Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Help Please I think I am infected bad

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Fri Apr 06, 2012 10:24 pm    Post subject: Help Please I think I am infected bad Reply with quote
Hello I think I have a virus or maybe more. I can only start my computer in safe mode. If I try to start normally it freezes almost as soon as I get to my desktop and will not go any further.
here are my DDS logs

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/17/2011 8:34:54 PM
System Uptime: 4/7/2012 3:01:59 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0XN71K
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU | 1995/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 362.286 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 1.081 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: ehdrv
Device ID: ROOT\LEGACY_EHDRV\0000
Manufacturer:
Name: ehdrv
PNP Device ID: ROOT\LEGACY_EHDRV\0000
Service: ehdrv
.
==== System Restore Points ===================
.
RP202: 3/7/2012 1:50:37 PM - Windows Update
RP203: 3/14/2012 4:22:05 PM - Windows Update
RP204: 3/28/2012 5:42:07 PM - Installed "ViewNX 2"
RP205: 3/28/2012 5:54:34 PM - Installed Panorama Maker
RP206: 3/29/2012 2:29:27 PM - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
AccuWeather SideShow Gadget
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Advanced Audio FX Engine
AnyDVD
Apple Application Support
Apple Software Update
Auto Updater 1.0.0.5
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bing Bar
Bing Rewards Client Installer
Cisco Network Magic
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Clip Extractor 4.0
CloneDVD2
Consumer In-Home Service Agreement
Cozi
Creative Karaoke Player
Creative MediaSource 5
Creative WaveStudio 7
CyberLink PowerDVD 9.6
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
eBay
eReg
erLT
Facebook Video Calling 1.1.1.1
ffdshow [rev 2527] [2008-12-19]
Google Chrome
IncrediMail
IncrediMail 2.0
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Wireless Display
Internet Explorer
Internet TV for Windows Media Center
iolo technologies' System Mechanic
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
LG USB Modem driver
Malwarebytes Anti-Malware version 1.60.1.1000
Memeo Instant Backup
Mesh Runtime
Messenger Companion
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MixPad Audio Mixer
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Magic
NVIDIA Stereoscopic 3D Driver
Photo Notifier and Animation Creator
PhotoShowExpress
Pure Networks Platform
QuickTime
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Seagate Dashboard
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skype Toolbars
Skype™ 4.2
Slice Audio File Splitter
Sonic CinePlayer Decoder Pack
Sound Blaster X-Fi MB
SoundTap Streaming Audio Recorder
Switch Sound File Converter
TempoPerfect Metronome Software
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Visual Studio 2008 x64 Redistributables
Vivitar Experience Image Manager
WavePad Sound Editor
WebEx Support Manager for Internet Explorer
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
Windows SideShow Managed Runtime 1.0
Zulu DJ Software
.
==== Event Viewer Messages From Past Week ========
.
4/7/2012 3:09:46 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 3:04:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/7/2012 3:04:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/7/2012 3:04:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/7/2012 3:03:57 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ctxusbm discache ehdrv ElbyCDIO ElRawDisk SASDIFSV SASKUTIL spldr Wanarpv6
4/7/2012 3:03:57 AM, Error: Service Control Manager [7022] - The iolo System Service service hung on starting.
4/7/2012 3:03:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/7/2012 3:02:46 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
4/7/2012 3:02:31 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 3:02:22 AM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 2:59:42 AM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
4/7/2012 2:58:39 AM, Error: Service Control Manager [7000] - The iolo FileInfoList Service service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
4/7/2012 1:19:58 AM, Error: LEqdUsb [12289] - WDF call failed.
4/7/2012 1:14:25 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:14:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/7/2012 1:14:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/7/2012 1:14:18 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:14:17 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ctxusbm DfsC discache ehdrv ElbyCDIO ElRawDisk NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf
4/7/2012 1:12:52 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/7/2012 1:12:52 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:12:52 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:12:52 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:12:52 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:12:50 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/7/2012 1:12:50 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/7/2012 1:12:50 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
4/7/2012 1:12:50 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/7/2012 1:12:50 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/6/2012 8:25:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/6/2012 1:21:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
4/2/2012 10:26:58 AM, Error: Disk [11] - The driver detected a controller error on \...\DR2.
4/2/2012 10:26:57 AM, Error: Disk [15] - The device, \Device\Harddisk2\DR2, is not ready for access yet.
4/1/2012 9:57:21 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.
4/1/2012 9:57:21 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/1/2012 9:57:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/1/2012 9:55:58 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/1/2012 9:55:58 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
4/1/2012 9:13:34 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.4. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
4/1/2012 6:05:15 AM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
.
==== End Of File ===========================


.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by CraigCrowAsari at 3:10:33 on 2012-04-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.3412 [GMT -4:00]
.
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.dell.com
uDefault_Page_URL = hxxp://www.dell.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [Google Update] "C:\Users\CraigCrowAsari\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab
TCP: DhcpNameServer = 4.2.2.1
TCP: Interfaces\{033915C2-8C6D-4D99-A0F7-AA3C5D5262DC} : NameServer = 0.0.0.0
TCP: Interfaces\{8896CCB7-E5BB-4D55-BC53-607BFFDF3A45} : DhcpNameServer = 4.2.2.1
TCP: Interfaces\{8896CCB7-E5BB-4D55-BC53-607BFFDF3A45}\34251494741435142594D20534F5E4564777F627B6 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8896CCB7-E5BB-4D55-BC53-607BFFDF3A45}\E4544574541425F5745756374713 : DhcpNameServer = 192.168.1.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun-x64: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-1-10 722616]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
S1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-3-11 98208]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/11 13:28:39;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2011-8-11 248304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
S2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-1-12 810144]
S2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
S2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-1-10 722616]
S2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824]
S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-3-11 1997416]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-11 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-3-11 2656280]
S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\system32\DRIVERS\motfilt.sys --> C:\Windows\system32\DRIVERS\motfilt.sys [?]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-3-11 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-3-11 79360]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\system32\DRIVERS\Motousbnet.sys --> C:\Windows\system32\DRIVERS\Motousbnet.sys [?]
S3 motport;Motorola USB Diagnostic Port;C:\Windows\system32\DRIVERS\motport.sys --> C:\Windows\system32\DRIVERS\motport.sys [?]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\system32\DRIVERS\motusbdevice.sys --> C:\Windows\system32\DRIVERS\motusbdevice.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
S3 pnetmdm;PdaNet Modem;C:\Windows\system32\DRIVERS\pnetmdm64.sys --> C:\Windows\system32\DRIVERS\pnetmdm64.sys [?]
S3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-3-11 79360]
S3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;C:\Windows\System32\drivers\stdriver64.sys [2011-3-30 56408]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 UsbGps;LGE CDMA USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgx64gps.sys --> C:\Windows\system32\DRIVERS\lgx64gps.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-04-07 05:21:39 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
2012-04-06 06:39:39 -------- d-----w- C:\Users\CraigCrowAsari\AppData\Local\ElevatedDiagnostics
2012-04-02 04:17:09 -------- d-----w- C:\Users\CraigCrowAsari\AppData\Local\Diagnostics
2012-04-01 12:09:22 -------- d-----w- C:\Users\CraigCrowAsari\AppData\Local\Facebook
2012-03-28 21:56:09 -------- d-----w- C:\Users\CraigCrowAsari\AppData\Local\Nikon
2012-03-28 21:43:58 -------- d-----w- C:\Windows\Downloaded Installations
2012-03-28 21:43:40 -------- d-----w- C:\Program Files (x86)\Common Files\Nikon
2012-03-28 21:43:01 -------- d-----w- C:\Program Files\Common Files\Nikon
2012-03-28 21:43:00 -------- d-----w- C:\Program Files (x86)\Nikon
2012-03-28 21:42:59 -------- d-----w- C:\Program Files\Nikon
2012-03-28 21:42:32 -------- d-----w- C:\Users\CraigCrowAsari\AppData\Local\Downloaded Installations
2012-03-28 21:33:13 -------- d-----w- C:\Users\CraigCrowAsari\AppData\Roaming\Roxio Burn
.
==================== Find3M ====================
.
2012-01-24 20:03:54 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-01-14 04:06:27 3145728 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 3:11:37.71 ===============
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Sat Apr 07, 2012 2:35 am    Post subject: Reply with quote
Hi TStevenson,

Firstly, welcome to the Spyware Warrior Forum. Smile
My name is Scolabar, and I'll be helping you with your malware problems.
Logs can take a while to research, so please be patient.
If you no longer require help I would be grateful if you would let me know.

Please note the following important guidelines before proceeding:
  1. The instructions that will be provided are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable    !
  2. If you have any questions or do not understand something, please do not hesitate to ask, don't guess or assume.
  3. Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  4. Only reply to this thread, do not start another. Please, continue responding, until I give you the All Clean.
    Absence of symptoms does not necessarily mean that everything is clear.
  5. DO NOT run any other fix or removal tools unless instructed to do so!
  6. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  7. Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  8. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  9. Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Please Note: If you haven't done so already, please read this topic Help with Spyware Removal Forum Guidelines (PLEASE READ) where the conditions for receiving help here are explained.

Windows 7 Advice:
Please Note: The programs I ask you to use will need to be run in Administrator Mode.
In order to do this Right-click on the program file and select the Run as Administrator option.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
If prompted, please click on the Allow button.
Reference: User Account Control (UAC) and Running as Administrator

Quote:
Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this, it would be advisable for you to back up any important files and folders that you don't want to lose before we start.


If you follow these guidelines, things should proceed smoothly. Smile
I am currently reviewing your log and will return, as soon as possible, with additional instructions.

Thank you for your patience.

Scolabar
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Sat Apr 07, 2012 7:27 am    Post subject: Thank you Reply with quote
Thank you very much I am waiting patiently
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Sat Apr 07, 2012 1:36 pm    Post subject: Reply with quote
Hi TStevenson,

Thank you again for your patience. Smile

Please read these instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions about or problems with, executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed and print these instructions.

Step 1:
Create System Restore Point

First we need to make sure we have a back up of the Registry to return to if we need it:
  1. Select Start > Control Panel then double-click on the System icon in the Control Panel.
  2. In the left-hand pane click on the System Protection option.
  3. When the Dialog comes up, click on the System Protection tab.
  4. Check that the drive letter where Windows is located (usually C: drive) indicates System protection ON.
    (This indicates System restore is turned ON for the Windows drive).
  5. Click on the Create button to create a new restore point. In the Name dialog, type a descriptive name and then click on the Create button.
  6. You will get a message that the Restore Point was created successfully. Click on the Close button.
  7. Click on the OK button and close the System window in the Control Panel.
< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

Step 2:
Uninstall Programs

Registry Cleaners Advisory

I notice that iolo technologies' System Mechanic is installed on this computer.
This software suite incorporates a Registry Cleaner.

I don't personally recommend the use of ANY Registry Cleaners.
Here is an excerpt from a discussion on Registry Cleaners:
Quote:
Most reg cleaners aren't "bad" as such, but they aren't perfect and even the best have been known to cause problems.
The point we are trying to make is that the risk of using one far outweighs any benefit.
If it does work perfectly you will not see any difference.
If it doesn't work properly you may end up with an expensive doorstop.

http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html
http://forums.whatthetech.com/Regcleaner_t42862.html

Please follow the instructions below to remove this programs:
  1. Select Start > Control Panel > Programs > Programs and Features.
  2. Under the Programs heading, click on Uninstall a program.
  3. Scroll down the list of installed programs and locate the following program:

      iolo technologies' System Mechanic

  4. Right-click on the program and select Uninstall to uninstall it.
  5. When finished Close the Control Panel window.
  6. Restart the computer to complete removal of the program.
Step 3:
Boot Into Safe Mode with Networking
  1. Restart your computer.
  2. Continually click on the F8 key (usually) as your computer is booting until the boot menu appears.
    The key used for your computer may be different. F8 is commonly the key used.
  3. Use up-arrow key to select Safe Mode with Networking and press Enter.
  4. Make sure you login to an account that has adminstrative privileges.
Step 4:
OTL - Scan
  1. Please download OTL by Old Timer. Save it to your Desktop.
  2. Right-click on OTL.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. Under Output, ensure that the Standard Output option is selected.
  4. Under the Extra Registry section, select the Use SafeList option.
  5. Click the Scan All Users checkbox.
  6. Tick the LOP Check and Purity Check checkboxes.
  7. Also make sure the Include 64bit Scans checkbox is ticked.
    Note: Please leave the remaining selections on the default settings.
  8. Click on the Run Scan button in the top left-hand corner of the program window.
  9. When done, two Notepad files will automatically open:
    • OTL.txt <-- Will be opened, maximized.
    • Extras.txt <-- Will be minimized on task bar.
  10. Please Copy and Paste the entire contents of both OTL.txt and Extras.txt files into your next reply.
Step 5:
TDSSKiller - Scan
  1. Please download TDSSKiller.exe by Kaspersky and save it to your Desktop. <-- Important!!!
  2. Right-click on TDSSKiller.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
    If TDSSKiller does not run, try renaming the program file. Right-click on TDSSKiller.exe, select the Rename option and give the program a random name with the .com file extension (i.e. ektfhtw.com).
    If you cannot see file extensions, please refer to: How to change the file extension.
  3. Click the Start Scan button. Do not use the computer during the scan!
  4. When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  5. Now click on Report to open the log file created by TDSSKiller.
  6. The log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt is created and saved to the root directory. (Usually C: drive).
  7. Copy and Paste the entire contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt file into your next reply.
PLEASE DO NOT TRY TO FIX ANYTHING AT THIS STAGE.

Step 6:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. OTL.txt.
  3. Extras.txt.
  4. TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt.
  5. Do you have the original Windows installation media for your PC?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Sun Apr 08, 2012 6:00 pm    Post subject: Thanks again Reply with quote
I did not have any problems performing any actions that you gave me. Kapersky's did not find anything to report. I do not have the installation disc. The computer came pre-loaded. Here are my OTL logs.



OTL logfile created on: 4/8/2012 9:52:06 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\CraigCrowAsari\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 3.24 Gb Available Physical Memory | 82.65% Memory free
7.83 Gb Paging File | 7.17 Gb Available in Paging File | 91.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 360.64 Gb Free Space | 79.96% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 1.08 Gb Free Space | 0.23% Space Free | Partition Type: NTFS

Computer Name: DELL-LAPTOP | User Name: CraigCrowAsari | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/08 21:49:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\CraigCrowAsari\Desktop\OTL.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/03 21:56:41 | 000,444,400 | ---- | M] () -- C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
MOD - [2012/04/03 21:56:39 | 003,915,248 | ---- | M] () -- C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\pdf.dll
MOD - [2012/04/03 21:55:14 | 000,122,880 | ---- | M] () -- C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\avutil-51.dll
MOD - [2012/04/03 21:55:12 | 000,220,672 | ---- | M] () -- C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\avformat-53.dll
MOD - [2012/04/03 21:55:11 | 001,747,456 | ---- | M] () -- C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\avcodec-53.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/06 08:22:57 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/06/17 03:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/01/12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/12/17 16:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2010/12/17 16:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/17 16:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/11 19:04:58 | 000,248,304 | ---- | M] (CyberLink) [Auto | Stopped] -- c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/03/27 08:22:56 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/03/11 15:02:50 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/03/11 15:02:07 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/24 14:35:36 | 000,025,824 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/12/20 20:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/12/20 20:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/11/29 22:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/11/29 08:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/11/03 13:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/09/04 03:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/09/04 03:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/25 22:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/31 09:23:46 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/09 20:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/12/04 17:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2011/11/15 02:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/30 07:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/04/30 07:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/04/30 07:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/04/30 07:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/03/30 21:17:52 | 000,056,408 | ---- | M] (NCH Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stdriver64.sys -- (stdriver)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/31 11:24:46 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2010/12/23 13:44:20 | 012,260,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/12/22 13:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010/12/21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/12/21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/12/21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/12/13 13:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/12/01 07:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/29 22:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/19 14:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/11/19 14:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/12 08:40:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/10 21:32:20 | 000,172,632 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/11/04 07:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/10/19 20:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/09/23 21:44:48 | 001,394,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/08/20 15:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/08/12 12:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/07/30 19:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2010/07/12 22:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010/04/16 16:22:04 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2010/03/19 05:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/26 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/27 12:11:20 | 000,028,160 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2009/10/27 12:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motport.sys -- (motport)
DRV:64bit: - [2009/10/27 12:10:18 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (androidusb)
DRV:64bit: - [2009/07/07 15:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/07/07 15:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2009/06/19 17:07:44 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/06 19:14:20 | 000,007,168 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/11/11 14:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/11 14:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64gps.sys -- (UsbGps)
DRV:64bit: - [2008/11/11 14:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/11 14:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/09/25 10:59:52 | 000,018,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfoX64.sys -- (CrystalSysInfo)
DRV:64bit: - [2007/03/07 13:13:20 | 000,017,920 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnetmdm64.sys -- (pnetmdm)
DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/12/04 17:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2011/03/30 21:17:52 | 000,056,408 | ---- | M] (NCH Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\stdriver64.sys -- (stdriver)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D9CC52F0-A072-4D5A-9805-ABC824756C7D}
IE:64bit: - HKLM\..\SearchScopes\{D9CC52F0-A072-4D5A-9805-ABC824756C7D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {DB109C33-97D2-49E6-9D2B-05F7BED790F3}
IE - HKLM\..\SearchScopes\{DB109C33-97D2-49E6-9D2B-05F7BED790F3}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-449897760-650251915-744160365-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-21-449897760-650251915-744160365-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\S-1-5-21-449897760-650251915-744160365-1004\..\SearchScopes,DefaultScope = {DB109C33-97D2-49E6-9D2B-05F7BED790F3}
IE - HKU\S-1-5-21-449897760-650251915-744160365-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\CraigCrowAsari\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\CraigCrowAsari\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\CraigCrowAsari\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/04/06 08:30:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/06/19 12:18:06 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\18.0.1025.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\CraigCrowAsari\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\CraigCrowAsari\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [CTMasterOnOffMonitor] C:\Windows\SysNative\CTMWatch.dll (Creative Technology Ltd)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-449897760-650251915-744160365-1004..\Run: [Facebook Update] C:\Users\CraigCrowAsari\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [iolo WebUpdate Reboot] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-449897760-650251915-744160365-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-449897760-650251915-744160365-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-449897760-650251915-744160365-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{033915C2-8C6D-4D99-A0F7-AA3C5D5262DC}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8896CCB7-E5BB-4D55-BC53-607BFFDF3A45}: DhcpNameServer = 4.2.2.1
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/08 21:49:53 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\CraigCrowAsari\Desktop\tdsskiller.exe
[2012/04/08 21:49:47 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\CraigCrowAsari\Desktop\OTL.exe
[2012/04/07 12:01:37 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/07 12:01:35 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/07 12:01:34 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/07 03:09:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\CraigCrowAsari\Desktop\dds.scr
[2012/04/07 00:26:53 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/04/07 00:26:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/04/07 00:26:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/04/07 00:26:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/04/07 00:26:01 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/04/07 00:26:01 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/04/06 02:39:39 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Local\ElevatedDiagnostics
[2012/04/02 00:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2012/04/02 00:17:09 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Local\Diagnostics
[2012/04/01 08:09:22 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Local\Facebook
[2012/03/28 17:56:09 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Roaming\Nikon
[2012/03/28 17:56:09 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Local\Nikon
[2012/03/28 17:54:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2012/03/28 17:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2012/03/28 17:50:15 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Roaming\ArcSoft
[2012/03/28 17:43:58 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/03/28 17:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nikon
[2012/03/28 17:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2012/03/28 17:43:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nikon
[2012/03/28 17:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2012/03/28 17:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2012/03/28 17:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2012/03/28 17:42:32 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Local\Downloaded Installations
[2012/03/28 17:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
[2012/03/28 17:33:13 | 000,000,000 | ---D | C] -- C:\Users\CraigCrowAsari\AppData\Roaming\Roxio Burn

========== Files - Modified Within 30 Days ==========

[2012/04/08 21:50:15 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\CraigCrowAsari\Desktop\tdsskiller.exe
[2012/04/08 21:49:49 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\CraigCrowAsari\Desktop\OTL.exe
[2012/04/08 21:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/08 21:36:46 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/08 21:33:53 | 000,744,730 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/08 21:33:53 | 000,637,496 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/08 21:33:53 | 000,111,354 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/08 10:06:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1001UA.job
[2012/04/08 09:47:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004UA.job
[2012/04/08 09:18:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004UA.job
[2012/04/08 09:14:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1001UA.job
[2012/04/08 09:02:17 | 000,083,058 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\EasterBunny.jpg
[2012/04/08 09:01:58 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/08 09:01:58 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/08 02:14:51 | 000,001,891 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\Vivitar Experience Image Manager.lnk
[2012/04/07 21:18:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004Core.job
[2012/04/07 21:06:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1001Core.job
[2012/04/07 19:47:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004Core.job
[2012/04/07 12:27:11 | 000,002,399 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\Google Chrome.lnk
[2012/04/07 12:11:21 | 000,323,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/07 03:09:34 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\CraigCrowAsari\Desktop\dds.scr
[2012/04/07 01:21:39 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dll
[2012/04/05 02:50:54 | 000,118,063 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\Untitled.png
[2012/04/05 02:46:12 | 000,049,822 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\9035_101361473217028_100000295288258_36854_1289612_n.jpg
[2012/03/29 15:30:28 | 000,000,603 | ---- | M] () -- C:\Users\CraigCrowAsari\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2012/03/28 17:56:23 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/28 17:43:35 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Echo
[2012/03/28 17:43:35 | 000,000,268 | RH-- | M] () -- C:\Users\CraigCrowAsari\AppData\Roaming\Documents
[2012/03/28 17:43:35 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2012/03/28 17:43:35 | 000,000,012 | RH-- | M] () -- C:\ProgramData\Filters
[2012/03/28 17:42:49 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Effects
[2012/03/28 17:42:49 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Dynamic Library
[2012/03/28 17:42:49 | 000,000,268 | RH-- | M] () -- C:\Users\CraigCrowAsari\AppData\Roaming\Drum Kits
[2012/03/28 17:42:49 | 000,000,268 | RH-- | M] () -- C:\Users\CraigCrowAsari\AppData\Roaming\Documentation
[2012/03/28 17:42:49 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/28 17:42:49 | 000,000,012 | RH-- | M] () -- C:\ProgramData\Flange Saw
[2012/03/28 17:42:49 | 000,000,012 | RH-- | M] () -- C:\ProgramData\Filesystems
[2012/03/27 20:59:30 | 000,031,558 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\stuDYING.jpg
[2012/03/12 21:11:20 | 000,127,286 | ---- | M] () -- C:\Users\CraigCrowAsari\Desktop\tracks.jpg

========== Files Created - No Company Name ==========

[2012/04/08 09:02:33 | 000,083,058 | ---- | C] () -- C:\Users\CraigCrowAsari\Desktop\EasterBunny.jpg
[2012/04/07 21:13:33 | 000,000,964 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004UA.job
[2012/04/07 21:13:32 | 000,000,942 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004Core.job
[2012/04/07 01:21:39 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012/04/05 02:48:23 | 000,118,063 | ---- | C] () -- C:\Users\CraigCrowAsari\Desktop\Untitled.png
[2012/04/05 02:46:17 | 000,049,822 | ---- | C] () -- C:\Users\CraigCrowAsari\Desktop\9035_101361473217028_100000295288258_36854_1289612_n.jpg
[2012/03/29 15:30:28 | 000,000,603 | ---- | C] () -- C:\Users\CraigCrowAsari\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2012/03/28 17:43:35 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Echo
[2012/03/28 17:43:35 | 000,000,268 | RH-- | C] () -- C:\Users\CraigCrowAsari\AppData\Roaming\Documents
[2012/03/28 17:43:35 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/03/28 17:43:35 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filters
[2012/03/28 17:42:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Effects
[2012/03/28 17:42:49 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Dynamic Library
[2012/03/28 17:42:49 | 000,000,268 | RH-- | C] () -- C:\Users\CraigCrowAsari\AppData\Roaming\Drum Kits
[2012/03/28 17:42:49 | 000,000,268 | RH-- | C] () -- C:\Users\CraigCrowAsari\AppData\Roaming\Documentation
[2012/03/28 17:42:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/28 17:42:49 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/28 17:42:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Flange Saw
[2012/03/28 17:42:49 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filesystems
[2012/03/27 20:59:42 | 000,031,558 | ---- | C] () -- C:\Users\CraigCrowAsari\Desktop\stuDYING.jpg
[2012/03/12 21:11:30 | 000,127,286 | ---- | C] () -- C:\Users\CraigCrowAsari\Desktop\tracks.jpg
[2012/03/05 19:10:11 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/20 20:13:21 | 000,003,584 | ---- | C] () -- C:\Users\CraigCrowAsari\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:34:08 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/21 21:06:01 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/03/20 21:48:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/11 16:14:56 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/11 16:14:54 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/03/11 16:14:52 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/03/11 15:04:30 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk.ini
[2011/03/11 15:04:30 | 000,002,409 | ---- | C] () -- C:\Windows\FF08_Render_Hp.ini
[2011/03/11 15:04:30 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2011/03/11 15:04:30 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2011/03/11 15:04:15 | 000,185,856 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/03/11 15:04:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

========== LOP Check ==========

[2012/02/19 16:48:55 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\Broad Intelligence
[2012/02/15 22:55:45 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\ESET
[2012/02/15 22:55:49 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\ICAClient
[2012/04/06 12:49:28 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\iolo
[2012/02/17 16:12:23 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\Leadertech
[2012/02/17 16:28:25 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\Memeo
[2012/03/28 17:56:09 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\Nikon
[2012/02/17 16:28:11 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\Seagate
[2012/04/08 09:53:08 | 000,000,000 | ---D | M] -- C:\Users\CraigCrowAsari\AppData\Roaming\SoftGrid Client
[2012/03/06 22:24:23 | 000,000,930 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1001Core.job
[2012/04/08 09:14:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1001UA.job
[2012/04/07 21:18:00 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004Core.job
[2012/04/08 09:18:00 | 000,000,964 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-449897760-650251915-744160365-1004UA.job
[2012/04/08 09:54:45 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 4/8/2012 9:52:06 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\CraigCrowAsari\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 3.24 Gb Available Physical Memory | 82.65% Memory free
7.83 Gb Paging File | 7.17 Gb Available in Paging File | 91.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 360.64 Gb Free Space | 79.96% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 1.08 Gb Free Space | 0.23% Space Free | Partition Type: NTFS

Computer Name: DELL-LAPTOP | User Name: CraigCrowAsari | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi Software
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 265.94
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 265.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Gr
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Mon Apr 09, 2012 12:48 am    Post subject: Reply with quote
Hi TStevenson,

Please post the contents of the TDSSKiller log as requested.

