Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE 9 Redirects - MBAM, AVG, TDSSKiller Found No Threats


  • Please log in to reply
13 replies to this topic

#1 whoosh88

whoosh88

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 25 July 2012 - 02:35 PM

Hello all,

Recently I have been having an issue with IE 9. I mainly use Firefox as my browser, but occasionally I will use IE. When I search something in Google and click on a result, I will randomly be redirected to a different page. Most of the times it is this "click get answers fast" website. It is only every so often though. I can click on links for the most part and everything goes through, but occasionally I will get a redirect. Firefox is not having this issue at all, I am getting no redirects using Firefox. I have scanned with AVG, I have scanned with MBAM, and I have scanned with TDSSKiller. None of them are showing anything. I have cleared out cookies and temporary Internet files with no luck. I am hoping I could get some help, if someone would be so kind as to guide me through finding the problem and resolving it that would be great. There are no other symptoms, too, which is kind of weird as the redirects are only occasional (but still worrysome!)

OS - Windows 7 Home Premium 64-bit, using IE 9.

Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 25 July 2012 - 03:43 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 whoosh88

whoosh88
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 25 July 2012 - 05:29 PM

Thank you for your reply. Below is the log for TDSSKiller:

17:16:41.0909 4148 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:16:42.0159 4148 ============================================================
17:16:42.0159 4148 Current date / time: 2012/07/25 17:16:42.0159
17:16:42.0159 4148 SystemInfo:
17:16:42.0159 4148
17:16:42.0159 4148 OS Version: 6.1.7600 ServicePack: 0.0
17:16:42.0159 4148 Product type: Workstation
17:16:42.0159 4148 ComputerName: MARK-PC
17:16:42.0159 4148 UserName: Mark
17:16:42.0159 4148 Windows directory: C:\Windows
17:16:42.0159 4148 System windows directory: C:\Windows
17:16:42.0159 4148 Running under WOW64
17:16:42.0159 4148 Processor architecture: Intel x64
17:16:42.0159 4148 Number of processors: 8
17:16:42.0159 4148 Page size: 0x1000
17:16:42.0159 4148 Boot type: Normal boot
17:16:42.0159 4148 ============================================================
17:16:43.0001 4148 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:16:43.0001 4148 ============================================================
17:16:43.0001 4148 \Device\Harddisk0\DR0:
17:16:43.0001 4148 MBR partitions:
17:16:43.0001 4148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:16:43.0001 4148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
17:16:43.0001 4148 ============================================================
17:16:43.0064 4148 C: <-> \Device\Harddisk0\DR0\Partition1
17:16:43.0064 4148 ============================================================
17:16:43.0064 4148 Initialize success
17:16:43.0064 4148 ============================================================
17:16:55.0637 1816 ============================================================
17:16:55.0637 1816 Scan started
17:16:55.0637 1816 Mode: Manual; TDLFS;
17:16:55.0637 1816 ============================================================
17:16:56.0183 1816 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:16:56.0199 1816 1394ohci - ok
17:16:56.0215 1816 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:16:56.0230 1816 ACPI - ok
17:16:56.0230 1816 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:16:56.0230 1816 AcpiPmi - ok
17:16:56.0324 1816 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:16:56.0339 1816 Adobe LM Service - ok
17:16:56.0355 1816 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:16:56.0371 1816 adp94xx - ok
17:16:56.0386 1816 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:16:56.0386 1816 adpahci - ok
17:16:56.0402 1816 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:16:56.0402 1816 adpu320 - ok
17:16:56.0433 1816 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:16:56.0433 1816 AeLookupSvc - ok
17:16:56.0480 1816 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:16:56.0480 1816 AFD - ok
17:16:56.0511 1816 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:16:56.0511 1816 agp440 - ok
17:16:56.0527 1816 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:16:56.0527 1816 ALG - ok
17:16:56.0527 1816 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:16:56.0527 1816 aliide - ok
17:16:56.0542 1816 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:16:56.0542 1816 amdide - ok
17:16:56.0542 1816 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:16:56.0542 1816 AmdK8 - ok
17:16:56.0542 1816 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:16:56.0542 1816 AmdPPM - ok
17:16:56.0573 1816 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:16:56.0573 1816 amdsata - ok
17:16:56.0589 1816 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:16:56.0589 1816 amdsbs - ok
17:16:56.0605 1816 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:16:56.0605 1816 amdxata - ok
17:16:56.0651 1816 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:16:56.0651 1816 AppID - ok
17:16:56.0651 1816 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:16:56.0651 1816 AppIDSvc - ok
17:16:56.0683 1816 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:16:56.0683 1816 Appinfo - ok
17:16:56.0761 1816 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:16:56.0761 1816 Apple Mobile Device - ok
17:16:56.0776 1816 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:16:56.0776 1816 arc - ok
17:16:56.0792 1816 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:16:56.0792 1816 arcsas - ok
17:16:56.0839 1816 aspnet_state - ok
17:16:56.0885 1816 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:16:56.0885 1816 AsyncMac - ok
17:16:56.0885 1816 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:16:56.0885 1816 atapi - ok
17:16:56.0917 1816 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:16:56.0917 1816 AudioEndpointBuilder - ok
17:16:56.0932 1816 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:16:56.0932 1816 AudioSrv - ok
17:16:57.0073 1816 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:16:57.0119 1816 AVGIDSAgent - ok
17:16:57.0213 1816 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:16:57.0213 1816 AVGIDSDriver - ok
17:16:57.0260 1816 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:16:57.0260 1816 AVGIDSFilter - ok
17:16:57.0291 1816 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
17:16:57.0291 1816 AVGIDSHA - ok
17:16:57.0353 1816 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
17:16:57.0353 1816 Avgldx64 - ok
17:16:57.0431 1816 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:16:57.0431 1816 Avgmfx64 - ok
17:16:57.0463 1816 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:16:57.0463 1816 Avgrkx64 - ok
17:16:57.0509 1816 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
17:16:57.0509 1816 Avgtdia - ok
17:16:57.0572 1816 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:16:57.0572 1816 avgwd - ok
17:16:57.0619 1816 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:16:57.0619 1816 AxInstSV - ok
17:16:57.0665 1816 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:16:57.0665 1816 b06bdrv - ok
17:16:57.0697 1816 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:16:57.0697 1816 b57nd60a - ok
17:16:57.0790 1816 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
17:16:57.0790 1816 BCMH43XX - ok
17:16:57.0806 1816 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:16:57.0806 1816 BDESVC - ok
