Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI malware removed but computer still has problems


  • Please log in to reply
46 replies to this topic

#1 blamejane

blamejane

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 30 January 2013 - 12:32 PM

Hi everyone. I'm hoping for some help with my problem: My Dell PC (Windows 7) was infected with a virus yesterday. It was an FBI warning my computer was locked scam. I followed information and successfully removed it. I think. Well let me say I can now start windows and surf. However I think there's some damage, either that or I"m still infected.

I removed the virus by using malwarebytes anti-malware. After removing the selected (checked) infections, the computer restarted. All looked fine until I tried Windows Live Mail, which just hung. Then I tried Internet Explorer, which gave me the follwoing error:

A program on your computer has corrupted your default search provider setting for Internet Explorer.

Internet explorer has reset this setting to your original search provider, Google

Internet Explorer will now open SearchSettings, where you can change this setting


I always get this message upon IE startup, and I'm not able to change the settings once this page loads.

Another thing I noticed, when I click the start menu button and try to type in the run box, something like regedit, all of the programs displayed in the start list disappear.

I've tried uninstalling windows live mail, and reinstalling, I've tried uninstalling IE and reinstalling, I've downloaded and installed all windows updates (there were a lot), and I've tried a system restore to 2 days prior. I"ve also tried copying the regback files, which I thought would solve things, but that didn't work either. I'm stumped. I really thought a system restore would solve the issues.

Does anyone have a suggestion, I'm open to try anything rather than a reinstall of windows 7.

Thanks everyone.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:04 PM

Posted 30 January 2013 - 12:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 30 January 2013 - 01:23 PM

Thanks Narenxp. One question:

DO i follow each of those 1 at-a-time and post the results back, or wait until all 3 steps are completed and post the results 1 time?

Sorry to be so lame :inlove:

#4 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 30 January 2013 - 01:51 PM

Here is the log report from TDSSkiller:

(will post again with the results from the aswMBR)