The Extras.txt log file you have posted is also incomplete. Please re-post the entire contents of that log file. Wink

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Mon Apr 09, 2012 5:04 am    Post subject: Oh sorry Reply with quote
I didn't even see the report button on Kapersky's sorry about that. I re-ran it and here is the log. Not sure why the other log was incomplete but here it is as well.


09:01:00.0927 1996 TDSS rootkit removing tool 2.7.27.0 Apr 9 2012 09:53:37
09:01:01.0317 1996 ============================================================
09:01:01.0317 1996 Current date / time: 2012/04/09 09:01:01.0317
09:01:01.0317 1996 SystemInfo:
09:01:01.0317 1996
09:01:01.0317 1996 OS Version: 6.1.7601 ServicePack: 1.0
09:01:01.0317 1996 Product type: Workstation
09:01:01.0317 1996 ComputerName: DELL-LAPTOP
09:01:01.0317 1996 UserName: CraigCrowAsari
09:01:01.0317 1996 Windows directory: C:\Windows
09:01:01.0317 1996 System windows directory: C:\Windows
09:01:01.0317 1996 Running under WOW64
09:01:01.0317 1996 Processor architecture: Intel x64
09:01:01.0317 1996 Number of processors: 8
09:01:01.0317 1996 Page size: 0x1000
09:01:01.0317 1996 Boot type: Safe boot with network
09:01:01.0317 1996 ============================================================
09:01:02.0814 1996 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:01:02.0814 1996 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:01:02.0814 1996 \Device\Harddisk0\DR0:
09:01:02.0814 1996 MBR used
09:01:02.0814 1996 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x1D4C000
09:01:02.0814 1996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7F000, BlocksNum 0x38606830
09:01:02.0814 1996 \Device\Harddisk1\DR1:
09:01:02.0814 1996 MBR used
09:01:02.0814 1996 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
09:01:05.0716 1996 Initialize success
09:01:05.0716 1996 ============================================================
09:01:09.0647 1132 ============================================================
09:01:09.0647 1132 Scan started
09:01:09.0647 1132 Mode: Manual;
09:01:09.0647 1132 ============================================================
09:01:10.0755 1132 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:01:10.0755 1132 !SASCORE - ok
09:01:10.0879 1132 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:01:10.0879 1132 1394ohci - ok
09:01:10.0926 1132 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
09:01:10.0926 1132 Acceler - ok
09:01:10.0942 1132 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:01:10.0957 1132 ACPI - ok
09:01:10.0973 1132 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:01:10.0973 1132 AcpiPmi - ok
09:01:11.0051 1132 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:01:11.0051 1132 AdobeARMservice - ok
09:01:11.0098 1132 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:01:11.0113 1132 adp94xx - ok
09:01:11.0129 1132 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:01:11.0160 1132 adpahci - ok
09:01:11.0160 1132 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:01:11.0176 1132 adpu320 - ok
09:01:11.0223 1132 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:01:11.0223 1132 AeLookupSvc - ok
09:01:11.0254 1132 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:01:11.0254 1132 AERTFilters - ok
09:01:11.0301 1132 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:01:11.0301 1132 AFD - ok
09:01:11.0332 1132 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:01:11.0332 1132 agp440 - ok
09:01:11.0332 1132 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:01:11.0347 1132 ALG - ok
09:01:11.0347 1132 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:01:11.0347 1132 aliide - ok
09:01:11.0363 1132 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:01:11.0363 1132 amdide - ok
09:01:11.0379 1132 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:01:11.0379 1132 AmdK8 - ok
09:01:11.0379 1132 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:01:11.0394 1132 AmdPPM - ok
09:01:11.0472 1132 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:01:11.0472 1132 amdsata - ok
09:01:11.0488 1132 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:01:11.0488 1132 amdsbs - ok
09:01:11.0503 1132 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:01:11.0503 1132 amdxata - ok
09:01:11.0550 1132 androidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
09:01:11.0581 1132 androidusb - ok
09:01:11.0613 1132 AnyDVD (7ce7d6019d0d73f9203ba4ff4ba35b6a) C:\Windows\system32\Drivers\AnyDVD.sys
09:01:11.0613 1132 AnyDVD - ok
09:01:11.0628 1132 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:01:11.0628 1132 AppID - ok
09:01:11.0706 1132 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:01:11.0706 1132 AppIDSvc - ok
09:01:11.0784 1132 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:01:11.0800 1132 Appinfo - ok
09:01:11.0847 1132 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:01:11.0847 1132 Apple Mobile Device - ok
09:01:11.0909 1132 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:01:11.0909 1132 arc - ok
09:01:11.0971 1132 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:01:11.0971 1132 arcsas - ok
09:01:12.0018 1132 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:01:12.0018 1132 AsyncMac - ok
09:01:12.0034 1132 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:01:12.0034 1132 atapi - ok
09:01:12.0081 1132 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:01:12.0096 1132 AudioEndpointBuilder - ok
09:01:12.0112 1132 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:01:12.0112 1132 AudioSrv - ok
09:01:12.0127 1132 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:01:12.0143 1132 AxInstSV - ok
09:01:12.0190 1132 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:01:12.0205 1132 b06bdrv - ok
09:01:12.0221 1132 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:01:12.0237 1132 b57nd60a - ok
09:01:12.0283 1132 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:01:12.0299 1132 BBSvc - ok
09:01:12.0346 1132 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:01:12.0346 1132 BDESVC - ok
09:01:12.0377 1132 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:01:12.0377 1132 Beep - ok
09:01:12.0424 1132 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:01:12.0439 1132 BFE - ok
09:01:12.0486 1132 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:01:12.0549 1132 BITS - ok
09:01:12.0564 1132 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:01:12.0564 1132 blbdrive - ok
09:01:12.0611 1132 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
09:01:12.0642 1132 Bluetooth Device Monitor - ok
09:01:12.0689 1132 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:01:12.0705 1132 Bonjour Service - ok
09:01:12.0720 1132 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:01:12.0736 1132 bowser - ok
09:01:12.0767 1132 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:01:12.0767 1132 BrFiltLo - ok
09:01:12.0783 1132 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:01:12.0783 1132 BrFiltUp - ok
09:01:12.0829 1132 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:01:12.0829 1132 Browser - ok
09:01:12.0876 1132 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:01:12.0876 1132 Brserid - ok
09:01:12.0876 1132 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:01:12.0892 1132 BrSerWdm - ok
09:01:12.0907 1132 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:01:12.0907 1132 BrUsbMdm - ok
09:01:12.0907 1132 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:01:12.0907 1132 BrUsbSer - ok
09:01:12.0985 1132 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
09:01:12.0985 1132 BTCFilterService - ok
09:01:13.0032 1132 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:01:13.0032 1132 BthEnum - ok
09:01:13.0063 1132 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:01:13.0063 1132 BTHMODEM - ok
09:01:13.0110 1132 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:01:13.0110 1132 BthPan - ok
09:01:13.0126 1132 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
09:01:13.0141 1132 BTHPORT - ok
09:01:13.0173 1132 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:01:13.0173 1132 bthserv - ok
09:01:13.0188 1132 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
09:01:13.0188 1132 BTHUSB - ok
09:01:13.0219 1132 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
09:01:13.0219 1132 btmaux - ok
09:01:13.0251 1132 btmhsf (40c6fec49d1cc4d112368a2bcd2bcbb7) C:\Windows\system32\DRIVERS\btmhsf.sys
09:01:13.0266 1132 btmhsf - ok
09:01:13.0297 1132 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:01:13.0297 1132 cdfs - ok
09:01:13.0329 1132 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:01:13.0329 1132 cdrom - ok
09:01:13.0360 1132 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:01:13.0360 1132 CertPropSvc - ok
09:01:13.0391 1132 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:01:13.0391 1132 circlass - ok
09:01:13.0438 1132 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:01:13.0438 1132 CLFS - ok
09:01:13.0516 1132 CLKMSVC10_9EC60124 (bb86f147b2a7152e4b4d71a2f0a87d41) c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
09:01:13.0516 1132 CLKMSVC10_9EC60124 - ok
09:01:13.0563 1132 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:01:13.0563 1132 clr_optimization_v2.0.50727_32 - ok
09:01:13.0609 1132 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:01:13.0609 1132 clr_optimization_v2.0.50727_64 - ok
09:01:13.0656 1132 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:01:13.0672 1132 clr_optimization_v4.0.30319_32 - ok
09:01:13.0687 1132 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:01:13.0703 1132 clr_optimization_v4.0.30319_64 - ok
09:01:13.0750 1132 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:01:13.0750 1132 CmBatt - ok
09:01:13.0812 1132 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:01:13.0812 1132 cmdide - ok
09:01:13.0875 1132 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:01:13.0890 1132 CNG - ok
09:01:13.0906 1132 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:01:13.0906 1132 Compbatt - ok
09:01:13.0937 1132 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:01:13.0937 1132 CompositeBus - ok
09:01:13.0953 1132 COMSysApp - ok
09:01:13.0968 1132 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:01:13.0968 1132 crcdisk - ok
09:01:14.0062 1132 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:01:14.0062 1132 Creative ALchemy AL6 Licensing Service - ok
09:01:14.0093 1132 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:01:14.0093 1132 Creative Audio Engine Licensing Service - ok
09:01:14.0124 1132 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:01:14.0124 1132 CryptSvc - ok
09:01:14.0171 1132 CrystalSysInfo (5228b7a738dc90a06ae4f4a7412cb1e9) C:\Program Files\MediaCoder\SysInfoX64.sys
09:01:14.0171 1132 CrystalSysInfo - ok
09:01:14.0218 1132 CTAudSvcService (65f2ff1cedb89d537aa6768ecdaf408a) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:01:14.0218 1132 CTAudSvcService - ok
09:01:14.0249 1132 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:01:14.0249 1132 CtClsFlt - ok
09:01:14.0280 1132 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
09:01:14.0280 1132 ctxusbm - ok
09:01:14.0358 1132 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:01:14.0374 1132 cvhsvc - ok
09:01:14.0405 1132 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:01:14.0421 1132 DcomLaunch - ok
09:01:14.0467 1132 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:01:14.0483 1132 defragsvc - ok
09:01:14.0514 1132 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:01:14.0514 1132 DfsC - ok
09:01:14.0545 1132 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:01:14.0545 1132 Dhcp - ok
09:01:14.0561 1132 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:01:14.0577 1132 discache - ok
09:01:14.0592 1132 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:01:14.0592 1132 Disk - ok
09:01:14.0623 1132 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:01:14.0623 1132 Dnscache - ok
09:01:14.0655 1132 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:01:14.0655 1132 dot3svc - ok
09:01:14.0686 1132 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:01:14.0686 1132 DPS - ok
09:01:14.0733 1132 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:01:14.0733 1132 drmkaud - ok
09:01:14.0795 1132 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:01:14.0826 1132 DXGKrnl - ok
09:01:14.0857 1132 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
09:01:14.0857 1132 eamonm - ok
09:01:14.0904 1132 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:01:14.0904 1132 EapHost - ok
09:01:15.0060 1132 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:01:15.0138 1132 ebdrv - ok
09:01:15.0169 1132 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:01:15.0186 1132 EFS - ok
09:01:15.0213 1132 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
09:01:15.0214 1132 ehdrv - ok
09:01:15.0259 1132 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:01:15.0276 1132 ehRecvr - ok
09:01:15.0300 1132 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:01:15.0303 1132 ehSched - ok
09:01:15.0337 1132 EhttpSrv (deb2b067745d92ff17a5068dfd2360bc) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
09:01:15.0339 1132 EhttpSrv - ok
09:01:15.0383 1132 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
09:01:15.0403 1132 ekrn - ok
09:01:15.0437 1132 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
09:01:15.0439 1132 ElbyCDIO - ok
09:01:15.0470 1132 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:01:15.0478 1132 elxstor - ok
09:01:15.0505 1132 epfw (443805b5b11c859ac8ca35297648ff0c) C:\Windows\system32\DRIVERS\epfw.sys
09:01:15.0508 1132 epfw - ok
09:01:15.0525 1132 Epfwndis (66e61bc6c9f519a99275eb0f0e530bf4) C:\Windows\system32\DRIVERS\Epfwndis.sys
09:01:15.0526 1132 Epfwndis - ok
09:01:15.0546 1132 epfwwfp (f72c97f3d34ea5ec919c73e3901266bb) C:\Windows\system32\DRIVERS\epfwwfp.sys
09:01:15.0548 1132 epfwwfp - ok
09:01:15.0591 1132 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:01:15.0594 1132 ErrDev - ok
09:01:15.0674 1132 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:01:15.0680 1132 EventSystem - ok
09:01:15.0759 1132 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:01:15.0793 1132 EvtEng - ok
09:01:15.0861 1132 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:01:15.0865 1132 exfat - ok
09:01:15.0906 1132 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:01:15.0915 1132 fastfat - ok
09:01:15.0954 1132 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:01:15.0971 1132 Fax - ok
09:01:15.0999 1132 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:01:16.0001 1132 fdc - ok
09:01:16.0027 1132 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:01:16.0028 1132 fdPHost - ok
09:01:16.0041 1132 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:01:16.0043 1132 FDResPub - ok
09:01:16.0059 1132 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:01:16.0061 1132 FileInfo - ok
09:01:16.0078 1132 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:01:16.0080 1132 Filetrace - ok
09:01:16.0089 1132 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:01:16.0090 1132 flpydisk - ok
09:01:16.0109 1132 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:01:16.0113 1132 FltMgr - ok
09:01:16.0157 1132 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:01:16.0173 1132 FontCache - ok
09:01:16.0251 1132 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:01:16.0251 1132 FontCache3.0.0.0 - ok
09:01:16.0266 1132 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:01:16.0266 1132 FsDepends - ok
09:01:16.0298 1132 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
09:01:16.0313 1132 Fs_Rec - ok
09:01:16.0329 1132 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:01:16.0344 1132 fvevol - ok
09:01:16.0360 1132 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:01:16.0360 1132 gagp30kx - ok
09:01:16.0391 1132 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:01:16.0391 1132 GEARAspiWDM - ok
09:01:16.0422 1132 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:01:16.0438 1132 gpsvc - ok
09:01:16.0454 1132 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:01:16.0454 1132 hcw85cir - ok
09:01:16.0485 1132 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:01:16.0500 1132 HDAudBus - ok
09:01:16.0516 1132 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:01:16.0516 1132 HidBatt - ok
09:01:16.0547 1132 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:01:16.0547 1132 HidBth - ok
09:01:16.0563 1132 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:01:16.0578 1132 HidIr - ok
09:01:16.0610 1132 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:01:16.0610 1132 hidserv - ok
09:01:16.0641 1132 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:01:16.0641 1132 HidUsb - ok
09:01:16.0656 1132 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:01:16.0656 1132 hkmsvc - ok
09:01:16.0703 1132 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:01:16.0703 1132 HomeGroupListener - ok
09:01:16.0734 1132 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:01:16.0734 1132 HomeGroupProvider - ok
09:01:16.0750 1132 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:01:16.0750 1132 HpSAMD - ok
09:01:16.0781 1132 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:01:16.0797 1132 HTTP - ok
09:01:16.0812 1132 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:01:16.0812 1132 hwpolicy - ok
09:01:16.0844 1132 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:01:16.0859 1132 i8042prt - ok
09:01:16.0890 1132 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:01:16.0890 1132 iaStorV - ok
09:01:16.0906 1132 iBtFltCoex (fc47f5cf561bf0fd897efd1a9604dccf) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
09:01:16.0906 1132 iBtFltCoex - ok
09:01:17.0000 1132 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:01:17.0015 1132 idsvc - ok
09:01:17.0296 1132 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:01:17.0483 1132 igfx - ok
09:01:17.0530 1132 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:01:17.0530 1132 iirsp - ok
09:01:17.0577 1132 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:01:17.0608 1132 IKEEXT - ok
09:01:17.0655 1132 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
09:01:17.0655 1132 Impcd - ok
09:01:17.0733 1132 IntcAzAudAddService (d492d3b5a8ddde1d6621a8c53855eabf) C:\Windows\system32\drivers\RTKVHD64.sys
09:01:17.0826 1132 IntcAzAudAddService - ok
09:01:17.0858 1132 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:01:17.0858 1132 IntcDAud - ok
09:01:17.0889 1132 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:01:17.0889 1132 intelide - ok
09:01:17.0904 1132 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:01:17.0904 1132 intelppm - ok
09:01:17.0951 1132 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:01:17.0951 1132 IPBusEnum - ok
09:01:17.0982 1132 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:01:17.0982 1132 IpFilterDriver - ok
09:01:18.0014 1132 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:01:18.0029 1132 iphlpsvc - ok
09:01:18.0045 1132 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:01:18.0045 1132 IPMIDRV - ok
09:01:18.0060 1132 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:01:18.0060 1132 IPNAT - ok
09:01:18.0107 1132 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
09:01:18.0138 1132 iPod Service - ok
09:01:18.0154 1132 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:01:18.0154 1132 IRENUM - ok
09:01:18.0201 1132 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:01:18.0201 1132 isapnp - ok
09:01:18.0216 1132 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:01:18.0216 1132 iScsiPrt - ok
09:01:18.0263 1132 JMCR (43f319de026e04b9cf9219a14bf24fe8) C:\Windows\system32\DRIVERS\jmcr.sys
09:01:18.0279 1132 JMCR - ok
09:01:18.0294 1132 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:01:18.0294 1132 kbdclass - ok
09:01:18.0310 1132 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
09:01:18.0310 1132 kbdhid - ok
09:01:18.0341 1132 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:01:18.0341 1132 KeyIso - ok
09:01:18.0357 1132 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:01:18.0357 1132 KSecDD - ok
09:01:18.0388 1132 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:01:18.0388 1132 KSecPkg - ok
09:01:18.0404 1132 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:01:18.0404 1132 ksthunk - ok
09:01:18.0435 1132 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:01:18.0450 1132 KtmRm - ok
09:01:18.0466 1132 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:01:18.0482 1132 LanmanServer - ok
09:01:18.0513 1132 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:01:18.0513 1132 LanmanWorkstation - ok
09:01:18.0560 1132 LBTServ (19eff704cd16dd0429e128431f1dd631) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:01:18.0575 1132 LBTServ - ok
09:01:18.0606 1132 LEqdUsb (abfd2b5726f4cce49297ae48806cc594) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
09:01:18.0606 1132 LEqdUsb - ok
09:01:18.0606 1132 LHidEqd (933f69cf9acd2498693bfcd7ed68e8d4) C:\Windows\system32\DRIVERS\LHidEqd.Sys
09:01:18.0606 1132 LHidEqd - ok
09:01:18.0638 1132 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:01:18.0638 1132 LHidFilt - ok
09:01:18.0669 1132 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:01:18.0669 1132 lltdio - ok
09:01:18.0700 1132 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:01:18.0700 1132 lltdsvc - ok
09:01:18.0716 1132 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:01:18.0716 1132 lmhosts - ok
09:01:18.0731 1132 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:01:18.0731 1132 LMouFilt - ok
09:01:18.0794 1132 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:01:18.0794 1132 LMS - ok
09:01:18.0840 1132 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:01:18.0840 1132 LSI_FC - ok
09:01:18.0856 1132 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:01:18.0872 1132 LSI_SAS - ok
09:01:18.0887 1132 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:01:18.0887 1132 LSI_SAS2 - ok
09:01:18.0903 1132 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:01:18.0903 1132 LSI_SCSI - ok
09:01:18.0934 1132 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:01:18.0934 1132 luafv - ok
09:01:18.0965 1132 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:01:18.0965 1132 Mcx2Svc - ok
09:01:18.0981 1132 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:01:18.0981 1132 megasas - ok
09:01:19.0043 1132 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:01:19.0059 1132 MegaSR - ok
09:01:19.0106 1132 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
09:01:19.0106 1132 MEIx64 - ok
09:01:19.0137 1132 MemeoBackgroundService (b7c1ba9b0256b66411f09d705117ae66) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
09:01:19.0137 1132 MemeoBackgroundService - ok
09:01:19.0168 1132 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:01:19.0168 1132 MMCSS - ok
09:01:19.0199 1132 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:01:19.0199 1132 Modem - ok
09:01:19.0215 1132 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:01:19.0215 1132 monitor - ok
09:01:19.0246 1132 motccgp (338ba6b7170111edc2e43b5b4eaf17df) C:\Windows\system32\DRIVERS\motccgp.sys
09:01:19.0246 1132 motccgp - ok
09:01:19.0262 1132 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
09:01:19.0262 1132 motccgpfl - ok
09:01:19.0277 1132 motmodem (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
09:01:19.0293 1132 motmodem - ok
09:01:19.0293 1132 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
09:01:19.0293 1132 MotoSwitchService - ok
09:01:19.0308 1132 Motousbnet (db73ee608d06e415e0c4e777c6d7ba56) C:\Windows\system32\DRIVERS\Motousbnet.sys
09:01:19.0324 1132 Motousbnet - ok
09:01:19.0324 1132 motport (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motport.sys
09:01:19.0324 1132 motport - ok
09:01:19.0340 1132 motusbdevice (95a769d672627e10854e167c4746e91a) C:\Windows\system32\DRIVERS\motusbdevice.sys
09:01:19.0355 1132 motusbdevice - ok
09:01:19.0371 1132 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:01:19.0371 1132 mouclass - ok
09:01:19.0386 1132 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:01:19.0402 1132 mouhid - ok
09:01:19.0418 1132 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:01:19.0418 1132 mountmgr - ok
09:01:19.0449 1132 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:01:19.0449 1132 mpio - ok
09:01:19.0464 1132 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:01:19.0464 1132 mpsdrv - ok
09:01:19.0511 1132 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:01:19.0527 1132 MpsSvc - ok
09:01:19.0574 1132 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:01:19.0605 1132 MRxDAV - ok
09:01:19.0652 1132 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:01:19.0652 1132 mrxsmb - ok
09:01:19.0698 1132 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:01:19.0698 1132 mrxsmb10 - ok
09:01:19.0714 1132 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:01:19.0714 1132 mrxsmb20 - ok
09:01:19.0761 1132 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:01:19.0761 1132 msahci - ok
09:01:19.0776 1132 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:01:19.0776 1132 msdsm - ok
09:01:19.0823 1132 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:01:19.0823 1132 MSDTC - ok
09:01:19.0839 1132 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:01:19.0854 1132 Msfs - ok
09:01:19.0854 1132 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:01:19.0854 1132 mshidkmdf - ok
09:01:19.0870 1132 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:01:19.0870 1132 msisadrv - ok
09:01:19.0917 1132 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:01:19.0932 1132 MSiSCSI - ok
09:01:19.0948 1132 msiserver - ok
09:01:19.0979 1132 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:01:19.0995 1132 MSKSSRV - ok
09:01:20.0010 1132 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:01:20.0010 1132 MSPCLOCK - ok
09:01:20.0026 1132 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:01:20.0026 1132 MSPQM - ok
09:01:20.0057 1132 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:01:20.0057 1132 MsRPC - ok
09:01:20.0073 1132 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:01:20.0073 1132 mssmbios - ok
09:01:20.0088 1132 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:01:20.0088 1132 MSTEE - ok
09:01:20.0104 1132 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:01:20.0104 1132 MTConfig - ok
09:01:20.0151 1132 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:01:20.0151 1132 Mup - ok
09:01:20.0198 1132 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:01:20.0213 1132 MyWiFiDHCPDNS - ok
09:01:20.0244 1132 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:01:20.0260 1132 napagent - ok
09:01:20.0276 1132 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:01:20.0291 1132 NativeWifiP - ok
09:01:20.0338 1132 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
09:01:20.0354 1132 NDIS - ok
09:01:20.0385 1132 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:01:20.0400 1132 NdisCap - ok
09:01:20.0400 1132 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:01:20.0400 1132 NdisTapi - ok
