoLastCheckTime", "Tue May 08 2012 11:40:09 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2680363.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2680363.initDone", true);
Deleted : user_pref("CT2680363.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2680363.myStuffEnabled", true);
Deleted : user_pref("CT2680363.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2680363.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2680363.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2680363.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2680363.oldAppsList", "129217750664239615,129217750664239616,111,129240097234456939,129[...]
Deleted : user_pref("CT2680363.revertSettingsEnabled", false);
Deleted : user_pref("CT2680363.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2680363.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2680363.testingCtid", "");
Deleted : user_pref("CT2680363.toolbarAppMetaDataLastCheckTime", "Thu May 10 2012 13:38:37 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2680363.toolbarContextMenuLastCheckTime", "Tue May 08 2012 11:40:09 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2680363.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2680363/CT2680363[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1072794/1068498/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2680363", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2680363",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2680363&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kevin5120\\AppData\\Roaming\\Mozill[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2680363");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2680363");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2680363");
Deleted : user_pref("CommunityToolbar.globalUserId", "1fab9cd2-b1ee-4303-95f0-342be8da0e8f");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 08 2012 11:40:0[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu May 10 2012 13:38:27 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue May 08 2012 11:40:05 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "cc3aace0-8cd8-44d0-8d12-579ff835852b");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://dell.msn.com/?pc=MDDC");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");

File : C:\Users\Alicia\AppData\Roaming\Mozilla\Firefox\Profiles\t1g3rz08.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.startup.homepage", "hxxp://www.startsearcher.com/");
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("keyword.url", "hxxp://www.startsearcher.com/?q=");
Deleted : user_pref("startup.homepage_override_url", "hxxp://www.startsearcher.com/");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Kevin5120\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Alicia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [43144 octets] - [30/01/2013 02:40:10]

########## EOF - C:\AdwCleaner[S1].txt - [43205 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.4 (01.30.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kevin5120 on Wed 01/30/2013 at 2:59:51.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\veohplugin
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\ProgramData\wxdownload"
Successfully deleted: [Folder] "C:\Users\Kevin5120\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Kevin5120\AppData\Roaming\speedypc software"
Successfully deleted: [Folder] "C:\Users\Kevin5120\AppData\Roaming\startnow toolbar"
Successfully deleted: [Folder] "C:\Users\Kevin5120\appdata\locallow\wxdownload"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc performer"
Successfully deleted: [Folder] "C:\Program Files (x86)\speedypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\startnow toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\wxdownload"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml.old"
Successfully deleted: [File] C:\Users\Kevin5120\AppData\Roaming\mozilla\firefox\profiles\k2qbvmo2.default\searchplugins\bing-zugo.xml
Successfully deleted the following from C:\Users\Kevin5120\AppData\Roaming\mozilla\firefox\profiles\k2qbvmo2.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
Successfully deleted the following from C:\Users\Kevin5120\AppData\Roaming\mozilla\firefox\profiles\x6qz3mzk.Kevin Profile\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
Emptied folder: C:\Users\Kevin5120\AppData\Roaming\mozilla\firefox\profiles\2jy88rep.Kevin5120\minidumps [25 files]




Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/30/2013 03:15:58 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\System32\jusched.exe (PID: 7772) [FI]
* C:\Windows\System32\jusched.exe (PID: 7772) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/30/2013 03:16:20 AM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)