TDSSkiller:
07:47:24.0346 2124 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:47:25.0705 2124 ============================================================
07:47:25.0705 2124 Current date / time: 2013/01/30 07:47:25.0705
07:47:25.0705 2124 SystemInfo:
07:47:25.0705 2124
07:47:25.0705 2124 OS Version: 6.1.7601 ServicePack: 1.0
07:47:25.0705 2124 Product type: Workstation
07:47:25.0706 2124 ComputerName: VAL-DELL-PC
07:47:25.0706 2124 UserName: Val
07:47:25.0706 2124 Windows directory: C:\Windows
07:47:25.0706 2124 System windows directory: C:\Windows
07:47:25.0706 2124 Running under WOW64
07:47:25.0706 2124 Processor architecture: Intel x64
07:47:25.0706 2124 Number of processors: 8
07:47:25.0706 2124 Page size: 0x1000
07:47:25.0706 2124 Boot type: Normal boot
07:47:25.0706 2124 ============================================================
07:47:27.0012 2124 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:47:27.0023 2124 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:47:30.0924 2124 Drive \Device\Harddisk6\DR6 - Size: 0xEFF4FE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:47:30.0925 2124 ============================================================
07:47:30.0925 2124 \Device\Harddisk0\DR0:
07:47:30.0949 2124 MBR partitions:
07:47:30.0950 2124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A80000
07:47:30.0950 2124 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A94000, BlocksNum 0x72C72000
07:47:30.0950 2124 \Device\Harddisk1\DR1:
07:47:30.0950 2124 MBR partitions:
07:47:30.0950 2124 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
07:47:30.0950 2124 \Device\Harddisk6\DR6:
07:47:30.0951 2124 MBR partitions:
07:47:30.0951 2124 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
07:47:30.0951 2124 ============================================================
07:47:31.0061 2124 C: <-> \Device\Harddisk0\DR0\Partition2
07:47:31.0085 2124 I: <-> \Device\Harddisk1\DR1\Partition1
07:47:31.0085 2124 ============================================================
07:47:31.0085 2124 Initialize success
07:47:31.0085 2124 ============================================================
07:48:14.0092 1108 ============================================================
07:48:14.0092 1108 Scan started
07:48:14.0092 1108 Mode: Manual; TDLFS;
07:48:14.0092 1108 ============================================================
07:48:16.0094 1108 ================ Scan system memory ========================
07:48:16.0094 1108 System memory - ok
07:48:16.0095 1108 ================ Scan services =============================
07:48:17.0013 1108 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:48:17.0018 1108 1394ohci - ok
07:48:17.0082 1108 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:48:17.0087 1108 ACPI - ok
07:48:17.0092 1108 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:48:17.0094 1108 AcpiPmi - ok
07:48:17.0372 1108 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:48:17.0375 1108 AdobeARMservice - ok
07:48:17.0403 1108 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:48:17.0495 1108 adp94xx - ok
07:48:17.0591 1108 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:48:17.0619 1108 adpahci - ok
07:48:17.0642 1108 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:48:17.0652 1108 adpu320 - ok
07:48:17.0691 1108 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:48:17.0692 1108 AeLookupSvc - ok
07:48:17.0827 1108 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
07:48:17.0867 1108 AFD - ok
07:48:17.0916 1108 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
07:48:17.0924 1108 agp440 - ok
07:48:17.0954 1108 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
07:48:17.0960 1108 ALG - ok
07:48:17.0963 1108 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
07:48:17.0964 1108 aliide - ok
07:48:18.0045 1108 [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:48:18.0047 1108 AMD External Events Utility - ok
07:48:18.0049 1108 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
07:48:18.0050 1108 amdide - ok
07:48:18.0052 1108 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:48:18.0053 1108 AmdK8 - ok
07:48:18.0196 1108 [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
07:48:18.0349 1108 amdkmdag - ok
07:48:18.0394 1108 [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
07:48:18.0398 1108 amdkmdap - ok
07:48:18.0403 1108 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:48:18.0405 1108 AmdPPM - ok
07:48:18.0434 1108 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:48:18.0437 1108 amdsata - ok
07:48:18.0451 1108 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:48:18.0454 1108 amdsbs - ok
07:48:18.0464 1108 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:48:18.0467 1108 amdxata - ok
07:48:18.0516 1108 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
07:48:18.0522 1108 AppID - ok
07:48:18.0538 1108 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:48:18.0540 1108 AppIDSvc - ok
07:48:18.0555 1108 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
07:48:18.0557 1108 Appinfo - ok
07:48:18.0564 1108 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
07:48:18.0566 1108 arc - ok
07:48:18.0610 1108 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:48:18.0613 1108 arcsas - ok
07:48:18.0734 1108 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:48:18.0737 1108 aspnet_state - ok
07:48:18.0745 1108 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:48:18.0747 1108 AsyncMac - ok
07:48:18.0783 1108 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
07:48:18.0785 1108 atapi - ok
07:48:18.0832 1108 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
07:48:18.0835 1108 AtiHDAudioService - ok
07:48:18.0859 1108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:48:18.0867 1108 AudioEndpointBuilder - ok
07:48:18.0877 1108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:48:18.0882 1108 AudioSrv - ok
07:48:18.0985 1108 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
07:48:18.0988 1108 Autodesk Content Service - ok
07:48:19.0031 1108 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:48:19.0034 1108 AxInstSV - ok
07:48:19.0086 1108 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:48:19.0092 1108 b06bdrv - ok
07:48:19.0118 1108 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:48:19.0122 1108 b57nd60a - ok
07:48:19.0234 1108 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
07:48:19.0237 1108 BBSvc - ok
07:48:19.0260 1108 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
07:48:19.0263 1108 BBUpdate - ok
07:48:19.0318 1108 [ E49110A58A32E9450356686A95DD7763 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
07:48:19.0327 1108 BCMH43XX - ok
07:48:19.0340 1108 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
07:48:19.0349 1108 BDESVC - ok
07:48:19.0399 1108 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
07:48:19.0401 1108 Beep - ok
07:48:19.0415 1108 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
07:48:19.0423 1108 BFE - ok
07:48:19.0659 1108 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130116.013\BHDrvx64.sys
07:48:19.0685 1108 BHDrvx64 - ok
07:48:19.0731 1108 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
07:48:19.0741 1108 BITS - ok
07:48:19.0786 1108 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:48:19.0788 1108 blbdrive - ok
07:48:19.0846 1108 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
07:48:19.0850 1108 Bonjour Service - ok
07:48:19.0895 1108 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:48:19.0898 1108 bowser - ok
07:48:19.0934 1108 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:48:19.0936 1108 BrFiltLo - ok
07:48:19.0940 1108 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:48:19.0941 1108 BrFiltUp - ok
07:48:20.0005 1108 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
07:48:20.0007 1108 Browser - ok
07:48:20.0033 1108 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:48:20.0037 1108 Brserid - ok
07:48:20.0040 1108 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:48:20.0041 1108 BrSerWdm - ok
07:48:20.0043 1108 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:48:20.0044 1108 BrUsbMdm - ok
07:48:20.0046 1108 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:48:20.0047 1108 BrUsbSer - ok
07:48:20.0049 1108 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:48:20.0050 1108 BTHMODEM - ok
07:48:20.0076 1108 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
07:48:20.0078 1108 bthserv - ok
07:48:20.0162 1108 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1402010.016\ccSetx64.sys
07:48:20.0164 1108 ccSet_NIS - ok
07:48:20.0184 1108 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:48:20.0187 1108 cdfs - ok
07:48:20.0225 1108 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:48:20.0228 1108 cdrom - ok
07:48:20.0265 1108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
07:48:20.0267 1108 CertPropSvc - ok
07:48:20.0279 1108 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
07:48:20.0281 1108 circlass - ok
07:48:20.0298 1108 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
07:48:20.0304 1108 CLFS - ok
07:48:20.0349 1108 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
07:48:20.0353 1108 CLKMSVC10_9EC60124 - ok
07:48:20.0423 1108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:48:20.0426 1108 clr_optimization_v2.0.50727_32 - ok
07:48:20.0481 1108 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:48:20.0484 1108 clr_optimization_v2.0.50727_64 - ok
07:48:20.0575 1108 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:48:20.0626 1108 clr_optimization_v4.0.30319_32 - ok
07:48:20.0663 1108 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:48:20.0685 1108 clr_optimization_v4.0.30319_64 - ok
07:48:20.0704 1108 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
07:48:20.0707 1108 CmBatt - ok
07:48:20.0710 1108 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:48:20.0711 1108 cmdide - ok
07:48:20.0760 1108 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
07:48:20.0766 1108 CNG - ok
07:48:20.0795 1108 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
07:48:20.0798 1108 Compbatt - ok
07:48:20.0839 1108 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