17:16:57.0853 1816 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:16:57.0853 1816 Beep - ok
17:16:57.0884 1816 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
17:16:57.0899 1816 BFE - ok
17:16:57.0931 1816 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
17:16:57.0946 1816 BITS - ok
17:16:57.0962 1816 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:16:57.0962 1816 blbdrive - ok
17:16:58.0040 1816 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:16:58.0040 1816 Bonjour Service - ok
17:16:58.0071 1816 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:16:58.0071 1816 bowser - ok
17:16:58.0071 1816 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:16:58.0071 1816 BrFiltLo - ok
17:16:58.0087 1816 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:16:58.0087 1816 BrFiltUp - ok
17:16:58.0102 1816 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:16:58.0102 1816 Browser - ok
17:16:58.0118 1816 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:16:58.0118 1816 Brserid - ok
17:16:58.0133 1816 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:16:58.0133 1816 BrSerWdm - ok
17:16:58.0133 1816 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:16:58.0133 1816 BrUsbMdm - ok
17:16:58.0180 1816 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:16:58.0180 1816 BrUsbSer - ok
17:16:58.0196 1816 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:16:58.0196 1816 BTHMODEM - ok
17:16:58.0211 1816 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:16:58.0211 1816 bthserv - ok
17:16:58.0227 1816 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:16:58.0227 1816 cdfs - ok
17:16:58.0243 1816 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:16:58.0243 1816 cdrom - ok
17:16:58.0274 1816 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:16:58.0274 1816 CertPropSvc - ok
17:16:58.0321 1816 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:16:58.0321 1816 circlass - ok
17:16:58.0352 1816 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:16:58.0352 1816 CLFS - ok
17:16:58.0430 1816 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:16:58.0430 1816 clr_optimization_v2.0.50727_32 - ok
17:16:58.0461 1816 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:16:58.0461 1816 clr_optimization_v2.0.50727_64 - ok
17:16:58.0523 1816 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:16:58.0523 1816 clr_optimization_v4.0.30319_32 - ok
17:16:58.0586 1816 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:16:58.0586 1816 clr_optimization_v4.0.30319_64 - ok
17:16:58.0601 1816 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:16:58.0601 1816 CmBatt - ok
17:16:58.0601 1816 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:16:58.0601 1816 cmdide - ok
17:16:58.0633 1816 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
17:16:58.0648 1816 CNG - ok
17:16:58.0648 1816 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:16:58.0648 1816 Compbatt - ok
17:16:58.0679 1816 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:16:58.0679 1816 CompositeBus - ok
17:16:58.0679 1816 COMSysApp - ok
17:16:58.0726 1816 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
17:16:58.0726 1816 cpuz134 - ok
17:16:58.0726 1816 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:16:58.0726 1816 crcdisk - ok
17:16:58.0773 1816 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
17:16:58.0789 1816 CryptSvc - ok
17:16:58.0820 1816 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:16:58.0820 1816 DcomLaunch - ok
17:16:58.0851 1816 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:16:58.0851 1816 defragsvc - ok
17:16:58.0898 1816 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:16:58.0898 1816 DfsC - ok
17:16:58.0929 1816 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:16:58.0929 1816 Dhcp - ok
17:16:58.0929 1816 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:16:58.0929 1816 discache - ok
17:16:58.0960 1816 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:16:58.0960 1816 Disk - ok
17:16:58.0976 1816 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:16:58.0976 1816 Dnscache - ok
17:16:59.0038 1816 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:16:59.0038 1816 dot3svc - ok
17:16:59.0054 1816 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:16:59.0054 1816 DPS - ok
17:16:59.0069 1816 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:16:59.0069 1816 drmkaud - ok
17:16:59.0116 1816 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:16:59.0132 1816 DXGKrnl - ok
17:16:59.0147 1816 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:16:59.0163 1816 EapHost - ok
17:16:59.0241 1816 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:16:59.0257 1816 ebdrv - ok
17:16:59.0335 1816 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:16:59.0335 1816 EFS - ok
17:16:59.0381 1816 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:16:59.0397 1816 ehRecvr - ok
17:16:59.0413 1816 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:16:59.0413 1816 ehSched - ok
17:16:59.0475 1816 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:16:59.0491 1816 elxstor - ok
17:16:59.0491 1816 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:16:59.0491 1816 ErrDev - ok
17:16:59.0537 1816 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:16:59.0537 1816 EventSystem - ok
17:16:59.0553 1816 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:16:59.0553 1816 exfat - ok
17:16:59.0553 1816 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:16:59.0569 1816 fastfat - ok
17:16:59.0600 1816 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:16:59.0615 1816 Fax - ok
17:16:59.0615 1816 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:16:59.0615 1816 fdc - ok
17:16:59.0631 1816 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:16:59.0631 1816 fdPHost - ok
17:16:59.0631 1816 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:16:59.0631 1816 FDResPub - ok
17:16:59.0647 1816 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:16:59.0647 1816 FileInfo - ok
17:16:59.0662 1816 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:16:59.0662 1816 Filetrace - ok
17:16:59.0662 1816 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:16:59.0662 1816 flpydisk - ok
17:16:59.0678 1816 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:16:59.0678 1816 FltMgr - ok
17:16:59.0725 1816 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
17:16:59.0740 1816 FontCache - ok
17:16:59.0818 1816 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:16:59.0818 1816 FontCache3.0.0.0 - ok
17:16:59.0818 1816 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:16:59.0818 1816 FsDepends - ok
17:16:59.0849 1816 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
17:16:59.0849 1816 Fs_Rec - ok
17:16:59.0896 1816 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:16:59.0896 1816 fvevol - ok
17:16:59.0912 1816 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:16:59.0912 1816 gagp30kx - ok
17:16:59.0959 1816 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:16:59.0959 1816 GEARAspiWDM - ok
17:16:59.0990 1816 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:16:59.0990 1816 gpsvc - ok
17:17:00.0005 1816 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:17:00.0005 1816 hcw85cir - ok
17:17:00.0037 1816 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:17:00.0037 1816 HdAudAddService - ok
17:17:00.0068 1816 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:17:00.0068 1816 HDAudBus - ok
17:17:00.0068 1816 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:17:00.0068 1816 HidBatt - ok
17:17:00.0115 1816 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:17:00.0115 1816 HidBth - ok