"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Broadcom Wireless Manager UI" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dell wireless wlan card\wltray.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "Start WingMan Profiler" "Logitech WingMan Event Monitor" "Logitech Inc." "c:\program files\logitech\gaming software\lwemon.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Aeria Ignite" "Aeria Ignite" "Aeria Games & Entertainment" "c:\program files (x86)\aeria games\ignite\aeriaignite.exe"
+ "DellSupportCenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Online Backup Status.lnk" "McAfee Online Backup Status Application" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkstat.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.313\ssscheduler.exe"
"C:\Users\Kevin5120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc." "c:\users\kevin5120\appdata\local\akamai\netsession_win.exe"
+ "DW6" "" "" "File not found: C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
+ "DW7" "The Weather Channel App" "The Weather Channel" "c:\program files (x86)\the weather channel\the weather channel app\twcapp.exe"
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\kevin5120\appdata\local\facebook\update\facebookupdate.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\kevin5120\appdata\local\google\update\googleupdate.exe"
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files (x86)\jzip\jzipshell.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files (x86)\jzip\jzipshell.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files (x86)\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "MOBK" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "MOBK2" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
+ "MOBK3" "McAfee Online Backup Shell Extensions" "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20130101030738.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\progra~1\mcafee\msk\mskapbho.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "MSS+ Identifier" "Quick Browser Identifier for MSS+ Tool" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.313\mcafeemss_ie.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20130101030738.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn1\ytsingleinstance.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Windows Live Messenger Companion Helper" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "The Weather Channel Toolbar" "Weather Channel Toolbar" "" "c:\windows\syswow64\twctoolbarie7.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Shift+C)" "Windows Live Messenger Companion Core" "Microsoft Corporation" "c:\program files (x86)\windows live\companion\companioncore.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\DJMHLLL1\Administrator - Start WLAN Tray Applet" "Dell Wireless WLAN Card Wireless Network Tray Applet" "Dell Inc." "c:\program files\dell\dell wireless wlan card\wltray.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-207824087-2305083835-3526209-1001Core" "Facebook Installer" "Facebook Inc." "c:\users\kevin5120\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-207824087-2305083835-3526209-1001UA" "Facebook Installer" "Facebook Inc." "c:\users\kevin5120\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-207824087-2305083835-3526209-1001Core" "Google Installer" "Google Inc." "c:\users\kevin5120\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-207824087-2305083835-3526209-1001UA" "Google Installer" "Google Inc." "c:\users\kevin5120\appdata\local\google\update\googleupdate.exe"
+ "\JavaUpdateSched" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\windows\system32\jusched.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\NCH Swift Sound\expressburnDowngrade" "Express Burn" "NCH Software" "c:\program files (x86)\nch swift sound\expressburn\expressburn.exe"
+ "\RunAsStdUser Task for VeohWebPlayer" "Veoh Web Player Beta" "Veoh Networks" "c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe"
+ "\{20084CC7-AFA6-49A6-AB48-24F9AD411E16}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{20DE23D8-DA2D-44EB-9AF8-74DB38A2D4C3}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{665A99AC-EBE1-4DF5-BCD9-05254A4E6288}" "" "" "c:\program files (x86)\samsung\samsung pc studio 3\usb drivers\sps3_usb_driver_setup.exe"
+ "\{84429B5B-BEE5-4DEE-9B56-8E94329E067E}" "Pre-Install USB Drivers" "MCCI Corporation" "c:\program files (x86)\samsung\samsung pc studio 3\usb drivers\2\setup.exe"
+ "\{A4713466-C591-4986-8554-9AB5C6D5DB6C}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apache2.2" "Apache/2.2.11 (Win32) PHP/5.2.9-2" "Apache Software Foundation" "c:\program files (x86)\common files\dell\apache\bin\httpd.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "dsl-db" "Stores data relevant to Remote Access" "" "c:\program files (x86)\common files\dell\mysql\bin\mysqld.exe"
+ "dsl-fs-sync" "Tracks changes to files and folders and keeps Remote Access media server in sync" "SingleClick Systems" "c:\program files (x86)\common files\dell\remote access file sync service\dsl_fs_sync.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "Giraffic" "Keeps track of the Giraffic Video Accelerator status and version" "Giraffic" "c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "hnmsvc" "Maintains connection to Remote Access and performs network diagnostic functions" "Dell Inc." "c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McciCMService" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files (x86)\common files\motive\mccicmservice.exe"
+ "McciCMService64" "mcci+McciCMService" "Alcatel-Lucent" "c:\program files\common files\motive\mccicmservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.313\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfecore" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\amcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MOBKbackup" "Backs up configured files to the McAfee Online Backup servers. Please do not stop or restart this service - it could corrupt your McAfee Online Backup installation." "McAfee, Inc." "c:\program files (x86)\mcafee online backup\mobkbackup.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "ServiceLayer" "ServiceLayer Module" "Nokia." "c:\program files (x86)\pc connectivity solution\servicelayer.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "wltrysvc" "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant." "" "c:\program files\dell\dell wireless wlan card\wltrysvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Acceler" "Accelerometer Port I/O" "ST Microelectronics" "c:\windows\system32\drivers\acceler.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AndNetDiag" "LGE AndroidNet USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgandnetdiag64.sys"
+ "AndNetGps" "LGE AndroidNet USB GPS NMEA Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgandnetgps64.sys"
+ "ANDNetModem" "LGE AndroidNet Mobile Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgandnetmodem64.sys"