09:01:20.0432 1132 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:01:20.0447 1132 Ndisuio - ok
09:01:20.0478 1132 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:01:20.0478 1132 NdisWan - ok
09:01:20.0510 1132 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:01:20.0510 1132 NDProxy - ok
09:01:20.0525 1132 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:01:20.0525 1132 NetBIOS - ok
09:01:20.0541 1132 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:01:20.0556 1132 NetBT - ok
09:01:20.0603 1132 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:01:20.0603 1132 Netlogon - ok
09:01:20.0634 1132 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:01:20.0650 1132 Netman - ok
09:01:20.0650 1132 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:01:20.0666 1132 netprofm - ok
09:01:20.0728 1132 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:01:20.0728 1132 NetTcpPortSharing - ok
09:01:20.0900 1132 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
09:01:21.0024 1132 NETwNs64 - ok
09:01:21.0087 1132 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:01:21.0087 1132 nfrd960 - ok
09:01:21.0149 1132 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:01:21.0149 1132 NlaSvc - ok
09:01:21.0227 1132 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
09:01:21.0243 1132 nmservice - ok
09:01:21.0321 1132 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
09:01:21.0368 1132 NOBU - ok
09:01:21.0414 1132 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:01:21.0414 1132 Npfs - ok
09:01:21.0446 1132 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:01:21.0446 1132 nsi - ok
09:01:21.0461 1132 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:01:21.0461 1132 nsiproxy - ok
09:01:21.0508 1132 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:01:21.0539 1132 Ntfs - ok
09:01:21.0570 1132 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:01:21.0570 1132 Null - ok
09:01:21.0602 1132 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
09:01:21.0602 1132 nusb3hub - ok
09:01:21.0617 1132 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:01:21.0617 1132 nusb3xhc - ok
09:01:21.0680 1132 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
09:01:21.0680 1132 NVHDA - ok
09:01:22.0038 1132 nvlddmkm (24aa5e3ed7a2b48b8e798a1059a2b323) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:01:22.0366 1132 nvlddmkm - ok
09:01:22.0413 1132 nvpciflt (58aa797b41410daea6a6eb33e77f9b7a) C:\Windows\system32\DRIVERS\nvpciflt.sys
09:01:22.0413 1132 nvpciflt - ok
09:01:22.0444 1132 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:01:22.0460 1132 nvraid - ok
09:01:22.0460 1132 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:01:22.0475 1132 nvstor - ok
09:01:22.0491 1132 NvStUSB (92d06926c5da2a2e62e8fb5104f44d92) C:\Windows\system32\DRIVERS\nvstusb.sys
09:01:22.0491 1132 NvStUSB - ok
09:01:22.0538 1132 NVSvc (0f954db804453f5ace4865c3d0b24468) C:\Windows\system32\nvvsvc.exe
09:01:22.0569 1132 NVSvc - ok
09:01:22.0631 1132 nvUpdatusService (a1b93cd258ef1d59efa6c78b5603b7b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:01:22.0662 1132 nvUpdatusService - ok
09:01:22.0725 1132 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:01:22.0725 1132 nv_agp - ok
09:01:22.0725 1132 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:01:22.0740 1132 ohci1394 - ok
09:01:22.0787 1132 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:01:22.0787 1132 ose - ok
09:01:22.0881 1132 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:01:22.0974 1132 osppsvc - ok
09:01:23.0021 1132 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:01:23.0021 1132 p2pimsvc - ok
09:01:23.0068 1132 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:01:23.0084 1132 p2psvc - ok
09:01:23.0146 1132 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:01:23.0146 1132 Parport - ok
09:01:23.0193 1132 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:01:23.0193 1132 partmgr - ok
09:01:23.0224 1132 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:01:23.0224 1132 PcaSvc - ok
09:01:23.0271 1132 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
09:01:23.0333 1132 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
09:01:23.0364 1132 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:01:23.0364 1132 pci - ok
09:01:23.0380 1132 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:01:23.0396 1132 pciide - ok
09:01:23.0442 1132 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:01:23.0442 1132 pcmcia - ok
09:01:23.0474 1132 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:01:23.0474 1132 pcw - ok
09:01:23.0505 1132 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:01:23.0520 1132 PEAUTH - ok
09:01:23.0583 1132 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:01:23.0676 1132 PerfHost - ok
09:01:23.0739 1132 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:01:23.0786 1132 pla - ok
09:01:23.0817 1132 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:01:23.0832 1132 PlugPlay - ok
09:01:23.0864 1132 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys
09:01:23.0864 1132 pnarp - ok
09:01:23.0910 1132 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
09:01:23.0910 1132 pnetmdm - ok
09:01:23.0973 1132 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:01:23.0973 1132 PNRPAutoReg - ok
09:01:24.0020 1132 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:01:24.0035 1132 PNRPsvc - ok
09:01:24.0066 1132 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:01:24.0066 1132 PolicyAgent - ok
09:01:24.0098 1132 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:01:24.0113 1132 Power - ok
09:01:24.0144 1132 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:01:24.0144 1132 PptpMiniport - ok
09:01:24.0176 1132 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:01:24.0176 1132 Processor - ok
09:01:24.0207 1132 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:01:24.0207 1132 ProfSvc - ok
09:01:24.0238 1132 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:01:24.0238 1132 ProtectedStorage - ok
09:01:24.0269 1132 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:01:24.0285 1132 Psched - ok
09:01:24.0285 1132 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys
09:01:24.0300 1132 purendis - ok
09:01:24.0332 1132 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:01:24.0332 1132 PxHlpa64 - ok
09:01:24.0363 1132 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
09:01:24.0363 1132 qicflt - ok
09:01:24.0441 1132 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:01:24.0472 1132 ql2300 - ok
09:01:24.0488 1132 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:01:24.0488 1132 ql40xx - ok
09:01:24.0550 1132 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:01:24.0550 1132 QWAVE - ok
09:01:24.0566 1132 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:01:24.0566 1132 QWAVEdrv - ok
09:01:24.0597 1132 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:01:24.0612 1132 RasAcd - ok
09:01:24.0659 1132 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:01:24.0659 1132 RasAgileVpn - ok
09:01:24.0690 1132 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:01:24.0706 1132 RasAuto - ok
09:01:24.0737 1132 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:01:24.0737 1132 Rasl2tp - ok
09:01:24.0768 1132 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:01:24.0784 1132 RasMan - ok
09:01:24.0800 1132 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:01:24.0800 1132 RasPppoe - ok
09:01:24.0831 1132 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:01:24.0831 1132 RasSstp - ok
09:01:24.0862 1132 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:01:24.0862 1132 rdbss - ok
09:01:24.0878 1132 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:01:24.0878 1132 rdpbus - ok
09:01:24.0893 1132 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:01:24.0893 1132 RDPCDD - ok
09:01:24.0909 1132 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:01:24.0909 1132 RDPENCDD - ok
09:01:24.0924 1132 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:01:24.0924 1132 RDPREFMP - ok
09:01:24.0956 1132 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:01:24.0956 1132 RDPWD - ok
09:01:24.0987 1132 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:01:24.0987 1132 rdyboost - ok
09:01:25.0065 1132 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:01:25.0096 1132 RegSrvc - ok
09:01:25.0143 1132 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:01:25.0143 1132 RemoteAccess - ok
09:01:25.0190 1132 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:01:25.0190 1132 RemoteRegistry - ok
09:01:25.0236 1132 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:01:25.0236 1132 RFCOMM - ok
09:01:25.0268 1132 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
09:01:25.0268 1132 ROOTMODEM - ok
09:01:25.0346 1132 RoxMediaDB12OEM (bddc447ab46625a54619808575d5cb46) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:01:25.0377 1132 RoxMediaDB12OEM - ok
09:01:25.0392 1132 RoxWatch12 (ce203243adf512540249df9c264f12dd) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:01:25.0408 1132 RoxWatch12 - ok
09:01:25.0439 1132 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:01:25.0439 1132 RpcEptMapper - ok
09:01:25.0470 1132 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:01:25.0470 1132 RpcLocator - ok
09:01:25.0548 1132 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:01:25.0548 1132 RpcSs - ok
09:01:25.0564 1132 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:01:25.0564 1132 rspndr - ok
09:01:25.0611 1132 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:01:25.0611 1132 RTL8167 - ok
09:01:25.0642 1132 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:01:25.0642 1132 SamSs - ok
09:01:25.0673 1132 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:01:25.0673 1132 SASDIFSV - ok
09:01:25.0689 1132 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:01:25.0689 1132 SASKUTIL - ok
09:01:25.0751 1132 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:01:25.0751 1132 sbp2port - ok
09:01:25.0814 1132 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:01:25.0814 1132 SCardSvr - ok
09:01:25.0860 1132 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:01:25.0860 1132 scfilter - ok
09:01:25.0907 1132 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:01:25.0923 1132 Schedule - ok
09:01:25.0954 1132 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:01:25.0954 1132 SCPolicySvc - ok
09:01:25.0970 1132 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
09:01:25.0985 1132 sdbus - ok
09:01:26.0001 1132 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:01:26.0016 1132 SDRSVC - ok
09:01:26.0063 1132 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
09:01:26.0063 1132 SeagateDashboardService - ok
09:01:26.0110 1132 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:01:26.0110 1132 SeaPort - ok
09:01:26.0141 1132 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:01:26.0141 1132 secdrv - ok
09:01:26.0172 1132 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:01:26.0172 1132 seclogon - ok
09:01:26.0219 1132 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:01:26.0219 1132 SENS - ok
09:01:26.0266 1132 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:01:26.0266 1132 SensrSvc - ok
09:01:26.0282 1132 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:01:26.0297 1132 Serenum - ok
09:01:26.0313 1132 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:01:26.0313 1132 Serial - ok
09:01:26.0360 1132 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:01:26.0360 1132 sermouse - ok
09:01:26.0406 1132 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:01:26.0422 1132 SessionEnv - ok
09:01:26.0453 1132 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
09:01:26.0453 1132 sffdisk - ok
09:01:26.0453 1132 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:01:26.0453 1132 sffp_mmc - ok
09:01:26.0469 1132 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:01:26.0469 1132 sffp_sd - ok
09:01:26.0516 1132 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:01:26.0516 1132 sfloppy - ok
09:01:26.0562 1132 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
09:01:26.0594 1132 Sftfs - ok
09:01:26.0656 1132 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:01:26.0656 1132 sftlist - ok
09:01:26.0687 1132 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:01:26.0703 1132 Sftplay - ok
09:01:26.0718 1132 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:01:26.0718 1132 Sftredir - ok
09:01:26.0781 1132 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:01:26.0812 1132 SftService - ok
09:01:26.0843 1132 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
09:01:26.0843 1132 Sftvol - ok
09:01:26.0859 1132 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:01:26.0859 1132 sftvsa - ok
09:01:26.0921 1132 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:01:26.0921 1132 SharedAccess - ok
09:01:26.0984 1132 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:01:26.0984 1132 ShellHWDetection - ok
09:01:27.0046 1132 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:01:27.0046 1132 SiSRaid2 - ok
09:01:27.0062 1132 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:01:27.0077 1132 SiSRaid4 - ok
09:01:27.0108 1132 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:01:27.0108 1132 Smb - ok
09:01:27.0140 1132 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:01:27.0140 1132 SNMPTRAP - ok
09:01:27.0186 1132 Sound Blaster X-Fi MB Licensing Service (9b24dca429f819db314f30ee4c6c80fd) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
09:01:27.0186 1132 Sound Blaster X-Fi MB Licensing Service - ok
09:01:27.0233 1132 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:01:27.0233 1132 spldr - ok
09:01:27.0264 1132 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:01:27.0280 1132 Spooler - ok
09:01:27.0374 1132 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:01:27.0436 1132 sppsvc - ok
09:01:27.0483 1132 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:01:27.0483 1132 sppuinotify - ok
09:01:27.0561 1132 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:01:27.0561 1132 srv - ok
09:01:27.0592 1132 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:01:27.0608 1132 srv2 - ok
09:01:27.0639 1132 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:01:27.0639 1132 srvnet - ok
09:01:27.0654 1132 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:01:27.0670 1132 SSDPSRV - ok
09:01:27.0686 1132 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:01:27.0701 1132 SstpSvc - ok
09:01:27.0748 1132 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
09:01:27.0779 1132 stdcfltn - ok
09:01:27.0842 1132 stdriver (50aadc94ba90dc3de1ae0020c877baae) C:\Windows\system32\DRIVERS\stdriver64.sys
09:01:27.0842 1132 stdriver - ok
09:01:27.0904 1132 Stereo Service (a3df1d4a293746a71c4c5c7e71b2734f) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:01:27.0920 1132 Stereo Service - ok
09:01:27.0982 1132 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:01:27.0982 1132 stexstor - ok
09:01:28.0044 1132 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:01:28.0060 1132 stisvc - ok
09:01:28.0107 1132 stllssvr (9e182dd94496550a22a392cc1a8e0f52) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:01:28.0107 1132 stllssvr - ok
09:01:28.0154 1132 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:01:28.0154 1132 swenum - ok
09:01:28.0185 1132 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:01:28.0200 1132 swprv - ok
09:01:28.0263 1132 SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
09:01:28.0278 1132 SynTP - ok
09:01:28.0325 1132 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:01:28.0356 1132 SysMain - ok
09:01:28.0403 1132 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:01:28.0419 1132 TabletInputService - ok
09:01:28.0466 1132 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:01:28.0481 1132 TapiSrv - ok
09:01:28.0512 1132 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:01:28.0512 1132 TBS - ok
09:01:28.0575 1132 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:01:28.0606 1132 Tcpip - ok
09:01:28.0668 1132 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:01:28.0684 1132 TCPIP6 - ok
09:01:28.0731 1132 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:01:28.0731 1132 tcpipreg - ok
09:01:28.0778 1132 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:01:28.0778 1132 TDPIPE - ok
09:01:28.0809 1132 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:01:28.0809 1132 TDTCP - ok
09:01:28.0840 1132 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:01:28.0840 1132 tdx - ok
09:01:28.0871 1132 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:01:28.0871 1132 TermDD - ok
09:01:28.0918 1132 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:01:28.0934 1132 TermService - ok
09:01:28.0965 1132 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:01:28.0965 1132 Themes - ok
09:01:28.0996 1132 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:01:28.0996 1132 THREADORDER - ok
09:01:29.0012 1132 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:01:29.0012 1132 TrkWks - ok
09:01:29.0043 1132 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:01:29.0043 1132 TrustedInstaller - ok
09:01:29.0105 1132 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:01:29.0121 1132 tssecsrv - ok
09:01:29.0152 1132 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:01:29.0152 1132 TsUsbFlt - ok
09:01:29.0199 1132 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:01:29.0199 1132 tunnel - ok
09:01:29.0230 1132 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
09:01:29.0230 1132 TurboB - ok
09:01:29.0292 1132 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:01:29.0292 1132 TurboBoost - ok
09:01:29.0339 1132 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:01:29.0355 1132 uagp35 - ok
09:01:29.0402 1132 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:01:29.0402 1132 udfs - ok
09:01:29.0433 1132 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:01:29.0448 1132 UI0Detect - ok
09:01:29.0464 1132 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:01:29.0464 1132 uliagpkx - ok
09:01:29.0495 1132 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:01:29.0495 1132 umbus - ok
09:01:29.0511 1132 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:01:29.0511 1132 UmPass - ok
09:01:29.0651 1132 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:01:29.0698 1132 UNS - ok
09:01:29.0729 1132 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:01:29.0729 1132 upnphost - ok
09:01:29.0792 1132 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
09:01:29.0792 1132 USBAAPL64 - ok
09:01:29.0854 1132 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
09:01:29.0854 1132 usbbus - ok
09:01:29.0916 1132 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:01:29.0916 1132 usbccgp - ok
09:01:29.0963 1132 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:01:29.0963 1132 usbcir - ok
09:01:29.0994 1132 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
09:01:29.0994 1132 UsbDiag - ok
09:01:30.0026 1132 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:01:30.0026 1132 usbehci - ok
09:01:30.0041 1132 UsbGps (8e36e68c0b7fa174012a61a290351e49) C:\Windows\system32\DRIVERS\lgx64gps.sys
09:01:30.0041 1132 UsbGps - ok
09:01:30.0072 1132 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:01:30.0072 1132 usbhub - ok
09:01:30.0119 1132 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
09:01:30.0119 1132 USBModem - ok
09:01:30.0135 1132 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:01:30.0135 1132 usbohci - ok
09:01:30.0166 1132 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:01:30.0166 1132 usbprint - ok
09:01:30.0213 1132 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:01:30.0228 1132 USBSTOR - ok
09:01:30.0244 1132 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:01:30.0244 1132 usbuhci - ok
09:01:30.0291 1132 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:01:30.0291 1132 usbvideo - ok
09:01:30.0322 1132 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:01:30.0322 1132 UxSms - ok
09:01:30.0353 1132 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:01:30.0353 1132 VaultSvc - ok
09:01:30.0384 1132 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:01:30.0384 1132 vdrvroot - ok
09:01:30.0447 1132 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:01:30.0462 1132 vds - ok
09:01:30.0509 1132 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:01:30.0509 1132 vga - ok
09:01:30.0525 1132 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:01:30.0540 1132 VgaSave - ok
09:01:30.0587 1132 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:01:30.0587 1132 vhdmp - ok
09:01:30.0634 1132 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:01:3
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Mon Apr 09, 2012 5:09 am    Post subject: Reply with quote
Ok it doesn't look like it posted the entire Kapersky's log or any of the extras.txt log either. going to try again one at a time

OTL Extras logfile created on: 4/8/2012 9:52:06 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\CraigCrowAsari\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.92 Gb Total Physical Memory | 3.24 Gb Available Physical Memory | 82.65% Memory free
7.83 Gb Paging File | 7.17 Gb Available in Paging File | 91.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 360.64 Gb Free Space | 79.96% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 1.08 Gb Free Space | 0.23% Space Free | Partition Type: NTFS

Computer Name: DELL-LAPTOP | User Name: CraigCrowAsari | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi Software
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 265.94
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 265.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 265.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0
"{C0D93E4E-0866-43C8-A104-BF41A803EA84}" = ESET Smart Security
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"MediaCoder x64" = MediaCoder x64 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"sp6" = Logitech SetPoint 6.30
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}" = RealNetworks - Microsoft Visual C++ 2005 Runtime
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3516C69A-024D-42A8-B948-FFAA7B9CC49A}" = Windows SideShow Managed Runtime 1.0
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50ACF4F1-D38A-4DCE-8147-0F574CDEF45B}" = Citrix online plug-in (USB)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{597DE5BD-C24B-4D0F-BA2D-F5D591D800DA}" = AccuWeather SideShow Gadget
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75CE8AF5-0A5E-4A42-BC67-F83591DA9A7D}" = Sound Blaster X-Fi MB
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B124E6D3-91B4-4E3C-AD03-BA959B223537}" = Citrix online plug-in (Web)
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D770F4B4-C422-45D9-8CEE-1B4C66E68CA8}" = Dell Stage
"{D899C197-F8C1-4773-9EC4-6C1FBADB9B29}" = Citrix online plug-in (HDX)
"{D8D4ED7E-954C-449D-B21D-6F97036DF0E9}" = Citrix online plug-in (DV)
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF1999B5-40C5-45B3-B001-46EA2B59B484}" = Dell MusicStage
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AnyDVD" = AnyDVD
"AutoUpdater_is1" = Auto Updater 1.0.0.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"Clip Extractor_is1" = Clip Extractor 4.0
"CloneDVD2" = CloneDVD2
"CREATIVE KARAOKE PLAYER" = Creative Karaoke Player
"Dell Webcam Central" = Dell Webcam Central
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"IncrediMail" = IncrediMail 2.0
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.6
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"MixPad" = MixPad Audio Mixer
"Network MagicUninstall" = Network Magic
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"RealPlayer 12.0" = RealPlayer
"Slice" = Slice Audio File Splitter
"SoundTap" = SoundTap Streaming Audio Recorder
"Switch" = Switch Sound File Converter
"TempoPerfect" = TempoPerfect Metronome Software
"Vivitar Experience Image Manager" = Vivitar Experience Image Manager
"WavePad" = WavePad Sound Editor
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite" = Windows Live Essentials
"Zulu" = Zulu DJ Software

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-449897760-650251915-744160365-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/6/2012 1:19:58 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0xb48 Faulting application
start time: 0x01cd13b4de04ec77 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 26cb8536-7fa8-11e1-817c-d465b47d6822

Error - 4/6/2012 2:20:19 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0x9d8 Faulting application
start time: 0x01cd13bd4cbfd82a Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 94867890-7fb0-11e1-ac1e-8ca694bf975c

Error - 4/6/2012 2:24:53 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0xab0 Faulting application
start time: 0x01cd13bdefac27fe Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 3848f174-7fb1-11e1-96de-b4f9e32ba25e

Error - 4/6/2012 2:28:48 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0xac4 Faulting application
start time: 0x01cd13be7baed1f1 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: c448efcc-7fb1-11e1-8527-b980d415e55c

Error - 4/6/2012 3:14:08 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0x8e4 Faulting application
start time: 0x01cd13c4d2cc180e Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 197525dd-7fb8-11e1-834f-88532e00e168

Error - 4/6/2012 3:16:38 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0x8f8 Faulting application
start time: 0x01cd13c52b263ed1 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 72bf79f2-7fb8-11e1-8210-88532e00e168

Error - 4/6/2012 3:25:30 AM | Computer Name = Dell-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 4/6/2012 3:25:30 AM | Computer Name = Dell-Laptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 4/6/2012 6:52:46 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0x864 Faulting application
start time: 0x01cd13e35cb26932 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: a4403297-7fd6-11e1-bf5f-88532e00e168

Error - 4/6/2012 9:32:43 AM | Computer Name = Dell-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.0.9.0, time stamp:
0x4cf3830f Faulting module name: daemonu.exe, version: 1.0.9.0, time stamp: 0x4cf3830f
Exception
code: 0xc000000d Fault offset: 0x0004c866 Faulting process id: 0x9c0 Faulting application
start time: 0x01cd13f9b5b7abba Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: fc7e2cb5-7fec-11e1-ba46-88532e00e168

[ Dell Events ]
Error - 9/4/2011 11:07:57 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/11/2011 10:31:46 AM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/11/2011 10:31:46 AM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/11/2011 7:10:32 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/11/2011 7:10:32 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/13/2011 8:47:32 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/13/2011 8:47:32 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/20/2011 8:48:14 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 3
Description = The process was interrupted before completion.