07:48:20.0842 1108 CompositeBus - ok
07:48:20.0845 1108 COMSysApp - ok
07:48:20.0863 1108 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:48:20.0865 1108 crcdisk - ok
07:48:20.0901 1108 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:48:20.0903 1108 CryptSvc - ok
07:48:20.0938 1108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:48:20.0945 1108 DcomLaunch - ok
07:48:20.0970 1108 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
07:48:20.0974 1108 defragsvc - ok
07:48:20.0984 1108 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:48:20.0987 1108 DfsC - ok
07:48:21.0014 1108 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
07:48:21.0018 1108 Dhcp - ok
07:48:21.0037 1108 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
07:48:21.0040 1108 discache - ok
07:48:21.0080 1108 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
07:48:21.0083 1108 Disk - ok
07:48:21.0106 1108 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:48:21.0107 1108 Dnscache - ok
07:48:21.0117 1108 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
07:48:21.0120 1108 dot3svc - ok
07:48:21.0130 1108 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
07:48:21.0133 1108 DPS - ok
07:48:21.0175 1108 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:48:21.0177 1108 drmkaud - ok
07:48:21.0199 1108 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:48:21.0206 1108 DXGKrnl - ok
07:48:21.0243 1108 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
07:48:21.0246 1108 EapHost - ok
07:48:21.0307 1108 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:48:21.0368 1108 ebdrv - ok
07:48:21.0439 1108 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
07:48:21.0445 1108 eeCtrl - ok
07:48:21.0471 1108 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
07:48:21.0474 1108 EFS - ok
07:48:21.0541 1108 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:48:21.0550 1108 ehRecvr - ok
07:48:21.0560 1108 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
07:48:21.0567 1108 ehSched - ok
07:48:21.0607 1108 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:48:21.0613 1108 elxstor - ok
07:48:21.0667 1108 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilDrv11220 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys
07:48:21.0670 1108 EraserUtilDrv11220 - ok
07:48:21.0674 1108 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:48:21.0675 1108 ErrDev - ok
07:48:21.0722 1108 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
07:48:21.0728 1108 EventSystem - ok
07:48:21.0769 1108 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
07:48:21.0772 1108 exfat - ok
07:48:21.0784 1108 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:48:21.0788 1108 fastfat - ok
07:48:21.0805 1108 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
07:48:21.0813 1108 Fax - ok
07:48:21.0856 1108 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
07:48:21.0858 1108 fdc - ok
07:48:21.0879 1108 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
07:48:21.0882 1108 fdPHost - ok
07:48:21.0889 1108 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
07:48:21.0891 1108 FDResPub - ok
07:48:21.0928 1108 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:48:21.0930 1108 FileInfo - ok
07:48:21.0942 1108 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:48:21.0945 1108 Filetrace - ok
07:48:21.0985 1108 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:48:21.0996 1108 FLEXnet Licensing Service - ok
07:48:22.0099 1108 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
07:48:22.0129 1108 FLEXnet Licensing Service 64 - ok
07:48:22.0148 1108 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:48:22.0151 1108 flpydisk - ok
07:48:22.0164 1108 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:48:22.0168 1108 FltMgr - ok
07:48:22.0195 1108 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
07:48:22.0217 1108 FontCache - ok
07:48:22.0243 1108 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:48:22.0245 1108 FontCache3.0.0.0 - ok
07:48:22.0313 1108 [ 07AF7870ABF051EBBAE8A8A92FF34ABE ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
07:48:22.0315 1108 FreeAgentGoNext Service - ok
07:48:22.0324 1108 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:48:22.0327 1108 FsDepends - ok
07:48:22.0372 1108 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:48:22.0375 1108 Fs_Rec - ok
07:48:22.0478 1108 [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
07:48:22.0483 1108 fussvc - ok
07:48:22.0489 1108 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:48:22.0493 1108 fvevol - ok
07:48:22.0537 1108 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:48:22.0539 1108 gagp30kx - ok
07:48:22.0580 1108 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
07:48:22.0589 1108 gpsvc - ok
07:48:22.0643 1108 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
07:48:22.0646 1108 grmnusb - ok
07:48:22.0723 1108 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:48:22.0725 1108 gupdate - ok
07:48:22.0729 1108 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:48:22.0730 1108 gupdatem - ok
07:48:22.0751 1108 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:48:22.0754 1108 gusvc - ok
07:48:22.0770 1108 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:48:22.0773 1108 hcw85cir - ok
07:48:22.0821 1108 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:48:22.0826 1108 HdAudAddService - ok
07:48:22.0865 1108 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:48:22.0867 1108 HDAudBus - ok
07:48:22.0880 1108 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:48:22.0883 1108 HidBatt - ok
07:48:22.0890 1108 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:48:22.0893 1108 HidBth - ok
07:48:22.0915 1108 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
07:48:22.0916 1108 HidIr - ok
07:48:22.0952 1108 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:48:22.0955 1108 hidserv - ok
07:48:22.0993 1108 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:48:22.0995 1108 HidUsb - ok
07:48:23.0008 1108 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:48:23.0011 1108 hkmsvc - ok
07:48:23.0020 1108 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:48:23.0024 1108 HomeGroupListener - ok
07:48:23.0045 1108 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:48:23.0049 1108 HomeGroupProvider - ok
07:48:23.0062 1108 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:48:23.0064 1108 HpSAMD - ok
07:48:23.0088 1108 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:48:23.0097 1108 HTTP - ok
07:48:23.0103 1108 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:48:23.0104 1108 hwpolicy - ok
07:48:23.0143 1108 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:48:23.0146 1108 i8042prt - ok
07:48:23.0167 1108 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
07:48:23.0172 1108 iaStor - ok
07:48:23.0252 1108 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:48:23.0254 1108 IAStorDataMgrSvc - ok
07:48:23.0272 1108 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:48:23.0277 1108 iaStorV - ok
07:48:23.0313 1108 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:48:23.0323 1108 idsvc - ok
07:48:23.0419 1108 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130129.001\IDSvia64.sys
07:48:23.0425 1108 IDSVia64 - ok
07:48:23.0449 1108 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:48:23.0451 1108 iirsp - ok
07:48:23.0484 1108 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
07:48:23.0494 1108 IKEEXT - ok
07:48:23.0578 1108 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:48:23.0612 1108 IntcAzAudAddService - ok
07:48:23.0668 1108 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
07:48:23.0673 1108 IntcDAud - ok
07:48:23.0712 1108 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
07:48:23.0715 1108 intelide - ok
07:48:23.0741 1108 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:48:23.0743 1108 intelppm - ok
07:48:23.0755 1108 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:48:23.0758 1108 IPBusEnum - ok
07:48:23.0792 1108 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:48:23.0795 1108 IpFilterDriver - ok
07:48:23.0845 1108 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:48:23.0852 1108 iphlpsvc - ok
07:48:23.0856 1108 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:48:23.0858 1108 IPMIDRV - ok
07:48:23.0878 1108 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:48:23.0881 1108 IPNAT - ok
07:48:23.0917 1108 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:48:23.0919 1108 IRENUM - ok
07:48:23.0922 1108 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:48:23.0923 1108 isapnp - ok
07:48:23.0941 1108 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:48:23.0945 1108 iScsiPrt - ok
07:48:24.0024 1108 [ 78D233D835A8876035AC559AFE02B940 ] jswpsapi C:\Program Files (x86)\NETGEAR\WNDA3100\jswpsapi.exe
07:48:24.0034 1108 jswpsapi - ok
07:48:24.0076 1108 [ 5BE640E88814B77A9E84B4549B5DCC2C ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys
07:48:24.0079 1108 JSWPSLWF - ok
07:48:24.0123 1108 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
07:48:24.0128 1108 k57nd60a - ok
07:48:24.0162 1108 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:48:24.0165 1108 kbdclass - ok
07:48:24.0178 1108 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:48:24.0180 1108 kbdhid - ok
07:48:24.0202 1108 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
07:48:24.0204 1108 KeyIso - ok
07:48:24.0216 1108 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:48:24.0219 1108 KSecDD - ok
07:48:24.0251 1108 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:48:24.0256 1108 KSecPkg - ok
07:48:24.0278 1108 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:48:24.0280 1108 ksthunk - ok
07:48:24.0304 1108 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:48:24.0310 1108 KtmRm - ok
07:48:24.0352 1108 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:48:24.0357 1108 LanmanServer - ok
07:48:24.0379 1108 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:48:24.0383 1108 LanmanWorkstation - ok
07:48:24.0398 1108 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:48:24.0400 1108 lltdio - ok