17:17:00.0115 1816 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:17:00.0115 1816 HidIr - ok
17:17:00.0130 1816 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:17:00.0130 1816 hidserv - ok
17:17:00.0146 1816 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:17:00.0146 1816 HidUsb - ok
17:17:00.0177 1816 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:17:00.0177 1816 hkmsvc - ok
17:17:00.0193 1816 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:17:00.0193 1816 HomeGroupListener - ok
17:17:00.0224 1816 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:17:00.0224 1816 HomeGroupProvider - ok
17:17:00.0255 1816 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:17:00.0255 1816 HpSAMD - ok
17:17:00.0286 1816 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:17:00.0286 1816 HTTP - ok
17:17:00.0302 1816 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:17:00.0302 1816 hwpolicy - ok
17:17:00.0349 1816 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:17:00.0349 1816 i8042prt - ok
17:17:00.0364 1816 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:17:00.0380 1816 iaStorV - ok
17:17:00.0489 1816 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:17:00.0489 1816 idsvc - ok
17:17:00.0505 1816 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:17:00.0505 1816 iirsp - ok
17:17:00.0551 1816 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:17:00.0551 1816 IKEEXT - ok
17:17:00.0614 1816 IntcAzAudAddService (3edd3ce185da3e6aaec22adcfd7b1d54) C:\Windows\system32\drivers\RTKVHD64.sys
17:17:00.0629 1816 IntcAzAudAddService - ok
17:17:00.0723 1816 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:17:00.0723 1816 intelide - ok
17:17:00.0723 1816 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:17:00.0723 1816 intelppm - ok
17:17:00.0739 1816 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:17:00.0754 1816 IPBusEnum - ok
17:17:00.0754 1816 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:17:00.0754 1816 IpFilterDriver - ok
17:17:00.0770 1816 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
17:17:00.0785 1816 iphlpsvc - ok
17:17:00.0817 1816 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:17:00.0817 1816 IPMIDRV - ok
17:17:00.0832 1816 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:17:00.0832 1816 IPNAT - ok
17:17:00.0895 1816 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
17:17:00.0910 1816 iPod Service - ok
17:17:00.0941 1816 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:17:00.0941 1816 IRENUM - ok
17:17:00.0957 1816 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:17:00.0957 1816 isapnp - ok
17:17:00.0973 1816 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:17:00.0973 1816 iScsiPrt - ok
17:17:01.0004 1816 JRAID (86cfef6dc6de51aab0c10384fe98f48f) C:\Windows\system32\DRIVERS\jraid.sys
17:17:01.0004 1816 JRAID - ok
17:17:01.0051 1816 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:17:01.0051 1816 kbdclass - ok
17:17:01.0066 1816 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:17:01.0066 1816 kbdhid - ok
17:17:01.0097 1816 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:17:01.0097 1816 KeyIso - ok
17:17:01.0113 1816 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
17:17:01.0113 1816 KSecDD - ok
17:17:01.0144 1816 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
17:17:01.0144 1816 KSecPkg - ok
17:17:01.0175 1816 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:17:01.0175 1816 ksthunk - ok
17:17:01.0191 1816 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:17:01.0191 1816 KtmRm - ok
17:17:01.0222 1816 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
17:17:01.0222 1816 LanmanServer - ok
17:17:01.0238 1816 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:17:01.0253 1816 LanmanWorkstation - ok
17:17:01.0300 1816 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:17:01.0300 1816 lltdio - ok
17:17:01.0316 1816 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:17:01.0331 1816 lltdsvc - ok
17:17:01.0331 1816 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:17:01.0331 1816 lmhosts - ok
17:17:01.0347 1816 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:17:01.0347 1816 LSI_FC - ok
17:17:01.0363 1816 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:17:01.0363 1816 LSI_SAS - ok
17:17:01.0363 1816 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:17:01.0363 1816 LSI_SAS2 - ok
17:17:01.0425 1816 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:17:01.0425 1816 LSI_SCSI - ok
17:17:01.0441 1816 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:17:01.0441 1816 luafv - ok
17:17:01.0456 1816 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:17:01.0456 1816 Mcx2Svc - ok
17:17:01.0456 1816 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:17:01.0456 1816 megasas - ok
17:17:01.0472 1816 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:17:01.0472 1816 MegaSR - ok
17:17:01.0487 1816 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:17:01.0487 1816 MMCSS - ok
17:17:01.0503 1816 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:17:01.0503 1816 Modem - ok
17:17:01.0519 1816 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:17:01.0519 1816 monitor - ok
17:17:01.0597 1816 MotoHelper (2443b978e80f8a3d1f39855aa25882af) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
17:17:01.0612 1816 MotoHelper - ok
17:17:01.0612 1816 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:17:01.0612 1816 mouclass - ok
17:17:01.0628 1816 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:17:01.0628 1816 mouhid - ok
17:17:01.0643 1816 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:17:01.0643 1816 mountmgr - ok
17:17:01.0753 1816 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:17:01.0753 1816 MozillaMaintenance - ok
17:17:01.0753 1816 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:17:01.0753 1816 mpio - ok
17:17:01.0768 1816 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:17:01.0768 1816 mpsdrv - ok
17:17:01.0799 1816 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
17:17:01.0815 1816 MpsSvc - ok
17:17:01.0831 1816 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:17:01.0831 1816 MRxDAV - ok
17:17:01.0893 1816 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:17:01.0893 1816 mrxsmb - ok
17:17:01.0924 1816 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:17:01.0924 1816 mrxsmb10 - ok
17:17:01.0940 1816 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:17:01.0940 1816 mrxsmb20 - ok
17:17:01.0955 1816 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
17:17:01.0955 1816 msahci - ok
17:17:01.0971 1816 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:17:01.0971 1816 msdsm - ok
17:17:02.0018 1816 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:17:02.0018 1816 MSDTC - ok
17:17:02.0033 1816 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:17:02.0033 1816 Msfs - ok
17:17:02.0049 1816 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:17:02.0049 1816 mshidkmdf - ok
17:17:02.0065 1816 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:17:02.0065 1816 msisadrv - ok
17:17:02.0096 1816 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:17:02.0096 1816 MSiSCSI - ok
17:17:02.0096 1816 msiserver - ok
17:17:02.0096 1816 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:17:02.0096 1816 MSKSSRV - ok
17:17:02.0111 1816 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:17:02.0111 1816 MSPCLOCK - ok
17:17:02.0111 1816 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:17:02.0111 1816 MSPQM - ok
17:17:02.0143 1816 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:17:02.0143 1816 MsRPC - ok