Error - 9/20/2011 8:48:15 PM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/24/2011 10:41:26 AM | Computer Name = Dell-Laptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 5/8/2011 2:05:50 AM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 2:05:50 AM - Error connecting to the internet. 2:05:50 AM - Unable
to contact server..

Error - 5/8/2011 2:05:57 AM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 2:05:55 AM - Error connecting to the internet. 2:05:55 AM - Unable
to contact server..

Error - 5/8/2011 3:06:03 AM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 3:06:03 AM - Error connecting to the internet. 3:06:03 AM - Unable
to contact server..

Error - 5/8/2011 3:06:09 AM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 3:06:08 AM - Error connecting to the internet. 3:06:08 AM - Unable
to contact server..

Error - 5/8/2011 4:06:17 AM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 4:06:17 AM - Error connecting to the internet. 4:06:17 AM - Unable
to contact server..

Error - 5/8/2011 4:06:23 AM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 4:06:22 AM - Error connecting to the internet. 4:06:22 AM - Unable
to contact server..

Error - 5/30/2011 1:03:05 PM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 1:03:00 PM - Error connecting to the internet. 1:03:00 PM - Unable
to contact server..

Error - 5/30/2011 2:03:13 PM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 2:03:12 PM - Error connecting to the internet. 2:03:12 PM - Unable
to contact server..

Error - 5/30/2011 3:03:21 PM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 3:03:21 PM - Error connecting to the internet. 3:03:21 PM - Unable
to contact server..

Error - 5/30/2011 4:03:29 PM | Computer Name = Dell-Laptop | Source = MCUpdate | ID = 0
Description = 4:03:28 PM - Error connecting to the internet. 4:03:28 PM - Unable
to contact server..

[ System Events ]
Error - 4/8/2012 9:50:24 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:51:48 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:51:48 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:51:48 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:53:50 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:53:50 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:53:50 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:55:24 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:55:24 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 4/8/2012 9:55:24 PM | Computer Name = Dell-Laptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068


< End of report >
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Mon Apr 09, 2012 5:14 am    Post subject: Kapersky's Reply with quote
09:09:38.0720 2024 TDSS rootkit removing tool 2.7.27.0 Apr 9 2012 09:53:37
09:09:38.0954 2024 ============================================================
09:09:38.0954 2024 Current date / time: 2012/04/09 09:09:38.0954
09:09:38.0954 2024 SystemInfo:
09:09:38.0954 2024
09:09:38.0954 2024 OS Version: 6.1.7601 ServicePack: 1.0
09:09:38.0954 2024 Product type: Workstation
09:09:38.0954 2024 ComputerName: DELL-LAPTOP
09:09:38.0954 2024 UserName: CraigCrowAsari
09:09:38.0954 2024 Windows directory: C:\Windows
09:09:38.0954 2024 System windows directory: C:\Windows
09:09:38.0954 2024 Running under WOW64
09:09:38.0954 2024 Processor architecture: Intel x64
09:09:38.0954 2024 Number of processors: 8
09:09:38.0954 2024 Page size: 0x1000
09:09:38.0954 2024 Boot type: Safe boot with network
09:09:38.0954 2024 ============================================================
09:09:39.0890 2024 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:09:39.0890 2024 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:09:39.0890 2024 \Device\Harddisk0\DR0:
09:09:39.0890 2024 MBR used
09:09:39.0890 2024 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x1D4C000
09:09:39.0890 2024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7F000, BlocksNum 0x38606830
09:09:39.0890 2024 \Device\Harddisk1\DR1:
09:09:39.0906 2024 MBR used
09:09:39.0906 2024 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
09:09:39.0937 2024 Initialize success
09:09:39.0937 2024 ============================================================
09:09:43.0291 1240 ============================================================
09:09:43.0291 1240 Scan started
09:09:43.0291 1240 Mode: Manual;
09:09:43.0291 1240 ============================================================
09:09:46.0863 1240 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:09:46.0863 1240 !SASCORE - ok
09:09:46.0972 1240 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:09:46.0972 1240 1394ohci - ok
09:09:47.0019 1240 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
09:09:47.0019 1240 Acceler - ok
09:09:47.0050 1240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:09:47.0050 1240 ACPI - ok
09:09:47.0082 1240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:09:47.0082 1240 AcpiPmi - ok
09:09:47.0128 1240 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:09:47.0128 1240 AdobeARMservice - ok
09:09:47.0160 1240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:09:47.0160 1240 adp94xx - ok
09:09:47.0191 1240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:09:47.0206 1240 adpahci - ok
09:09:47.0206 1240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:09:47.0206 1240 adpu320 - ok
09:09:47.0253 1240 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:09:47.0253 1240 AeLookupSvc - ok
09:09:47.0284 1240 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:09:47.0284 1240 AERTFilters - ok
09:09:47.0316 1240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:09:47.0331 1240 AFD - ok
09:09:47.0347 1240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:09:47.0347 1240 agp440 - ok
09:09:47.0362 1240 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:09:47.0362 1240 ALG - ok
09:09:47.0362 1240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:09:47.0362 1240 aliide - ok
09:09:47.0378 1240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:09:47.0378 1240 amdide - ok
09:09:47.0394 1240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:09:47.0394 1240 AmdK8 - ok
09:09:47.0409 1240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:09:47.0409 1240 AmdPPM - ok
09:09:47.0425 1240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:09:47.0425 1240 amdsata - ok
09:09:47.0425 1240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:09:47.0440 1240 amdsbs - ok
09:09:47.0456 1240 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:09:47.0456 1240 amdxata - ok
09:09:47.0503 1240 androidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
09:09:47.0503 1240 androidusb - ok
09:09:47.0550 1240 AnyDVD (7ce7d6019d0d73f9203ba4ff4ba35b6a) C:\Windows\system32\Drivers\AnyDVD.sys
09:09:47.0550 1240 AnyDVD - ok
09:09:47.0581 1240 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:09:47.0581 1240 AppID - ok
09:09:47.0628 1240 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:09:47.0628 1240 AppIDSvc - ok
09:09:47.0674 1240 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:09:47.0674 1240 Appinfo - ok
09:09:47.0752 1240 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:09:47.0752 1240 Apple Mobile Device - ok
09:09:47.0768 1240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:09:47.0784 1240 arc - ok
09:09:47.0784 1240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:09:47.0784 1240 arcsas - ok
09:09:47.0799 1240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:09:47.0799 1240 AsyncMac - ok
09:09:47.0830 1240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:09:47.0830 1240 atapi - ok
09:09:47.0862 1240 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:09:47.0862 1240 AudioEndpointBuilder - ok
09:09:47.0877 1240 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:09:47.0893 1240 AudioSrv - ok
09:09:47.0908 1240 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:09:47.0908 1240 AxInstSV - ok
09:09:47.0955 1240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:09:47.0955 1240 b06bdrv - ok
09:09:47.0986 1240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:09:47.0986 1240 b57nd60a - ok
09:09:48.0080 1240 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:09:48.0080 1240 BBSvc - ok
09:09:48.0127 1240 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:09:48.0127 1240 BDESVC - ok
09:09:48.0174 1240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:09:48.0174 1240 Beep - ok
09:09:48.0220 1240 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:09:48.0220 1240 BFE - ok
09:09:48.0267 1240 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:09:48.0267 1240 BITS - ok
09:09:48.0283 1240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:09:48.0283 1240 blbdrive - ok
09:09:48.0486 1240 Bluetooth Device Monitor (093b1b419ef25b15d3a1ca6953f41afb) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
09:09:48.0486 1240 Bluetooth Device Monitor - ok
09:09:48.0532 1240 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:09:48.0532 1240 Bonjour Service - ok
09:09:48.0548 1240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:09:48.0548 1240 bowser - ok
09:09:48.0595 1240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:09:48.0595 1240 BrFiltLo - ok
09:09:48.0595 1240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:09:48.0595 1240 BrFiltUp - ok
09:09:48.0673 1240 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:09:48.0673 1240 Browser - ok
09:09:48.0688 1240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:09:48.0688 1240 Brserid - ok
09:09:48.0704 1240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:09:48.0704 1240 BrSerWdm - ok
09:09:48.0704 1240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:09:48.0704 1240 BrUsbMdm - ok
09:09:48.0720 1240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:09:48.0720 1240 BrUsbSer - ok
09:09:48.0751 1240 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
09:09:48.0751 1240 BTCFilterService - ok
09:09:48.0798 1240 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:09:48.0798 1240 BthEnum - ok
09:09:48.0813 1240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:09:48.0813 1240 BTHMODEM - ok
09:09:48.0844 1240 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:09:48.0844 1240 BthPan - ok
09:09:48.0860 1240 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
09:09:48.0860 1240 BTHPORT - ok
09:09:48.0891 1240 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:09:48.0891 1240 bthserv - ok
09:09:48.0907 1240 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
09:09:48.0907 1240 BTHUSB - ok
09:09:48.0954 1240 btmaux (16c1bac9760c9fa85a30f3fa0fbb1b7a) C:\Windows\system32\DRIVERS\btmaux.sys
09:09:48.0954 1240 btmaux - ok
09:09:48.0969 1240 btmhsf (40c6fec49d1cc4d112368a2bcd2bcbb7) C:\Windows\system32\DRIVERS\btmhsf.sys
09:09:48.0985 1240 btmhsf - ok
09:09:49.0000 1240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:09:49.0000 1240 cdfs - ok
09:09:49.0032 1240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:09:49.0032 1240 cdrom - ok
09:09:49.0047 1240 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:09:49.0047 1240 CertPropSvc - ok
09:09:49.0094 1240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:09:49.0094 1240 circlass - ok
09:09:49.0141 1240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:09:49.0141 1240 CLFS - ok
09:09:49.0203 1240 CLKMSVC10_9EC60124 (bb86f147b2a7152e4b4d71a2f0a87d41) c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe

09:09:49.0203 1240 CLKMSVC10_9EC60124 - ok
09:09:49.0234 1240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:09:49.0234 1240 clr_optimization_v2.0.50727_32 - ok
09:09:49.0281 1240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:09:49.0281 1240 clr_optimization_v2.0.50727_64 - ok
09:09:49.0328 1240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:09:49.0328 1240 clr_optimization_v4.0.30319_32 - ok
09:09:49.0344 1240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:09:49.0344 1240 clr_optimization_v4.0.30319_64 - ok
09:09:49.0390 1240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:09:49.0390 1240 CmBatt - ok
09:09:49.0437 1240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:09:49.0437 1240 cmdide - ok
09:09:49.0500 1240 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:09:49.0500 1240 CNG - ok
09:09:49.0515 1240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:09:49.0515 1240 Compbatt - ok
09:09:49.0546 1240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:09:49.0546 1240 CompositeBus - ok
09:09:49.0546 1240 COMSysApp - ok
09:09:49.0562 1240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:09:49.0562 1240 crcdisk - ok
09:09:49.0656 1240 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:09:49.0656 1240 Creative ALchemy AL6 Licensing Service - ok
09:09:49.0687 1240 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:09:49.0687 1240 Creative Audio Engine Licensing Service - ok
09:09:49.0718 1240 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:09:49.0718 1240 CryptSvc - ok
09:09:49.0765 1240 CrystalSysInfo (5228b7a738dc90a06ae4f4a7412cb1e9) C:\Program Files\MediaCoder\SysInfoX64.sys
09:09:49.0765 1240 CrystalSysInfo - ok
09:09:49.0812 1240 CTAudSvcService (65f2ff1cedb89d537aa6768ecdaf408a) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:09:49.0812 1240 CTAudSvcService - ok
09:09:49.0843 1240 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:09:49.0843 1240 CtClsFlt - ok
09:09:49.0874 1240 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
09:09:49.0874 1240 ctxusbm - ok
09:09:49.0952 1240 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:09:49.0968 1240 cvhsvc - ok
09:09:49.0999 1240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:09:49.0999 1240 DcomLaunch - ok
09:09:50.0108 1240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:09:50.0108 1240 defragsvc - ok
09:09:50.0139 1240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:09:50.0139 1240 DfsC - ok
09:09:50.0170 1240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:09:50.0170 1240 Dhcp - ok
09:09:50.0202 1240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:09:50.0202 1240 discache - ok
09:09:50.0217 1240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:09:50.0217 1240 Disk - ok
09:09:50.0248 1240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:09:50.0248 1240 Dnscache - ok
09:09:50.0280 1240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:09:50.0280 1240 dot3svc - ok
09:09:50.0295 1240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:09:50.0295 1240 DPS - ok
09:09:50.0342 1240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:09:50.0342 1240 drmkaud - ok
09:09:50.0420 1240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:09:50.0420 1240 DXGKrnl - ok
09:09:50.0451 1240 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
09:09:50.0467 1240 eamonm - ok
09:09:50.0482 1240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:09:50.0482 1240 EapHost - ok
09:09:50.0607 1240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:09:50.0623 1240 ebdrv - ok
09:09:50.0670 1240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:09:50.0670 1240 EFS - ok
09:09:50.0701 1240 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
09:09:50.0701 1240 ehdrv - ok
09:09:50.0748 1240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:09:50.0748 1240 ehRecvr - ok
09:09:50.0763 1240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:09:50.0763 1240 ehSched - ok
09:09:50.0810 1240 EhttpSrv (deb2b067745d92ff17a5068dfd2360bc) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
09:09:50.0810 1240 EhttpSrv - ok
09:09:50.0857 1240 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
09:09:50.0857 1240 ekrn - ok
09:09:50.0872 1240 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
09:09:50.0872 1240 ElbyCDIO - ok
09:09:50.0919 1240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:09:50.0919 1240 elxstor - ok
09:09:50.0950 1240 epfw (443805b5b11c859ac8ca35297648ff0c) C:\Windows\system32\DRIVERS\epfw.sys
09:09:50.0950 1240 epfw - ok
09:09:50.0966 1240 Epfwndis (66e61bc6c9f519a99275eb0f0e530bf4) C:\Windows\system32\DRIVERS\Epfwndis.sys
09:09:50.0966 1240 Epfwndis - ok
09:09:50.0982 1240 epfwwfp (f72c97f3d34ea5ec919c73e3901266bb) C:\Windows\system32\DRIVERS\epfwwfp.sys
09:09:50.0982 1240 epfwwfp - ok
09:09:51.0028 1240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:09:51.0028 1240 ErrDev - ok
09:09:51.0106 1240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:09:51.0106 1240 EventSystem - ok
09:09:51.0184 1240 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:09:51.0200 1240 EvtEng - ok
09:09:51.0247 1240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:09:51.0247 1240 exfat - ok
09:09:51.0294 1240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:09:51.0294 1240 fastfat - ok
09:09:51.0340 1240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:09:51.0340 1240 Fax - ok
09:09:51.0372 1240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:09:51.0372 1240 fdc - ok
09:09:51.0387 1240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:09:51.0387 1240 fdPHost - ok
09:09:51.0403 1240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:09:51.0403 1240 FDResPub - ok
09:09:51.0434 1240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:09:51.0434 1240 FileInfo - ok
09:09:51.0450 1240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:09:51.0450 1240 Filetrace - ok
09:09:51.0465 1240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:09:51.0465 1240 flpydisk - ok
09:09:51.0481 1240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:09:51.0481 1240 FltMgr - ok
09:09:51.0528 1240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:09:51.0543 1240 FontCache - ok
09:09:51.0590 1240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:09:49.0203 1240 CLKMSVC10_9EC60124 - ok
09:09:49.0234 1240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:09:49.0234 1240 clr_optimization_v2.0.50727_32 - ok
09:09:49.0281 1240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:09:49.0281 1240 clr_optimization_v2.0.50727_64 - ok
09:09:49.0328 1240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:09:49.0328 1240 clr_optimization_v4.0.30319_32 - ok
09:09:49.0344 1240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:09:49.0344 1240 clr_optimization_v4.0.30319_64 - ok
09:09:49.0390 1240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:09:49.0390 1240 CmBatt - ok
09:09:49.0437 1240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:09:49.0437 1240 cmdide - ok
09:09:49.0500 1240 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:09:49.0500 1240 CNG - ok
09:09:49.0515 1240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:09:49.0515 1240 Compbatt - ok
09:09:49.0546 1240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:09:49.0546 1240 CompositeBus - ok
09:09:49.0546 1240 COMSysApp - ok
09:09:49.0562 1240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:09:49.0562 1240 crcdisk - ok
09:09:49.0656 1240 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:09:49.0656 1240 Creative ALchemy AL6 Licensing Service - ok
09:09:49.0687 1240 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:09:49.0687 1240 Creative Audio Engine Licensing Service - ok
09:09:49.0718 1240 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:09:49.0718 1240 CryptSvc - ok
09:09:49.0765 1240 CrystalSysInfo (5228b7a738dc90a06ae4f4a7412cb1e9) C:\Program Files\MediaCoder\SysInfoX64.sys
09:09:49.0765 1240 CrystalSysInfo - ok
09:09:49.0812 1240 CTAudSvcService (65f2ff1cedb89d537aa6768ecdaf408a) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:09:49.0812 1240 CTAudSvcService - ok
09:09:49.0843 1240 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:09:49.0843 1240 CtClsFlt - ok
09:09:49.0874 1240 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
09:09:49.0874 1240 ctxusbm - ok
09:09:49.0952 1240 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:09:49.0968 1240 cvhsvc - ok
09:09:49.0999 1240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:09:49.0999 1240 DcomLaunch - ok
09:09:50.0108 1240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:09:50.0108 1240 defragsvc - ok
09:09:50.0139 1240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:09:50.0139 1240 DfsC - ok
09:09:50.0170 1240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:09:50.0170 1240 Dhcp - ok
09:09:50.0202 1240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:09:50.0202 1240 discache - ok
09:09:50.0217 1240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:09:50.0217 1240 Disk - ok
09:09:50.0248 1240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:09:50.0248 1240 Dnscache - ok
09:09:50.0280 1240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:09:50.0280 1240 dot3svc - ok
09:09:50.0295 1240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:09:50.0295 1240 DPS - ok
09:09:50.0342 1240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:09:50.0342 1240 drmkaud - ok
09:09:50.0420 1240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:09:50.0420 1240 DXGKrnl - ok
09:09:50.0451 1240 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
09:09:50.0467 1240 eamonm - ok
09:09:50.0482 1240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:09:50.0482 1240 EapHost - ok
09:09:50.0607 1240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:09:50.0623 1240 ebdrv - ok
09:09:50.0670 1240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:09:50.0670 1240 EFS - ok
09:09:50.0701 1240 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
09:09:50.0701 1240 ehdrv - ok
09:09:50.0748 1240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:09:50.0748 1240 ehRecvr - ok
09:09:50.0763 1240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:09:50.0763 1240 ehSched - ok
09:09:50.0810 1240 EhttpSrv (deb2b067745d92ff17a5068dfd2360bc) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
09:09:50.0810 1240 EhttpSrv - ok
09:09:50.0857 1240 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
09:09:50.0857 1240 ekrn - ok
09:09:50.0872 1240 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
09:09:50.0872 1240 ElbyCDIO - ok
09:09:50.0919 1240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:09:50.0919 1240 elxstor - ok
09:09:50.0950 1240 epfw (443805b5b11c859ac8ca35297648ff0c) C:\Windows\system32\DRIVERS\epfw.sys
09:09:50.0950 1240 epfw - ok
09:09:50.0966 1240 Epfwndis (66e61bc6c9f519a99275eb0f0e530bf4) C:\Windows\system32\DRIVERS\Epfwndis.sys
09:09:50.0966 1240 Epfwndis - ok
09:09:50.0982 1240 epfwwfp (f72c97f3d34ea5ec919c73e3901266bb) C:\Windows\system32\DRIVERS\epfwwfp.sys
09:09:50.0982 1240 epfwwfp - ok
09:09:51.0028 1240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:09:51.0028 1240 ErrDev - ok
09:09:51.0106 1240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:09:51.0106 1240 EventSystem - ok
09:09:51.0184 1240 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:09:51.0200 1240 EvtEng - ok
09:09:51.0247 1240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:09:51.0247 1240 exfat - ok
09:09:51.0294 1240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:09:51.0294 1240 fastfat - ok
09:09:51.0340 1240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:09:51.0340 1240 Fax - ok
09:09:51.0372 1240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:09:51.0372 1240 fdc - ok
09:09:51.0387 1240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:09:51.0387 1240 fdPHost - ok
09:09:51.0403 1240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:09:51.0403 1240 FDResPub - ok
09:09:51.0434 1240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:09:51.0434 1240 FileInfo - ok
09:09:51.0450 1240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:09:51.0450 1240 Filetrace - ok
09:09:51.0465 1240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:09:51.0465 1240 flpydisk - ok
09:09:51.0481 1240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:09:51.0481 1240 FltMgr - ok
09:09:51.0528 1240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:09:51.0543 1240 FontCache - ok
09:09:51.0590 1240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:09:49.0203 1240 CLKMSVC10_9EC60124 - ok
09:09:49.0234 1240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:09:49.0234 1240 clr_optimization_v2.0.50727_32 - ok
09:09:49.0281 1240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:09:49.0281 1240 clr_optimization_v2.0.50727_64 - ok
09:09:49.0328 1240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:09:49.0328 1240 clr_optimization_v4.0.30319_32 - ok
09:09:49.0344 1240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:09:49.0344 1240 clr_optimization_v4.0.30319_64 - ok
09:09:49.0390 1240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:09:49.0390 1240 CmBatt - ok
09:09:49.0437 1240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:09:49.0437 1240 cmdide - ok
09:09:49.0500 1240 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:09:49.0500 1240 CNG - ok
09:09:49.0515 1240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:09:49.0515 1240 Compbatt - ok
09:09:49.0546 1240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:09:49.0546 1240 CompositeBus - ok
09:09:49.0546 1240 COMSysApp - ok
09:09:49.0562 1240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:09:49.0562 1240 crcdisk - ok
09:09:49.0656 1240 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:09:49.0656 1240 Creative ALchemy AL6 Licensing Service - ok
09:09:49.0687 1240 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:09:49.0687 1240 Creative Audio Engine Licensing Service - ok
09:09:49.0718 1240 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:09:49.0718 1240 CryptSvc - ok
09:09:49.0765 1240 CrystalSysInfo (5228b7a738dc90a06ae4f4a7412cb1e9) C:\Program Files\MediaCoder\SysInfoX64.sys
09:09:49.0765 1240 CrystalSysInfo - ok
09:09:49.0812 1240 CTAudSvcService (65f2ff1cedb89d537aa6768ecdaf408a) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:09:49.0812 1240 CTAudSvcService - ok
09:09:49.0843 1240 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:09:49.0843 1240 CtClsFlt - ok
09:09:49.0874 1240 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
09:09:49.0874 1240 ctxusbm - ok
09:09:49.0952 1240 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:09:49.0968 1240 cvhsvc - ok
09:09:49.0999 1240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:09:49.0999 1240 DcomLaunch - ok
09:09:50.0108 1240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:09:50.0108 1240 defragsvc - ok
09:09:50.0139 1240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:09:50.0139 1240 DfsC - ok
09:09:50.0170 1240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:09:50.0170 1240 Dhcp - ok
09:09:50.0202 1240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:09:50.0202 1240 discache - ok
09:09:50.0217 1240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:09:50.0217 1240 Disk - ok
09:09:50.0248 1240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:09:50.0248 1240 Dnscache - ok
09:09:50.0280 1240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:09:50.0280 1240 dot3svc - ok
09:09:50.0295 1240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:09:50.0295 1240 DPS - ok
09:09:50.0342 1240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:09:50.0342 1240 drmkaud - ok
09:09:50.0420 1240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:09:50.0420 1240 DXGKrnl - ok
09:09:50.0451 1240 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
09:09:50.0467 1240 eamonm - ok
09:09:50.0482 1240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:09:50.0482 1240 EapHost - ok
09:09:50.0607 1240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:09:50.0623 1240 ebdrv - ok
09:09:50.0670 1240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:09:50.0670 1240 EFS - ok
09:09:50.0701 1240 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
09:09:50.0701 1240 ehdrv - ok
09:09:50.0748 1240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:09:50.0748 1240 ehRecvr - ok
09:09:50.0763 1240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:09:50.0763 1240 ehSched - ok
09:09:50.0810 1240 EhttpSrv (deb2b067745d92ff17a5068dfd2360bc) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
09:09:50.0810 1240 EhttpSrv - ok
09:09:50.0857 1240 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
09:09:50.0857 1240 ekrn - ok
09:09:50.0872 1240 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
09:09:50.0872 1240 ElbyCDIO - ok
09:09:50.0919 1240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:09:50.0919 1240 elxstor - ok
09:09:50.0950 1240 epfw (443805b5b11c859ac8ca35297648ff0c) C:\Windows\system32\DRIVERS\epfw.sys
09:09:50.0950 1240 epfw - ok
09:09:50.0966 1240 Epfwndis (66e61bc6c9f519a99275eb0f0e530bf4) C:\Windows\system32\DRIVERS\Epfwndis.sys
09:09:50.0966 1240 Epfwndis - ok
09:09:50.0982 1240 epfwwfp (f72c97f3d34ea5ec919c73e3901266bb) C:\Windows\system32\DRIVERS\epfwwfp.sys
09:09:50.0982 1240 epfwwfp - ok
09:09:51.0028 1240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:09:51.0028 1240 ErrDev - ok
09:09:51.0106 1240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:09:51.0106 1240 EventSystem - ok
09:09:51.0184 1240 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:09:51.0200 1240 EvtEng - ok
09:09:51.0247 1240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:09:51.0247 1240 exfat - ok
09:09:51.0294 1240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:09:51.0294 1240 fastfat - ok
09:09:51.0340 1240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:09:51.0340 1240 Fax - ok
09:09:51.0372 1240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:09:51.0372 1240 fdc - ok
09:09:51.0387 1240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:09:51.0387 1240 fdPHost - ok
09:09:51.0403 1240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:09:51.0403 1240 FDResPub - ok
09:09:51.0434 1240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:09:51.0434 1240 FileInfo - ok
09:09:51.0450 1240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:09:51.0450 1240 Filetrace - ok
09:09:51.0465 1240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:09:51.0465 1240 flpydisk - ok
09:09:51.0481 1240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:09:51.0481 1240 FltMgr - ok
09:09:51.0528 1240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:09:51.0543 1240 FontCache - ok
09:09:51.0590 1240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:09:51.0590 1240 FontCache3.0.0.0 - ok
09:09:51.0668 1240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:09:51.0668 1240 FsDepends - ok
09:09:51.0715 1240 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
09:09:51.0715 1240 Fs_Rec - ok
09:09:51.0746 1240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:09:51.0746 1240 fvevol - ok
09:09:51.0762 1240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:09:51.0762 1240 gagp30kx - ok
09:09:51.0793 1240 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:09:51.0793 1240 GEARAspiWDM - ok
09:09:51.0840 1240 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:09:51.0840 1240 gpsvc - ok
09:09:51.0855 1240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:09:51.0855 1240 hcw85cir - ok
09:09:51.0886 1240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:09:51.0886 1240 HDAudBus - ok
09:09:51.0886 1240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:09:51.0886 1240 HidBatt - ok
09:09:51.0918 1240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:09:51.0918 1240 HidBth - ok
09:09:51.0933 1240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:09:51.0933 1240 HidIr - ok
09:09:51.0964 1240 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:09:51.0964 1240 hidserv - ok
09:09:51.0996 1240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:09:51.0996 1240 HidUsb - ok
09:09:52.0011 1240 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:09:52.0027 1240 hkmsvc - ok
09:09:52.0042 1240 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:09:52.0042 1240 HomeGroupListener - ok
09:09:52.0074 1240 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:09:52.0074 1240 HomeGroupProvider - ok
09:09:52.0089 1240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:09:52.0089 1240 HpSAMD - ok
09:09:52.0120 1240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:09:52.0120 1240 HTTP - ok
09:09:52.0136 1240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:09:52.0136 1240 hwpolicy - ok
09:09:52.0167 1240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:09:52.0167 1240 i8042prt - ok
09:09:52.0198 1240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:09:52.0198 1240 iaStorV - ok
09:09:52.0230 1240 iBtFltCoex (fc47f5cf561bf0fd897efd1a9604dccf) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
09:09:52.0230 1240 iBtFltCoex - ok
09:09:52.0308 1240 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:09:52.0308 1240 idsvc - ok
09:09:52.0542 1240 igfx (553228e67639f52c9bd86362c0c64f85) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:09:52.0620 1240 igfx - ok
09:09:52.0666 1240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:09:52.0666 1240 iirsp - ok
09:09:52.0713 1240 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:09:52.0729 1240 IKEEXT - ok
09:09:52.0744 1240 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
09:09:52.0744 1240 Impcd - ok
09:09:52.0822 1240 IntcAzAudAddService (d492d3b5a8ddde1d6621a8c53855eabf) C:\Windows\system32\drivers\RTKVHD64.sys
09:09:52.0838 1240 IntcAzAudAddService - ok
09:09:52.0869 1240 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:09:52.0869 1240 IntcDAud - ok
09:09:52.0885 1240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:09:52.0885 1240 intelide - ok
09:09:52.0916 1240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:09:52.0916 1240 intelppm - ok
09:09:52.0947 1240 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:09:52.0947 1240 IPBusEnum - ok
09:09:52.0978 1240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:09:52.0978 1240 IpFilterDriver - ok
09:09:53.0010 1240 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:09:53.0025 1240 iphlpsvc - ok
09:09:53.0041 1240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:09:53.0041 1240 IPMIDRV - ok
09:09:53.0056 1240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:09:53.0056 1240 IPNAT - ok
09:09:53.0103 1240 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
09:09:53.0119 1240 iPod Service - ok
09:09:53.0150 1240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:09:53.0150 1240 IRENUM - ok
09:09:53.0197 1240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:09:53.0197 1240 isapnp - ok
09:09:53.0212 1240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:09:53.0212 1240 iScsiPrt - ok
09:09:53.0259 1240 JMCR (43f319de026e04b9cf9219a14bf24fe8) C:\Windows\system32\DRIVERS\jmcr.sys
09:09:53.0259 1240 JMCR - ok
09:09:53.0290 1240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:09:53.0290 1240 kbdclass - ok
09:09:53.0306 1240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
09:09:53.0306 1240 kbdhid - ok
09:09:53.0337 1240 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:09:53.0337 1240 KeyIso - ok
09:09:53.0353 1240 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:09:53.0368 1240 KSecDD - ok
09:09:53.0400 1240 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:09:53.0400 1240 KSecPkg - ok
09:09:53.0431 1240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:09:53.0431 1240 ksthunk - ok
09:09:53.0462 1240 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:09:53.0478 1240 KtmRm - ok
09:09:53.0509 1240 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:09:53.0509 1240 LanmanServer - ok
09:09:53.0524 1240 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:09:53.0540 1240 LanmanWorkstation - ok
09:09:53.0587 1240 LBTServ (19eff704cd16dd0429e128431f1dd631) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:09:53.0587 1240 LBTServ - ok
09:09:53.0634 1240 LEqdUsb (abfd2b5726f4cce49297ae48806cc594) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
09:09:53.0634 1240 LEqdUsb - ok
09:09:53.0649 1240 LHidEqd (933f69cf9acd2498693bfcd7ed68e8d4) C:\Windows\system32\DRIVERS\LHidEqd.Sys
09:09:53.0649 1240 LHidEqd - ok
09:09:53.0680 1240 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:09:53.0680 1240 LHidFilt - ok
09:09:53.0727 1240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:09:53.0727 1240 lltdio - ok
09:09:53.0758 1240 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:09:53.0758 1240 lltdsvc - ok
09:09:53.0774 1240 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:09:53.0774 1240 lmhosts - ok
09:09:53.0790 1240 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:09:53.0790 1240 LMouFilt - ok
09:09:53.0852 1240 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:09:53.0868 1240 LMS - ok
09:09:53.0914 1240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:09:53.0930 1240 LSI_FC - ok
09:09:53.0946 1240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:09:53.0946 1240 LSI_SAS - ok
09:09:53.0961 1240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:09:53.0961 1240 LSI_SAS2 - ok
09:09:53.0977 1240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:09:53.0977 1240 LSI_SCSI - ok
09:09:53.0992 1240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:09:53.0992 1240 luafv - ok
09:09:54.0024 1240 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:09:54.0024 1240 Mcx2Svc - ok
09:09:54.0024 1240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:09:54.0024 1240 megasas - ok
09:09:54.0070 1240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:09:54.0070 1240 MegaSR - ok
09:09:54.0117 1240 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
09:09:54.0117 1240 MEIx64 - ok
09:09:54.0148 1240 MemeoBackgroundService (b7c1ba9b0256b66411f09d705117ae66) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
09:09:54.0148 1240 MemeoBackgroundService - ok
09:09:54.0180 1240 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:09:54.0180 1240 MMCSS - ok
09:09:54.0195 1240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:09:54.0195 1240 Modem - ok
09:09:54.0226 1240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:09:54.0226 1240 monitor - ok
09:09:54.0258 1240 motccgp (338ba6b7170111edc2e43b5b4eaf17df) C:\Windows\system32\DRIVERS\motccgp.sys
09:09:54.0258 1240 motccgp - ok
09:09:54.0273 1240 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
09:09:54.0273 1240 motccgpfl - ok
09:09:54.0289 1240 motmodem (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
09:09:54.0289 1240 motmodem - ok
09:09:54.0304 1240 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
09:09:54.0304 1240 MotoSwitchService - ok
09:09:54.0320 1240 Motousbnet (db73ee608d06e415e0c4e777c6d7ba56) C:\Windows\system32\DRIVERS\Motousbnet.sys
09:09:54.0336 1240 Motousbnet - ok
09:09:54.0336 1240 motport (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motport.sys
09:09:54.0336 1240 motport - ok
09:09:54.0351 1240 motusbdevice (95a769d672627e10854e167c4746e91a) C:\Windows\system32\DRIVERS\motusbdevice.sys
09:09:54.0351 1240 motusbdevice - ok
09:09:54.0398 1240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:09:54.0398 1240 mouclass - ok
09:09:54.0414 1240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:09:54.0414 1240 mouhid - ok
09:09:54.0445 1240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:09:54.0445 1240 mountmgr - ok
09:09:54.0460 1240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:09:54.0460 1240 mpio - ok
09:09:54.0492 1240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:09:54.0492 1240 mpsdrv - ok
09:09:54.0538 1240 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:09:54.0538 1240 MpsSvc - ok
09:09:54.0554 1240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:09:54.0554 1240 MRxDAV - ok
09:09:54.0585 1240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:09:54.0585 1240 mrxsmb - ok
09:09:54.0632 1240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:09:54.0632 1240 mrxsmb10 - ok
09:09:54.0663 1240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:09:54.0663 1240 mrxsmb20 - ok
09:09:54.0694 1240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:09:54.0694 1240 msahci - ok
09:09:54.0710 1240 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:09:54.0710 1240 msdsm - ok
09:09:54.0741 1240 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:09:54.0741 1240 MSDTC - ok
09:09:54.0772 1240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:09:54.0772 1240 Msfs - ok
09:09:54.0788 1240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:09:54.0788 1240 mshidkmdf - ok
09:09:54.0804 1240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:09:54.0804 1240 msisadrv - ok
09:09:54.0835 1240 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:09:54.0835 1240 MSiSCSI - ok
09:09:54.0850 1240 msiserver - ok
09:09:54.0882 1240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:09:54.0882 1240 MSKSSRV - ok
09:09:54.0913 1240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:09:54.0913 1240 MSPCLOCK - ok
09:09:54.0944 1240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:09:54.0944 1240 MSPQM - ok
09:09:54.0975 1240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:09:54.0975 1240 MsRPC - ok
09:09:55.0006 1240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:09:55.0006 1240 mssmbios - ok
09:09:55.0022 1240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:09:55.0022 1240 MSTEE - ok
09:09:55.0038 1240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:09:55.0038 1240 MTConfig - ok
09:09:55.0053 1240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:09:55.0053 1240 Mup - ok
09:09:55.0116 1240 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:09:55.0116 1240 MyWiFiDHCPDNS - ok
09:09:55.0162 1240 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:09:55.0162 1240 napagent - ok
09:09:55.0194 1240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:09:55.0194 1240 NativeWifiP - ok
09:09:55.0240 1240 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
09:09:55.0240 1240 NDIS - ok
09:09:55.0256 1240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:09:55.0272 1240 NdisCap - ok
09:09:55.0272 1240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:09:55.0272 1240 NdisTapi - ok
09:09:55.0303 1240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:09:55.0318 1240 Ndisuio - ok
09:09:55.0350 1240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:09:55.0350 1240 NdisWan - ok
09:09:55.0381 1240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:09:55.0381 1240 NDProxy - ok
09:09:55.0396 1240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:09:55.0396 1240 NetBIOS - ok
09:09:55.0412 1240 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:09:55.0412 1240 NetBT - ok
09:09:55.0460 1240 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:09:55.0461 1240 Netlogon - ok
09:09:55.0491 1240 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:09:55.0494 1240 Netman - ok
09:09:55.0518 1240 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:09:55.0522 1240 netprofm - ok
09:09:55.0583 1240 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:09:55.0584 1240 NetTcpPortSharing - ok
09:09:55.0771 1240 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
09:09:55.0820 1240 NETwNs64 - ok
09:09:55.0868 1240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:09:55.0869 1240 nfrd960 - ok
09:09:55.0925 1240 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:09:55.0928 1240 NlaSvc - ok
09:09:56.0002 1240 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
09:09:56.0006 1240 nmservice - ok
09:09:56.0083 1240 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
09:09:56.0099 1240 NOBU - ok
09:09:56.0127 1240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:09:56.0128 1240 Npfs - ok
09:09:56.0155 1240 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:09:56.0156 1240 nsi - ok
09:09:56.0173 1240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:09:56.0174 1240 nsiproxy - ok
09:09:56.0234 1240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:09:56.0244 1240 Ntfs - ok
09:09:56.0260 1240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:09:56.0260 1240 Null - ok
09:09:56.0291 1240 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
09:09:56.0292 1240 nusb3hub - ok
09:09:56.0315 1240 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:09:56.0317 1240 nusb3xhc - ok
09:09:56.0361 1240 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
09:09:56.0362 1240 NVHDA - ok
09:09:56.0696 1240 nvlddmkm (24aa5e3ed7a2b48b8e798a1059a2b323) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:09:56.0774 1240 nvlddmkm - ok
09:09:56.0821 1240 nvpciflt (58aa797b41410daea6a6eb33e77f9b7a) C:\Windows\system32\DRIVERS\nvpciflt.sys
09:09:56.0821 1240 nvpciflt - ok
09:09:56.0836 1240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:09:56.0836 1240 nvraid - ok
09:09:56.0852 1240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:09:56.0852 1240 nvstor - ok
09:09:56.0867 1240 NvStUSB (92d06926c5da2a2e62e8fb5104f44d92) C:\Windows\system32\DRIVERS\nvstusb.sys
09:09:56.0867 1240 NvStUSB - ok
09:09:56.0914 1240 NVSvc (0f954db804453f5ace4865c3d0b24468) C:\Windows\system32\nvvsvc.exe
09:09:56.0914 1240 NVSvc - ok
09:09:56.0992 1240 nvUpdatusService (a1b93cd258ef1d59efa6c78b5603b7b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:09:56.0992 1240 nvUpdatusService - ok
09:09:57.0055 1240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:09:57.0055 1240 nv_agp - ok
09:09:57.0070 1240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:09:57.0070 1240 ohci1394 - ok
09:09:57.0117 1240 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:09:57.0117 1240 ose - ok
09:09:57.0226 1240 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:09:57.0257 1240 osppsvc - ok
09:09:57.0304 1240 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:09:57.0304 1240 p2pimsvc - ok
09:09:57.0351 1240 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:09:57.0351 1240 p2psvc - ok
09:09:57.0429 1240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:09:57.0429 1240 Parport - ok
09:09:57.0476 1240 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:09:57.0476 1240 partmgr - ok
09:09:57.0507 1240 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:09:57.0507 1240 PcaSvc - ok
09:09:57.0569 1240 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
09:09:57.0569 1240 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
09:09:57.0632 1240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:09:57.0632 1240 pci - ok
09:09:57.0632 1240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:09:57.0632 1240 pciide - ok
09:09:57.0647 1240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:09:57.0647 1240 pcmcia - ok
09:09:57.0694 1240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:09:57.0694 1240 pcw - ok
09:09:57.0710 1240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:09:57.0710 1240 PEAUTH - ok
09:09:57.0772 1240 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:09:57.0772 1240 PerfHost - ok
09:09:57.0850 1240 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:09:57.0866 1240 pla - ok
09:09:57.0897 1240 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:09:57.0897 1240 PlugPlay - ok
09:09:57.0928 1240 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys
09:09:57.0928 1240 pnarp - ok
09:09:57.0975 1240 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys
09:09:57.0975 1240 pnetmdm - ok
09:09:58.0037 1240 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:09:58.0037 1240 PNRPAutoReg - ok
09:09:58.0084 1240 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:09:58.0084 1240 PNRPsvc - ok
09:09:58.0115 1240 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:09:58.0131 1240 PolicyAgent - ok
09:09:58.0162 1240 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:09:58.0162 1240 Power - ok
09:09:58.0193 1240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:09:58.0193 1240 PptpMiniport - ok
09:09:58.0209 1240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:09:58.0209 1240 Processor - ok
09:09:58.0256 1240 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:09:58.0256 1240 ProfSvc - ok
09:09:58.0287 1240 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:09:58.0287 1240 ProtectedStorage - ok
09:09:58.0318 1240 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:09:58.0318 1240 Psched - ok
09:09:58.0349 1240 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys
09:09:58.0349 1240 purendis - ok
09:09:58.0383 1240 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:09:58.0384 1240 PxHlpa64 - ok
09:09:58.0411 1240 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
09:09:58.0412 1240 qicflt - ok
09:09:58.0506 1240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:09:58.0515 1240 ql2300 - ok
09:09:58.0527 1240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:09:58.0528 1240 ql40xx - ok
09:09:58.0575 1240 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:09:58.0577 1240 QWAVE - ok
09:09:58.0589 1240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:09:58.0589 1240 QWAVEdrv - ok
09:09:58.0623 1240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:09:58.0624 1240 RasAcd - ok
09:09:58.0666 1240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:09:58.0666 1240 RasAgileVpn - ok
09:09:58.0678 1240 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:09:58.0680 1240 RasAuto - ok
09:09:58.0709 1240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:09:58.0710 1240 Rasl2tp - ok
09:09:58.0752 1240 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:09:58.0755 1240 RasMan - ok
09:09:58.0773 1240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:09:58.0774 1240 RasPppoe - ok
09:09:58.0795 1240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:09:58.0796 1240 RasSstp - ok
09:09:58.0835 1240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:09:58.0838 1240 rdbss - ok
09:09:58.0850 1240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:09:58.0850 1240 rdpbus - ok
09:09:58.0880 1240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:09:58.0881 1240 RDPCDD - ok
09:09:58.0895 1240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:09:58.0895 1240 RDPENCDD - ok
09:09:58.0908 1240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:09:58.0909 1240 RDPREFMP - ok
09:09:58.0937 1240 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:09:58.0939 1240 RDPWD - ok
09:09:58.0962 1240 rdyboost (34ed295fa0121c241bfef24764fc
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Mon Apr 09, 2012 12:49 pm    Post subject: Reply with quote
Hi TStevenson,

I'm afraid that TDSSKiller log is still incomplete. Please can you open the logfile, select and copy the text from the following point onwards to the end of the logfile and paste into your next post:

Quote:
09:09:58.0623 1240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:09:58.0624 1240 RasAcd - ok


Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Mon Apr 09, 2012 7:37 pm    Post subject: Incomplete log Reply with quote
where is the log file located on my computer? it didn't give an option to save it. do I need to rerun this program?
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Mon Apr 09, 2012 7:40 pm    Post subject: I found it Reply with quote
here is the rest