07:48:24.0414 1108 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:48:24.0418 1108 lltdsvc - ok
07:48:24.0432 1108 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:48:24.0434 1108 lmhosts - ok
07:48:24.0474 1108 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:48:24.0476 1108 LSI_FC - ok
07:48:24.0484 1108 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:48:24.0487 1108 LSI_SAS - ok
07:48:24.0491 1108 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:48:24.0493 1108 LSI_SAS2 - ok
07:48:24.0503 1108 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:48:24.0506 1108 LSI_SCSI - ok
07:48:24.0509 1108 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:48:24.0510 1108 luafv - ok
07:48:24.0564 1108 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
07:48:24.0571 1108 mcdbus - ok
07:48:24.0631 1108 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:48:24.0634 1108 Mcx2Svc - ok
07:48:24.0662 1108 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
07:48:24.0665 1108 megasas - ok
07:48:24.0678 1108 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:48:24.0681 1108 MegaSR - ok
07:48:24.0702 1108 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:48:24.0704 1108 MEIx64 - ok
07:48:24.0822 1108 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_64 C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
07:48:24.0825 1108 mi-raysat_3dsmax2011_64 - ok
07:48:24.0840 1108 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:48:24.0843 1108 MMCSS - ok
07:48:24.0852 1108 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:48:24.0854 1108 Modem - ok
07:48:24.0884 1108 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:48:24.0884 1108 monitor - ok
07:48:24.0895 1108 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:48:24.0897 1108 mouclass - ok
07:48:24.0937 1108 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:48:24.0939 1108 mouhid - ok
07:48:24.0983 1108 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:48:24.0986 1108 mountmgr - ok
07:48:24.0991 1108 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
07:48:24.0995 1108 mpio - ok
07:48:25.0021 1108 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:48:25.0023 1108 mpsdrv - ok
07:48:25.0047 1108 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:48:25.0056 1108 MpsSvc - ok
07:48:25.0072 1108 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:48:25.0075 1108 MRxDAV - ok
07:48:25.0105 1108 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:48:25.0107 1108 mrxsmb - ok
07:48:25.0125 1108 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:48:25.0129 1108 mrxsmb10 - ok
07:48:25.0143 1108 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:48:25.0146 1108 mrxsmb20 - ok
07:48:25.0167 1108 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
07:48:25.0169 1108 msahci - ok
07:48:25.0184 1108 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:48:25.0186 1108 msdsm - ok
07:48:25.0200 1108 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:48:25.0204 1108 MSDTC - ok
07:48:25.0222 1108 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:48:25.0224 1108 Msfs - ok
07:48:25.0267 1108 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:48:25.0269 1108 mshidkmdf - ok
07:48:25.0279 1108 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:48:25.0282 1108 msisadrv - ok
07:48:25.0314 1108 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:48:25.0318 1108 MSiSCSI - ok
07:48:25.0321 1108 msiserver - ok
07:48:25.0367 1108 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:48:25.0369 1108 MSKSSRV - ok
07:48:25.0418 1108 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:48:25.0420 1108 MSPCLOCK - ok
07:48:25.0445 1108 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:48:25.0447 1108 MSPQM - ok
07:48:25.0464 1108 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:48:25.0468 1108 MsRPC - ok
07:48:25.0483 1108 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:48:25.0484 1108 mssmbios - ok
07:48:25.0499 1108 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:48:25.0501 1108 MSTEE - ok
07:48:25.0510 1108 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:48:25.0512 1108 MTConfig - ok
07:48:25.0526 1108 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:48:25.0529 1108 Mup - ok
07:48:25.0547 1108 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
07:48:25.0554 1108 napagent - ok
07:48:25.0615 1108 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:48:25.0620 1108 NativeWifiP - ok
07:48:25.0670 1108 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130129.032\ENG64.SYS
07:48:25.0673 1108 NAVENG - ok
07:48:25.0717 1108 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130129.032\EX64.SYS
07:48:25.0760 1108 NAVEX15 - ok
07:48:25.0791 1108 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:48:25.0799 1108 NDIS - ok
07:48:25.0834 1108 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:48:25.0836 1108 NdisCap - ok
07:48:25.0874 1108 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:48:25.0876 1108 NdisTapi - ok
07:48:25.0889 1108 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:48:25.0891 1108 Ndisuio - ok
07:48:25.0902 1108 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:48:25.0906 1108 NdisWan - ok
07:48:25.0944 1108 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:48:25.0946 1108 NDProxy - ok
07:48:25.0954 1108 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:48:25.0956 1108 NetBIOS - ok
07:48:25.0966 1108 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:48:25.0969 1108 NetBT - ok
07:48:25.0992 1108 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
07:48:25.0992 1108 Netlogon - ok
07:48:26.0024 1108 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:48:26.0030 1108 Netman - ok
07:48:26.0064 1108 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:26.0068 1108 NetMsmqActivator - ok
07:48:26.0072 1108 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:26.0074 1108 NetPipeActivator - ok
07:48:26.0097 1108 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:48:26.0103 1108 netprofm - ok
07:48:26.0107 1108 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:26.0108 1108 NetTcpActivator - ok
07:48:26.0113 1108 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:26.0114 1108 NetTcpPortSharing - ok
07:48:26.0158 1108 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:48:26.0165 1108 nfrd960 - ok
07:48:26.0332 1108 [ 4BA84C832E0741A294C4444556DFE993 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
07:48:26.0334 1108 NIS - ok
07:48:26.0370 1108 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:48:26.0374 1108 NlaSvc - ok
07:48:26.0393 1108 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:48:26.0395 1108 Npfs - ok
07:48:26.0419 1108 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:48:26.0421 1108 nsi - ok
07:48:26.0434 1108 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:48:26.0437 1108 nsiproxy - ok
07:48:26.0494 1108 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:48:26.0519 1108 Ntfs - ok
07:48:26.0539 1108 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:48:26.0540 1108 Null - ok
07:48:26.0592 1108 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
07:48:26.0595 1108 NVHDA - ok
07:48:26.0788 1108 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:48:26.0966 1108 nvlddmkm - ok
07:48:27.0006 1108 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:48:27.0009 1108 nvraid - ok
07:48:27.0020 1108 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:48:27.0023 1108 nvstor - ok
07:48:27.0054 1108 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
07:48:27.0064 1108 nvsvc - ok
07:48:27.0147 1108 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
07:48:27.0168 1108 nvUpdatusService - ok
07:48:27.0188 1108 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:48:27.0190 1108 nv_agp - ok
07:48:27.0315 1108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:48:27.0319 1108 odserv - ok
07:48:27.0341 1108 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:48:27.0343 1108 ohci1394 - ok
07:48:27.0352 1108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:48:27.0354 1108 ose - ok
07:48:27.0383 1108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:48:27.0388 1108 p2pimsvc - ok
07:48:27.0405 1108 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:48:27.0412 1108 p2psvc - ok
07:48:27.0427 1108 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
07:48:27.0430 1108 Parport - ok
07:48:27.0463 1108 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:48:27.0466 1108 partmgr - ok
07:48:27.0497 1108 [ 304E6AC43613A9C43896C4300009442B ] PCAMp50a64 C:\Windows\system32\Drivers\PCAMp50a64.sys
07:48:27.0498 1108 PCAMp50a64 - ok
07:48:27.0538 1108 [ 18B6869E23937175144E6F1D3CB85FC2 ] PCASp50a64 C:\Windows\system32\Drivers\PCASp50a64.sys
07:48:27.0540 1108 PCASp50a64 - ok
07:48:27.0562 1108 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:48:27.0565 1108 PcaSvc - ok
07:48:27.0589 1108 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
07:48:27.0592 1108 pci - ok
07:48:27.0602 1108 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
07:48:27.0604 1108 pciide - ok
07:48:27.0620 1108 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:48:27.0624 1108 pcmcia - ok
07:48:27.0637 1108 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:48:27.0639 1108 pcw - ok
07:48:27.0649 1108 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:48:27.0654 1108 PEAUTH - ok
07:48:27.0744 1108 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:48:27.0747 1108 PerfHost - ok
07:48:27.0779 1108 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
07:48:27.0804 1108 pla - ok
07:48:27.0861 1108 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:48:27.0867 1108 PlugPlay - ok
07:48:27.0878 1108 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:48:27.0881 1108 PNRPAutoReg - ok
07:48:27.0899 1108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:48:27.0902 1108 PNRPsvc - ok
07:48:27.0926 1108 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:48:27.0932 1108 PolicyAgent - ok
07:48:27.0955 1108 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
07:48:27.0958 1108 Power - ok