17:17:02.0143 1816 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:17:02.0143 1816 mssmbios - ok
17:17:02.0158 1816 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:17:02.0158 1816 MSTEE - ok
17:17:02.0158 1816 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:17:02.0158 1816 MTConfig - ok
17:17:02.0174 1816 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:17:02.0174 1816 Mup - ok
17:17:02.0205 1816 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:17:02.0205 1816 napagent - ok
17:17:02.0236 1816 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:17:02.0236 1816 NativeWifiP - ok
17:17:02.0267 1816 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:17:02.0283 1816 NDIS - ok
17:17:02.0283 1816 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:17:02.0283 1816 NdisCap - ok
17:17:02.0299 1816 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:17:02.0299 1816 NdisTapi - ok
17:17:02.0345 1816 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:17:02.0345 1816 Ndisuio - ok
17:17:02.0361 1816 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:17:02.0361 1816 NdisWan - ok
17:17:02.0377 1816 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:17:02.0377 1816 NDProxy - ok
17:17:02.0392 1816 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:17:02.0392 1816 NetBIOS - ok
17:17:02.0408 1816 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:17:02.0408 1816 NetBT - ok
17:17:02.0455 1816 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:17:02.0455 1816 Netlogon - ok
17:17:02.0486 1816 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:17:02.0486 1816 Netman - ok
17:17:02.0517 1816 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:17:02.0517 1816 netprofm - ok
17:17:02.0626 1816 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:17:02.0626 1816 NetTcpPortSharing - ok
17:17:02.0626 1816 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:17:02.0642 1816 nfrd960 - ok
17:17:02.0657 1816 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:17:02.0657 1816 NlaSvc - ok
17:17:02.0704 1816 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
17:17:02.0704 1816 NPF - ok
17:17:02.0720 1816 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:17:02.0720 1816 Npfs - ok
17:17:02.0735 1816 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:17:02.0735 1816 nsi - ok
17:17:02.0735 1816 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:17:02.0735 1816 nsiproxy - ok
17:17:02.0798 1816 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:17:02.0813 1816 Ntfs - ok
17:17:02.0876 1816 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:17:02.0876 1816 Null - ok
17:17:02.0938 1816 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
17:17:02.0938 1816 NVHDA - ok
17:17:03.0219 1816 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:17:03.0328 1816 nvlddmkm - ok
17:17:03.0375 1816 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:17:03.0375 1816 nvraid - ok
17:17:03.0391 1816 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:17:03.0391 1816 nvstor - ok
17:17:03.0515 1816 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
17:17:03.0515 1816 nvsvc - ok
17:17:03.0640 1816 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:17:03.0656 1816 nvUpdatusService - ok
17:17:03.0687 1816 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:17:03.0687 1816 nv_agp - ok
17:17:03.0749 1816 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:17:03.0765 1816 odserv - ok
17:17:03.0781 1816 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:17:03.0781 1816 ohci1394 - ok
17:17:03.0827 1816 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:17:03.0827 1816 ose - ok
17:17:03.0859 1816 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:17:03.0859 1816 p2pimsvc - ok
17:17:03.0890 1816 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:17:03.0890 1816 p2psvc - ok
17:17:03.0905 1816 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:17:03.0905 1816 Parport - ok
17:17:03.0937 1816 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
17:17:03.0937 1816 partmgr - ok
17:17:03.0937 1816 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:17:03.0952 1816 PcaSvc - ok
17:17:03.0968 1816 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:17:03.0968 1816 pci - ok
17:17:03.0968 1816 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:17:03.0968 1816 pciide - ok
17:17:03.0999 1816 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:17:03.0999 1816 pcmcia - ok
17:17:04.0015 1816 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:17:04.0015 1816 pcw - ok
17:17:04.0030 1816 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:17:04.0046 1816 PEAUTH - ok
17:17:04.0108 1816 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:17:04.0108 1816 PerfHost - ok
17:17:04.0171 1816 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:17:04.0171 1816 pla - ok
17:17:04.0233 1816 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:17:04.0249 1816 PlugPlay - ok
17:17:04.0295 1816 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:17:04.0295 1816 PNRPAutoReg - ok
17:17:04.0311 1816 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:17:04.0311 1816 PNRPsvc - ok
17:17:04.0342 1816 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:17:04.0342 1816 PolicyAgent - ok
17:17:04.0358 1816 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:17:04.0358 1816 Power - ok
17:17:04.0436 1816 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:17:04.0436 1816 PptpMiniport - ok
17:17:04.0451 1816 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:17:04.0451 1816 Processor - ok
17:17:04.0483 1816 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
17:17:04.0483 1816 ProfSvc - ok
17:17:04.0514 1816 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:17:04.0514 1816 ProtectedStorage - ok
17:17:04.0545 1816 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:17:04.0545 1816 Psched - ok
17:17:04.0592 1816 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:17:04.0607 1816 ql2300 - ok
17:17:04.0685 1816 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:17:04.0685 1816 ql40xx - ok
17:17:04.0701 1816 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:17:04.0701 1816 QWAVE - ok
17:17:04.0717 1816 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:17:04.0717 1816 QWAVEdrv - ok
17:17:04.0732 1816 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:17:04.0732 1816 RasAcd - ok
17:17:04.0779 1816 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:17:04.0779 1816 RasAgileVpn - ok
17:17:04.0795 1816 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:17:04.0795 1816 RasAuto - ok
17:17:04.0810 1816 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:17:04.0810 1816 Rasl2tp - ok
17:17:04.0810 1816 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:17:04.0826 1816 RasMan - ok
17:17:04.0826 1816 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:17:04.0826 1816 RasPppoe - ok
17:17:04.0841 1816 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:17:04.0841 1816 RasSstp - ok
17:17:04.0857 1816 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:17:04.0857 1816 rdbss - ok
17:17:04.0873 1816 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:17:04.0873 1816 rdpbus - ok
17:17:04.0904 1816 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:17:04.0904 1816 RDPCDD - ok
17:17:04.0935 1816 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:17:04.0935 1816 RDPENCDD - ok
17:17:04.0935 1816 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:17:04.0935 1816 RDPREFMP - ok
17:17:04.0966 1816 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
17:17:04.0966 1816 RDPWD - ok
17:17:04.0982 1816 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:17:04.0982 1816 rdyboost - ok