09:09:58.0623 1240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:09:58.0624 1240 RasAcd - ok
09:09:58.0666 1240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:09:58.0666 1240 RasAgileVpn - ok
09:09:58.0678 1240 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:09:58.0680 1240 RasAuto - ok
09:09:58.0709 1240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:09:58.0710 1240 Rasl2tp - ok
09:09:58.0752 1240 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:09:58.0755 1240 RasMan - ok
09:09:58.0773 1240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:09:58.0774 1240 RasPppoe - ok
09:09:58.0795 1240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:09:58.0796 1240 RasSstp - ok
09:09:58.0835 1240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:09:58.0838 1240 rdbss - ok
09:09:58.0850 1240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:09:58.0850 1240 rdpbus - ok
09:09:58.0880 1240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:09:58.0881 1240 RDPCDD - ok
09:09:58.0895 1240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:09:58.0895 1240 RDPENCDD - ok
09:09:58.0908 1240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:09:58.0909 1240 RDPREFMP - ok
09:09:58.0937 1240 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:09:58.0939 1240 RDPWD - ok
09:09:58.0962 1240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:09:58.0964 1240 rdyboost - ok
09:09:59.0019 1240 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:09:59.0024 1240 RegSrvc - ok
09:09:59.0070 1240 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:09:59.0071 1240 RemoteAccess - ok
09:09:59.0126 1240 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:09:59.0128 1240 RemoteRegistry - ok
09:09:59.0153 1240 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:09:59.0154 1240 RFCOMM - ok
09:09:59.0183 1240 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
09:09:59.0184 1240 ROOTMODEM - ok
09:09:59.0266 1240 RoxMediaDB12OEM (bddc447ab46625a54619808575d5cb46) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:09:59.0273 1240 RoxMediaDB12OEM - ok
09:09:59.0296 1240 RoxWatch12 (ce203243adf512540249df9c264f12dd) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:09:59.0298 1240 RoxWatch12 - ok
09:09:59.0334 1240 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:09:59.0336 1240 RpcEptMapper - ok
09:09:59.0368 1240 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:09:59.0368 1240 RpcLocator - ok
09:09:59.0415 1240 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:09:59.0415 1240 RpcSs - ok
09:09:59.0446 1240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:09:59.0446 1240 rspndr - ok
09:09:59.0493 1240 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:09:59.0493 1240 RTL8167 - ok
09:09:59.0524 1240 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:09:59.0524 1240 SamSs - ok
09:09:59.0555 1240 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:09:59.0555 1240 SASDIFSV - ok
09:09:59.0571 1240 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:09:59.0571 1240 SASKUTIL - ok
09:09:59.0618 1240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:09:59.0618 1240 sbp2port - ok
09:09:59.0696 1240 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:09:59.0696 1240 SCardSvr - ok
09:09:59.0727 1240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:09:59.0727 1240 scfilter - ok
09:09:59.0774 1240 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:09:59.0774 1240 Schedule - ok
09:09:59.0789 1240 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:09:59.0789 1240 SCPolicySvc - ok
09:09:59.0821 1240 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
09:09:59.0821 1240 sdbus - ok
09:09:59.0852 1240 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:09:59.0852 1240 SDRSVC - ok
09:09:59.0899 1240 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
09:09:59.0914 1240 SeagateDashboardService - ok
09:09:59.0945 1240 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:09:59.0945 1240 SeaPort - ok
09:09:59.0961 1240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:09:59.0977 1240 secdrv - ok
09:10:00.0023 1240 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:10:00.0023 1240 seclogon - ok
09:10:00.0070 1240 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:10:00.0070 1240 SENS - ok
09:10:00.0101 1240 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:10:00.0101 1240 SensrSvc - ok
09:10:00.0133 1240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:10:00.0133 1240 Serenum - ok
09:10:00.0148 1240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:10:00.0148 1240 Serial - ok
09:10:00.0179 1240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:10:00.0179 1240 sermouse - ok
09:10:00.0242 1240 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:10:00.0242 1240 SessionEnv - ok
09:10:00.0257 1240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
09:10:00.0257 1240 sffdisk - ok
09:10:00.0273 1240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:10:00.0273 1240 sffp_mmc - ok
09:10:00.0273 1240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
09:10:00.0273 1240 sffp_sd - ok
09:10:00.0289 1240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:10:00.0289 1240 sfloppy - ok
09:10:00.0320 1240 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
09:10:00.0335 1240 Sftfs - ok
09:10:00.0398 1240 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:10:00.0398 1240 sftlist - ok
09:10:00.0429 1240 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:10:00.0429 1240 Sftplay - ok
09:10:00.0445 1240 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:10:00.0445 1240 Sftredir - ok
09:10:00.0507 1240 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:10:00.0523 1240 SftService - ok
09:10:00.0538 1240 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
09:10:00.0538 1240 Sftvol - ok
09:10:00.0569 1240 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:10:00.0569 1240 sftvsa - ok
09:10:00.0616 1240 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:10:00.0632 1240 SharedAccess - ok
09:10:00.0679 1240 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:10:00.0679 1240 ShellHWDetection - ok
09:10:00.0725 1240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:10:00.0725 1240 SiSRaid2 - ok
09:10:00.0741 1240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:10:00.0741 1240 SiSRaid4 - ok
09:10:00.0788 1240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:10:00.0788 1240 Smb - ok
09:10:00.0819 1240 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:10:00.0819 1240 SNMPTRAP - ok
09:10:00.0881 1240 Sound Blaster X-Fi MB Licensing Service (9b24dca429f819db314f30ee4c6c80fd) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
09:10:00.0881 1240 Sound Blaster X-Fi MB Licensing Service - ok
09:10:00.0928 1240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:10:00.0928 1240 spldr - ok
09:10:00.0959 1240 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:10:00.0959 1240 Spooler - ok
09:10:01.0053 1240 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:10:01.0069 1240 sppsvc - ok
09:10:01.0115 1240 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:10:01.0115 1240 sppuinotify - ok
09:10:01.0162 1240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:10:01.0178 1240 srv - ok
09:10:01.0209 1240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:10:01.0209 1240 srv2 - ok
09:10:01.0256 1240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:10:01.0256 1240 srvnet - ok
09:10:01.0287 1240 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:10:01.0303 1240 SSDPSRV - ok
09:10:01.0318 1240 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:10:01.0334 1240 SstpSvc - ok
09:10:01.0349 1240 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
09:10:01.0349 1240 stdcfltn - ok
09:10:01.0381 1240 stdriver (50aadc94ba90dc3de1ae0020c877baae) C:\Windows\system32\DRIVERS\stdriver64.sys
09:10:01.0381 1240 stdriver - ok
09:10:01.0443 1240 Stereo Service (a3df1d4a293746a71c4c5c7e71b2734f) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:10:01.0443 1240 Stereo Service - ok
09:10:01.0490 1240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:10:01.0490 1240 stexstor - ok
09:10:01.0552 1240 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:10:01.0568 1240 stisvc - ok
09:10:01.0677 1240 stllssvr (9e182dd94496550a22a392cc1a8e0f52) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:10:01.0677 1240 stllssvr - ok
09:10:01.0724 1240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:10:01.0724 1240 swenum - ok
09:10:01.0755 1240 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:10:01.0755 1240 swprv - ok
09:10:01.0802 1240 SynTP (5e3b232a614339399acc71fa3aaaaa6b) C:\Windows\system32\DRIVERS\SynTP.sys
09:10:01.0817 1240 SynTP - ok
09:10:01.0864 1240 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:10:01.0880 1240 SysMain - ok
09:10:01.0934 1240 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:10:01.0936 1240 TabletInputService - ok
09:10:01.0990 1240 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:10:01.0993 1240 TapiSrv - ok
09:10:02.0028 1240 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:10:02.0030 1240 TBS - ok
09:10:02.0092 1240 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:10:02.0103 1240 Tcpip - ok
09:10:02.0166 1240 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:10:02.0177 1240 TCPIP6 - ok
09:10:02.0236 1240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:10:02.0237 1240 tcpipreg - ok
09:10:02.0281 1240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:10:02.0281 1240 TDPIPE - ok
09:10:02.0319 1240 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:10:02.0319 1240 TDTCP - ok
09:10:02.0350 1240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:10:02.0351 1240 tdx - ok
09:10:02.0380 1240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:10:02.0381 1240 TermDD - ok
09:10:02.0422 1240 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:10:02.0428 1240 TermService - ok
09:10:02.0463 1240 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:10:02.0464 1240 Themes - ok
09:10:02.0495 1240 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:10:02.0496 1240 THREADORDER - ok
09:10:02.0522 1240 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:10:02.0524 1240 TrkWks - ok
09:10:02.0553 1240 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:10:02.0555 1240 TrustedInstaller - ok
09:10:02.0605 1240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:10:02.0606 1240 tssecsrv - ok
09:10:02.0624 1240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:10:02.0625 1240 TsUsbFlt - ok
09:10:02.0672 1240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:10:02.0673 1240 tunnel - ok
09:10:02.0698 1240 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
09:10:02.0698 1240 TurboB - ok
09:10:02.0753 1240 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:10:02.0754 1240 TurboBoost - ok
09:10:02.0778 1240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:10:02.0779 1240 uagp35 - ok
09:10:02.0799 1240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:10:02.0802 1240 udfs - ok
09:10:02.0840 1240 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:10:02.0842 1240 UI0Detect - ok
09:10:02.0862 1240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:10:02.0863 1240 uliagpkx - ok
09:10:02.0895 1240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:10:02.0896 1240 umbus - ok
09:10:02.0908 1240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:10:02.0909 1240 UmPass - ok
09:10:03.0016 1240 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:10:03.0032 1240 UNS - ok
09:10:03.0071 1240 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:10:03.0074 1240 upnphost - ok
09:10:03.0098 1240 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
09:10:03.0099 1240 USBAAPL64 - ok
09:10:03.0149 1240 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
09:10:03.0150 1240 usbbus - ok
09:10:03.0188 1240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:10:03.0188 1240 usbccgp - ok
09:10:03.0203 1240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:10:03.0203 1240 usbcir - ok
09:10:03.0234 1240 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
09:10:03.0234 1240 UsbDiag - ok
09:10:03.0250 1240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:10:03.0250 1240 usbehci - ok
09:10:03.0266 1240 UsbGps (8e36e68c0b7fa174012a61a290351e49) C:\Windows\system32\DRIVERS\lgx64gps.sys
09:10:03.0281 1240 UsbGps - ok
09:10:03.0297 1240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:10:03.0297 1240 usbhub - ok
09:10:03.0312 1240 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
09:10:03.0312 1240 USBModem - ok
09:10:03.0328 1240 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:10:03.0328 1240 usbohci - ok
09:10:03.0344 1240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:10:03.0344 1240 usbprint - ok
09:10:03.0375 1240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:10:03.0375 1240 USBSTOR - ok
09:10:03.0390 1240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:10:03.0390 1240 usbuhci - ok
09:10:03.0422 1240 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:10:03.0422 1240 usbvideo - ok
09:10:03.0453 1240 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:10:03.0453 1240 UxSms - ok
09:10:03.0484 1240 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:10:03.0484 1240 VaultSvc - ok
09:10:03.0531 1240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:10:03.0531 1240 vdrvroot - ok
09:10:03.0656 1240 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:10:03.0656 1240 vds - ok
09:10:03.0718 1240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:10:03.0718 1240 vga - ok
09:10:03.0749 1240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:10:03.0749 1240 VgaSave - ok
09:10:03.0796 1240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:10:03.0796 1240 vhdmp - ok
09:10:03.0843 1240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:10:03.0843 1240 viaide - ok
09:10:03.0858 1240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:10:03.0858 1240 volmgr - ok
09:10:03.0905 1240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:10:03.0905 1240 volmgrx - ok
09:10:03.0921 1240 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:10:03.0936 1240 volsnap - ok
09:10:03.0952 1240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:10:03.0952 1240 vsmraid - ok
09:10:03.0999 1240 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:10:04.0014 1240 VSS - ok
09:10:04.0046 1240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:10:04.0046 1240 vwifibus - ok
09:10:04.0077 1240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:10:04.0077 1240 vwififlt - ok
09:10:04.0092 1240 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
09:10:04.0092 1240 vwifimp - ok
09:10:04.0139 1240 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:10:04.0139 1240 W32Time - ok
09:10:04.0155 1240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:10:04.0155 1240 WacomPen - ok
09:10:04.0186 1240 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:10:04.0186 1240 WANARP - ok
09:10:04.0202 1240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:10:04.0202 1240 Wanarpv6 - ok
09:10:04.0248 1240 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:10:04.0248 1240 WatAdminSvc - ok
09:10:04.0311 1240 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:10:04.0311 1240 wbengine - ok
09:10:04.0342 1240 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:10:04.0342 1240 WbioSrvc - ok
09:10:04.0389 1240 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:10:04.0404 1240 wcncsvc - ok
09:10:04.0420 1240 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:10:04.0420 1240 WcsPlugInService - ok
09:10:04.0498 1240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:10:04.0498 1240 Wd - ok
09:10:04.0545 1240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:10:04.0545 1240 Wdf01000 - ok
09:10:04.0576 1240 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:10:04.0576 1240 WdiServiceHost - ok
09:10:04.0576 1240 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:10:04.0576 1240 WdiSystemHost - ok
09:10:04.0607 1240 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
09:10:04.0607 1240 wdkmd - ok
09:10:04.0623 1240 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:10:04.0623 1240 WebClient - ok
09:10:04.0670 1240 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:10:04.0670 1240 Wecsvc - ok
09:10:04.0716 1240 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:10:04.0716 1240 wercplsupport - ok
09:10:04.0732 1240 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:10:04.0732 1240 WerSvc - ok
09:10:04.0763 1240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:10:04.0763 1240 WfpLwf - ok
09:10:04.0810 1240 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
09:10:04.0810 1240 WimFltr - ok
09:10:04.0857 1240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:10:04.0857 1240 WIMMount - ok
09:10:04.0888 1240 WinDefend - ok
09:10:04.0888 1240 WinHttpAutoProxySvc - ok
09:10:04.0950 1240 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:10:04.0950 1240 Winmgmt - ok
09:10:05.0044 1240 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:10:05.0060 1240 WinRM - ok
09:10:05.0106 1240 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:10:05.0106 1240 WinUsb - ok
09:10:05.0153 1240 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:10:05.0153 1240 Wlansvc - ok
09:10:05.0184 1240 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:10:05.0200 1240 wlcrasvc - ok
09:10:05.0247 1240 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:10:05.0262 1240 wlidsvc - ok
09:10:05.0294 1240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:10:05.0294 1240 WmiAcpi - ok
09:10:05.0356 1240 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:10:05.0356 1240 wmiApSrv - ok
09:10:05.0418 1240 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:10:05.0418 1240 WPCSvc - ok
09:10:05.0452 1240 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:10:05.0454 1240 WPDBusEnum - ok
09:10:05.0505 1240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:10:05.0505 1240 ws2ifsl - ok
09:10:05.0543 1240 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:10:05.0545 1240 wscsvc - ok
09:10:05.0561 1240 WSearch - ok
09:10:05.0629 1240 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:10:05.0644 1240 wuauserv - ok
09:10:05.0683 1240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:10:05.0684 1240 WudfPf - ok
09:10:05.0744 1240 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:10:05.0745 1240 WUDFRd - ok
09:10:05.0783 1240 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:10:05.0784 1240 wudfsvc - ok
09:10:05.0821 1240 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:10:05.0823 1240 WwanSvc - ok
09:10:05.0866 1240 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:10:05.0936 1240 \Device\Harddisk0\DR0 - ok
09:10:05.0938 1240 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
09:10:05.0940 1240 \Device\Harddisk1\DR1 - ok
09:10:05.0952 1240 Boot (0x1200) (aa8315e1136df24936fa1616f9cc90c7) \Device\Harddisk0\DR0\Partition0
09:10:05.0954 1240 \Device\Harddisk0\DR0\Partition0 - ok
09:10:05.0966 1240 Boot (0x1200) (c845d5c8bb657ee4ebcdf33a84300c9a) \Device\Harddisk0\DR0\Partition1
09:10:05.0968 1240 \Device\Harddisk0\DR0\Partition1 - ok
09:10:05.0970 1240 Boot (0x1200) (8a40452a9695d763c3d7463f46f795c5) \Device\Harddisk1\DR1\Partition0
09:10:05.0971 1240 \Device\Harddisk1\DR1\Partition0 - ok
09:10:05.0971 1240 ============================================================
09:10:05.0971 1240 Scan finished
09:10:05.0971 1240 ============================================================
09:10:05.0978 0336 Detected object count: 0
09:10:05.0978 0336 Actual detected object count: 0
09:14:46.0012 1756 Deinitialize success
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Tue Apr 10, 2012 2:49 am    Post subject: Reply with quote
Hi TStevenson,

Thank you for the logs and your patience. Smile

I notice your D: drive is excessively full - only 1Gb (0.23%) of free space remains. Ideally 15% of the drive should be kept free for optimum performance.
I suggest you consider either backing up some of the data and removing it from the D: drive or moving some of the data to the C: drive.

In addition, your paging file appears to be excessively large - 7.83Gb. It is advisable to reset the paging file size to a lower value - 4Gb at the maximum, although your system may be able to perform equally well with just a 1Gb paging file, which is the minimum I would recommend.
Please can you confirm where the paging file resides? If it is on the D: drive this could be contributing to your computer problems. With your current disk space availability it is advisable for the paging file to be located on your C: drive.

To Change Paging File Configuration:
  1. Click on Start, right-click on Computer and then select Properties.
  2. Click on Advanced system settings in the left-hand pane.
  3. Under the Advanced tab in the Performance section, click on the Settings button.
  4. In the Perfomance Options window, click on the Advanced tab.
  5. Under the Virtual Memory section, click on the Change button.
  6. Configure the Virtual Memory settings as required.
  7. When done, click on the OK button to save the changes.
  8. Close all windows and Restart the computer to allow the changes to take effect.
Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before we proceed please make sure any open programs are closed.

Step 1:
OTL - Script
  1. Right-click on OTL.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  2. Copy and Paste the following code into the textbox. Do not include the word Code.
    Code:
    :otl
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: <mailto:HKLM%5CSoftware%5CMozillaPlugins%5C@Apple.com/iTunes,version=:> File not found
    O4 - HKLM..\RunOnce: [iolo WebUpdate Reboot] File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab> (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} <http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab> (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab> (Reg Error: Key error.)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} <http://download.eset.com/special/eos/OnlineScanner.cab> (Reg Error: Key error.)

    :files
    ipconfig /flushdns /c
    C:\Users\CraigCrowAsari\AppData\Roaming\iolo

    :commands
    [PURITY]
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    [REBOOT]

  3. Then click the Run Fix button at the top.
  4. Click .
  5. OTL may ask to reboot the machine. Please do so if asked.
  6. The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Step 2:
MBRCheck - Scan

Let's see if this tool will help to reveal anything further.
  1. Please download MBRCheck.exe © a_d_13 to your Desktop.
    Alternate links: Link 2 or Link 3
  2. Right-click on MBRCheck.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  3. A small black window will open with some information. Please do not fix anything (- if it gives you an option).
  4. If an unknown boot code is detected additional options will be presented. At this time press N then press Enter twice to continue.
  5. When the scan has completed you should see the message Done! Press ENTER to exit... Press Enter to exit the program.
    A file named MBRCheck_mm.dd.yy_hh.mm.ss.txt will appear on your Desktop.
  6. Please Copy and Paste the entire contents of the MBRCheck_mm.dd.yy_hh.mm.ss.txt file into your next reply.
Step 3:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. Where does the system paging file reside? What changes have you made, if any?
  3. OTL Fix Report.
  4. MBRCheck_mm.dd.yy_hh.mm.ss.txt.

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Tue Apr 10, 2012 5:37 am    Post subject: Thanks again Reply with quote
I did not have any problems carrying out the instructions. I do not know where the pagefile is. I did a search for it and the only thing that came up was the reference to it in the OTL extras document. I changed the page file to min 1gb and max 4gb. My D: drive is just for backups from what I understand(I am not sure though). When I click on anything on that drive and check the properties nothing shows big enough to use that much space not even combined. Here are my logs,

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\iolo WebUpdate Reboot not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\CraigCrowAsari\Desktop\cmd.bat deleted successfully.
C:\Users\CraigCrowAsari\Desktop\cmd.txt deleted successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo\SafetyNet\Temp folder moved successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo\SafetyNet\Sched folder moved successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo\SafetyNet folder moved successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo\Registry\Working folder moved successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo\Registry\Last folder moved successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo\Registry folder moved successfully.
C:\Users\CraigCrowAsari\AppData\Roaming\iolo folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Craig Asari2

User: CraigAsari516
->Temp folder emptied: 32348 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 2843 bytes

User: CraigAsari516.DELL-LAPTOP
->Temp folder emptied: 34733 bytes
->Temporary Internet Files folder emptied: 33438 bytes
->Flash cache emptied: 56475 bytes

User: CraigCrowAsari
->Temp folder emptied: 1480 bytes
->Temporary Internet Files folder emptied: 1379794 bytes
->Google Chrome cache emptied: 34196759 bytes
->Flash cache emptied: 56979 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 199 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 34.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.39.2 log created on 04102012_092339

Files\Folders moved on Reboot...
C:\Users\CraigCrowAsari\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Dell System XPS L702X
Logical Drives Mask: 0x0001001c