07:48:28.0014 1108 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:48:28.0017 1108 PptpMiniport - ok
07:48:28.0034 1108 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
07:48:28.0036 1108 Processor - ok
07:48:28.0063 1108 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
07:48:28.0067 1108 ProfSvc - ok
07:48:28.0081 1108 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:48:28.0083 1108 ProtectedStorage - ok
07:48:28.0114 1108 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:48:28.0117 1108 Psched - ok
07:48:28.0141 1108 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
07:48:28.0143 1108 PxHlpa64 - ok
07:48:28.0207 1108 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:48:28.0229 1108 ql2300 - ok
07:48:28.0233 1108 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:48:28.0234 1108 ql40xx - ok
07:48:28.0252 1108 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:48:28.0255 1108 QWAVE - ok
07:48:28.0263 1108 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:48:28.0264 1108 QWAVEdrv - ok
07:48:28.0266 1108 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:48:28.0267 1108 RasAcd - ok
07:48:28.0286 1108 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:48:28.0288 1108 RasAgileVpn - ok
07:48:28.0326 1108 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:48:28.0330 1108 RasAuto - ok
07:48:28.0337 1108 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:48:28.0341 1108 Rasl2tp - ok
07:48:28.0357 1108 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
07:48:28.0363 1108 RasMan - ok
07:48:28.0371 1108 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:48:28.0374 1108 RasPppoe - ok
07:48:28.0380 1108 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:48:28.0382 1108 RasSstp - ok
07:48:28.0400 1108 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:48:28.0404 1108 rdbss - ok
07:48:28.0417 1108 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:48:28.0420 1108 rdpbus - ok
07:48:28.0437 1108 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:48:28.0439 1108 RDPCDD - ok
07:48:28.0446 1108 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:48:28.0448 1108 RDPENCDD - ok
07:48:28.0459 1108 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:48:28.0461 1108 RDPREFMP - ok
07:48:28.0482 1108 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:48:28.0485 1108 RDPWD - ok
07:48:28.0488 1108 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:48:28.0490 1108 rdyboost - ok
07:48:28.0513 1108 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:48:28.0516 1108 RemoteAccess - ok
07:48:28.0525 1108 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:48:28.0528 1108 RemoteRegistry - ok
07:48:28.0591 1108 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
07:48:28.0616 1108 RoxMediaDB12OEM - ok
07:48:28.0668 1108 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
07:48:28.0672 1108 RoxWatch12 - ok
07:48:28.0692 1108 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:48:28.0695 1108 RpcEptMapper - ok
07:48:28.0714 1108 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:48:28.0717 1108 RpcLocator - ok
07:48:28.0739 1108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
07:48:28.0744 1108 RpcSs - ok
07:48:28.0769 1108 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:48:28.0772 1108 rspndr - ok
07:48:28.0789 1108 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
07:48:28.0790 1108 SamSs - ok
07:48:28.0809 1108 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:48:28.0812 1108 sbp2port - ok
07:48:28.0823 1108 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:48:28.0827 1108 SCardSvr - ok
07:48:28.0841 1108 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:48:28.0843 1108 scfilter - ok
07:48:28.0866 1108 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
07:48:28.0900 1108 Schedule - ok
07:48:28.0922 1108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:48:28.0925 1108 SCPolicySvc - ok
07:48:28.0938 1108 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:48:28.0942 1108 SDRSVC - ok
07:48:28.0981 1108 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:48:28.0983 1108 secdrv - ok
07:48:28.0991 1108 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
07:48:28.0994 1108 seclogon - ok
07:48:29.0032 1108 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:48:29.0035 1108 SENS - ok
07:48:29.0041 1108 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:48:29.0044 1108 SensrSvc - ok
07:48:29.0097 1108 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
07:48:29.0099 1108 Serenum - ok
07:48:29.0105 1108 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
07:48:29.0107 1108 Serial - ok
07:48:29.0123 1108 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:48:29.0125 1108 sermouse - ok
07:48:29.0148 1108 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
07:48:29.0152 1108 SessionEnv - ok
07:48:29.0156 1108 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:48:29.0157 1108 sffdisk - ok
07:48:29.0159 1108 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:48:29.0160 1108 sffp_mmc - ok
07:48:29.0162 1108 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:48:29.0162 1108 sffp_sd - ok
07:48:29.0165 1108 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:48:29.0165 1108 sfloppy - ok
07:48:29.0209 1108 [ 421C30C8E686DC41E64881269982B382 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
07:48:29.0234 1108 SftService - ok
07:48:29.0290 1108 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:48:29.0295 1108 SharedAccess - ok
07:48:29.0310 1108 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:48:29.0316 1108 ShellHWDetection - ok
07:48:29.0358 1108 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:48:29.0360 1108 SiSRaid2 - ok
07:48:29.0364 1108 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:48:29.0366 1108 SiSRaid4 - ok
07:48:29.0377 1108 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:48:29.0379 1108 Smb - ok
07:48:29.0399 1108 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:48:29.0402 1108 SNMPTRAP - ok
07:48:29.0410 1108 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:48:29.0412 1108 spldr - ok
07:48:29.0452 1108 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
07:48:29.0460 1108 Spooler - ok
07:48:29.0519 1108 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
07:48:29.0591 1108 sppsvc - ok
07:48:29.0602 1108 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:48:29.0606 1108 sppuinotify - ok
07:48:29.0724 1108 [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
07:48:29.0727 1108 SQLWriter - ok
07:48:29.0831 1108 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\system32\drivers\NISx64\1402010.016\SRTSP64.SYS
07:48:29.0840 1108 SRTSP - ok
07:48:29.0845 1108 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\NISx64\1402010.016\SRTSPX64.SYS
07:48:29.0847 1108 SRTSPX - ok
07:48:29.0888 1108 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
07:48:29.0894 1108 srv - ok
07:48:29.0912 1108 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:48:29.0918 1108 srv2 - ok
07:48:29.0936 1108 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:48:29.0939 1108 srvnet - ok
07:48:29.0990 1108 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:48:29.0994 1108 SSDPSRV - ok
07:48:30.0008 1108 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:48:30.0012 1108 SstpSvc - ok
07:48:30.0083 1108 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
07:48:30.0087 1108 Stereo Service - ok
07:48:30.0116 1108 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:48:30.0119 1108 stexstor - ok
07:48:30.0176 1108 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
07:48:30.0185 1108 stisvc - ok
07:48:30.0213 1108 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
07:48:30.0216 1108 stllssvr - ok
07:48:30.0233 1108 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:48:30.0235 1108 swenum - ok
07:48:30.0301 1108 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:48:30.0308 1108 SwitchBoard - ok
07:48:30.0324 1108 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:48:30.0330 1108 swprv - ok
07:48:30.0356 1108 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\NISx64\1402010.016\SYMDS64.SYS
07:48:30.0362 1108 SymDS - ok
07:48:30.0421 1108 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\NISx64\1402010.016\SYMEFA64.SYS
07:48:30.0446 1108 SymEFA - ok
07:48:30.0458 1108 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
07:48:30.0461 1108 SymEvent - ok
07:48:30.0487 1108 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\NISx64\1402010.016\Ironx64.SYS
07:48:30.0490 1108 SymIRON - ok
07:48:30.0499 1108 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\NISx64\1402010.016\SYMNETS.SYS
07:48:30.0504 1108 SymNetS - ok
07:48:30.0547 1108 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
07:48:30.0582 1108 SysMain - ok
07:48:30.0594 1108 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:48:30.0597 1108 TabletInputService - ok
07:48:30.0610 1108 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:48:30.0614 1108 TapiSrv - ok
07:48:30.0627 1108 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:48:30.0630 1108 TBS - ok
07:48:30.0674 1108 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:48:30.0709 1108 Tcpip - ok
07:48:30.0766 1108 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:48:30.0778 1108 TCPIP6 - ok
07:48:30.0782 1108 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:48:30.0783 1108 tcpipreg - ok
07:48:30.0830 1108 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:48:30.0833 1108 TDPIPE - ok
07:48:30.0868 1108 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:48:30.0870 1108 TDTCP - ok
07:48:30.0885 1108 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:48:30.0888 1108 tdx - ok
07:48:30.0973 1108 [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
07:48:30.0977 1108 Te.Service - ok
07:48:30.0994 1108 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:48:30.0996 1108 TermDD - ok
07:48:31.0018 1108 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
07:48:31.0027 1108 TermService - ok
07:48:31.0040 1108 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:48:31.0043 1108 Themes - ok