17:17:05.0029 1816 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:17:05.0029 1816 RemoteAccess - ok
17:17:05.0044 1816 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:17:05.0044 1816 RemoteRegistry - ok
17:17:05.0107 1816 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:17:05.0107 1816 rpcapd - ok
17:17:05.0153 1816 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:17:05.0153 1816 RpcEptMapper - ok
17:17:05.0169 1816 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:17:05.0169 1816 RpcLocator - ok
17:17:05.0200 1816 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:17:05.0200 1816 RpcSs - ok
17:17:05.0216 1816 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:17:05.0216 1816 rspndr - ok
17:17:05.0247 1816 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:17:05.0247 1816 RTL8167 - ok
17:17:05.0278 1816 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:17:05.0278 1816 SamSs - ok
17:17:05.0294 1816 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:17:05.0294 1816 sbp2port - ok
17:17:05.0309 1816 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:17:05.0309 1816 SCardSvr - ok
17:17:05.0325 1816 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:17:05.0325 1816 scfilter - ok
17:17:05.0372 1816 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:17:05.0387 1816 Schedule - ok
17:17:05.0403 1816 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:17:05.0403 1816 SCPolicySvc - ok
17:17:05.0434 1816 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:17:05.0434 1816 SDRSVC - ok
17:17:05.0465 1816 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:17:05.0465 1816 secdrv - ok
17:17:05.0512 1816 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:17:05.0512 1816 seclogon - ok
17:17:05.0512 1816 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:17:05.0512 1816 SENS - ok
17:17:05.0512 1816 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:17:05.0528 1816 SensrSvc - ok
17:17:05.0528 1816 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:17:05.0528 1816 Serenum - ok
17:17:05.0543 1816 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:17:05.0543 1816 Serial - ok
17:17:05.0559 1816 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:17:05.0559 1816 sermouse - ok
17:17:05.0590 1816 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:17:05.0590 1816 SessionEnv - ok
17:17:05.0606 1816 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:17:05.0606 1816 sffdisk - ok
17:17:05.0606 1816 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:17:05.0606 1816 sffp_mmc - ok
17:17:05.0653 1816 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:17:05.0653 1816 sffp_sd - ok
17:17:05.0653 1816 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:17:05.0653 1816 sfloppy - ok
17:17:05.0684 1816 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:17:05.0684 1816 SharedAccess - ok
17:17:05.0715 1816 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:17:05.0715 1816 ShellHWDetection - ok
17:17:05.0715 1816 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:17:05.0715 1816 SiSRaid2 - ok
17:17:05.0731 1816 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:17:05.0731 1816 SiSRaid4 - ok
17:17:05.0746 1816 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:17:05.0746 1816 Smb - ok
17:17:05.0762 1816 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:17:05.0762 1816 SNMPTRAP - ok
17:17:05.0777 1816 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:17:05.0793 1816 spldr - ok
17:17:05.0824 1816 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:17:05.0840 1816 Spooler - ok
17:17:05.0918 1816 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:17:05.0949 1816 sppsvc - ok
17:17:05.0996 1816 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:17:05.0996 1816 sppuinotify - ok
17:17:06.0105 1816 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
17:17:06.0105 1816 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
17:17:06.0105 1816 sptd ( LockedFile.Multi.Generic ) - warning
17:17:06.0105 1816 sptd - detected LockedFile.Multi.Generic (1)
17:17:06.0136 1816 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:17:06.0136 1816 srv - ok
17:17:06.0167 1816 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:17:06.0167 1816 srv2 - ok
17:17:06.0183 1816 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:17:06.0183 1816 srvnet - ok
17:17:06.0199 1816 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:17:06.0214 1816 SSDPSRV - ok
17:17:06.0230 1816 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:17:06.0230 1816 SstpSvc - ok
17:17:06.0292 1816 Steam Client Service - ok
17:17:06.0370 1816 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:17:06.0386 1816 Stereo Service - ok
17:17:06.0386 1816 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:17:06.0386 1816 stexstor - ok
17:17:06.0433 1816 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:17:06.0433 1816 stisvc - ok
17:17:06.0448 1816 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:17:06.0448 1816 swenum - ok
17:17:06.0495 1816 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:17:06.0495 1816 swprv - ok
17:17:06.0573 1816 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:17:06.0589 1816 SysMain - ok
17:17:06.0620 1816 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:17:06.0620 1816 TabletInputService - ok
17:17:06.0651 1816 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:17:06.0651 1816 TapiSrv - ok
17:17:06.0667 1816 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:17:06.0667 1816 TBS - ok
17:17:06.0745 1816 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
17:17:06.0760 1816 Tcpip - ok
17:17:06.0823 1816 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
17:17:06.0823 1816 TCPIP6 - ok
17:17:06.0838 1816 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:17:06.0854 1816 tcpipreg - ok
17:17:06.0854 1816 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:17:06.0854 1816 TDPIPE - ok
17:17:06.0885 1816 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
17:17:06.0885 1816 TDTCP - ok
17:17:06.0901 1816 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:17:06.0901 1816 tdx - ok
17:17:06.0916 1816 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:17:06.0932 1816 TermDD - ok
17:17:06.0963 1816 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:17:06.0979 1816 TermService - ok
17:17:06.0994 1816 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:17:06.0994 1816 Themes - ok
17:17:07.0010 1816 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:17:07.0010 1816 THREADORDER - ok
17:17:07.0025 1816 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:17:07.0041 1816 TrkWks - ok
17:17:07.0088 1816 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:17:07.0088 1816 TrustedInstaller - ok
17:17:07.0103 1816 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:17:07.0103 1816 tssecsrv - ok
17:17:07.0135 1816 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:17:07.0135 1816 tunnel - ok
17:17:07.0150 1816 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:17:07.0150 1816 uagp35 - ok
17:17:07.0166 1816 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:17:07.0166 1816 udfs - ok
17:17:07.0181 1816 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:17:07.0181 1816 UI0Detect - ok
17:17:07.0197 1816 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:17:07.0197 1816 uliagpkx - ok
17:17:07.0213 1816 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:17:07.0213 1816 umbus - ok
17:17:07.0213 1816 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:17:07.0228 1816 UmPass - ok
17:17:07.0244 1816 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:17:07.0244 1816 upnphost - ok