Kernel Drivers (total 210):
0x0321C000 \SystemRoot\system32\ntoskrnl.exe
0x03804000 \SystemRoot\system32\hal.dll
0x00BB4000 \SystemRoot\system32\kdcom.dll
0x00C94000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CE3000 \SystemRoot\system32\PSHED.dll
0x00CF7000 \SystemRoot\system32\CLFS.SYS
0x00E28000 \SystemRoot\system32\CI.dll
0x00EE8000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F8C000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F9B000 \SystemRoot\system32\drivers\ACPI.sys
0x00FF2000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00E00000 \SystemRoot\system32\drivers\msisadrv.sys
0x00D55000 \SystemRoot\system32\drivers\pci.sys
0x00E0A000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00D88000 \SystemRoot\System32\drivers\partmgr.sys
0x00E17000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00D9D000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00DA9000 \SystemRoot\system32\drivers\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys
0x00C76000 \SystemRoot\system32\drivers\atapi.sys
0x00DBE000 \SystemRoot\system32\drivers\ataport.SYS
0x00DE8000 \SystemRoot\system32\drivers\msahci.sys
0x00C7F000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00DF3000 \SystemRoot\system32\drivers\amdxata.sys
0x010E9000 \SystemRoot\system32\drivers\fltmgr.sys
0x01135000 \SystemRoot\system32\drivers\fileinfo.sys
0x01149000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0125B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01156000 \SystemRoot\System32\Drivers\msrpc.sys
0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x0121B000 \SystemRoot\System32\drivers\pcw.sys
0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01495000 \SystemRoot\system32\drivers\ndis.sys
0x01588000 \SystemRoot\system32\drivers\NETIO.SYS
0x01400000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x016CC000 \SystemRoot\System32\drivers\tcpip.sys
0x018D0000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0191A000 \SystemRoot\system32\drivers\volsnap.sys
0x01966000 \SystemRoot\system32\DRIVERS\stdcfltn.sys
0x0196F000 \SystemRoot\System32\Drivers\spldr.sys
0x01977000 \SystemRoot\System32\drivers\rdyboost.sys
0x019B1000 \SystemRoot\system32\DRIVERS\nvpciflt.sys
0x019B6000 \SystemRoot\System32\Drivers\mup.sys
0x019C8000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01600000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0163A000 \SystemRoot\system32\DRIVERS\disk.sys
0x01650000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0F0F9000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0FD61000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x0F000000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0FD63000 \SystemRoot\System32\drivers\watchdog.sys
0x0FD73000 \SystemRoot\System32\drivers\dxgmms1.sys
0x01680000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0FDF1000 \SystemRoot\System32\Drivers\Null.SYS
0x016AA000 \SystemRoot\System32\Drivers\Beep.SYS
0x019D1000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x016B1000 \SystemRoot\System32\drivers\vga.sys
0x0142B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x016BF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x019F6000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01450000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01459000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01464000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01236000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01475000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01072000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04027000 \SystemRoot\system32\drivers\afd.sys
0x040B0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x040B9000 \SystemRoot\system32\DRIVERS\pacer.sys
0x040DF000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x040F5000 \SystemRoot\system32\DRIVERS\netbios.sys
0x04104000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0411F000 \SystemRoot\system32\drivers\termdd.sys
0x04133000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x0413D000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x04147000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04198000 \SystemRoot\system32\drivers\nsiproxy.sys
0x041A4000 \SystemRoot\system32\drivers\mssmbios.sys
0x041AF000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x041BB000 \SystemRoot\System32\drivers\discache.sys
0x041CA000 \SystemRoot\System32\Drivers\dfsc.sys
0x04000000 \SystemRoot\system32\DRIVERS\ctxusbm.sys
0x041E8000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x010B7000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0401B000 \SystemRoot\system32\drivers\wmiacpi.sys
0x0483D000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x053EF000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04800000 \SystemRoot\system32\drivers\usbehci.sys
0x04245000 \SystemRoot\system32\drivers\USBPORT.SYS
0x0429B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x056A9000 \SystemRoot\system32\DRIVERS\NETwNs64.sys
0x05F14000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05F21000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x05F52000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05F54000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x05FD9000 \SystemRoot\system32\drivers\i8042prt.sys
0x05600000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04440000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0459A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x045A9000 \SystemRoot\System32\Drivers\AnyDVD.sys
0x045D0000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x045DD000 \SystemRoot\system32\DRIVERS\Accelern.sys
0x045ED000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04400000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04416000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04426000 \SystemRoot\system32\DRIVERS\Epfwndis.sys
0x0560F000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05625000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04431000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05649000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05678000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x042BF000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x042E0000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0443D000 \SystemRoot\system32\drivers\swenum.sys
0x042FA000 \SystemRoot\system32\drivers\ks.sys
0x05693000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0433D000 \SystemRoot\system32\DRIVERS\WDKMD.sys
0x0434D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x043A7000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x043C0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x08277000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x084FF000 \SystemRoot\system32\drivers\portcls.sys
0x0853C000 \SystemRoot\system32\drivers\drmk.sys
0x0855E000 \SystemRoot\system32\drivers\ksthunk.sys
0x08564000 \SystemRoot\system32\DRIVERS\stdriver64.sys
0x08575000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x085C8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x085D6000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x085E2000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x085ED000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00010000 \SystemRoot\System32\win32k.sys
0x08200000 \SystemRoot\System32\drivers\Dxapi.sys
0x0820C000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x08229000 \SystemRoot\System32\Drivers\usbvideo.sys
0x08257000 \SystemRoot\system32\DRIVERS\qicflt.sys
0x043D5000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x08262000 \SystemRoot\system32\DRIVERS\iBtFltCoex.sys
0x022E4000 \SystemRoot\system32\DRIVERS\btmhsf.sys
0x02339000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x02351000 \SystemRoot\System32\Drivers\bthport.sys
0x023DD000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x02200000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x02219000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x02222000 \SystemRoot\system32\DRIVERS\LEqdUsb.Sys
0x02239000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x02247000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x02254000 \SystemRoot\system32\DRIVERS\LHidEqd.Sys
0x0225C000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x02272000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x02286000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x022B2000 \SystemRoot\system32\drivers\BthEnum.sys
0x022C2000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x023EB000 \SystemRoot\system32\DRIVERS\btmaux.sys
0x045F2000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004E0000 \SystemRoot\System32\TSDDD.dll
0x00600000 \SystemRoot\System32\cdd.dll
0x00900000 \SystemRoot\System32\ATMFD.DLL
0x04200000 \SystemRoot\system32\drivers\luafv.sys
0x0385F000 \SystemRoot\system32\DRIVERS\eamonm.sys
0x03938000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x03943000 \SystemRoot\system32\drivers\WudfPf.sys
0x03964000 \SystemRoot\system32\DRIVERS\epfw.sys
0x03991000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x039A6000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03800000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03813000 \SystemRoot\system32\DRIVERS\pnarp.sys
0x0381F000 \SystemRoot\system32\DRIVERS\purendis.sys
0x0382B000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03843000 \SystemRoot\system32\DRIVERS\TurboB.sys
0x07E79000 \SystemRoot\system32\drivers\HTTP.sys
0x07F42000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07F60000 \SystemRoot\System32\drivers\mpsdrv.sys
0x07F78000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07FA5000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x07E00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x08828000 \??\C:\Windows\system32\Drivers\rikvm_9EC60124.sys
0x089E0000 \SystemRoot\system32\DRIVERS\epfwwfp.sys
0x0BE8F000 \SystemRoot\system32\drivers\peauth.sys
0x0BF35000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x0BF3F000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0C22D000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x0C2EE000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x0C33B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0C36C000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0C37E000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0BF4A000 \SystemRoot\System32\DRIVERS\srv.sys
0x0C3E7000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x0BE00000 \SystemRoot\System32\Drivers\fastfat.SYS
0x0E650000 \SystemRoot\system32\drivers\spsys.sys
0x777C0000 \Windows\System32\ntdll.dll
0x47950000 \Windows\System32\smss.exe
0xFFAE0000 \Windows\System32\apisetschema.dll
0xFF720000 \Windows\System32\autochk.exe
0xFFA00000 \Windows\System32\usp10.dll
0x775B0000 \Windows\System32\iertutil.dll
0xFF920000 \Windows\System32\advapi32.dll
0xFF900000 \Windows\System32\sechost.dll
0xFF890000 \Windows\System32\gdi32.dll
0xFF810000 \Windows\System32\difxapi.dll
0xFF7F0000 \Windows\System32\imagehlp.dll
0xFF7C0000 \Windows\System32\imm32.dll
0xFF720000 \Windows\System32\autochk.exe
0xFF540000 \Windows\System32\setupapi.dll
0xFF430000 \Windows\System32\msctf.dll
0xFF420000 \Windows\System32\lpk.dll
0x77990000 \Windows\System32\psapi.dll
0xFF210000 \Windows\System32\ole32.dll
0xFF200000 \Windows\System32\nsi.dll

Processes (total 106):
0 System Idle Process
4 System
336 C:\Windows\System32\smss.exe
492 csrss.exe
644 C:\Windows\System32\wininit.exe
668 csrss.exe
704 C:\Windows\System32\services.exe
728 C:\Windows\System32\lsass.exe
736 C:\Windows\System32\lsm.exe
840 C:\Windows\System32\svchost.exe
900 C:\Windows\System32\nvvsvc.exe
944 C:\Windows\System32\winlogon.exe
988 C:\Windows\System32\svchost.exe
132 C:\Windows\System32\svchost.exe
384 C:\Windows\System32\svchost.exe
576 C:\Windows\System32\svchost.exe
972 C:\Windows\System32\audiodg.exe
1048 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
1112 C:\Windows\System32\svchost.exe
1204 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1216 C:\Windows\System32\nvvsvc.exe
1304 C:\Windows\System32\svchost.exe
1528 C:\Windows\System32\wlanext.exe
1536 C:\Windows\System32\conhost.exe
1596 C:\Windows\System32\spoolsv.exe
1628 C:\Windows\System32\svchost.exe
1732 C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
1816 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1840 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
1864 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1892 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
1928 C:\Program Files\Bonjour\mDNSResponder.exe
2004 C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
2040 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1152 C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
504 C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
2264 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2288 C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
2320 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
2816 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
2840 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2884 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2932 C:\Windows\System32\svchost.exe
2968 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3032 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
1412 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2192 C:\Windows\System32\taskhost.exe
3152 C:\Windows\System32\dwm.exe
3160 C:\Windows\explorer.exe
3192 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
3240 WmiPrvSE.exe
3248 unsecapp.exe
3372 WmiPrvSE.exe
3528 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
3624 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
3656 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
3924 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
4316 C:\Windows\System32\svchost.exe
4544 C:\Windows\System32\rundll32.exe
1808 C:\Windows\System32\SearchIndexer.exe
1360 C:\Windows\notepad.exe
5012 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1032 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
4540 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
5136 C:\Windows\System32\igfxtray.exe
5180 C:\Windows\System32\hkcmd.exe
5204 C:\Windows\System32\igfxpers.exe
5236 C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
5256 C:\Windows\System32\rundll32.exe
5264 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
5304 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
5312 C:\Windows\System32\rundll32.exe
5384 C:\Windows\System32\rundll32.exe
5440 C:\Program Files\ESET\ESET Smart Security\egui.exe
5560 C:\Windows\System32\AMBSpiE.exe
5568 C:\Program Files\Logitech\SetPointP\SetPoint.exe
5816 C:\Program Files (x86)\CyberLink\Shared files\brs.exe
5900 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5960 C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
6068 C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
5552 C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
5576 C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
5700 C:\Program Files (x86)\iTunes\iTunesHelper.exe
6244 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
6312 C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
6616 C:\Windows\System32\SearchProtocolHost.exe
6648 C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
6824 C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
6884 C:\Windows\System32\wbem\unsecapp.exe
7156 C:\Program Files\iPod\bin\iPodService.exe
6656 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
7724 C:\Windows\System32\svchost.exe
7924 C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\chrome.exe
8072 C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\chrome.exe
8164 C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\chrome.exe
8180 C:\Users\CraigCrowAsari\AppData\Local\Google\Chrome\Application\chrome.exe
4276 C:\Windows\System32\svchost.exe
4772 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
5512 C:\Windows\System32\sppsvc.exe
6568 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
4936 C:\Windows\servicing\TrustedInstaller.exe
2756 C:\Windows\System32\SearchFilterHost.exe
2848 C:\Users\CraigCrowAsari\Desktop\MBRCheck.exe
7936 C:\Windows\System32\conhost.exe
5244 C:\Windows\System32\dllhost.exe
580 C:\Windows\System32\wbem\WMIADAP.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`afe00000 (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: ST9500420AS, Rev: D005SDM1
PhysicalDrive1 Model Number: ST9500420AS, Rev: D005SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
465 GB \\.\PhysicalDrive1 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Wed Apr 11, 2012 9:00 pm    Post subject: Reply with quote
Hi TStevenson,

Thank you for the logs. Big Thumb Up

Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed.

Step 1:
Company-Owned Computer?

Entries in the log provided lead me to believe this may be a company-owned computer.
Please confirm whether or not this computer is a company owned computer, a computer used for business or connected to a business network.
If this is not the case, please proceed with Step 2 and clarify for what purposes this computer is used in your next post.

Step 2:
Further Feedback Request
  1. Have you tried booting the computer normally since the change you made to the paging file?
    If not, please can you try to do so and let me know if you can login and get to the desktop.
  2. Are you also able to confirm the date when the computer first failed to boot up in the manner you described?
Step 3:
Online Multi Anti-Virus File Scan

I need to ask you to upload a file for further inspection.

Please go to either: Jotti or Virus Total and upload - only one file per scan - the following file(s) for scanning:
    C:\Windows\System32\AMBSpiE.exe
Using Jotti
  1. Choose the appropriate language. Once a language is selected, you will see a message "Ready to receive files".
  2. Please copy the above full path and file name(s).
  3. Click on the Browse button and paste the copied name into the "File name:" text box. Then click on the Open button.
    The file name should now appear in the online scanner's "File to scan:" box.
  4. Click on the Submit button.
      If you receive the message: "This file has been scanned before. The results for this previous scan are listed below."
      Please click on the Scan again button, so your file will be scanned.
  5. The file will be uploaded and scanned by various Anti-Virus scanners. This may take a few minutes.
  6. When all the scans have been completed. Highlight the results text from the Jotti's malware scan box.
  7. Copy the selected text. Open Notepad. Paste the contents into Notepad. Save the file to a convenient place.
  8. Please repeat this procedure for each file listed above.
  9. Copy and Paste the entire contents of all the Jotti scan results into your next reply.
Using Virus Total
  1. Please copy the above full path and file name(s).
  2. Click on the Browse button and paste the copied name into the "File name:" text box. Then click on the Open button.
    The file name should now appear in the online scanner's text entry box.
  3. Click on the Send File button.
  4. The file will be queued, uploaded and scanned by various Anti-Virus scanners. This may take a few minutes.
      If you receive the message: "File has already been analysed."
      Please click on the Reanalyse file now button, so your file will be scanned.
  5. When the scan is completed click on the Compact icon.
  6. The results will be shown in a grid-like window. Right-click on the text, choose Select All, then Copy the entire contents.
  7. Open Notepad. Paste the result contents into the Notepad window. Save this file to a convenient place.
  8. Please repeat this procedure for each file listed above.
  9. Copy and Paste the entire contents of all the Virus Total scan results into your next reply.
Step 4:
Include in Next Post
  1. Is this computer used for business purposes? If not, please clarify for what purposes the computer is used.
  2. Did you have any problems carrying out the instructions?
  3. Have you tried booting the computer normally since the change you made to the paging file?
    If not, please can you try to do so and let me know if you can login and get to the desktop.
  4. Are you also able to confirm the date when the computer first failed to boot up in the manner you described?
  5. Jotti scan results or Virus Total scan results.
  6. Do you have the original Windows installation media for your PC?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Thu Apr 12, 2012 9:43 am    Post subject: Thanks again Reply with quote
1. This is my personal laptop. Used for personal reasons.
2. I had problems with running Jotti and Virus Total
3. The computer is booting normally now.
4. I believe the problems started on or about 4-5-12
5. I can find the file C:\Windows\System32\AMBSpiE.exe if I search myself, but neither of the 2 programs you gave me were able to find it.
6. This computer came loaded with windows already and there were no installation media with it.
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Thu Apr 12, 2012 11:14 pm    Post subject: Reply with quote
Hi TStevenson,

Thank you for the update feedback. Smile

TStevenson wrote:
The computer is booting normally now.
That's good news. Big Thumb Up

TStevenson wrote:
I had problems with running Jotti and Virus Total ... I can find the file C:\Windows\System32\AMBSpiE.exe if I search myself, but neither of the 2 programs you gave me were able to find it.
Apologies for the inconvenience. Please try the following:

Step 1:
Show Hidden Files and Folders
  1. Click on Start > Computer.
  2. Press the ALT key.
  3. Select the Tools menu and click Folder Options.
  4. Select the View Tab.
  5. Under the Hidden files and folders heading select Show hidden files and folders.
  6. Uncheck the Hide protected operating system files (recommended) option.
  7. Click Yes to confirm.
  8. Click OK.
Step 2:
Show Hidden Files and Folders

Then try re-running the instructions to upload the C:\Windows\System32\AMBSpiE.exe file to Jotti or Virus Total.

Step 3:
Include in Next Post
  1. Did you have any problems carrying out the instructions this time?
  2. Jotti scan results or Virus Total scan results.

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Fri Apr 13, 2012 9:06 am    Post subject: problems loading jotti Reply with quote
Hello again,
I did what you said and the file, C:\Windows\System32\AMBSpiE.exe still was coming up "not Found"
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Fri Apr 13, 2012 10:53 pm    Post subject: Reply with quote
Hi TStevenson,

Apologies for the inconvenience. I can see that the file has already been recently scanned at Virus Total and the results came back clean. Wink

Again, please remember to read the instructions below carefully before executing and perform the steps, in the order given.
If you have any questions about or problems executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Before proceeding please make sure any open programs are closed.

Step 1:
Disable ESET Smart Security
  1. Double-click on the ESET system tray icon: to open the main application window.
  2. Or, click on Start > All Programs > ESET > ESET Smart Security.
  3. Click on Setup > Antivirus and antispyware > Temporarily disable Antivirus and antispyware protection.
  4. When prompted to confirm the temporary disabling of the program, click on the Yes button.
  5. Note: Don't forget to re-enable it after the fix.
Step 2:
Malwarebytes' Anti-Malware

I notice you already have this program installed on your computer. Wink
Let's check for updates and run the program.

Please save any items you have been working on and close any open programs. You may be asked to reboot your machine.
  1. Right-click on the Malwarebytes' Anti-Malware desktop icon and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  2. You will be asked to update the program before performing a scan. Please do so.
    • If an update is found, the program will automatically downoad and install the update.
    • Click on the OK button to close that box and continue.
    • If you have any problems downloading updates download them manually from here and double-click on mbam-rules.exe to complete the installation.
On the Scanner tab:
  1. Make sure the Perform quick scan option is selected.
  2. Then click on the Scan button.
  3. If asked to select the drives to scan, leave all the drives selected and then click on the Start Scan button.
  4. The scan will begin and Scan in progress will show at the top. It may take some time to complete so please be patient.
  5. When the scan is finished, a message box will be displayed saying The scan completed successfully. Click 'Show Results' to display all objects found.
  6. Click on the OK button to close the message box and continue with the removal process.
Back at the main Scanner screen:
  1. Click on the Show Results button to see a list of any malware that was found.
  2. Check all items except items in the C:\System Volume Information folder and then click on the Remove Selected button.
    The System Volume Information items will be taken care of later.
  3. When the removal has been completed, a log report will open in Notepad and you may be prompted to restart your computer. (See Note below).
  4. The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    The log can also be found here:
    C:\Documents and Settings\Account Name\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  5. Please Copy and Paste the entire contents of mbam-log-date (time).txt into your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either prompt and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Step 3:
Java Runtime Environment Update Needed!

Your Java Runtime Environment is out of date.
Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
Please follow these steps to remove older versions of Java components and update:

Attention: Print these instructions or copy them. You will be closing your browser!!

DOWNLOAD UPDATED VERSION:
  1. Get the latest version of Java Runtime Environment (JRE) © Oracle Corporation.
  2. Look for Java SE 7u3.
  3. Click on the JRE Download button to the right.
  4. Then check the Accept License Agreement option.
  5. Locate the entry for Windows x64 (64-bit), click on the file name jre-7u3-windows-x64.exe and save the file to your Desktop.
<STOP> Do not install the new version of Java yet. We need to do some cleanup first!

REMOVE OLD JAVA VERSIONS:
  1. Close any programs you may have running - especially your web browser.
  2. Click on Start > Control Panel > Programs.
      Depending on your current view setting, then:
    • Double-click on Programs and Features.
    • Under Programs, click on Uninstall a program and remove all older versions of Java as follows:

  3. Scroll down to locate the following program(s):

      Java(TM) 6 Update 24
      Java(TM) 6 Update 22 (64-bit)

  4. Select the program and click on Uninstall to uninstall it.
  5. Repeat steps 3 - 4 for each program in the list.
  6. When finished Close the Control Panel window.
Delete Old Java Folder
  1. Click on Start > Computer.
  2. Then navigate to and find the following folder: if found, delete it.
    It is possible it may have been removed by the uninstall steps.
    C:\Program Files\Java\ <==== delete this entire folder
  3. When finished, Close and Exit Explorer.
INSTALL UPDATED VERSION:
  1. Close all open applications (standard), especially your browser.
  2. Right-click on jre-7u3-windows-x64.exe and select the Run As Administrator option to run the installer. If you receive a UAC prompt, please allow it.
  3. Follow the on-screen instructions. When the installation has completed successfully, Reboot your computer normally.
  4. Once the computer has been restarted, you can delete the downloaded installation file from your desktop.
OPTIONAL:
To prevent some unnecessary JAVA components from running when you boot your computer each time:
  1. Click on Start > Control Panel > Programs and then click on the JAVA icon.
  2. Click on the Update tab and UNCHECK the Check for Updates Automatically option. (You can check for updates manually.)
      Reply Never Check to the warning prompt.

  3. Now click on the Advanced tab and then click on the [+] to expand the Miscellaneous options.
  4. UNCHECK the Java Quick Starter option.
  5. Click on the Apply button and then the OK button to save the changes.
  6. Then Close the Java Control Panel and Close and Exit Control Panel.
If you choose to update via the Java applet in Control Panel, uncheck the option to install the Google Toolbar unless you want it.

Step 4:
Online Scan - Panda ActiveScan

Please make sure your Anti-virus real-time protection is temporarily disabled. If active, it could impact the online scan.
  1. Make sure all browser windows are closed.
  2. Right-click on the Internet Explorer icon on the Start Menu or Quick Launch and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
    You must use Internet Explorer as the scan requires ActiveX.
  3. Please go to Panda ActiveScan © Panda Security to perform a free online scan.
  4. Click on the Scan your PC now button.
    A new window will open.
  5. Select your country and type in your email address. You may also optionally choose to receive emails from Panda. If you don't wish to, please select I do not want to receive marketing information from Panda Software and/or its International Representatives where applicable option.
  6. Click on Free online scan.
  7. You will be prompted to install an ActiveX module. Please allow it.
  8. Once installed, it will start downloading the virus definitions. This takes a while. Please be patient.
  9. Once the files are downloaded, it will ask you to select what to scan. Select My Computer.
  10. The scan will start. This can take some time. So, again, please be patient.
  11. When the scan has completed, click on View Report.
  12. The report will be displayed in separate browser window. Click on Save Report.
  13. Save the report as ActiveScan.txt to your Desktop.
  14. Please Copy and Paste the entire contents of the ActiveScan.txt file into your next reply.
Remember to re-enable your Anti-virus application after running the above scan!

Step 5:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. mbam-log-date (time).txt.
  3. ActiveScan.txt
  4. How is the computer now running?

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Sun Apr 15, 2012 8:25 pm    Post subject: Ok I was out of town all weekend Reply with quote
I was out of town since Friday and just got back in on Sunday night. I will try to run these things tomorrow morning TY
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Mon Apr 16, 2012 12:37 am    Post subject: Reply with quote
Hi TStevenson,

Thank you for the update. Please post the logs when you are ready. Wink

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Mon Apr 16, 2012 8:27 am    Post subject: Had problems Reply with quote
I did everything exept the panda scan. When I tried to run it I got this message:

"Oh! It seems that your version of Internet Explorer is 64-bit. Unfortunately, ActiveScan 2.0 does not run correctly with this browser."


Here is my mbam log

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.16.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
CraigCrowAsari :: DELL-LAPTOP [administrator]

4/16/2012 11:37:32 AM
mbam-log-2012-04-16 (11-37-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 252804
Time elapsed: 3 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Mon Apr 16, 2012 9:40 pm    Post subject: Reply with quote
Hi TStevenson,

Thank you for the log and feedback.
TStevenson wrote:
I did everything exept the panda scan. ...
Apologies for the inconvenience. Sad
Please try one of the following alternative online scanners:

Step 1:
Online Scan Alteratives

Note: Please make sure you are logged into an account with administrative privileges.

Please make sure also that your ESET Smart Security protection is temporarily disabled. If active, it could impair the online scan.