07:48:31.0058 1108 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:48:31.0060 1108 THREADORDER - ok
07:48:31.0072 1108 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:48:31.0075 1108 TrkWks - ok
07:48:31.0115 1108 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:48:31.0118 1108 TrustedInstaller - ok
07:48:31.0128 1108 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:48:31.0131 1108 tssecsrv - ok
07:48:31.0171 1108 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:48:31.0174 1108 TsUsbFlt - ok
07:48:31.0183 1108 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:48:31.0186 1108 TsUsbGD - ok
07:48:31.0227 1108 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:48:31.0230 1108 tunnel - ok
07:48:31.0246 1108 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:48:31.0249 1108 uagp35 - ok
07:48:31.0268 1108 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:48:31.0271 1108 udfs - ok
07:48:31.0288 1108 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:48:31.0292 1108 UI0Detect - ok
07:48:31.0301 1108 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:48:31.0303 1108 uliagpkx - ok
07:48:31.0312 1108 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:48:31.0314 1108 umbus - ok
07:48:31.0337 1108 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
07:48:31.0338 1108 UmPass - ok
07:48:31.0361 1108 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:48:31.0367 1108 upnphost - ok
07:48:31.0384 1108 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:48:31.0387 1108 usbccgp - ok
07:48:31.0391 1108 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:48:31.0393 1108 usbcir - ok
07:48:31.0400 1108 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
07:48:31.0402 1108 usbehci - ok
07:48:31.0422 1108 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:48:31.0426 1108 usbhub - ok
07:48:31.0440 1108 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:48:31.0442 1108 usbohci - ok
07:48:31.0495 1108 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:48:31.0497 1108 usbprint - ok
07:48:31.0617 1108 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
07:48:31.0620 1108 usbscan - ok
07:48:31.0637 1108 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:48:31.0640 1108 USBSTOR - ok
07:48:31.0662 1108 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:48:31.0665 1108 usbuhci - ok
07:48:31.0677 1108 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:48:31.0680 1108 UxSms - ok
07:48:31.0703 1108 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
07:48:31.0704 1108 VaultSvc - ok
07:48:31.0736 1108 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:48:31.0738 1108 vdrvroot - ok
07:48:31.0761 1108 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
07:48:31.0769 1108 vds - ok
07:48:31.0780 1108 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:48:31.0783 1108 vga - ok
07:48:31.0794 1108 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:48:31.0796 1108 VgaSave - ok
07:48:31.0811 1108 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:48:31.0815 1108 vhdmp - ok
07:48:31.0819 1108 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
07:48:31.0820 1108 viaide - ok
07:48:31.0838 1108 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:48:31.0840 1108 volmgr - ok
07:48:31.0858 1108 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:48:31.0863 1108 volmgrx - ok
07:48:31.0871 1108 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:48:31.0875 1108 volsnap - ok
07:48:31.0917 1108 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:48:31.0920 1108 vsmraid - ok
07:48:32.0072 1108 [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
07:48:32.0076 1108 VSPerfDrv110 - ok
07:48:32.0123 1108 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
07:48:32.0152 1108 VSS - ok
07:48:32.0166 1108 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:48:32.0169 1108 vwifibus - ok
07:48:32.0205 1108 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:48:32.0208 1108 vwififlt - ok
07:48:32.0241 1108 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
07:48:32.0241 1108 vwifimp - ok
07:48:32.0253 1108 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:48:32.0259 1108 W32Time - ok
07:48:32.0265 1108 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:48:32.0267 1108 WacomPen - ok
07:48:32.0273 1108 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:48:32.0276 1108 WANARP - ok
07:48:32.0299 1108 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:48:32.0300 1108 Wanarpv6 - ok
07:48:32.0351 1108 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:48:32.0377 1108 WatAdminSvc - ok
07:48:32.0423 1108 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
07:48:32.0443 1108 wbengine - ok
07:48:32.0453 1108 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:48:32.0456 1108 WbioSrvc - ok
07:48:32.0472 1108 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:48:32.0476 1108 wcncsvc - ok
07:48:32.0483 1108 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:48:32.0486 1108 WcsPlugInService - ok
07:48:32.0490 1108 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
07:48:32.0491 1108 Wd - ok
07:48:32.0555 1108 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
07:48:32.0557 1108 WDC_SAM - ok
07:48:32.0589 1108 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:48:32.0598 1108 Wdf01000 - ok
07:48:32.0624 1108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:48:32.0625 1108 WdiServiceHost - ok
07:48:32.0627 1108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:48:32.0628 1108 WdiSystemHost - ok
07:48:32.0649 1108 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
07:48:32.0653 1108 WebClient - ok
07:48:32.0665 1108 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:48:32.0669 1108 Wecsvc - ok
07:48:32.0675 1108 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:48:32.0678 1108 wercplsupport - ok
07:48:32.0713 1108 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:48:32.0717 1108 WerSvc - ok
07:48:32.0724 1108 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:48:32.0726 1108 WfpLwf - ok
07:48:32.0767 1108 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
07:48:32.0770 1108 WimFltr - ok
07:48:32.0782 1108 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:48:32.0784 1108 WIMMount - ok
07:48:32.0794 1108 WinDefend - ok
07:48:32.0801 1108 WinHttpAutoProxySvc - ok
07:48:32.0837 1108 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:48:32.0839 1108 Winmgmt - ok
07:48:32.0876 1108 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
07:48:32.0911 1108 WinRM - ok
07:48:32.0982 1108 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:48:32.0985 1108 WinUsb - ok
07:48:33.0028 1108 [ 0F695800783C3F9E577B94BF1E71D95A ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
07:48:33.0030 1108 WLANBelkinService - ok
07:48:33.0054 1108 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:48:33.0065 1108 Wlansvc - ok
07:48:33.0162 1108 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:48:33.0205 1108 wlidsvc - ok
07:48:33.0211 1108 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:48:33.0212 1108 WmiAcpi - ok
07:48:33.0241 1108 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:48:33.0244 1108 wmiApSrv - ok
07:48:33.0289 1108 WMPNetworkSvc - ok
07:48:33.0321 1108 [ B972C12DE88299E78F6656A31046DD99 ] WNDA3100 C:\Windows\system32\DRIVERS\WNDA31w7x.sys
07:48:33.0330 1108 WNDA3100 - ok
07:48:33.0370 1108 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:48:33.0373 1108 WPCSvc - ok
07:48:33.0386 1108 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:48:33.0390 1108 WPDBusEnum - ok
07:48:33.0400 1108 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:48:33.0402 1108 ws2ifsl - ok
07:48:33.0413 1108 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
07:48:33.0416 1108 wscsvc - ok
07:48:33.0420 1108 WSearch - ok
07:48:33.0486 1108 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
07:48:33.0530 1108 wuauserv - ok
07:48:33.0576 1108 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:48:33.0579 1108 WudfPf - ok
07:48:33.0584 1108 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:48:33.0587 1108 WUDFRd - ok
07:48:33.0613 1108 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:48:33.0617 1108 wudfsvc - ok
07:48:33.0644 1108 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
07:48:33.0649 1108 WwanSvc - ok
07:48:33.0677 1108 ================ Scan global ===============================
07:48:33.0706 1108 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:48:33.0729 1108 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
07:48:33.0737 1108 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
07:48:33.0764 1108 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:48:33.0789 1108 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:48:33.0794 1108 [Global] - ok
07:48:33.0795 1108 ================ Scan MBR ==================================
07:48:33.0805 1108 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
07:48:34.0182 1108 \Device\Harddisk0\DR0 - ok
07:48:34.0186 1108 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
07:48:34.0295 1108 \Device\Harddisk1\DR1 - ok
07:48:34.0298 1108 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
07:48:34.0409 1108 \Device\Harddisk6\DR6 - ok
07:48:34.0410 1108 ================ Scan VBR ==================================
07:48:34.0412 1108 [ A9B01B8CE4FC0C0A89F16E9D767F763E ] \Device\Harddisk0\DR0\Partition1
07:48:34.0413 1108 \Device\Harddisk0\DR0\Partition1 - ok
07:48:34.0447 1108 [ 994A3D89C62D3D19BBDB6A77D885F74E ] \Device\Harddisk0\DR0\Partition2
07:48:34.0449 1108 \Device\Harddisk0\DR0\Partition2 - ok
07:48:34.0451 1108 [ 88A5DD196AC2DE321FF64DB4A43DBCD6 ] \Device\Harddisk1\DR1\Partition1
07:48:34.0454 1108 \Device\Harddisk1\DR1\Partition1 - ok
07:48:34.0457 1108 [ 2C5FCAA1432ACEA4645DAFC0681831B5 ] \Device\Harddisk6\DR6\Partition1
07:48:34.0458 1108 \Device\Harddisk6\DR6\Partition1 - ok
07:48:34.0459 1108 ============================================================
07:48:34.0459 1108 Scan finished
07:48:34.0459 1108 ============================================================
07:48:34.0466 2188 Detected object count: 0
07:48:34.0466 2188 Actual detected object count: 0