17:17:07.0306 1816 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
17:17:07.0306 1816 usbaudio - ok
17:17:07.0337 1816 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\drivers\usbccgp.sys
17:17:07.0337 1816 usbccgp - ok
17:17:07.0353 1816 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:17:07.0353 1816 usbcir - ok
17:17:07.0384 1816 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
17:17:07.0384 1816 usbehci - ok
17:17:07.0415 1816 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
17:17:07.0415 1816 usbhub - ok
17:17:07.0447 1816 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
17:17:07.0447 1816 usbohci - ok
17:17:07.0462 1816 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:17:07.0462 1816 usbprint - ok
17:17:07.0478 1816 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:17:07.0478 1816 USBSTOR - ok
17:17:07.0509 1816 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:17:07.0509 1816 usbuhci - ok
17:17:07.0525 1816 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:17:07.0525 1816 UxSms - ok
17:17:07.0540 1816 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:17:07.0540 1816 VaultSvc - ok
17:17:07.0603 1816 VBoxDrv (0d0fb2ee4333aa6808592a2ab0ebdd0f) C:\Windows\system32\DRIVERS\VBoxDrv.sys
17:17:07.0603 1816 VBoxDrv - ok
17:17:07.0618 1816 VBoxNetAdp (626f0a31303b999ea4999138ac63c3e9) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:17:07.0618 1816 VBoxNetAdp - ok
17:17:07.0634 1816 VBoxNetFlt (44023cd9a22b91e0704b41fc2fdeef77) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
17:17:07.0634 1816 VBoxNetFlt - ok
17:17:07.0649 1816 VBoxUSBMon (d31ef2f40e092501f2752a5ba766f193) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:17:07.0649 1816 VBoxUSBMon - ok
17:17:07.0665 1816 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:17:07.0665 1816 vdrvroot - ok
17:17:07.0696 1816 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:17:07.0696 1816 vds - ok
17:17:07.0712 1816 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:17:07.0712 1816 vga - ok
17:17:07.0712 1816 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:17:07.0712 1816 VgaSave - ok
17:17:07.0727 1816 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:17:07.0727 1816 vhdmp - ok
17:17:07.0743 1816 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:17:07.0743 1816 viaide - ok
17:17:07.0743 1816 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:17:07.0743 1816 volmgr - ok
17:17:07.0759 1816 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:17:07.0759 1816 volmgrx - ok
17:17:07.0790 1816 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:17:07.0790 1816 volsnap - ok
17:17:07.0790 1816 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:17:07.0805 1816 vsmraid - ok
17:17:07.0837 1816 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:17:07.0852 1816 VSS - ok
17:17:07.0930 1816 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:17:07.0930 1816 vwifibus - ok
17:17:07.0946 1816 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:17:07.0946 1816 vwififlt - ok
17:17:07.0961 1816 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:17:07.0977 1816 W32Time - ok
17:17:07.0977 1816 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:17:07.0977 1816 WacomPen - ok
17:17:08.0008 1816 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:17:08.0008 1816 WANARP - ok
17:17:08.0008 1816 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:17:08.0008 1816 Wanarpv6 - ok
17:17:08.0071 1816 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:17:08.0071 1816 WatAdminSvc - ok
17:17:08.0133 1816 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:17:08.0133 1816 wbengine - ok
17:17:08.0164 1816 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:17:08.0164 1816 WbioSrvc - ok
17:17:08.0211 1816 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:17:08.0211 1816 wcncsvc - ok
17:17:08.0227 1816 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:17:08.0227 1816 WcsPlugInService - ok
17:17:08.0242 1816 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:17:08.0258 1816 Wd - ok
17:17:08.0305 1816 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:17:08.0305 1816 Wdf01000 - ok
17:17:08.0320 1816 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:17:08.0320 1816 WdiServiceHost - ok
17:17:08.0320 1816 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:17:08.0320 1816 WdiSystemHost - ok
17:17:08.0351 1816 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:17:08.0351 1816 WebClient - ok
17:17:08.0367 1816 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:17:08.0367 1816 Wecsvc - ok
17:17:08.0383 1816 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:17:08.0383 1816 wercplsupport - ok
17:17:08.0414 1816 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:17:08.0414 1816 WerSvc - ok
17:17:08.0414 1816 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:17:08.0414 1816 WfpLwf - ok
17:17:08.0429 1816 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:17:08.0429 1816 WIMMount - ok
17:17:08.0461 1816 WinDefend - ok
17:17:08.0461 1816 WinHttpAutoProxySvc - ok
17:17:08.0539 1816 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:17:08.0539 1816 Winmgmt - ok
17:17:08.0601 1816 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:17:08.0617 1816 WinRM - ok
17:17:08.0679 1816 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
17:17:08.0679 1816 WinUsb - ok
17:17:08.0741 1816 WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
17:17:08.0741 1816 WLANBelkinService - ok
17:17:08.0773 1816 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:17:08.0788 1816 Wlansvc - ok
17:17:08.0788 1816 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:17:08.0788 1816 WmiAcpi - ok
17:17:08.0804 1816 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:17:08.0804 1816 wmiApSrv - ok
17:17:08.0819 1816 WMPNetworkSvc - ok
17:17:08.0866 1816 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:17:08.0866 1816 WPCSvc - ok
17:17:08.0882 1816 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:17:08.0882 1816 WPDBusEnum - ok
17:17:08.0882 1816 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:17:08.0882 1816 ws2ifsl - ok
17:17:08.0929 1816 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
17:17:08.0929 1816 wscsvc - ok
17:17:08.0929 1816 WSearch - ok
17:17:09.0007 1816 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:17:09.0038 1816 wuauserv - ok
17:17:09.0053 1816 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:17:09.0053 1816 WudfPf - ok
17:17:09.0116 1816 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:17:09.0116 1816 WUDFRd - ok
17:17:09.0131 1816 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:17:09.0131 1816 wudfsvc - ok
17:17:09.0147 1816 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:17:09.0147 1816 WwanSvc - ok
17:17:09.0194 1816 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:17:09.0506 1816 \Device\Harddisk0\DR0 - ok
17:17:09.0506 1816 Boot (0x1200) (246b0146add9087c243f420c9f3ab805) \Device\Harddisk0\DR0\Partition0
17:17:09.0506 1816 \Device\Harddisk0\DR0\Partition0 - ok
17:17:09.0537 1816 Boot (0x1200) (84cff3dc1fac77dac2cb27f75e0d1483) \Device\Harddisk0\DR0\Partition1
17:17:09.0537 1816 \Device\Harddisk0\DR0\Partition1 - ok
17:17:09.0537 1816 ============================================================
17:17:09.0537 1816 Scan finished
17:17:09.0537 1816 ============================================================
17:17:09.0537 4780 Detected object count: 1
17:17:09.0537 4780 Actual detected object count: 1
17:17:22.0142 4780 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:17:22.0142 4780 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