+ "andnetndis" "LGE AndroidNet USB NDIS Miniport Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgandnetndis64.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM42RLY" "Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcm42rly.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "McPvDrv" "McAfee AntiTheft Driver" "McAfee, Inc." "c:\windows\system32\drivers\mcpvdrv.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfencbdc" "McAfee Content driver Copyright © 2010 McAfee, Inc. All Rights Reserved." "McAfee, Inc." "c:\windows\system32\drivers\mfencbdc.sys"
+ "mfencrk" "McAfee Content driver Copyright © 2010 McAfee, Inc. All Rights Reserved." "McAfee, Inc." "c:\windows\system32\drivers\mfencrk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "MOBKFilter" "McAfee Online Backup Change Monitor" "Mozy, Inc." "c:\windows\system32\drivers\mobk.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files (x86)\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "Packet" "Auto Internet Protocol" "SingleClick Systems" "c:\windows\system32\drivers\packet.sys"
+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfdx64.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH MMC Driver" "REDC" "c:\windows\system32\drivers\rimmpx64.sys"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspe64.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspx64.sys"
+ "risdpcie" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\risdpe64.sys"
+ "rismxdp" "RICOH xD SM Driver" "REDC" "c:\windows\system32\drivers\rixdpx64.sys"
+ "rixdpcie" "RICOH PCIe XD Driver" "REDC" "c:\windows\system32\drivers\rixdpe64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sscdbus" "SAMSUNG USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\sscdbus.sys"
+ "sscdmdfl" "SAMSUNG Mobile Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdfl.sys"
+ "sscdmdm" "SAMSUNG Mobile Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdm.sys"
+ "StarOpen" "" "" "File not found: C:\Windows\System32\Drivers\StarOpen.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TFsExDisk" "TFsExDisk" "" "File not found: C:\Windows\System32\Drivers\TFsExDisk.sys"
+ "usbbus" "LG CDMA USB Multi function Driver" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64bus.sys"
+ "UsbDiag" "LGE Mobile USB Serial Port" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64diag.sys"
+ "USBModem" "LGE Mobile Modem Support" "LG Electronics Inc." "c:\windows\system32\drivers\lgx64modem.sys"
+ "usj" "" "" "c:\aeriagames\edeneternal\avital\ussjcs64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WmBEnum" "Logitech WingMan Virtual Bus Enumerator Driver" "Logitech Inc." "c:\windows\system32\drivers\wmbenum.sys"
+ "WmFilter" "Logitech WingMan Hid Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\wmfilter.sys"
+ "WmVirHid" "Logitech WingMan Virtual Hid Device Driver" "Logitech Inc." "c:\windows\system32\drivers\wmvirhid.sys"
+ "WmXlCore" "Logitech WingMan Translation Driver" "Logitech Inc." "c:\windows\system32\drivers\wmxlcore.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\ac3filter.ax"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Tzan Filter" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DirectShow Tap" "Sonic DirectShow Tap Filter" "Sonic Solutions" "c:\program files (x86)\movie maker\directshowtap.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\avisynthplugins\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\avisynthplugins\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\ffdshow\ffdshow.ax"
+ "FieldSwitch" "Field Switch" "Sonic Solutions" "c:\program files (x86)\movie maker\fieldswitch.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "FunUnify Async Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Audio Trnas Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Codec Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Encoder Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "FunUnify Video Trans Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\samsung\samsung new pc studio\funcodecfilter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\haali\splitter.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MPC - Avi Source" "Avi Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\avisplitter.ax"
+ "MPC - Avi Splitter" "Avi Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\avisplitter.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\flvsplitter.ax"
+ "MPC - Matroska Source" "Matroska Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\matroskasplitter.ax"
+ "MPC - Matroska Splitter" "Matroska Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\matroskasplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mp4splitter.ax"
+ "MPC - Video decoder" "H.264/VC-1 DXVA video decoder" "MPC HomeCinema" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\mpcvideodec.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\freetime\formatfactory\ffmodules\filters\realmediasplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "RTStreamSink" "RTStream Sink Filter" "Sonic Solutions" "c:\program files (x86)\movie maker\rtstreamsink.ax"
+ "RTStreamSource" "RTStream Source Filter" "Sonic Solutions" "c:\program files (x86)\movie maker\rtstreamsource.ax"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "Sonic Audio Depth Converter" "AudioDepthConverter" "Sonic Solutions" "c:\program files (x86)\movie maker\audiodepthconverter.ax"
+ "Sonic Audio Offset Filter" "Offset" "Sonic Solutions" "c:\program files (x86)\movie maker\offset.ax"
+ "Sonic Color Converter" "Sonic Color Converter" "Sonic Solutions" "c:\program files (x86)\movie maker\soniccolorconverter.ax"
+ "Sonic Subpicture Transform" "SonicSPTransform" "Sonic Solutions" "c:\program files (x86)\movie maker\sonicsptransform.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Users\KEVIN5~1\DOWNLO~1\logon.scr" "Logon Screen Saver" "Microsoft Corporation" "c:\users\kevin5120\downloads\logon.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "BCMLogon" "Dell Wireless WLAN Card Logon Provider" "Dell Inc." "c:\windows\system32\bcmlogon.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 30 January 2013 - 06:51 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

#11 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 30 January 2013 - 12:01 PM

Farbar Service Scanner Version: 16-01-2013
Ran by Kevin5120 (administrator) on 30-01-2013 at 11:59:34
Running from "C:\Users\Kevin5120\Documents\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 30 January 2013 - 12:04 PM

You should be able to turn on Mcafee now.

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 30 January 2013 - 12:09 PM

I have to leave for an appointment in a few minutes will do all that and report back when i get home should only be gone for two or two and a half hours thanks for all the help so far though i hope it works :)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:58 AM

Posted 30 January 2013 - 12:24 PM

:thumbup2:

#15 Kevin5120

Kevin5120
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:08:58 AM

Posted 30 January 2013 - 02:34 PM

I did everything but it seems my problem has not been solved mcafee realtime scanning continues to turn off by itself and wont stay on and i keep getting the error when trying to run a scan as well :(




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users