#5 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 30 January 2013 - 02:56 PM

NEVERMIND... scanning finally continued.

Sooo...I hate to be a bother, but how long does the aswMBR scan usually take? It's been sitting in the same scan folder forever.

The post above mentions if this software crashes I'm to run again in safe mode. I'm just wondering if it has crashed and I just don't realize it.

Thanks.

Edit: the folder it's been stuck on is: c:\users\val\appdata\local\microsoft\windows sidebar\gadgets\network_m....

(can't see the rest)

Edited by blamejane, 30 January 2013 - 03:11 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:04 PM

Posted 30 January 2013 - 08:24 PM

Skip ASWMBR and move to ESET scan

#7 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 09:32 AM

Had to leave yesterday afternoon, got home late last night and the aswMBR had stopped working. I restarted it in safe mode (having not seen your message to skip it) and it stopped working again. I am now attempting the ESET scan.

Thanks, you guys ROCK!

#8 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 11:59 AM

Here's the ESET scan log:

C:\Users\Val\AppData\Local\Microsoft\backup bleep\Windows Live Mail\Storage Folders\Recovered items\05-19-2012 12f\Hotmail\Deleted items\7848588B-8444766B.eml HTML/Pharmacy.A trojan cleaned by deleting - quarantined
C:\Users\Val\AppData\Local\Microsoft\backup bleep\Windows Live Mail old\Hotmail\Deleted items\791F514A-00000684.eml HTML/Pharmacy.A trojan cleaned by deleting - quarantined
C:\Users\Val\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\05-19-2012 12f\Hotmail\Deleted items\7848588B-8444766B.eml HTML/Pharmacy.A trojan cleaned by deleting - quarantined
C:\Users\Val\AppData\Local\Microsoft\Windows Live Mail old\Hotmail\Deleted items\791F514A-00000684.eml HTML/Pharmacy.A trojan cleaned by deleting - quarantined

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:04 PM

Posted 31 January 2013 - 12:00 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 01:58 PM

malwarybytes full scan report:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.31.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Val :: VAL-DELL-PC [administrator]

Protection: Enabled

1/31/2013 6:05:50 AM
mbam-log-2013-01-31 (06-05-50).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 699196
Time elapsed: 1 hour(s), 49 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 02:00 PM

mini toolbox:

MiniToolBox by Farbar Version:10-01-2013
Ran by Val (administrator) on 31-01-2013 at 08:00:11
Running from "C:\Users\Val\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com

========================= IP Configuration: ================================

Belkin USB Wireless Adaptor = Wireless Network Connection 3 (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Val-DELL-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 94-44-52-65-D5-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Belkin USB Wireless Adaptor
Physical Address. . . . . . . . . : 94-44-52-65-D5-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cd3f:2474:f068:e408%17(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 3:18:50 AM
Lease Expires . . . . . . . . . . : Thursday, January 31, 2013 1:03:27 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 563364946
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F4-BA-ED-D4-BE-D9-99-11-B1
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : D4-BE-D9-99-11-B1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D4448B5C-EB9B-4E63-8FDC-BC5C24E9A21F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5CBEB4FA-95A4-46ED-88F6-0E810AB785E1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2ce5:820:3f57:fefd(Preferred)
Link-local IPv6 Address . . . . . : fe80::2ce5:820:3f57:fefd%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Reusable ISATAP Interface {FA1314A4-E612-48E2-B0E5-3E32374A339B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.134
74.125.227.131
74.125.227.137
74.125.227.135
74.125.227.133
74.125.227.132
74.125.227.136


Pinging google.com [74.125.227.136] with 32 bytes of data:
Reply from 74.125.227.136: bytes=32 time=91ms TTL=52
Reply from 74.125.227.136: bytes=32 time=93ms TTL=52

Ping statistics for 74.125.227.136:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 91ms, Maximum = 93ms, Average = 92ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
206.190.36.45
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=865ms TTL=46
Reply from 98.139.183.24: bytes=32 time=898ms TTL=46

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 865ms, Maximum = 898ms, Average = 881ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
18...94 44 52 65 d5 9f ......Microsoft Virtual WiFi Miniport Adapter #2
17...94 44 52 65 d5 9f ......Belkin USB Wireless Adaptor
11...d4 be d9 99 11 b1 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:6ab8:2ce5:820:3f57:fefd/128
On-link
17 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::2ce5:820:3f57:fefd/128
On-link
17 281 fe80::cd3f:2474:f068:e408/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
17 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/31/2013 03:40:06 AM) (Source: ESENT) (User: )
Description: wlmail (5156) WindowsLiveMail0: An attempt to open the file "C:\Users\Val\AppData\Local\Microsoft\Windows Live Mail\edb.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/31/2013 03:39:52 AM) (Source: ESENT) (User: )
Description: wlmail (5740) WindowsLiveMail0: An attempt to open the file "C:\Users\Val\AppData\Local\Microsoft\Windows Live Mail\edb.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/31/2013 03:33:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/31/2013 03:33:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/31/2013 03:20:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2013 03:19:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: sftservice.EXE, version: 1.0.82.75, time stamp: 0x4ee0870c
Faulting module name: sftservice.EXE, version: 1.0.82.75, time stamp: 0x4ee0870c
Exception code: 0xc0000005
Fault offset: 0x000a8606
Faulting process id: 0x440
Faulting application start time: 0xsftservice.EXE0
Faulting application path: sftservice.EXE1
Faulting module path: sftservice.EXE2
Report Id: sftservice.EXE3

Error: (01/30/2013 06:51:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR.exe, version: 0.9.9.1707, time stamp: 0x509be8bf
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e41b
Faulting process id: 0x45c
Faulting application start time: 0xaswMBR.exe0
Faulting application path: aswMBR.exe1
Faulting module path: aswMBR.exe2
Report Id: aswMBR.exe3

Error: (01/30/2013 05:59:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2013 05:49:55 PM) (Source: ESENT) (User: )
Description: wlmail (1564) WindowsLiveMail0: An attempt to open the file "C:\Users\Val\AppData\Local\Microsoft\Windows Live Mail\edb.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/30/2013 11:01:48 AM) (Source: Application Error) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6032.102, time stamp: 0x50b3c5b3
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b
Exception code: 0xc000041d
Fault offset: 0x0000000000009e5d
Faulting process id: 0x1bb0
Faulting application start time: 0xpcdrcui.exe0
Faulting application path: pcdrcui.exe1
Faulting module path: pcdrcui.exe2
Report Id: pcdrcui.exe3


System errors:
=============
Error: (01/31/2013 06:32:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%997

Error: (01/31/2013 06:32:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%997

Error: (01/31/2013 06:32:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%997

Error: (01/31/2013 06:32:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%997

Error: (01/31/2013 06:32:36 AM) (Source: PNRPSvc) (User: )
Description: 0x800703e5

Error: (01/31/2013 06:32:36 AM) (Source: PNRPSvc) (User: )
Description: 0x800703e5

Error: (01/31/2013 04:03:28 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%997

Error: (01/31/2013 04:03:28 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%997

Error: (01/31/2013 04:03:27 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%997

Error: (01/31/2013 04:03:27 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%997