=========================================================================================

Below is the log for aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 17:18:17
-----------------------------
17:18:17.917 OS Version: Windows x64 6.1.7600
17:18:17.917 Number of processors: 8 586 0x1A05
17:18:17.917 ComputerName: MARK-PC UserName: Mark
17:18:18.525 Initialize success
17:19:01.926 AVAST engine defs: 12072501
17:19:12.940 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:19:12.940 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
17:19:12.955 Disk 0 MBR read successfully
17:19:12.955 Disk 0 MBR scan
17:19:12.955 Disk 0 Windows 7 default MBR code
17:19:12.987 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:19:13.002 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
17:19:13.018 Disk 0 scanning C:\Windows\system32\drivers
17:19:19.897 Service scanning
17:19:32.346 Modules scanning
17:19:32.346 Disk 0 trace - called modules:
17:19:32.346 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa800622f2c0]<<spiq.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:19:32.362 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800667c060]
17:19:32.362 3 CLASSPNP.SYS[fffff8800105443f] -> nt!IofCallDriver -> [0xfffffa800639ae40]
17:19:32.377 5 ACPI.sys[fffff88001091781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80063ab060]
17:19:32.377 \Driver\atapi[0xfffffa800634ee70] -> IRP_MJ_CREATE -> 0xfffffa800622f2c0
17:19:33.048 AVAST engine scan C:\Windows
17:19:34.624 AVAST engine scan C:\Windows\system32
17:21:30.953 AVAST engine scan C:\Windows\system32\drivers
17:21:37.646 AVAST engine scan C:\Users\Mark
17:26:55.106 AVAST engine scan C:\ProgramData
17:28:21.327 Scan finished successfully
17:28:39.658 Disk 0 MBR has been saved successfully to "C:\Users\Mark\Desktop\MBR.dat"
17:28:39.673 The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR_log_072512.txt"