Remember to right-click on your Web Browser icon on the Start Menu or Quick Launch and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
    F-Secure Online Scan - IE

    1. Launch Internet Explorer.
    2. Then please go HERE to run an online scan from F-Secure.
    3. Click on Start scanning.
    4. This will open a new window:
    5. It will require an activeX control. Please install it.
    6. Click on Accept.
    7. Click on Full System Scan.
    8. It will now download the scanner this may take a while please be patient.
    9. It will then start scanning wait for the scan to finish.
    10. Click Automatic cleaning (recommended).
    11. Wait for it finish the cleaning process.
    12. Click on show report. This will automatically open up a window containing the results of the scan.
    13. Please Copy and Paste the entire contents of the F-Secure Scan Report into your next reply.
    Bitdefender Online QuickScan - Google Chrome

    1. Launch Google Chrome.
    2. Then go to the Bitdefender Online Scanner webpage to perform an online scan.
    3. Click on the Start Scanner button.
    4. Click on the Continue button under QuickScan in the left-hand pane of the next window.
    5. Click on the Scan now button.
    6. A pop-up message will appear:
      Quote:
      Firefox prevented this site (quickscan.bitdefender.com) from asking you to install software on your computer.
      Click on the Allow button to continue.
    7. At the Install add-ons only from authors you trust windows click on the Install Now button
    8. A pop-up message will appear:
      Quote:
      Firefox prevented this site (quickscan.bitdefender.com) from asking you to install software on your computer.
      click on the Restart Now button ... Firefox will restart taking you back to the initial Bitdefender Online Scanner webpage.
    9. Again, click on the Start Scanner button and then click on the Continue button under QuickScan in the left-hand pane of the next window.
    10. Click on the Scan now button and the Bitdefender QuickScan will start the scanning process.
    11. Upon completion of the scan, click on the View report link.
    12. Please Copy and Paste the entire contents of the Bitdefender QuickScan Report into your next reply.
Step 2:
Include in Next Post
  1. Did you have any problems carrying out the instructions?
  2. F-Secure Scan Report or Bitdefender QuickScan Report.

Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Tue Apr 17, 2012 11:13 pm    Post subject: Hello again Reply with quote
No problems with instructions here is the log


Scanning Report

Wednesday, April 18, 2012 02:14:36 - 02:51:32

Computer name: DELL-LAPTOP
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\ D:\ Q:\ Y:\

No malware found

Statistics

Scanned:
Files: 82902
System: 6225
Not scanned: 314
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Not cleaned: 0
Submitted: 0
Files not scanned:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\03F55735916EEDC1692A368F134169E8_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\062B4A5E899E54982795F32BFFEFDB03_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02283AAF9E91F104C88781257BB60E64_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\021F9CB25D6308608F6ED4D3B315023E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\066975C6032342F28B34E7019954926B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\07DDC0416392DB1CA6F126D5DAD81403_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\062D5765F71390FBC125E0C5938E5CFD_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\08A8674150347AEEA1E0E580FDCADF2C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\08C1173876AD2D4FA2AA9906E44EE0A4_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\08D15BABB6CD9DC164982AC524048690_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A1F13CFF73213C246CCC9E72E91699D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A3A512E121163678653F767AF8B9FA3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A557C26459516C76786CAC93529122E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0B2396B57DC1DDFEA5DADE5FF238225E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0E64DEAC3012EAD4701C539235E04BA0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0712ABA4D83B4EB3C08C18DE1C776A39_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0F1C17D12352C1BB1B7056998EE96658_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0F978440163B23BDCD218C202D7B9888_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0FF9AFE41A98FAF9B700F5E40700CE5C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\13825B630A113A2B40D331C06EC963B4_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1496B9D87E02CDCB8F90DE019DA68333_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\14D20B9A0ECC12272F9AC57409446434_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\14F2773D1DDC69B5DDB072BB1D175701_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1586096A868528959164F06B8E0BCBE7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\169A429772C28F2EC621F237EBB7446C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\169BA4695431CC00A44DE9DC28CE5063_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\146F2898BD9A2F77ABF01FF4311D7604_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\178D4C6DE7D9FDA59F01682F25B56FFF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\176BE1BB08A549A5FA038103FC1E2E2D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\189719E8EBAEBE64C266B8E0D881D999_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0FD6D63CC5B8ECAE80676B6700C7C57D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\19AC484F0A3C208836E3C70F4F599008_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\19DD26226AA8838BE7712D35A3093D45_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\13D1BFDE7F78449987499481E9D430DB_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1A0879CC75473C33FE47A17307733E95_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1D252F7561B6E62D00E7F39A8863DA1A_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F2B94C22A933B22FDBB04B37346D3D1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\127C296E0179F60F844800E6EC1968F6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F843990BE30727F5AFBC8491FF069CC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20903A717CE0C6AA9D58C25C2DB11F8D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20929D27C5CEF1AB997F3BDFEB1826EB_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1E52C09653CC37CE326A2BBE9DE0632B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20A26836CDA285C42AEFFC4C86691832_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\229BB4090E8308D711983871E3C42BA8_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\18D9BB78C0FA016E44D32DC2B6245660_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\23A35557D9F08BD22EADE2CFB857DAEF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\262080DF3D9530C07D571D886A32F89C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\29ED8FC79A5BB4506A9FA860149459E9_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\219EC5E156874B558D52A7828551C5FE_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20B7FE47F9DE15D16A823565D7C01149_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2F0A6D6B6E38431BA8CDE3BE7FFF499C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2FB8393519F6F06764A7545944FCA21E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2BB8A75BB95208BD016524EDE446D9E6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\301455FEAE6498058DBA50A9A64E8A2C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\307825C8FFD17C50526CD08963917C8F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3126E7D5956ADE3CDAC678CF23BD6D79_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\21DB4936892944D1CA641D0CB8EC8F16_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\31A3EB8F36EBF873FE7C82459A2C8261_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\327E37ED0546076B5BFC689323552F78_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A550706470EA3BEC8FB42CB3BAC368E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3450B7C9AEDB11E9C882A7BFFF7C28D9_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\34E18D8D1FA6FE82BFB3B5C64614CD83_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\32910BB92CD80900F30302CB11C242CD_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3189DA62BB372899F92E65EC14721353_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\362FDC2313006424379A51E5F5AB59A1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\36C1C346B39F32218BDE8C39046551DC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\324D7AD5D9897B765D8FB8C39CB1EED6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D1CF2011A32B7D9ED7542D0990BE099_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D8E2D8D56B3EAF1E6B410520BFE77E0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40071A69B74E6AC97BCBB9BE9A5B96D9_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40108D8A9D44D6223ACFB357725348EA_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4072B78E0AD655466E7E1C6EDE966631_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40A6D38020A15A0EEBB0B7FA17E892B2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D2620DDDB62B12548482D86932E3C16_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40D4B574EEF57555780C88032A703E3B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40FD8DB03A57C9A66122A0FEE609065B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\43DC5F7CE2B0D23EB12C25EC873053C7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\37AC2E06C4663EA8F27802539F66B2B2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\43DE0953D3C4019183593A328D04AF43_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\466CF278E316EB64E278DF1A95FBEB36_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4743FCBB00C41AFED43F4CF11F468924_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4A2B98759BD9A4C01683BD6B0300A631_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D6BD7D44B8EB46DBB092B4ACDF0ACA7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E00DBB387073F69D46090B2915F7318_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\48963EF0CB512311369F37F2CB0CEB7F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E749C442B5F6ED2C2EE79B6739AC8AF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E7836173DBA73C17771713F4E899EDF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\506A9A848CFF5CBD5F09D0E5C4971998_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4FE3742F2AFA9F569BC3A668A6664FE2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\549160A130A37C92E186E3C54F016206_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\54D3EBB186780856525EB6D02479691C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\483CF379A4BF63870167E47E9860928C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5744B0987042884A499E580DC0C0D641_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\58D8A6531924C8671F8A35888ADBD453_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\54F0EFA85A952D3893D9EA41532B8F26_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\59CFF6603E25AEC5096E929EFF368DB7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\59FF76F70074BFE1E5B519641F39A5E6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A20D5C656BE1583195F814BAC784613_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\56ACDA5EF739D057F2A7EC7EC21C1B4A_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5B211D5915F7F7074DF77B2340C2F8B0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5B5AD8B29898CF33F8EE35FD3F59EC2B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5C4E533BED32C63549D17242DA9A8C93_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D9D50C6C08CD4F28581C23F35CE83D3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\55AA57E24A92ADC650BB29A346943FEA_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\60DB95F9F17623D9D722C2015DCA8B7E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6091D6A3886226FB109BD4A8C1446DF4_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\60EB5F5C449A49E21D63F689ED011A34_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\60EE693327DF08B59F6643B198FA51E0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6244072DBB38E1D932381CB47A9CA28B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5E84F7C4A33C436BEB48722BBEFBE5AC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\50CDD157E3AE02ECD0527C339CCE6D35_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\63223683BCF368C21D57CD8B7A84C596_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\651F62FEB7A5BB7AD706EA215E9810F9_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\663DFF177D76D473A9759321DC193CA0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\63A534EFD532B6924B6B0886F0C27154_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\687BDBFAB0B8BD4E9AE754DFF7986B37_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6256BCDD619E086AE66A7E4A16AFAC0C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\67657FF53B487C512A739968B2E7144F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\690EA699E7F35EA54A73F26A97F4C061_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6C8D9D0D27F7A04F3FA593EC05C0D4AC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6B2E4D13158ED20D246500C26548EF1C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6AFAAAA93C998A26E17DEE2154759E0D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6D5F5111941D06C96EAF1BCBE1F93E30_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6E051975955FB195F809AFAE25F9A1DC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6E88A2B9371071E78F6029BF9CB47D41_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6EBF13B599D2BF7EBE24648418B3C241_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FD72FD416E0290E1CBAF80FC14C7D0E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6ED86865A1E6345AC59230B98DBDB938_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6F22493A315C4CC7D644AFCE0514EBAE_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FD0EBC423B2E33AE4B9303797466714_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FFDA091FB9E22D2B60532ECC5525B5B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6F325322668F806CCF9F11E20F44AF10_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\74261813083F3DFD444FE31D14B92292_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\74D066A4D1A79D56437B6B6124276AD5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\704046F230076A4E320B38878F96E5AD_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\74DB50612BDB2E2EB8A652693A46E4F3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\775AB6361787D58302DE5D6A642D1991_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7566ACA84E2EDB3ED8E6C6C35D6DB55D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7C50C169FF5903698B811CA5D33C5161_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7DC14416F90F22A5A23C091F94AAADBE_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8041B41359FC3A01397F8A96D3D417DB_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8052C06F4735326782C3C7D395300205_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\80BAEB8A122C703C8D5B10FD849E7FAC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\831C6B013224F78073EE0F6705A6EC28_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\83795009C93515EBF00F5239A393E755_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\83CA0477F0B627BAED7050BFAAF9BA11_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\84F9E8E7E1CE41DD9E4D57902E96AAC4_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\85248B92BF170B482A47BAF3DEF425E5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8619AC0912A80D3D51232CD1BC64EC22_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8687C86643AA88837D1668CBB59E4DE5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8818C26994F350B6C736BD7B53C0D837_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\890A6EF98BF1723478DE8C668466A1EF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\755F083C790A086E96CD4518F9CBB0CA_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A7FBC6A5E36326182A73599534ABF42_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B79F8C2FEF5AA0A2B9170745FD50473_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8BCA32ADEBAC44EEFAA998481317A9E7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\764893F9CD1E95D4DFAA347A80A3A14F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8BF20823A02D659ED2306CAC8071F1D2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C05891793BF4D956A6D15A38B8CDC23_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C14FB18BB474E6E468FB7109A11AA1A_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C1EDF329EE8ECE0B03C4A0D0876C2D1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C349EDCDB9901AA7B5032B0E34F4F84_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7CA8CC8F394B864014DA174E06E27E32_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8D32955271CFF0BB2E0029071284F9C0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8EED0D75B16B56A338399A0E8637F51F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8EF186AFEB12459F4786119B0DA98FF2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\901348FAE55C1EE755292B6E65B5FF78_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8FCAB3C1064BECC8612BA5A9A207434B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\89032433E9AC0D2952794C2E3E25E4D5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8F35D104D0A653CFECF8E813C0269D73_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\910D13C43C916E638B6F7813012596C8_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\92E87B625D8DFFE3E402C8B06DBED935_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9308FDEBDAED1A7EC5EC1F3951702F24_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\950AD2790579D5A41BFA4226F16AE03C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\95B8F5A16ABAE297CE1899D89D21B20F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\92063F4E86FA49EABC74E05C00AAAE8F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9688950F4DA39E20D60D1804BAE7ADC7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9747AE8AFADC6F37C476CF723F3F2DAA_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\904AD33F5AD06C711E3AD21B344FC789_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9B86833AE852D26AE75026777EF1658D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\99854292657274E4CE13ADB51AB9E71A_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C8BF0484F8DE26D5D78A59884D0453D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C54E46CCD11E632D14CAC7D6528B813_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9E157DBBD9F0A86C7AA7AE17557BB938_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9EDAAD904447D47CD2D959D6F119A9F3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F04D1AC2CBDB2D3FEA68912ABB02F63_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9D5A21C296970601D75DF10107B9BCDF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A0E3C19240F28688146BC4D0F23B70D2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F6921E693EEFDA8BD7F9ABA50D10BEE_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A33A8F73427F4C9C04FD31DCCE909CFE_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A3E29339F7AC11C85C15E7D402A58D44_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A3B783ECB88EC4F759C4ACC76A2CCD1A_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5A403D5F2A4F0E682D97A3C60ED0FDA_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A61FD5E092242F79C9BDB9EADA3B8A4F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A22D1741C942C9C63A03BCC760501B1B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A6D5E19ECA67274F019C7CA21853D4D1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AAD6E442CAABEFE0A3C844AB85B37FB5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A2B319B61BB80F7B5BFCEDB9C500FE0A_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A8B8ABB17A9852936835993993CBFD01_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ABB116F546EFDA710DE609B75717A335_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AC59CCD2F15E9087AAC7178CF258CE67_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA11C23016E93DFBAA3C20A4E27A8D38_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A427498401CDD807B3AE4B607259900C_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF185BF3F78E199DAA23BBE300FD3535_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AFD110E9842A2CDF4497CA26A1C74E32_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B041AA95859A84129680393CEDDE9967_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B22B27F9937D330DF28F8429E19EA2F9_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B2398710781B9FF45695D8990AD62AE3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B28C1F517AF40425546AE68C706402C1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B07DDEBCA5FF9AB384BDE722EEF33E93_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B2F20491F42B7879E2C72F6E6F06353D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4C7DF7C3C50C1FC76FB5D8A6FE5835F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B666644F00CF35B34AA66EA9E5939CE3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B667A6C252A1C5956489CB9EE5A09DBB_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B3C7A0509B2FE67247F5161860E7C732_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B83F559970C1EA907AC101DF04B1AABD_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B84DF6CB9F10A56451B7380F6D8295C6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B821609CD28E800B906552640A150518_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B33A53C2C78ABBAD1109B698E124513D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B88C26C0D0F8AC0E46CC4C0D855C7A98_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B3C0A66DE0FC711C0D3B6923FCDCCA64_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BF3B5B3FE30AE773DD8CEF15A6E0284D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BEA270E89F373F8CEA3EA23A094D6929_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA72E1F1A932E4E973BF6912FF732DA5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BF5A00E32E4F1EF4E2E816C931AF6CA2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BF5EAF01E425F59A36672531A364DB47_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C007DB1368DA5AE88EE206524FA3C94E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BCEF55B20BF5988CC3CA71E569484F25_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2623110074379EEF490838A56FC867B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C3EB796DE5CE36B5C1A75A6B233DCD22_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C54A12ABCECDCB37F5FC052EAF553AC1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C5EE052EA39CECF1051FD4BD69C9F3B9_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C504F42DBC84AD17A6460582FB17C9BF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C670C60735AEB989B31F1F2A63C78083_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C69BEFD3BAB2335BBCC60613BABF1C2F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C6C3292E07085E5E060FE405D0D65DC4_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C691A13D54667E4E23A9C20BFA7300C8_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C774D4FC565EBF2024F8D6EA5B5F16D3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8D9916319B6FFA4D1A50B7DE34EC049_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CBA8DAAA3F72649B31AD878E75F0F690_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8922EB3023AE7E47D92179B422E97F5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CBD79E146FAE05685960D811040E31F3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CE7AD019440F45D5F6DB8CE8513E84E4_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D0045BC46225FEF2EA671989CE0CA1D1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CDAD75EA614407497ADA31199811C515_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D0E689A025DC45459AAC215C01E03133_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D1099BCF1E9162AFE5A200BC5516FEBB_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D183A6F3217D185292FE84F5CA4B52F6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D1CF249EA09C8E54B9112CB11BD80CCD_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D2FC319B76C3708B4ADE415DCF742F8E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D2F35E2BD7D733EC2076CE8D0862D80F_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D3E03DEE8EC0C3C8E2FD497955D5C5FE_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D455A32823B77FD75D127E7D73975F87_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D4A4420C48C2A7AAFA9E09BB80E24CB6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5A0866BBABFFE14CE581E34D27CBC01_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D6DEF88DB409BB1B8DD1854AFEEF2AEF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D83AA6B6B4D1E1E55DFD023617A2C194_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D88B19DBF1DE7F8790BD158ABE561D70_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D70EF56D473E35BA0BC100D9957A83E5_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DBC490FA0CDAD3E3353AB5E335C087C0_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D08E4FFC49546BF8B0EB4B3B45E70A06_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DCADD9C9E06F5CB5C013E9B912145F7E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DEDD5140656F9E11715119AB49B01CFF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DFEDB4B0BD9B975B7291A58632420523_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E0812A9E5C3C76DAD7D96BE5AE169A65_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E27C476CD14D05889A4A1853E457059D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E492B853482FE111C7235C11D4B40406_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E571E563AC5C31525FD280CDCE149C34_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E5AF149E6F6DD137F0BA9BB36DAD9F2B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E6145957CCB2415F70F56E1A446F3323_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E839609DDF7D6A136B26C37B2256D36E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DE72454B9E5F84B4384F271C6985A62D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E84ED1CBAC8967D571DEB90DEDF8EEA3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E9A2695D282DC5F2986D344D3D95AD37_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E94915D444C1D844027D270DDD4BC33E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB6449BAC4636E2B903D89B7743D3EF7_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB7DF5E22EB0262F0841181469D38037_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DE18E3B678D773A7128320C36F84ACB6_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E3CB172835A608A224124CB5AB28ABFC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ECE89F756E441D6390291D2E869D9F2E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E08E2AC352ACB4D3EB808E10F62AEA20_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ED10A19C625BAEFF31810B918774341B_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F08CAB053C82AF9EFEB0FAE56FA6ADB2_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE5F0CFCD6E453CDBCDE097A1D5750E8_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F09BDCE2C3561429297BA87C58F7F2FF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F12EF891720A99E87ACF06C95A85229E_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F20EC4A9DC8FDD265C590659E89563A3_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F716C6E5A9A2103123578C432922F435_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F71DE307189CA075A176D5F49CFAA455_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDF1F81F27C5A3FFA2D2B65D2B574D15_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4386F3E4930C07AAACB9A350A60F211_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FB21521165C42CC4FAB9581DBAAE7C9D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F9C831F60514C8A239F93D416B868563_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FC329A3807A7306833FA848FFE809BD1_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FB719DFE9956639CA063C3B7F35194DF_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FDA547E8931E52AB3B148EA1B21B38DC_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE3B8D7A458546FBFB32CDBBBE72DE55_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE9096050570073E7221D30EFD1BBEDB_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF0E74AFEDF157CE57A6B518FDB09F9D_CAE70679-433B-4675-ABF5-38106CBB0BC4
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF852281EE03E9C8C180B2B81CAE726C_CAE70679-433B-4675-ABF5-38106CBB0BC4
Options

Scanning engines:
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Use advanced heuristics
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Wed Apr 18, 2012 3:51 am    Post subject: Reply with quote
Hi TStevenson,

Thank you for the logs. Smile

Well done! I can now confirm that your system now appears to be clean. Big Thumb Up

Now that your computer appears to clear of malware infection we need to tidy a few things up and deal with a few remaining items: :cleaning:

Step 1:
Restore Default Hidden Files and Folders Setting
  1. Click on Start > Computer.
  2. Press the ALT key.
  3. Select the Tools menu and click Folder Options.
  4. Select the View Tab.
  5. Under the Hidden files and folders heading select Show hidden files and folders.
  6. Check the Hide protected operating system files (recommended) option.
  7. Click Yes to confirm.
  8. Click OK.
Step 2:
OTL - Clean SRP

It's now time for some housekeeping. First, we need to clear out your System Restore Points to remove any infection files that may have been backed up by System Restore while you were infected. Then set a new clean Restore Point.
  1. Right-click on OTL.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
  2. Copy the following code, not including the word Code.
    Code:
    :commands
    [ClearAllRestorePoints]

  3. Return to OTL, right click in the Custom Scans/Fixes textarea and select Paste from the pop-up menu.
  4. Click on the Run Fix button at the top.
  5. Then click on the OK button to proceed with the fix.
  6. Close OTL.
Step 3:

Next, please follow the instructions below to remove the tools we have used to clean up your computer.
    OTL - Cleanup
    1. Right-click on OTL.exe and select the Run As Administrator option to launch the program. If you receive a UAC prompt, please allow it.
      This will remove most, if not all, of the tools we used to clean your PC.
    2. Close all other programs apart from OTL as this step will require a reboot.
    3. On the OTL main screen, press the CleanUp! button.
    4. Click on the Yes button at the prompt and then allow the program to reboot your computer.
    Remove Tools Used

    You can now safely delete the tools used in cleaning up the infection. Please remove the following tools from your system along with any related .zip files.

      MBRCheck.exe

    Please Note: These tools are updated on a regular basis and so, if required in future, should be downloaded afresh under supervision.
Step 4:
Improve Your Computer's Security

MalwareBytes' AntiMalware
It is worth keeping MalwareBytes' AntiMalware on your system. Updating the program and running a scan once every couple of weeks will help you to keep malware free.

Below are additional (free) programs that can help improve your computer's security.
Many feel that having a "layered" protection scheme is beneficial. You'll need to decide what works best for your situation. You may like to give them a try. Smile
    WinPatrol
    Download it from Copyright © BillP Studios.
    Information about how WinPatrol works, is available here.
    (The free version of WinPatrol provides limited real-time protection.)

    SpywareBlaster
    Download and install Javacool's SpywareBlaster from Here.
    SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly.

    Web of Trust (WOT)
    Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.
    You can find more information about the program and download it from Here .

    MVPS Hosts
    For added protection you may also like to add a hosts file. A simple explanation of what a Hosts file does is provided here.
    Install MVPS Hosts File from here.
    The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
    You can read the Tutorial here.

    Panda USB Vaccine
    Protect your computer from removable or USB drive infections with Panda USB Vaccine. It is an effective method of preventing the spread of malware.
    You can download and learn more about this product from Here.
Step 5:
Further Guidelines

Please follow these simple guidelines in order to help keep your computer more secure:

Please confirm that you have completed the cleanup steps and reviewed the rest of the post.
Once your reply has been received, unless there are other malware questions or concerns, this topic will be closed as resolved.

Stay Safe! Wink
Scolabar
--------------------------------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
TStevenson
Junior Member


Joined: 06 Apr 2012
Last Visit: 19 Apr 2012
Posts: 11
PostPosted: Thu Apr 19, 2012 8:47 am    Post subject: Thank you very much Reply with quote
I really appreciate the help you have given me. I was able to do the clean ups steps and have reviewed the rest of the post
Back to top
View user's profile Send private message
Scolabar
SWW Honors Graduate


Joined: 24 Aug 2011
Last Visit: 27 Jun 2012
Posts: 105
PostPosted: Thu Apr 19, 2012 11:30 pm    Post subject: Reply with quote
Hi TStevenson,

You're very welcome and thank you for the update. Smile
I will arrange for this thread now to be closed.

Scolabar
_________________
Malware Removal University - You too could train to help others
Member of ASAP and UNITE
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 17 May 2013
Posts: 4041
Location: Land Of The Leprechauns
PostPosted: Fri Apr 20, 2012 1:07 am    Post subject: Reply with quote
Quote:
As your issues appear to be resolved, this topic is now closed.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group