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Tools for .Net 3.5 (Version: 3.11.50727)
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Creative Suite 5.5 Production Premium (Version: 5.5)
Adobe Flash Player 10 Plugin (Version: 10.2.153.1)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Story (Version: 1.0.571)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Software Update (Version: 2.1.1.116)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Audible Download Manager (Version: 6.6.0.15)
AudibleManager (Version: 2004368622.48.56.11670906)
AutoCAD 2013 - English (Version: 19.0.55.0)
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0)
Autodesk 3ds Max 2011 64-bit (Version: 13.0)
Autodesk 3ds Max 2011 64-bit Components (Version: 13.0)
Autodesk Backburner 2008.1 (Version: 2008.1.1)
Autodesk Content Service (Version: 3.0.84.0)
Autodesk Content Service Language Pack (Version: 3.0.84.0)
Autodesk FBX Plug-in 2011.1 - 3ds Max 2011 64-bit
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230)
Autodesk Material Library 2011 (Version: 2.0.0.49)
Autodesk Material Library 2011 Base Image library (Version: 2.0.0.49)
Autodesk Material Library 2011 Medium Image library (Version: 2.0.0.49)
Autodesk Material Library 2013 (Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.13)
Autodesk Maya 2012 64-bit (Version: 14.0.2.0)
Autodesk Maya 2012 64-bit Hotfix 2 (Version: 14.0.2.0)
Autodesk Sync (Version: 3.5.24.0)
Belkin USB Wireless Adaptor (Version: 1.0.0.06)
Bing Bar (Version: 7.1.361.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 2.0.2.0)
Catalyst Control Center InstallProxy (Version: 2011.0628.2340.40663)
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.6505.38692)
CuteFTP 8 Home (Version: 8.3.4)
CyberLink PowerDVD 9.5 (Version: 9.5.1.4418)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.64)
Dell DataSafe Local Backup (Version: 9.4.64)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.6.225.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.6.301.0)
Dell Support Center (Version: 3.2.6032.102)
Dell VideoStage (Version: 1.3.0.2214)
DeLorme Send To GPS 1.3 (Version: 1.3)
DirectX 9 Runtime (Version: 1.00.0000)
Dotfuscator and Analytics Community Edition (Version: 5.5.4521.29298)
eBay (Version: 1.4.0)
Entity Framework Designer for Visual Studio 2012 - enu (Version: 11.1.20702.00)
ESET Online Scanner v3
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FileZilla Client 3.5.3 (Version: 3.5.3)
Garmin Communicator Plugin (Version: 4.0.1)
Garmin Communicator Plugin x64 (Version: 4.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 24.0.1312.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
HiJackThis (Version: 1.0.0)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Illustrate 5.6 (64-bit) (Version: 5.6.0.0)
Imagesynth 2 (Version: 2.00.0000)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Java Auto Updater (Version: 2.1.5.1)
Java™ 7 Update 1 (64-bit) (Version: 7.0.10)
Java™ 7 Update 1 (Version: 7.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
LocalESPC (Version: 8.59.25584)
LocalESPCui for en-us (Version: 8.59.25584)
Luxology modo 601 64-bit build 48460
Macromedia HomeSite+
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (Version: 2.0.20710.0)
Microsoft Help Viewer 2.0 (Version: 2.0.50727)
Microsoft LightSwitch for Visual Studio 2012 Core (Version: 11.0.50727)
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (Version: 11.0.50727)
Microsoft NuGet - Visual Studio 2012 (Version: 2.0.30625.9003)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.50709.17929)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (Version: 11.0.50709.17929)
Microsoft Report Viewer Add-On for Visual Studio 2012 (Version: 11.1.2802.16)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Silverlight 5 SDK (Version: 5.0.61118.0)
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (Version: 11.1.20627.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers - ENU Resources (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 Extended Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv (Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core x86 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1)
Microsoft Visual Studio Premium 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 (Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - enu (Version: 10.3.20225.0)
Microsoft Web Developer Tools - Visual Studio 2012 (Version: 1.0.30710.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
modo 601 content
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
NETGEAR RangeMax Duo Wireless-N USB Adapter WNDA3100 (Version: 3.0.0.2)
Norton Internet Security (Version: 20.2.1.22)
NVIDIA 3D Vision Controller Driver 295.73 (Version: 295.73)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0209)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (Version: 2.60.0216.1828)
NVIDIA PhysX System Software 9.12.0209 (Version: 9.12.0209)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
POWERVR SDK PVRShaman (build 2.07.27.0493) (Version: 2.07.27.0493)
POWERVR SDK PVRShaman (build 2.10) (Version: 2.10)
PreEmptive Analytics Visual Studio Components (Version: 1.0.2180.1)
Prerequisites for SSDT (Version: 11.0.2100.60)
Quicken 2010 (Version: 19.1.1.27)
QuickTime (Version: 7.55.90.70)
RBVirtualFolder64Inst (Version: 1.00.0000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Seagate Manager Installer (Version: 2.02.0109)
Skype™ 5.5 (Version: 5.5.119)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SourceGear DiffMerge 3.3.2.1139 (x64) (Version: 3.3.2.1139)
Syncfusion Metro Studio
Syncfusion Metro Studio 2.0.1.2 (Version: 2.0.1.2)
THX TruStudio PC (Version: 1.0)
TopStyle Lite (Version 3.0) (Version: 3.1.0)
Unity Web Player (Version: )
Update for (KB2504637) (Version: 1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Visual Studio 2012 (KB2781514) (Version: 11.0.50727)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio Extensions for Windows Library for JavaScript (Version: 1.0.8514.0)
Volo View Express (Version: 2002.20.0.811)
WCF Data Services 5.0 (for OData v3) Primary Components (Version: 5.0.50628.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (Version: 4.1.61829.0)
Windows App Certification Kit Native Components (Version: 8.59.25584)
Windows App Certification Kit x64 (Version: 8.59.25584)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Runtime Intellisense Content - en-us (Version: 8.59.25584)
Windows Software Development Kit (Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.25584)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 16366.45 MB
Available physical RAM: 11321.94 MB
Total Pagefile: 32731.08 MB
Available Pagefile: 27660.55 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:646.85 GB) NTFS

========================= Users: ========================================

User accounts for \\VAL-DELL-PC

Administrator Guest scott
UpdatusUser Val

========================= Restore Points ==================================

28-01-2013 07:00:03 Scheduled Checkpoint
30-01-2013 04:21:05 Installed DirectX
30-01-2013 04:21:20 Installed DirectX
30-01-2013 04:24:37 Installed DirectX
30-01-2013 04:24:46 Installed DirectX
30-01-2013 04:41:26 Installed DirectX
30-01-2013 04:41:40 Installed DirectX
30-01-2013 04:48:40 Windows Live Essentials
30-01-2013 04:48:55 WLSetup
30-01-2013 04:49:55 Windows Live Essentials
30-01-2013 04:50:12 Installed DirectX
30-01-2013 04:50:30 Installed DirectX
30-01-2013 04:50:41 WLSetup
30-01-2013 05:06:37 Windows Update
30-01-2013 05:33:09 Windows Update
30-01-2013 12:07:16 Windows Live Essentials
30-01-2013 12:07:58 WLSetup
30-01-2013 12:19:51 Windows Live Essentials
30-01-2013 12:20:31 WLSetup
30-01-2013 13:15:36 Windows Live Essentials
30-01-2013 13:16:12 WLSetup
30-01-2013 13:20:15 Windows Modules Installer
30-01-2013 13:59:37 Windows Modules Installer
30-01-2013 14:17:13 Windows Live Essentials
30-01-2013 14:17:53 WLSetup
30-01-2013 14:22:40 Windows Live Essentials
30-01-2013 14:23:00 WLSetup
30-01-2013 14:35:49 Restore Operation

**** End of log ****

#12 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 02:02 PM

farbar service log:

Farbar Service Scanner Version: 30-01-2013
Ran by Val (administrator) on 31-01-2013 at 08:01:46
Running from "C:\Users\Val\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 02:08 PM

adwCleaner scan report:

# AdwCleaner v2.109 - Logfile created 01/31/2013 at 08:03:13
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Val - VAL-DELL-PC
# Boot Mode : Normal
# Running from : C:\Users\Val\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\.autoreg
Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (en-US)

File : C:\Users\Val\Application Data\Mozilla\Firefox\Profiles\fa3dz7u4.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Val\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [922 octets] - [31/01/2013 08:03:13]

########## EOF - C:\AdwCleaner[S1].txt - [981 octets] ##########

#14 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 02:17 PM

Junkware log:



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.7 (01.30.2013:4)
OS: Windows 7 Home Premium x64
Ran by Val on Thu 01/31/2013 at 8:09:31.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2312568957-977414251-372011964-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/31/2013 at 8:15:15.88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#15 blamejane

blamejane
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 31 January 2013 - 02:19 PM

rkill log:


Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/31/2013 08:18:44 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Val\Desktop\rkill\rkill-01-31-2013-08-18-49.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-21-2312568957-977414251-372011964-1000\$7c40a89b6c869d35d03b8dc65d694f3b\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-2312568957-977414251-372011964-1000\$7c40a89b6c869d35d03b8dc65d694f3b\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-2312568957-977414251-372011964-1000\$7c40a89b6c869d35d03b8dc65d694f3b\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-2312568957-977414251-372011964-1000\$7c40a89b6c869d35d03b8dc65d694f3b\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 activate.adobe.com

Program finished at: 01/31/2013 08:19:00 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users