==============================================================================

And finally, for the ESET online scan that I ran, it did not find any threats. Thanks for your help so far.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 25 July 2012 - 05:35 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 whoosh88

whoosh88
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 25 July 2012 - 06:36 PM

Mini ToolBox Results:

INFORMATION WITHDRAWN AS OF 8:55 PM EST

**** End of log ****

FSS results:

Farbar Service Scanner Version: 22-07-2012
Ran by Mark (administrator) on 25-07-2012 at 19:26:30
Running from "C:\Users\Mark\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 12:09] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-29 15:38] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner results:

# AdwCleaner v1.703 - Logfile created 07/25/2012 at 19:28:37
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Mark - MARK-PC
# Running from : C:\Users\Mark\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Mark\AppData\Local\Temp\AskSearch

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\DT Soft

***** [Registre - GUID] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\wtriod6s.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [908 octets] - [25/07/2012 19:28:37]

########## EOF - C:\AdwCleaner[S1].txt - [1035 octets] ##########



Please note - I ran MBAM and it found 3 threats, however I believe they were false positives. If you'll notice in my "installed programs" I have Cain and Abel on my PC. MBAM listed Cain.exe and Abel.exe as malicious, however I assume they were marked as such considering the nature of the program. I did not remove them.

Edited by whoosh88, 25 July 2012 - 07:55 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 25 July 2012 - 07:18 PM

It seems you still have redirects

Uninstall IE 9

http://windows.microsoft.com/en-US/windows7/how-do-i-install-or-uninstall-internet-explorer-9

Reinstall it

Let me know how it goes

#7 whoosh88

whoosh88
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 25 July 2012 - 07:54 PM

I do, yes. I uninstalled it and rebooted and now have IE 8 for some reason (I guess it doesn't completely uninstall?). Anyway, I now can't update it to the newest version, but IE is installed. I am still getting redirects. Any other ideas? I really hope I don't have to reformat.

Thanks.

Edit - I also went ahead and withdrew some of the information in my previous post. Quite a bit of info about my PC that I would like to keep as private as I can. If you need that information again just ask.

Edited by whoosh88, 25 July 2012 - 07:56 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 25 July 2012 - 08:51 PM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#9 whoosh88

whoosh88
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 25 July 2012 - 10:20 PM

Here is the output from Autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "JMB36X IDE Setup" "" "" "c:\windows\raidtool\xinside.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Play Wireless USB Adapter Utility.lnk" "VistaBroadcomPBN Module" "" "c:\program files (x86)\belkin\f7d4101\v1\pbn.exe"
"C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Gamma.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "AOM.lnk" "" "" "File not found: C:\Program Files (x86)\Common Files\Adobe\Web\AOM.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Internet Explorer" "" "" "File not found: start"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "Dxtory Software" "Database Wizard DLL" "Microsoft Corporation" "c:\users\mark\appdata\local\gas powered games\dxtory software\axzxljy.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Skype Browser Helper" "Click to Call with Skype for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\{057358ED-6AF9-44D6-AA75-4C96D995DA8C}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{0D86A6D6-40CF-4099-BF44-A53D4531373D}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{3D53BBC1-895D-4206-8434-92A7A92EEA97}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{D81951AD-BDE8-4613-AF5E-BB6EC36D7001}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Adobe LM Service" "AdobeLM Service" "Adobe Systems" "c:\program files (x86)\common files\adobe systems shared\service\adobelmsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "aspnet_state" "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start." "" "File not found: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MotoHelper" "MotoHelper Service" "" "c:\program files (x86)\motorola\motohelper\motohelperservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "CACE Technologies, Inc." "c:\program files (x86)\winpcap\rpcapd.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WLANBelkinService" "" "" "c:\program files (x86)\belkin\f7d4101\v1\wlansrv.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCMH43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwlhigh664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz134" "CPUID Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\cpuz134_x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "JRAID" "JMicron JMB36X RAID Driver" "JMicron Technology Corp." "c:\windows\system32\drivers\jraid.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NPF" "npf.sys (NT5/6 AMD64) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 296.10 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "VBoxDrv" "VirtualBox Support Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxdrv.sys"
+ "VBoxNetAdp" "VirtualBox Host-Only Network Adapter Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxnetadp.sys"
+ "VBoxNetFlt" "VirtualBox Bridged Networking Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxnetflt.sys"
+ "VBoxUSBMon" "VirtualBox USB Monitor Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxusbmon.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.xtor" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\system32\dxtorycodec64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS http://hp.vector.co.jp/authors/VA012897/" "c:\windows\syswow64\vorbis.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.xtor" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\syswow64\dxtorycodec.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IL FL Studio DXi" "" "Image-Line bvba" "c:\program files (x86)\image-line\flstudio5\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi" "" "Image-Line bvba" "c:\program files (x86)\image-line\flstudio5\system\plugin\dxi\fl studio dxi (multi).dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Dxtory Video Decoder" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\system32\dxtorycodec64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Dxtory Video Decoder" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\syswow64\dxtorycodec.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 25 July 2012 - 10:25 PM

Launch autoruns and uncheck this entry
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Dxtory Software" "Database Wizard DLL" "Microsoft Corporation" "c:\users\mark\appdata\local\gas powered games\dxtory software\axzxljy.dll"

Uncheck this ENTRY.Restart the PC ,browse to the path and delete the DLL file

Let me know if you still have redirects :thumbup2:

#11 whoosh88

whoosh88
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 25 July 2012 - 10:49 PM

Launch autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Dxtory Software" "Database Wizard DLL" "Microsoft Corporation" "c:\users\mark\appdata\local\gas powered games\dxtory software\axzxljy.dll"

Uncheck this ENTRY.Restart the PC ,browse to the path and delete the DLL file

Let me know if you still have redirects :thumbup2:

You are amazing. All seems to be clear, however I will keep an eye on it. Could you explain exactly what the cause was? It'd be nice to know in the future what exactly happened that caused the problem.

Thanks a lot!

Edited by whoosh88, 25 July 2012 - 10:52 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 26 July 2012 - 03:00 AM

The DLL file is not legitimate one.Delete it.Some infection would have dropped it there.It runs in the background and redirects web pages

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 whoosh88

whoosh88
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 26 July 2012 - 11:15 PM

The DLL file is not legitimate one.Delete it.Some infection would have dropped it there.It runs in the background and redirects web pages

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Thanks again! :)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:10 PM

Posted 26 July 2012 - 11:16 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users